ComboFix 15-05-13.01 - Ruda 16.05.2015 20:40:24.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3980.1980 [GMT 2:00]
Spuštěný z: c:\perflogs\Desktop\ComboFix.exe
AV: COMODO Antivirus *Disabled/Updated* {F0BC89B2-8937-0933-021B-B17D981F2A71}
FW: COMODO Firewall *Disabled* {C8870897-C358-086B-2944-184866CC6D0A}
SP: Comodo Defense+ *Enabled/Updated* {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ArcSoft\MediaImpression 2\MPEG_Engine\checkactivate.dll
c:\program files (x86)\ArcSoft\MediaImpression 2\MPEG_Engine\checkcommon.dll
c:\program files (x86)\Common Files\lpuninstall.exe
c:\users\Ruda\AppData\Roaming\Microsoft\Windows\Recent\Thumbs.db
C:\windows-7[1].png
c:\windows\SysWow64\AF15BDAEX.dll
C:\WindowsMSJH.tt2
C:\WindowsMSJHBD.tt2
C:\WindowsMSYH.tt2
C:\WindowsMSYHBD.tt2
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-04-16 do 2015-05-16 )))))))))))))))))))))))))))))))
.
.
2015-05-16 19:11 . 2015-05-16 19:11 -------- d-----w- c:\users\Guest\AppData\Local\temp
2015-05-16 19:11 . 2015-05-16 19:11 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp
2015-05-16 19:11 . 2015-05-16 19:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-05-16 19:11 . 2015-05-16 19:11 -------- d-----w- c:\users\Classic .NET AppPool\AppData\Local\temp
2015-05-16 19:11 . 2015-05-16 19:11 -------- d-----w- c:\users\63ruda99\AppData\Local\temp
2015-05-16 15:13 . 2015-05-16 18:07 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-16 15:12 . 2015-05-16 15:12 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-05-16 15:12 . 2015-05-16 15:12 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-05-16 15:12 . 2015-05-16 15:12 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-05-16 15:12 . 2015-05-16 15:12 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-05-16 15:12 . 2015-05-16 15:12 -------- d-----w- c:\programdata\Malwarebytes
2015-05-15 21:05 . 2015-05-15 21:05 -------- d-----w- c:\programdata\Baidu
2015-05-15 16:37 . 2015-05-15 16:38 -------- d-----w- c:\users\Ruda\AppData\Local\Plus500
2015-05-15 16:37 . 2015-05-15 16:37 -------- d-----w- c:\program files (x86)\Plus500
2015-05-15 15:52 . 2015-05-15 16:09 -------- d-----w- C:\AdwCleaner
2015-05-15 15:22 . 2015-05-15 15:22 -------- d-----w- c:\users\63ruda99\AppData\Local\Macromedia
2015-05-15 15:08 . 2015-05-15 15:08 -------- d-----w- c:\users\63ruda99\AppData\Local\NVIDIA Corporation
2015-05-15 15:08 . 2015-05-15 15:08 -------- d-----w- c:\users\63ruda99\AppData\Local\Programs
2015-05-15 15:07 . 2015-05-15 15:08 -------- d-----w- c:\users\63ruda99\AppData\Local\Mozilla
2015-05-15 15:07 . 2015-05-15 15:07 -------- d-----w- c:\users\63ruda99\AppData\Local\Wondershare
2015-05-15 15:07 . 2015-05-15 15:07 -------- d-----w- c:\users\63ruda99\AppData\Local\ArcSoft
2015-05-15 15:07 . 2015-05-15 15:07 -------- d-----w- c:\users\63ruda99\AppData\Local\LogMeIn
2015-05-15 15:07 . 2015-05-15 15:10 -------- d-----w- c:\users\63ruda99\AppData\Local\LogMeIn Hamachi
2015-05-15 15:05 . 2015-05-15 15:05 -------- d-----w- c:\users\63ruda99\AppData\Roaming\ASUS WebStorage
2015-05-15 15:03 . 2015-05-15 15:03 -------- d-----w- c:\users\63ruda99\AppData\Roaming\Local
2015-05-15 15:03 . 2015-05-15 15:03 -------- d-----w- c:\users\63ruda99\AppData\Local\BMExplorer
2015-05-15 15:03 . 2015-05-15 15:03 -------- d-----w- c:\users\63ruda99\AppData\Local\VirtualStore
2015-05-15 15:03 . 2015-05-15 15:03 -------- d-----w- c:\users\63ruda99\AppData\Roaming\Atheros
2015-05-15 15:02 . 2015-05-15 15:02 -------- d-----w- c:\users\63ruda99\AppData\Local\Trusteer
2015-05-15 09:06 . 2015-05-15 09:08 -------- d-----w- C:\c00fcbf951e24eb515
2015-05-13 20:28 . 2015-05-13 20:28 -------- d-----w- c:\users\Ruda\AppData\Roaming\2BrightSparks
2015-05-13 20:28 . 2015-05-13 20:28 -------- d-----w- c:\users\Ruda\AppData\Local\2BrightSparks
2015-05-13 20:28 . 2015-05-13 20:28 -------- d-----w- c:\program files (x86)\2BrightSparks
2015-05-13 19:22 . 2015-05-13 19:22 -------- d-----w- c:\users\Ruda\AppData\Roaming\com.adobe.amp
2015-05-13 13:57 . 2015-05-13 13:57 3584 ----a-r- c:\users\Ruda\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2015-05-13 13:57 . 2015-05-13 13:57 -------- d-----w- c:\program files (x86)\Windows Installer Clean Up
2015-05-13 13:43 . 2015-05-13 13:43 -------- d-----w- c:\windows\LastGood.Tmp
2015-05-13 12:36 . 2015-05-01 13:17 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 12:36 . 2015-05-01 13:16 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 11:30 . 2015-05-13 11:30 -------- d-----w- c:\users\Ruda\AppData\Roaming\AVG
2015-05-13 11:30 . 2015-05-13 11:30 -------- d-----w- c:\users\Ruda\AppData\Local\Avg
2015-05-13 11:29 . 2015-05-13 11:31 -------- d-----w- c:\programdata\AVG
2015-05-13 10:38 . 2015-05-13 10:39 -------- d-----w- c:\program files (x86)\Notepad++
2015-05-13 01:15 . 2015-05-05 01:29 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-13 01:15 . 2015-05-05 01:12 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-05-13 01:15 . 2015-04-18 03:10 460800 ----a-w- c:\windows\system32\certcli.dll
2015-05-13 01:15 . 2015-04-18 02:56 342016 ----a-w- c:\windows\SysWow64\certcli.dll
2015-05-13 01:12 . 2015-04-20 03:17 1647104 ----a-w- c:\windows\system32\DWrite.dll
2015-05-12 16:42 . 2015-05-12 17:24 -------- d-----w- c:\users\Ruda\AppData\Local\box-9ec6d6a762214a05f09b71757106fc8c
2015-05-12 09:26 . 2015-05-12 09:26 -------- d-----w- c:\users\Ruda\AppData\Local\Opera Software
2015-05-12 04:24 . 2015-05-13 13:43 4149784 ----a-w- c:\windows\system32\drivers\athrx.sys
2015-05-11 22:57 . 2015-05-11 22:57 77824 ----a-w- c:\windows\SysWow64\fmcodec.DLL
2015-05-07 22:56 . 2015-05-07 22:56 -------- d-----w- c:\users\Ruda\AppData\Roaming\Lamantine
2015-05-07 22:49 . 2015-05-07 22:49 -------- d-----w- c:\programdata\Lamantine
2015-05-07 22:48 . 2015-05-07 22:49 -------- d-----w- c:\program files (x86)\Sticky Password
2015-05-06 15:00 . 2015-05-12 17:25 -------- d-----w- c:\programdata\BlazeVideo
2015-05-06 14:59 . 2015-05-12 17:28 -------- d-----w- c:\program files (x86)\BlazeVideo
2015-05-06 12:32 . 2015-05-06 12:32 -------- d-----w- C:\ProgDVBEngineLogs
2015-05-06 12:29 . 2015-05-06 14:50 -------- d-----w- c:\program files (x86)\ProgDVB
2015-05-04 17:04 . 2015-05-04 17:04 -------- d-----w- c:\programdata\Wondershare
2015-05-02 15:51 . 2015-03-11 15:04 535576 ----a-w- c:\windows\system32\drivers\RapportKE64.sys
2015-05-02 15:50 . 2015-05-02 15:50 -------- d-----w- c:\program files (x86)\Trusteer
2015-05-02 15:47 . 2015-05-02 15:47 -------- d-----w- c:\programdata\Trusteer
2015-05-02 14:58 . 2015-05-02 14:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2015-05-02 14:58 . 2015-05-02 14:58 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2015-05-02 14:58 . 2015-05-02 14:58 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2015-05-02 14:58 . 2015-05-02 14:58 6656 ----a-w- c:\windows\system32\shimeng.dll
2015-05-02 14:58 . 2015-05-02 14:58 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2015-05-02 14:58 . 2015-05-02 14:58 342016 ----a-w- c:\windows\system32\apphelp.dll
2015-05-02 14:58 . 2015-05-02 14:58 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2015-05-02 14:58 . 2015-05-02 14:58 23552 ----a-w- c:\windows\system32\sdbinst.exe
2015-05-02 14:58 . 2015-05-02 14:58 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2015-04-30 23:24 . 2015-04-30 23:24 -------- d-----w- c:\users\Ruda\AppData\Local\Trusteer
2015-04-24 09:15 . 2015-04-24 09:47 -------- d-----w- c:\users\Ruda\AppData\Roaming\eM Client
2015-04-23 20:44 . 2015-03-14 03:21 82944 ----a-w- c:\windows\system32\dwmapi.dll
2015-04-23 20:44 . 2015-03-14 03:21 1632768 ----a-w- c:\windows\system32\dwmcore.dll
2015-04-23 20:44 . 2015-03-14 03:04 67584 ----a-w- c:\windows\SysWow64\dwmapi.dll
2015-04-23 20:44 . 2015-03-14 03:04 1372160 ----a-w- c:\windows\SysWow64\dwmcore.dll
2015-04-23 20:44 . 2015-01-29 03:19 2543104 ----a-w- c:\windows\system32\wpdshext.dll
2015-04-23 20:44 . 2015-01-29 03:02 2311168 ----a-w- c:\windows\SysWow64\wpdshext.dll
2015-04-23 20:44 . 2015-01-29 03:19 1195008 ----a-w- c:\windows\system32\drivers\UMDF\WpdMtpDr.dll
2015-04-22 12:57 . 2015-05-16 06:20 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2015-04-21 17:51 . 2015-04-21 17:51 -------- d-----w- c:\program files\EPSON
2015-04-20 15:33 . 2015-04-20 15:33 45056 ----a-r- c:\users\Ruda\AppData\Roaming\Microsoft\Installer\{4154BF17-EE1F-4F25-9696-2FF191FE0787}\_15024A0ED067_4256_BFEE_46696AEE56A7.exe
2015-04-20 15:33 . 2015-04-20 15:33 -------- d-----w- c:\program files (x86)\Fireluke
2015-04-16 22:18 . 2015-04-18 07:19 -------- d-----w- c:\users\Ruda\AppData\Local\Wondershare
2015-04-16 22:18 . 2015-04-16 22:18 -------- d-----w- c:\program files (x86)\Common Files\Wondershare
2015-04-16 22:18 . 2015-04-16 22:29 -------- d-----w- c:\users\Ruda\AppData\Roaming\Wondershare
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-16 18:05 . 2013-03-07 01:52 466 ----a-w- c:\users\Ruda\AppData\Roaming\sp_data.sys
2015-05-16 18:04 . 2014-03-27 23:54 4194304 ----a-w- c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2015-05-15 15:24 . 2015-03-27 00:23 387 ----a-w- c:\users\63ruda99\AppData\Roaming\sp_data.sys
2015-05-13 23:58 . 2015-03-14 14:09 135824 ----a-w- c:\windows\system32\escsvc64.exe
2015-05-13 12:53 . 2013-03-07 08:48 140425016 ----a-w- c:\windows\system32\MRT.exe
2015-05-12 09:39 . 2015-01-29 22:41 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-05-12 09:39 . 2015-01-29 22:41 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-08 22:29 . 2015-05-08 22:29 113664 ----a-w- c:\windows\system32\sechost.dll
2015-05-08 22:29 . 2015-05-08 22:29 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-05-08 22:29 . 2015-05-08 22:29 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-06 14:36 . 2010-02-03 08:05 113280 ----a-w- c:\windows\system32\drivers\IT9135BDA.sys
2015-05-05 01:29 . 2015-05-13 01:15 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-05 01:12 . 2015-05-13 01:15 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-05-02 14:58 . 2015-05-02 14:58 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-05-02 14:58 . 2015-05-02 14:58 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-05-02 14:58 . 2015-05-02 14:58 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-05-02 14:58 . 2015-05-02 14:58 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-05-02 14:58 . 2015-05-02 14:58 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-04-22 08:02 . 2014-06-19 13:40 201216 ----a-w- c:\windows\SysWow64\mediarcpt.dll
2015-04-16 15:17 . 2015-04-16 15:03 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2015-04-15 11:14 . 2015-04-15 11:14 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-04-15 11:14 . 2015-04-15 11:14 566784 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-04-15 11:14 . 2015-04-15 11:14 36864 ----a-w- c:\windows\system32\wuapp.exe
2015-04-15 11:14 . 2015-04-15 11:14 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-04-15 11:14 . 2015-04-15 11:14 29696 ----a-w- c:\windows\SysWow64\wups.dll
2015-04-15 11:14 . 2015-04-15 11:14 173056 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-04-15 11:14 . 2015-04-15 11:14 135168 ----a-w- c:\windows\system32\wuauclt.exe
2015-04-15 11:14 . 2015-04-15 11:14 696320 ----a-w- c:\windows\system32\wuapi.dll
2015-04-15 11:14 . 2015-04-15 11:14 60416 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-04-15 11:14 . 2015-04-15 11:14 98304 ----a-w- c:\windows\system32\wudriver.dll
2015-04-15 11:14 . 2015-04-15 11:14 37376 ----a-w- c:\windows\system32\wups2.dll
2015-04-15 11:14 . 2015-04-15 11:14 35328 ----a-w- c:\windows\system32\wups.dll
2015-04-15 11:14 . 2015-04-15 11:14 3298816 ----a-w- c:\windows\system32\wucltux.dll
2015-04-15 11:14 . 2015-04-15 11:14 2553856 ----a-w- c:\windows\system32\wuaueng.dll
2015-04-15 11:14 . 2015-04-15 11:14 191488 ----a-w- c:\windows\system32\wuwebv.dll
2015-04-15 11:14 . 2015-04-15 11:14 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-04-15 11:14 . 2015-04-15 11:14 404480 ----a-w- c:\windows\system32\gdi32.dll
2015-04-15 11:14 . 2015-04-15 11:14 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2015-04-15 11:14 . 2015-04-15 11:14 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-04-15 11:14 . 2015-04-15 11:14 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-04-15 11:14 . 2015-04-15 11:14 1882624 ----a-w- c:\windows\system32\msxml3.dll
2015-04-15 11:14 . 2015-04-15 11:14 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-04-15 11:13 . 2015-04-15 11:13 754688 ----a-w- c:\windows\system32\drivers\http.sys
2015-04-15 11:12 . 2015-04-15 11:12 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-04-15 11:12 . 2015-04-15 11:12 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2015-04-15 11:12 . 2015-04-15 11:12 367552 ----a-w- c:\windows\system32\clfs.sys
2015-04-09 09:25 . 2015-04-09 09:25 957952 ----a-w- c:\windows\system32\appraiser.dll
2015-04-09 09:25 . 2015-04-09 09:25 769536 ----a-w- c:\windows\system32\invagent.dll
2015-04-09 09:25 . 2015-04-09 09:25 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-04-09 09:25 . 2015-04-09 09:25 419840 ----a-w- c:\windows\system32\devinv.dll
2015-04-09 09:25 . 2015-04-09 09:25 30720 ----a-w- c:\windows\system32\acmigration.dll
2015-04-09 09:25 . 2015-04-09 09:25 1111552 ----a-w- c:\windows\system32\aeinv.dll
2015-04-09 09:25 . 2015-04-09 09:25 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-04-09 09:25 . 2015-04-09 09:25 192000 ----a-w- c:\windows\system32\aepic.dll
2015-04-08 09:14 . 2015-04-08 09:14 21248 ----a-w- c:\windows\system32\drivers\rpkmdrv.sys
2015-04-08 09:14 . 2015-04-08 09:14 1354717 ----a-w- c:\windows\unins000.exe
2015-04-03 10:49 . 2015-04-03 10:49 26528 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2015-04-01 17:49 . 2014-12-08 23:20 104608 ----a-w- c:\windows\system32\drivers\inspect.sys
2015-04-01 17:49 . 2014-12-08 23:20 45880 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2015-04-01 17:49 . 2014-12-08 23:20 797280 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2015-04-01 17:49 . 2014-12-08 23:20 20696 ----a-w- c:\windows\system32\drivers\cmderd.sys
2015-04-01 17:48 . 2014-12-08 23:20 41248 ----a-w- c:\windows\system32\cmdcsr.dll
2015-04-01 17:48 . 2014-12-08 23:20 444472 ----a-w- c:\windows\SysWow64\guard32.dll
2015-04-01 17:48 . 2014-12-08 23:20 576848 ----a-w- c:\windows\system32\guard64.dll
2015-04-01 17:47 . 2014-12-08 23:20 358104 ----a-w- c:\windows\system32\cmdvrt64.dll
2015-04-01 17:46 . 2014-12-08 23:20 45784 ----a-w- c:\windows\system32\cmdkbd64.dll
2015-04-01 17:45 . 2014-12-08 23:20 288472 ----a-w- c:\windows\SysWow64\cmdvrt32.dll
2015-04-01 17:45 . 2014-12-08 23:20 40664 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2015-03-30 13:25 . 2013-07-15 18:59 33856 ---ha-w- c:\windows\system32\hamachi.sys
2015-03-23 16:19 . 2014-01-08 19:21 927520 ----a-w- c:\windows\system32\nvvsvc.exe
2015-03-23 16:17 . 2015-03-23 16:16 354016 ----a-w- c:\windows\system32\nvoglshim64.dll
2015-03-23 16:17 . 2015-03-23 16:16 305600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2015-03-23 16:17 . 2015-03-23 16:16 11599072 ----a-w- c:\windows\system32\nvopencl.dll
2015-03-23 16:17 . 2015-03-23 16:16 895776 ----a-w- c:\windows\system32\NvIFR64.dll
2015-03-23 16:17 . 2015-03-23 16:16 892704 ----a-w- c:\windows\system32\NvFBC64.dll
2015-03-23 16:17 . 2015-03-23 16:16 867784 ----a-w- c:\windows\SysWow64\NvIFR.dll
2015-03-23 16:17 . 2015-03-23 16:16 861128 ----a-w- c:\windows\SysWow64\NvFBC.dll
2015-03-23 16:17 . 2015-03-23 16:16 2785568 ----a-w- c:\windows\system32\nvcuvenc.dll
2015-03-23 16:17 . 2015-03-23 16:16 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-03-23 16:17 . 2015-03-23 16:16 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2015-03-23 16:17 . 2015-01-27 10:17 952952 ----a-w- c:\windows\system32\nvumdshimx.dll
2015-03-23 16:17 . 2015-01-27 10:17 3109248 ----a-w- c:\windows\system32\nvapi64.dll
2015-03-23 16:17 . 2014-05-27 11:05 837056 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2015-03-23 16:17 . 2015-03-23 16:16 9697640 ----a-w- c:\windows\SysWow64\nvopencl.dll
2015-03-23 16:17 . 2015-03-23 16:16 32544 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2015-03-23 16:17 . 2015-03-23 16:16 18531568 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-03-23 16:17 . 2015-03-23 16:16 16003912 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-03-23 16:17 . 2015-03-23 16:16 3141976 ----a-w- c:\windows\system32\nvcuvid.dll
2015-03-23 16:17 . 2015-03-23 16:16 2953672 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2015-03-23 16:17 . 2015-03-23 16:16 2412376 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2015-03-23 16:17 . 2015-03-23 16:16 17480432 ----a-w- c:\windows\system32\nvd3dumx.dll
2015-03-23 16:17 . 2015-03-23 16:16 12688328 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2015-03-23 16:17 . 2015-03-23 16:16 31387936 ----a-w- c:\windows\system32\nvoglv64.dll
2015-03-23 16:17 . 2015-03-23 16:16 24025376 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2015-03-23 16:17 . 2015-03-23 16:16 9735256 ----a-w- c:\windows\SysWow64\nvcuda.dll
2015-03-23 16:17 . 2015-03-23 16:16 166568 ----a-w- c:\windows\system32\nvinitx.dll
2015-03-23 16:17 . 2015-03-23 16:16 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-03-23 16:17 . 2015-03-23 16:16 11644928 ----a-w- c:\windows\system32\nvcuda.dll
2015-03-23 16:17 . 2015-03-23 16:16 17561544 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2015-03-23 16:17 . 2013-11-19 18:52 146480 ----a-w- c:\windows\SysWow64\nvinit.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-04-17 14:40 223432 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-04-17 14:40 223432 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-04-17 14:40 223432 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE" [2015-03-14 283232]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_pepper.exe" [2015-05-12 927920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2000-01-01 292088]
"ACMON"="c:\program files (x86)\ASUS\Splendid\ACMON.exe" [2012-02-21 102568]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2012-02-03 2321072]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2012-06-25 322208]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2012-06-19 174752]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2015-03-14 1057408]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"LedStatus"="c:\program files (x86)\Rapoo\RpWireless\LedStatus.exe" [2015-04-08 1709736]
"Wondershare Helper Compact.exe"="c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2015-04-16 2072928]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2015-03-30 3978600]
"iSkysoft Helper Compact.exe"="c:\program files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe" [2015-01-07 2066432]
.
c:\users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemExplorerDisabled\
Odeslat do OneNote.lnk - c:\program files\Microsoft Office 15\root\office15\ONENOTEM.EXE /tsr [2014-9-23 195240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoFileAssociate"= 0 (0x0)
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe"
"SystemExplorerAutoStart"="c:\program files (x86)\System Explorer\SystemExplorer.exe" /TRAY
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DirMngr;DirMngr;c:\program files (x86)\GNU\GnuPG\dirmngr.exe;c:\program files (x86)\GNU\GnuPG\dirmngr.exe [x]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R2 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 ssinstall;SInstalátor;c:\windows\SysWOW64\ssins.exe;c:\windows\SysWOW64\ssins.exe [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 cpuz134;cpuz134;c:\users\Ruda\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\Ruda\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys;c:\windows\SYSNATIVE\DRIVERS\EsgScanner.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys;c:\windows\SYSNATIVE\Drivers\IT9135BDA.sys [x]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
R3 PCWinSoft;ScreenCamera Video Camera;c:\windows\system32\DRIVERS\scrcamhrdrv_x64.sys;c:\windows\SYSNATIVE\DRIVERS\scrcamhrdrv_x64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 SystemExplorerHelpService;System Explorer Service;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R3 XHCIdrv;xHCI Compliance Test Host Controller;c:\windows\system32\DRIVERS\XHCIdrv.sys;c:\windows\SYSNATIVE\DRIVERS\XHCIdrv.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 RapportKE64;RapportKE64;c:\windows\System32\Drivers\RapportKE64.sys;c:\windows\SYSNATIVE\Drivers\RapportKE64.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys;c:\windows\SYSNATIVE\DRIVERS\CFRMD.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S1 RapportCerberus_80128;RapportCerberus_80128;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80128.sys;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80128.sys [x]
S1 RapportEI64;RapportEI64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [x]
S1 RapportPG64;RapportPG64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 ClickToRunSvc;Služba Microsoft Office ClickToRun;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 CLPSLauncher;COMODO LPS Launcher;c:\program files (x86)\Common Files\COMODO\launcher_service.exe;c:\program files (x86)\Common Files\COMODO\launcher_service.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [x]
S2 EPSON_PM_RPCV4_05;EPSON V3 Service4(05);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE [x]
S2 EpsonCustomerResearchParticipation;EpsonCustomerResearchParticipation;c:\program files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe;c:\program files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 GeekBuddyRSP;GeekBuddyRSP Server;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RapportMgmtService;Rapport Management Service;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AiCharger.sys [x]
S3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys;c:\windows\SYSNATIVE\drivers\anvsnddrv.sys [x]
S3 AsusVBus;AsusVBus;c:\windows\system32\DRIVERS\AsusVBus.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVBus.sys [x]
S3 AsusVTouch;AsusVTouch;c:\windows\system32\DRIVERS\AsusVTouch.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVTouch.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 rpkmdrv;Rapoo Wireless Device Driver;c:\windows\system32\drivers\rpkmdrv.sys;c:\windows\SYSNATIVE\drivers\rpkmdrv.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-05-15 15:19 988488 ----a-w- c:\program files (x86)\Google\Chrome\Application\42.0.2311.152\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-05-16 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_pepper.exe [2015-05-12 09:39]
.
2015-05-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-29 09:39]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-04-17 14:40 262344 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-04-17 14:40 262344 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-04-17 14:40 262344 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-03-10 08:43 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-03-10 08:43 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-03-10 08:43 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2012-11-05 06:07 1506688 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.144.298\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2012-11-05 06:07 1506688 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.144.298\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-11-05 06:07 1506688 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.144.298\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-05-26 361984]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\btvstack.exe" [2012-05-30 1023616]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\athbttray.exe" [2012-05-30 801920]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-12-13 2824504]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-29 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-29 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-29 442328]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2015-04-20 1426136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
mWindow Title = Microsoft Internet Explorer
mSearchAssistant =
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: LastPass - file://c:\users\Ruda\AppData\LocalLow\LastPass\context.html?cmd=lastpass
IE: LastPass Vyplňování formulářů - file://c:\users\Ruda\AppData\LocalLow\LastPass\context.html?cmd=fillforms
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\sign
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojeplatba.cz\www
TCP: Interfaces\{EB650A0A-9E1B-4002-8743-32FA3FD63317}\368616C6F65707B616: NameServer = 156.154.70.25,156.154.71.25
FF - ProfilePath - c:\users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\0hfd64x0.default-1423008048081\
FF - prefs.js: browser.startup.homepage - hxxps://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
Toolbar-Locked - (no file)
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk - c:\program files (x86)\Common Files\lpuninstall.exe -q -name=LastPass -ffuuid support@lastpass.com
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk - c:\program files (x86)\Common Files\lpuninstall.exe -p -name=LastPass -ffuuid support@lastpass.com
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{10921475-03CE-4E04-90CE-E2E7EF20C814} - (no file)
Toolbar-10 - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-ssinstall - c:\windows\system32\ssinstall-uninstall.bat
AddRemove-{1ce01891-839b-4ad1-b629-2e608ba0c6ba} - c:\programdata\Package Cache\{1ce01891-839b-4ad1-b629-2e608ba0c6ba}\adblockplusie-1.0.exe
AddRemove-{23A3F354-8AD9-AC11-2553-9FCCB4F3118C} - c:\progra~3\INSTAL~1\{DC42B~1\Setup.exe
AddRemove-{AA4A885A-1CB9-8347-DCDF-D6F71B558417} - c:\progra~3\INSTAL~1\{393B3~1\Setup.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
AddRemove-Akamai - c:\users\Ruda\AppData\Local\Akamai\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{9F6B5CC3-5C7B-4B5C-97AF-19DEC1E380E5}"=hex:51,66,7a,6c,4c,1d,38,12,ad,5f,78,
9b,49,12,32,0e,e8,b9,5a,9e,c4,bd,c4,f1
"{95D9ECF5-2A4D-4550-BE49-70D42F71296E}"=hex:51,66,7a,6c,4c,1d,38,12,9b,ef,ca,
91,7f,64,3e,00,c1,5f,33,94,2a,2f,6d,7a
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{3049C3E9-B461-4BC5-8870-4C09146192CA}"=hex:51,66,7a,6c,4c,1d,38,12,87,c0,5a,
34,53,fa,ab,0e,f7,66,0f,49,11,3f,d6,de
"{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}"=hex:51,66,7a,6c,4c,1d,38,12,aa,f5,03,
89,33,40,ba,0e,f9,17,52,ec,1a,81,c5,32
"{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}"=hex:51,66,7a,6c,4c,1d,38,12,ad,e6,05,
ff,d0,e7,cc,02,f1,ea,72,de,72,00,26,d8
"{FF2573AE-E1ED-40E1-83BA-F544CB2EE135}"=hex:51,66,7a,6c,4c,1d,38,12,c0,70,36,
fb,df,af,8f,05,fc,ac,b6,04,ce,70,a5,21
"{FFCB3198-32F3-4E8B-9539-4324694ED664}"=hex:51,66,7a,6c,4c,1d,38,12,f6,32,d8,
fb,c1,7c,e5,0b,ea,2f,00,64,6c,10,92,70
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d3,1a,a7,ac,0d,ac,82,45,84,39,17,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d3,1a,a7,ac,0d,ac,82,45,84,39,17,\
.
[HKEY_USERS\S-1-5-21-841361005-909514878-2309378359-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-841361005-909514878-2309378359-1002)
@Denied: (2) (LocalSystem)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-841361005-909514878-2309378359-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-841361005-909514878-2309378359-1002)
@Denied: (2) (LocalSystem)
"Progid"="eM Client.File.vcf"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Installer\Sym_Cam\CIS]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
@DACL=(02 0000)
"Description"="Java™ Deployment Toolkit"
"GeckoVersion"="1.9"
"Path"="c:\\Program Files (x86)\\Java\\jre7\\bin\\dtplugin\\npDeployJava1.dll"
"ProductName"="Java™ Deployment Toolkit"
"Vendor"="Oracle Corp."
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
@DACL=(02 0000)
"Description"="Oracle® Next Generation Java™ Plug-In"
"GeckoVersion"="1.9"
"Path"="c:\\Program Files (x86)\\Java\\jre7\\bin\\plugin2\\npjp2.dll"
"ProductName"="Oracle® Java™ Plug-In"
"Vendor"="Oracle Corp."
"Version"="1.7.0_67"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
@DACL=(02 0000)
"Description"="Ag Player Plugin"
"GeckoVersion"="1.7.5"
"Path"="c:\\Program Files (x86)\\Microsoft Silverlight\\5.1.30514.0\\npctrl.dll"
"ProductName"="Ag Player"
"Vendor"="Microsoft"
"Version"="5.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll"
"Description"="WLPG Install MIME type"
"GeckoVersion"="1.0"
"ProductName"="Windows Live Photo Gallery"
"Version"="15.4.3502.0922"
"Vendor"="Microsoft"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll"
"Description"="WLPG Install MIME type"
"GeckoVersion"="1.0"
"ProductName"="Windows Live Photo Gallery"
"Version"="16.4.3528.0331"
"Vendor"="Microsoft"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Skype Technologies S.A..com/Skype Web Plugin]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\SkypeWebPlugin\\npSkypeWebPlugin.dll"
"Description"="Skype Web Plugin"
"ProductName"="Skype Web Plugin"
"Vendor"="Skype Technologies S.A."
"Version"="2.9.13008.18866"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\Google\\Update\\1.3.24.15\\npGoogleUpdate3.dll"
"Description"="Google Update"
"ProductName"="Google Update"
"Vendor"="Google Inc."
"Version"="3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\Google\\Update\\1.3.24.15\\npGoogleUpdate3.dll"
"Description"="Google Update"
"ProductName"="Google Update"
"Vendor"="Google Inc."
"Version"="9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\Adobe\\Reader 11.0\\Reader\\AIR\\nppdf32.dll"
"Version"="11.0.09"
"Vendor"="Adobe Systems Incorporated. Copyright 1994-2010 All Rights Reserved"
"ProductName"="Adobe Reader Plugin for Firefox"
"Description"="Handles PDFs in-place in Firefox"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Configurations]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Data]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Options]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Cam]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Firewall Pro]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
Celkový čas: 2015-05-16 21:26:31
ComboFix-quarantined-files.txt 2015-05-16 19:26
.
Před spuštěním: Volných bajtů: 70 383 034 368
Po spuštění: Volných bajtů: 69 888 319 488
.
- - End Of File - - C50CD36300E6472E4A2B4C9BC168B349
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
velice pomalé načítání
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: velice pomalé načítání
ComboFix 15-05-13.01 - Ruda 16.05.2015 20:40:24.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3980.1980 [GMT 2:00]
Spuštěný z: c:\perflogs\Desktop\ComboFix.exe
AV: COMODO Antivirus *Disabled/Updated* {F0BC89B2-8937-0933-021B-B17D981F2A71}
FW: COMODO Firewall *Disabled* {C8870897-C358-086B-2944-184866CC6D0A}
SP: Comodo Defense+ *Enabled/Updated* {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ArcSoft\MediaImpression 2\MPEG_Engine\checkactivate.dll
c:\program files (x86)\ArcSoft\MediaImpression 2\MPEG_Engine\checkcommon.dll
c:\program files (x86)\Common Files\lpuninstall.exe
c:\users\Ruda\AppData\Roaming\Microsoft\Windows\Recent\Thumbs.db
C:\windows-7[1].png
c:\windows\SysWow64\AF15BDAEX.dll
C:\WindowsMSJH.tt2
C:\WindowsMSJHBD.tt2
C:\WindowsMSYH.tt2
C:\WindowsMSYHBD.tt2
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-04-16 do 2015-05-16 )))))))))))))))))))))))))))))))
.
.
2015-05-16 19:11 . 2015-05-16 19:11 -------- d-----w- c:\users\Guest\AppData\Local\temp
2015-05-16 19:11 . 2015-05-16 19:11 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp
2015-05-16 19:11 . 2015-05-16 19:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-05-16 19:11 . 2015-05-16 19:11 -------- d-----w- c:\users\Classic .NET AppPool\AppData\Local\temp
2015-05-16 19:11 . 2015-05-16 19:11 -------- d-----w- c:\users\63ruda99\AppData\Local\temp
2015-05-16 15:13 . 2015-05-16 18:07 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-16 15:12 . 2015-05-16 15:12 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-05-16 15:12 . 2015-05-16 15:12 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-05-16 15:12 . 2015-05-16 15:12 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-05-16 15:12 . 2015-05-16 15:12 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-05-16 15:12 . 2015-05-16 15:12 -------- d-----w- c:\programdata\Malwarebytes
2015-05-15 21:05 . 2015-05-15 21:05 -------- d-----w- c:\programdata\Baidu
2015-05-15 16:37 . 2015-05-15 16:38 -------- d-----w- c:\users\Ruda\AppData\Local\Plus500
2015-05-15 16:37 . 2015-05-15 16:37 -------- d-----w- c:\program files (x86)\Plus500
2015-05-15 15:52 . 2015-05-15 16:09 -------- d-----w- C:\AdwCleaner
2015-05-15 15:22 . 2015-05-15 15:22 -------- d-----w- c:\users\63ruda99\AppData\Local\Macromedia
2015-05-15 15:08 . 2015-05-15 15:08 -------- d-----w- c:\users\63ruda99\AppData\Local\NVIDIA Corporation
2015-05-15 15:08 . 2015-05-15 15:08 -------- d-----w- c:\users\63ruda99\AppData\Local\Programs
2015-05-15 15:07 . 2015-05-15 15:08 -------- d-----w- c:\users\63ruda99\AppData\Local\Mozilla
2015-05-15 15:07 . 2015-05-15 15:07 -------- d-----w- c:\users\63ruda99\AppData\Local\Wondershare
2015-05-15 15:07 . 2015-05-15 15:07 -------- d-----w- c:\users\63ruda99\AppData\Local\ArcSoft
2015-05-15 15:07 . 2015-05-15 15:07 -------- d-----w- c:\users\63ruda99\AppData\Local\LogMeIn
2015-05-15 15:07 . 2015-05-15 15:10 -------- d-----w- c:\users\63ruda99\AppData\Local\LogMeIn Hamachi
2015-05-15 15:05 . 2015-05-15 15:05 -------- d-----w- c:\users\63ruda99\AppData\Roaming\ASUS WebStorage
2015-05-15 15:03 . 2015-05-15 15:03 -------- d-----w- c:\users\63ruda99\AppData\Roaming\Local
2015-05-15 15:03 . 2015-05-15 15:03 -------- d-----w- c:\users\63ruda99\AppData\Local\BMExplorer
2015-05-15 15:03 . 2015-05-15 15:03 -------- d-----w- c:\users\63ruda99\AppData\Local\VirtualStore
2015-05-15 15:03 . 2015-05-15 15:03 -------- d-----w- c:\users\63ruda99\AppData\Roaming\Atheros
2015-05-15 15:02 . 2015-05-15 15:02 -------- d-----w- c:\users\63ruda99\AppData\Local\Trusteer
2015-05-15 09:06 . 2015-05-15 09:08 -------- d-----w- C:\c00fcbf951e24eb515
2015-05-13 20:28 . 2015-05-13 20:28 -------- d-----w- c:\users\Ruda\AppData\Roaming\2BrightSparks
2015-05-13 20:28 . 2015-05-13 20:28 -------- d-----w- c:\users\Ruda\AppData\Local\2BrightSparks
2015-05-13 20:28 . 2015-05-13 20:28 -------- d-----w- c:\program files (x86)\2BrightSparks
2015-05-13 19:22 . 2015-05-13 19:22 -------- d-----w- c:\users\Ruda\AppData\Roaming\com.adobe.amp
2015-05-13 13:57 . 2015-05-13 13:57 3584 ----a-r- c:\users\Ruda\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2015-05-13 13:57 . 2015-05-13 13:57 -------- d-----w- c:\program files (x86)\Windows Installer Clean Up
2015-05-13 13:43 . 2015-05-13 13:43 -------- d-----w- c:\windows\LastGood.Tmp
2015-05-13 12:36 . 2015-05-01 13:17 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 12:36 . 2015-05-01 13:16 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 11:30 . 2015-05-13 11:30 -------- d-----w- c:\users\Ruda\AppData\Roaming\AVG
2015-05-13 11:30 . 2015-05-13 11:30 -------- d-----w- c:\users\Ruda\AppData\Local\Avg
2015-05-13 11:29 . 2015-05-13 11:31 -------- d-----w- c:\programdata\AVG
2015-05-13 10:38 . 2015-05-13 10:39 -------- d-----w- c:\program files (x86)\Notepad++
2015-05-13 01:15 . 2015-05-05 01:29 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-13 01:15 . 2015-05-05 01:12 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-05-13 01:15 . 2015-04-18 03:10 460800 ----a-w- c:\windows\system32\certcli.dll
2015-05-13 01:15 . 2015-04-18 02:56 342016 ----a-w- c:\windows\SysWow64\certcli.dll
2015-05-13 01:12 . 2015-04-20 03:17 1647104 ----a-w- c:\windows\system32\DWrite.dll
2015-05-12 16:42 . 2015-05-12 17:24 -------- d-----w- c:\users\Ruda\AppData\Local\box-9ec6d6a762214a05f09b71757106fc8c
2015-05-12 09:26 . 2015-05-12 09:26 -------- d-----w- c:\users\Ruda\AppData\Local\Opera Software
2015-05-12 04:24 . 2015-05-13 13:43 4149784 ----a-w- c:\windows\system32\drivers\athrx.sys
2015-05-11 22:57 . 2015-05-11 22:57 77824 ----a-w- c:\windows\SysWow64\fmcodec.DLL
2015-05-07 22:56 . 2015-05-07 22:56 -------- d-----w- c:\users\Ruda\AppData\Roaming\Lamantine
2015-05-07 22:49 . 2015-05-07 22:49 -------- d-----w- c:\programdata\Lamantine
2015-05-07 22:48 . 2015-05-07 22:49 -------- d-----w- c:\program files (x86)\Sticky Password
2015-05-06 15:00 . 2015-05-12 17:25 -------- d-----w- c:\programdata\BlazeVideo
2015-05-06 14:59 . 2015-05-12 17:28 -------- d-----w- c:\program files (x86)\BlazeVideo
2015-05-06 12:32 . 2015-05-06 12:32 -------- d-----w- C:\ProgDVBEngineLogs
2015-05-06 12:29 . 2015-05-06 14:50 -------- d-----w- c:\program files (x86)\ProgDVB
2015-05-04 17:04 . 2015-05-04 17:04 -------- d-----w- c:\programdata\Wondershare
2015-05-02 15:51 . 2015-03-11 15:04 535576 ----a-w- c:\windows\system32\drivers\RapportKE64.sys
2015-05-02 15:50 . 2015-05-02 15:50 -------- d-----w- c:\program files (x86)\Trusteer
2015-05-02 15:47 . 2015-05-02 15:47 -------- d-----w- c:\programdata\Trusteer
2015-05-02 14:58 . 2015-05-02 14:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2015-05-02 14:58 . 2015-05-02 14:58 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2015-05-02 14:58 . 2015-05-02 14:58 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2015-05-02 14:58 . 2015-05-02 14:58 6656 ----a-w- c:\windows\system32\shimeng.dll
2015-05-02 14:58 . 2015-05-02 14:58 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2015-05-02 14:58 . 2015-05-02 14:58 342016 ----a-w- c:\windows\system32\apphelp.dll
2015-05-02 14:58 . 2015-05-02 14:58 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2015-05-02 14:58 . 2015-05-02 14:58 23552 ----a-w- c:\windows\system32\sdbinst.exe
2015-05-02 14:58 . 2015-05-02 14:58 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2015-04-30 23:24 . 2015-04-30 23:24 -------- d-----w- c:\users\Ruda\AppData\Local\Trusteer
2015-04-24 09:15 . 2015-04-24 09:47 -------- d-----w- c:\users\Ruda\AppData\Roaming\eM Client
2015-04-23 20:44 . 2015-03-14 03:21 82944 ----a-w- c:\windows\system32\dwmapi.dll
2015-04-23 20:44 . 2015-03-14 03:21 1632768 ----a-w- c:\windows\system32\dwmcore.dll
2015-04-23 20:44 . 2015-03-14 03:04 67584 ----a-w- c:\windows\SysWow64\dwmapi.dll
2015-04-23 20:44 . 2015-03-14 03:04 1372160 ----a-w- c:\windows\SysWow64\dwmcore.dll
2015-04-23 20:44 . 2015-01-29 03:19 2543104 ----a-w- c:\windows\system32\wpdshext.dll
2015-04-23 20:44 . 2015-01-29 03:02 2311168 ----a-w- c:\windows\SysWow64\wpdshext.dll
2015-04-23 20:44 . 2015-01-29 03:19 1195008 ----a-w- c:\windows\system32\drivers\UMDF\WpdMtpDr.dll
2015-04-22 12:57 . 2015-05-16 06:20 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2015-04-21 17:51 . 2015-04-21 17:51 -------- d-----w- c:\program files\EPSON
2015-04-20 15:33 . 2015-04-20 15:33 45056 ----a-r- c:\users\Ruda\AppData\Roaming\Microsoft\Installer\{4154BF17-EE1F-4F25-9696-2FF191FE0787}\_15024A0ED067_4256_BFEE_46696AEE56A7.exe
2015-04-20 15:33 . 2015-04-20 15:33 -------- d-----w- c:\program files (x86)\Fireluke
2015-04-16 22:18 . 2015-04-18 07:19 -------- d-----w- c:\users\Ruda\AppData\Local\Wondershare
2015-04-16 22:18 . 2015-04-16 22:18 -------- d-----w- c:\program files (x86)\Common Files\Wondershare
2015-04-16 22:18 . 2015-04-16 22:29 -------- d-----w- c:\users\Ruda\AppData\Roaming\Wondershare
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-16 18:05 . 2013-03-07 01:52 466 ----a-w- c:\users\Ruda\AppData\Roaming\sp_data.sys
2015-05-16 18:04 . 2014-03-27 23:54 4194304 ----a-w- c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2015-05-15 15:24 . 2015-03-27 00:23 387 ----a-w- c:\users\63ruda99\AppData\Roaming\sp_data.sys
2015-05-13 23:58 . 2015-03-14 14:09 135824 ----a-w- c:\windows\system32\escsvc64.exe
2015-05-13 12:53 . 2013-03-07 08:48 140425016 ----a-w- c:\windows\system32\MRT.exe
2015-05-12 09:39 . 2015-01-29 22:41 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-05-12 09:39 . 2015-01-29 22:41 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-08 22:29 . 2015-05-08 22:29 113664 ----a-w- c:\windows\system32\sechost.dll
2015-05-08 22:29 . 2015-05-08 22:29 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-05-08 22:29 . 2015-05-08 22:29 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-06 14:36 . 2010-02-03 08:05 113280 ----a-w- c:\windows\system32\drivers\IT9135BDA.sys
2015-05-05 01:29 . 2015-05-13 01:15 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-05 01:12 . 2015-05-13 01:15 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-05-02 14:58 . 2015-05-02 14:58 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-05-02 14:58 . 2015-05-02 14:58 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-05-02 14:58 . 2015-05-02 14:58 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-05-02 14:58 . 2015-05-02 14:58 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-05-02 14:58 . 2015-05-02 14:58 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-04-22 08:02 . 2014-06-19 13:40 201216 ----a-w- c:\windows\SysWow64\mediarcpt.dll
2015-04-16 15:17 . 2015-04-16 15:03 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2015-04-15 11:14 . 2015-04-15 11:14 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-04-15 11:14 . 2015-04-15 11:14 566784 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-04-15 11:14 . 2015-04-15 11:14 36864 ----a-w- c:\windows\system32\wuapp.exe
2015-04-15 11:14 . 2015-04-15 11:14 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-04-15 11:14 . 2015-04-15 11:14 29696 ----a-w- c:\windows\SysWow64\wups.dll
2015-04-15 11:14 . 2015-04-15 11:14 173056 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-04-15 11:14 . 2015-04-15 11:14 135168 ----a-w- c:\windows\system32\wuauclt.exe
2015-04-15 11:14 . 2015-04-15 11:14 696320 ----a-w- c:\windows\system32\wuapi.dll
2015-04-15 11:14 . 2015-04-15 11:14 60416 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-04-15 11:14 . 2015-04-15 11:14 98304 ----a-w- c:\windows\system32\wudriver.dll
2015-04-15 11:14 . 2015-04-15 11:14 37376 ----a-w- c:\windows\system32\wups2.dll
2015-04-15 11:14 . 2015-04-15 11:14 35328 ----a-w- c:\windows\system32\wups.dll
2015-04-15 11:14 . 2015-04-15 11:14 3298816 ----a-w- c:\windows\system32\wucltux.dll
2015-04-15 11:14 . 2015-04-15 11:14 2553856 ----a-w- c:\windows\system32\wuaueng.dll
2015-04-15 11:14 . 2015-04-15 11:14 191488 ----a-w- c:\windows\system32\wuwebv.dll
2015-04-15 11:14 . 2015-04-15 11:14 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-04-15 11:14 . 2015-04-15 11:14 404480 ----a-w- c:\windows\system32\gdi32.dll
2015-04-15 11:14 . 2015-04-15 11:14 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2015-04-15 11:14 . 2015-04-15 11:14 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-04-15 11:14 . 2015-04-15 11:14 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-04-15 11:14 . 2015-04-15 11:14 1882624 ----a-w- c:\windows\system32\msxml3.dll
2015-04-15 11:14 . 2015-04-15 11:14 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-04-15 11:13 . 2015-04-15 11:13 754688 ----a-w- c:\windows\system32\drivers\http.sys
2015-04-15 11:12 . 2015-04-15 11:12 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-04-15 11:12 . 2015-04-15 11:12 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2015-04-15 11:12 . 2015-04-15 11:12 367552 ----a-w- c:\windows\system32\clfs.sys
2015-04-09 09:25 . 2015-04-09 09:25 957952 ----a-w- c:\windows\system32\appraiser.dll
2015-04-09 09:25 . 2015-04-09 09:25 769536 ----a-w- c:\windows\system32\invagent.dll
2015-04-09 09:25 . 2015-04-09 09:25 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-04-09 09:25 . 2015-04-09 09:25 419840 ----a-w- c:\windows\system32\devinv.dll
2015-04-09 09:25 . 2015-04-09 09:25 30720 ----a-w- c:\windows\system32\acmigration.dll
2015-04-09 09:25 . 2015-04-09 09:25 1111552 ----a-w- c:\windows\system32\aeinv.dll
2015-04-09 09:25 . 2015-04-09 09:25 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-04-09 09:25 . 2015-04-09 09:25 192000 ----a-w- c:\windows\system32\aepic.dll
2015-04-08 09:14 . 2015-04-08 09:14 21248 ----a-w- c:\windows\system32\drivers\rpkmdrv.sys
2015-04-08 09:14 . 2015-04-08 09:14 1354717 ----a-w- c:\windows\unins000.exe
2015-04-03 10:49 . 2015-04-03 10:49 26528 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2015-04-01 17:49 . 2014-12-08 23:20 104608 ----a-w- c:\windows\system32\drivers\inspect.sys
2015-04-01 17:49 . 2014-12-08 23:20 45880 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2015-04-01 17:49 . 2014-12-08 23:20 797280 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2015-04-01 17:49 . 2014-12-08 23:20 20696 ----a-w- c:\windows\system32\drivers\cmderd.sys
2015-04-01 17:48 . 2014-12-08 23:20 41248 ----a-w- c:\windows\system32\cmdcsr.dll
2015-04-01 17:48 . 2014-12-08 23:20 444472 ----a-w- c:\windows\SysWow64\guard32.dll
2015-04-01 17:48 . 2014-12-08 23:20 576848 ----a-w- c:\windows\system32\guard64.dll
2015-04-01 17:47 . 2014-12-08 23:20 358104 ----a-w- c:\windows\system32\cmdvrt64.dll
2015-04-01 17:46 . 2014-12-08 23:20 45784 ----a-w- c:\windows\system32\cmdkbd64.dll
2015-04-01 17:45 . 2014-12-08 23:20 288472 ----a-w- c:\windows\SysWow64\cmdvrt32.dll
2015-04-01 17:45 . 2014-12-08 23:20 40664 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2015-03-30 13:25 . 2013-07-15 18:59 33856 ---ha-w- c:\windows\system32\hamachi.sys
2015-03-23 16:19 . 2014-01-08 19:21 927520 ----a-w- c:\windows\system32\nvvsvc.exe
2015-03-23 16:17 . 2015-03-23 16:16 354016 ----a-w- c:\windows\system32\nvoglshim64.dll
2015-03-23 16:17 . 2015-03-23 16:16 305600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2015-03-23 16:17 . 2015-03-23 16:16 11599072 ----a-w- c:\windows\system32\nvopencl.dll
2015-03-23 16:17 . 2015-03-23 16:16 895776 ----a-w- c:\windows\system32\NvIFR64.dll
2015-03-23 16:17 . 2015-03-23 16:16 892704 ----a-w- c:\windows\system32\NvFBC64.dll
2015-03-23 16:17 . 2015-03-23 16:16 867784 ----a-w- c:\windows\SysWow64\NvIFR.dll
2015-03-23 16:17 . 2015-03-23 16:16 861128 ----a-w- c:\windows\SysWow64\NvFBC.dll
2015-03-23 16:17 . 2015-03-23 16:16 2785568 ----a-w- c:\windows\system32\nvcuvenc.dll
2015-03-23 16:17 . 2015-03-23 16:16 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-03-23 16:17 . 2015-03-23 16:16 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2015-03-23 16:17 . 2015-01-27 10:17 952952 ----a-w- c:\windows\system32\nvumdshimx.dll
2015-03-23 16:17 . 2015-01-27 10:17 3109248 ----a-w- c:\windows\system32\nvapi64.dll
2015-03-23 16:17 . 2014-05-27 11:05 837056 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2015-03-23 16:17 . 2015-03-23 16:16 9697640 ----a-w- c:\windows\SysWow64\nvopencl.dll
2015-03-23 16:17 . 2015-03-23 16:16 32544 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2015-03-23 16:17 . 2015-03-23 16:16 18531568 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-03-23 16:17 . 2015-03-23 16:16 16003912 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-03-23 16:17 . 2015-03-23 16:16 3141976 ----a-w- c:\windows\system32\nvcuvid.dll
2015-03-23 16:17 . 2015-03-23 16:16 2953672 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2015-03-23 16:17 . 2015-03-23 16:16 2412376 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2015-03-23 16:17 . 2015-03-23 16:16 17480432 ----a-w- c:\windows\system32\nvd3dumx.dll
2015-03-23 16:17 . 2015-03-23 16:16 12688328 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2015-03-23 16:17 . 2015-03-23 16:16 31387936 ----a-w- c:\windows\system32\nvoglv64.dll
2015-03-23 16:17 . 2015-03-23 16:16 24025376 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2015-03-23 16:17 . 2015-03-23 16:16 9735256 ----a-w- c:\windows\SysWow64\nvcuda.dll
2015-03-23 16:17 . 2015-03-23 16:16 166568 ----a-w- c:\windows\system32\nvinitx.dll
2015-03-23 16:17 . 2015-03-23 16:16 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-03-23 16:17 . 2015-03-23 16:16 11644928 ----a-w- c:\windows\system32\nvcuda.dll
2015-03-23 16:17 . 2015-03-23 16:16 17561544 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2015-03-23 16:17 . 2013-11-19 18:52 146480 ----a-w- c:\windows\SysWow64\nvinit.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-04-17 14:40 223432 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-04-17 14:40 223432 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-04-17 14:40 223432 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE" [2015-03-14 283232]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_pepper.exe" [2015-05-12 927920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2000-01-01 292088]
"ACMON"="c:\program files (x86)\ASUS\Splendid\ACMON.exe" [2012-02-21 102568]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2012-02-03 2321072]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2012-06-25 322208]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2012-06-19 174752]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2015-03-14 1057408]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"LedStatus"="c:\program files (x86)\Rapoo\RpWireless\LedStatus.exe" [2015-04-08 1709736]
"Wondershare Helper Compact.exe"="c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2015-04-16 2072928]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2015-03-30 3978600]
"iSkysoft Helper Compact.exe"="c:\program files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe" [2015-01-07 2066432]
.
c:\users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemExplorerDisabled\
Odeslat do OneNote.lnk - c:\program files\Microsoft Office 15\root\office15\ONENOTEM.EXE /tsr [2014-9-23 195240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoFileAssociate"= 0 (0x0)
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe"
"SystemExplorerAutoStart"="c:\program files (x86)\System Explorer\SystemExplorer.exe" /TRAY
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DirMngr;DirMngr;c:\program files (x86)\GNU\GnuPG\dirmngr.exe;c:\program files (x86)\GNU\GnuPG\dirmngr.exe [x]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R2 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 ssinstall;SInstalátor;c:\windows\SysWOW64\ssins.exe;c:\windows\SysWOW64\ssins.exe [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 cpuz134;cpuz134;c:\users\Ruda\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\Ruda\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys;c:\windows\SYSNATIVE\DRIVERS\EsgScanner.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys;c:\windows\SYSNATIVE\Drivers\IT9135BDA.sys [x]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
R3 PCWinSoft;ScreenCamera Video Camera;c:\windows\system32\DRIVERS\scrcamhrdrv_x64.sys;c:\windows\SYSNATIVE\DRIVERS\scrcamhrdrv_x64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 SystemExplorerHelpService;System Explorer Service;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R3 XHCIdrv;xHCI Compliance Test Host Controller;c:\windows\system32\DRIVERS\XHCIdrv.sys;c:\windows\SYSNATIVE\DRIVERS\XHCIdrv.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 RapportKE64;RapportKE64;c:\windows\System32\Drivers\RapportKE64.sys;c:\windows\SYSNATIVE\Drivers\RapportKE64.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys;c:\windows\SYSNATIVE\DRIVERS\CFRMD.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S1 RapportCerberus_80128;RapportCerberus_80128;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80128.sys;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80128.sys [x]
S1 RapportEI64;RapportEI64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [x]
S1 RapportPG64;RapportPG64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 ClickToRunSvc;Služba Microsoft Office ClickToRun;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 CLPSLauncher;COMODO LPS Launcher;c:\program files (x86)\Common Files\COMODO\launcher_service.exe;c:\program files (x86)\Common Files\COMODO\launcher_service.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [x]
S2 EPSON_PM_RPCV4_05;EPSON V3 Service4(05);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE [x]
S2 EpsonCustomerResearchParticipation;EpsonCustomerResearchParticipation;c:\program files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe;c:\program files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 GeekBuddyRSP;GeekBuddyRSP Server;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RapportMgmtService;Rapport Management Service;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AiCharger.sys [x]
S3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys;c:\windows\SYSNATIVE\drivers\anvsnddrv.sys [x]
S3 AsusVBus;AsusVBus;c:\windows\system32\DRIVERS\AsusVBus.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVBus.sys [x]
S3 AsusVTouch;AsusVTouch;c:\windows\system32\DRIVERS\AsusVTouch.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVTouch.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 rpkmdrv;Rapoo Wireless Device Driver;c:\windows\system32\drivers\rpkmdrv.sys;c:\windows\SYSNATIVE\drivers\rpkmdrv.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-05-15 15:19 988488 ----a-w- c:\program files (x86)\Google\Chrome\Application\42.0.2311.152\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-05-16 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_pepper.exe [2015-05-12 09:39]
.
2015-05-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-29 09:39]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-04-17 14:40 262344 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-04-17 14:40 262344 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-04-17 14:40 262344 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-03-10 08:43 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-03-10 08:43 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-03-10 08:43 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2012-11-05 06:07 1506688 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.144.298\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2012-11-05 06:07 1506688 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.144.298\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-11-05 06:07 1506688 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.144.298\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-05-26 361984]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\btvstack.exe" [2012-05-30 1023616]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\athbttray.exe" [2012-05-30 801920]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-12-13 2824504]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-29 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-29 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-29 442328]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2015-04-20 1426136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
mWindow Title = Microsoft Internet Explorer
mSearchAssistant =
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: LastPass - file://c:\users\Ruda\AppData\LocalLow\LastPass\context.html?cmd=lastpass
IE: LastPass Vyplňování formulářů - file://c:\users\Ruda\AppData\LocalLow\LastPass\context.html?cmd=fillforms
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\sign
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojeplatba.cz\www
TCP: Interfaces\{EB650A0A-9E1B-4002-8743-32FA3FD63317}\368616C6F65707B616: NameServer = 156.154.70.25,156.154.71.25
FF - ProfilePath - c:\users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\0hfd64x0.default-1423008048081\
FF - prefs.js: browser.startup.homepage - hxxps://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
Toolbar-Locked - (no file)
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk - c:\program files (x86)\Common Files\lpuninstall.exe -q -name=LastPass -ffuuid support@lastpass.com
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk - c:\program files (x86)\Common Files\lpuninstall.exe -p -name=LastPass -ffuuid support@lastpass.com
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{10921475-03CE-4E04-90CE-E2E7EF20C814} - (no file)
Toolbar-10 - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-ssinstall - c:\windows\system32\ssinstall-uninstall.bat
AddRemove-{1ce01891-839b-4ad1-b629-2e608ba0c6ba} - c:\programdata\Package Cache\{1ce01891-839b-4ad1-b629-2e608ba0c6ba}\adblockplusie-1.0.exe
AddRemove-{23A3F354-8AD9-AC11-2553-9FCCB4F3118C} - c:\progra~3\INSTAL~1\{DC42B~1\Setup.exe
AddRemove-{AA4A885A-1CB9-8347-DCDF-D6F71B558417} - c:\progra~3\INSTAL~1\{393B3~1\Setup.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
AddRemove-Akamai - c:\users\Ruda\AppData\Local\Akamai\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{9F6B5CC3-5C7B-4B5C-97AF-19DEC1E380E5}"=hex:51,66,7a,6c,4c,1d,38,12,ad,5f,78,
9b,49,12,32,0e,e8,b9,5a,9e,c4,bd,c4,f1
"{95D9ECF5-2A4D-4550-BE49-70D42F71296E}"=hex:51,66,7a,6c,4c,1d,38,12,9b,ef,ca,
91,7f,64,3e,00,c1,5f,33,94,2a,2f,6d,7a
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{3049C3E9-B461-4BC5-8870-4C09146192CA}"=hex:51,66,7a,6c,4c,1d,38,12,87,c0,5a,
34,53,fa,ab,0e,f7,66,0f,49,11,3f,d6,de
"{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}"=hex:51,66,7a,6c,4c,1d,38,12,aa,f5,03,
89,33,40,ba,0e,f9,17,52,ec,1a,81,c5,32
"{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}"=hex:51,66,7a,6c,4c,1d,38,12,ad,e6,05,
ff,d0,e7,cc,02,f1,ea,72,de,72,00,26,d8
"{FF2573AE-E1ED-40E1-83BA-F544CB2EE135}"=hex:51,66,7a,6c,4c,1d,38,12,c0,70,36,
fb,df,af,8f,05,fc,ac,b6,04,ce,70,a5,21
"{FFCB3198-32F3-4E8B-9539-4324694ED664}"=hex:51,66,7a,6c,4c,1d,38,12,f6,32,d8,
fb,c1,7c,e5,0b,ea,2f,00,64,6c,10,92,70
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d3,1a,a7,ac,0d,ac,82,45,84,39,17,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d3,1a,a7,ac,0d,ac,82,45,84,39,17,\
.
[HKEY_USERS\S-1-5-21-841361005-909514878-2309378359-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-841361005-909514878-2309378359-1002)
@Denied: (2) (LocalSystem)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-841361005-909514878-2309378359-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-841361005-909514878-2309378359-1002)
@Denied: (2) (LocalSystem)
"Progid"="eM Client.File.vcf"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Installer\Sym_Cam\CIS]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
@DACL=(02 0000)
"Description"="Java™ Deployment Toolkit"
"GeckoVersion"="1.9"
"Path"="c:\\Program Files (x86)\\Java\\jre7\\bin\\dtplugin\\npDeployJava1.dll"
"ProductName"="Java™ Deployment Toolkit"
"Vendor"="Oracle Corp."
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
@DACL=(02 0000)
"Description"="Oracle® Next Generation Java™ Plug-In"
"GeckoVersion"="1.9"
"Path"="c:\\Program Files (x86)\\Java\\jre7\\bin\\plugin2\\npjp2.dll"
"ProductName"="Oracle® Java™ Plug-In"
"Vendor"="Oracle Corp."
"Version"="1.7.0_67"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
@DACL=(02 0000)
"Description"="Ag Player Plugin"
"GeckoVersion"="1.7.5"
"Path"="c:\\Program Files (x86)\\Microsoft Silverlight\\5.1.30514.0\\npctrl.dll"
"ProductName"="Ag Player"
"Vendor"="Microsoft"
"Version"="5.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll"
"Description"="WLPG Install MIME type"
"GeckoVersion"="1.0"
"ProductName"="Windows Live Photo Gallery"
"Version"="15.4.3502.0922"
"Vendor"="Microsoft"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll"
"Description"="WLPG Install MIME type"
"GeckoVersion"="1.0"
"ProductName"="Windows Live Photo Gallery"
"Version"="16.4.3528.0331"
"Vendor"="Microsoft"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Skype Technologies S.A..com/Skype Web Plugin]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\SkypeWebPlugin\\npSkypeWebPlugin.dll"
"Description"="Skype Web Plugin"
"ProductName"="Skype Web Plugin"
"Vendor"="Skype Technologies S.A."
"Version"="2.9.13008.18866"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\Google\\Update\\1.3.24.15\\npGoogleUpdate3.dll"
"Description"="Google Update"
"ProductName"="Google Update"
"Vendor"="Google Inc."
"Version"="3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\Google\\Update\\1.3.24.15\\npGoogleUpdate3.dll"
"Description"="Google Update"
"ProductName"="Google Update"
"Vendor"="Google Inc."
"Version"="9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\Adobe\\Reader 11.0\\Reader\\AIR\\nppdf32.dll"
"Version"="11.0.09"
"Vendor"="Adobe Systems Incorporated. Copyright 1994-2010 All Rights Reserved"
"ProductName"="Adobe Reader Plugin for Firefox"
"Description"="Handles PDFs in-place in Firefox"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Configurations]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Data]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Options]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Cam]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Firewall Pro]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
Celkový čas: 2015-05-16 21:26:31
ComboFix-quarantined-files.txt 2015-05-16 19:26
.
Před spuštěním: Volných bajtů: 70 383 034 368
Po spuštění: Volných bajtů: 69 888 319 488
.
- - End Of File - - C50CD36300E6472E4A2B4C9BC168B349
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3980.1980 [GMT 2:00]
Spuštěný z: c:\perflogs\Desktop\ComboFix.exe
AV: COMODO Antivirus *Disabled/Updated* {F0BC89B2-8937-0933-021B-B17D981F2A71}
FW: COMODO Firewall *Disabled* {C8870897-C358-086B-2944-184866CC6D0A}
SP: Comodo Defense+ *Enabled/Updated* {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ArcSoft\MediaImpression 2\MPEG_Engine\checkactivate.dll
c:\program files (x86)\ArcSoft\MediaImpression 2\MPEG_Engine\checkcommon.dll
c:\program files (x86)\Common Files\lpuninstall.exe
c:\users\Ruda\AppData\Roaming\Microsoft\Windows\Recent\Thumbs.db
C:\windows-7[1].png
c:\windows\SysWow64\AF15BDAEX.dll
C:\WindowsMSJH.tt2
C:\WindowsMSJHBD.tt2
C:\WindowsMSYH.tt2
C:\WindowsMSYHBD.tt2
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-04-16 do 2015-05-16 )))))))))))))))))))))))))))))))
.
.
2015-05-16 19:11 . 2015-05-16 19:11 -------- d-----w- c:\users\Guest\AppData\Local\temp
2015-05-16 19:11 . 2015-05-16 19:11 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp
2015-05-16 19:11 . 2015-05-16 19:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-05-16 19:11 . 2015-05-16 19:11 -------- d-----w- c:\users\Classic .NET AppPool\AppData\Local\temp
2015-05-16 19:11 . 2015-05-16 19:11 -------- d-----w- c:\users\63ruda99\AppData\Local\temp
2015-05-16 15:13 . 2015-05-16 18:07 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-16 15:12 . 2015-05-16 15:12 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-05-16 15:12 . 2015-05-16 15:12 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-05-16 15:12 . 2015-05-16 15:12 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-05-16 15:12 . 2015-05-16 15:12 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-05-16 15:12 . 2015-05-16 15:12 -------- d-----w- c:\programdata\Malwarebytes
2015-05-15 21:05 . 2015-05-15 21:05 -------- d-----w- c:\programdata\Baidu
2015-05-15 16:37 . 2015-05-15 16:38 -------- d-----w- c:\users\Ruda\AppData\Local\Plus500
2015-05-15 16:37 . 2015-05-15 16:37 -------- d-----w- c:\program files (x86)\Plus500
2015-05-15 15:52 . 2015-05-15 16:09 -------- d-----w- C:\AdwCleaner
2015-05-15 15:22 . 2015-05-15 15:22 -------- d-----w- c:\users\63ruda99\AppData\Local\Macromedia
2015-05-15 15:08 . 2015-05-15 15:08 -------- d-----w- c:\users\63ruda99\AppData\Local\NVIDIA Corporation
2015-05-15 15:08 . 2015-05-15 15:08 -------- d-----w- c:\users\63ruda99\AppData\Local\Programs
2015-05-15 15:07 . 2015-05-15 15:08 -------- d-----w- c:\users\63ruda99\AppData\Local\Mozilla
2015-05-15 15:07 . 2015-05-15 15:07 -------- d-----w- c:\users\63ruda99\AppData\Local\Wondershare
2015-05-15 15:07 . 2015-05-15 15:07 -------- d-----w- c:\users\63ruda99\AppData\Local\ArcSoft
2015-05-15 15:07 . 2015-05-15 15:07 -------- d-----w- c:\users\63ruda99\AppData\Local\LogMeIn
2015-05-15 15:07 . 2015-05-15 15:10 -------- d-----w- c:\users\63ruda99\AppData\Local\LogMeIn Hamachi
2015-05-15 15:05 . 2015-05-15 15:05 -------- d-----w- c:\users\63ruda99\AppData\Roaming\ASUS WebStorage
2015-05-15 15:03 . 2015-05-15 15:03 -------- d-----w- c:\users\63ruda99\AppData\Roaming\Local
2015-05-15 15:03 . 2015-05-15 15:03 -------- d-----w- c:\users\63ruda99\AppData\Local\BMExplorer
2015-05-15 15:03 . 2015-05-15 15:03 -------- d-----w- c:\users\63ruda99\AppData\Local\VirtualStore
2015-05-15 15:03 . 2015-05-15 15:03 -------- d-----w- c:\users\63ruda99\AppData\Roaming\Atheros
2015-05-15 15:02 . 2015-05-15 15:02 -------- d-----w- c:\users\63ruda99\AppData\Local\Trusteer
2015-05-15 09:06 . 2015-05-15 09:08 -------- d-----w- C:\c00fcbf951e24eb515
2015-05-13 20:28 . 2015-05-13 20:28 -------- d-----w- c:\users\Ruda\AppData\Roaming\2BrightSparks
2015-05-13 20:28 . 2015-05-13 20:28 -------- d-----w- c:\users\Ruda\AppData\Local\2BrightSparks
2015-05-13 20:28 . 2015-05-13 20:28 -------- d-----w- c:\program files (x86)\2BrightSparks
2015-05-13 19:22 . 2015-05-13 19:22 -------- d-----w- c:\users\Ruda\AppData\Roaming\com.adobe.amp
2015-05-13 13:57 . 2015-05-13 13:57 3584 ----a-r- c:\users\Ruda\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2015-05-13 13:57 . 2015-05-13 13:57 -------- d-----w- c:\program files (x86)\Windows Installer Clean Up
2015-05-13 13:43 . 2015-05-13 13:43 -------- d-----w- c:\windows\LastGood.Tmp
2015-05-13 12:36 . 2015-05-01 13:17 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 12:36 . 2015-05-01 13:16 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 11:30 . 2015-05-13 11:30 -------- d-----w- c:\users\Ruda\AppData\Roaming\AVG
2015-05-13 11:30 . 2015-05-13 11:30 -------- d-----w- c:\users\Ruda\AppData\Local\Avg
2015-05-13 11:29 . 2015-05-13 11:31 -------- d-----w- c:\programdata\AVG
2015-05-13 10:38 . 2015-05-13 10:39 -------- d-----w- c:\program files (x86)\Notepad++
2015-05-13 01:15 . 2015-05-05 01:29 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-13 01:15 . 2015-05-05 01:12 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-05-13 01:15 . 2015-04-18 03:10 460800 ----a-w- c:\windows\system32\certcli.dll
2015-05-13 01:15 . 2015-04-18 02:56 342016 ----a-w- c:\windows\SysWow64\certcli.dll
2015-05-13 01:12 . 2015-04-20 03:17 1647104 ----a-w- c:\windows\system32\DWrite.dll
2015-05-12 16:42 . 2015-05-12 17:24 -------- d-----w- c:\users\Ruda\AppData\Local\box-9ec6d6a762214a05f09b71757106fc8c
2015-05-12 09:26 . 2015-05-12 09:26 -------- d-----w- c:\users\Ruda\AppData\Local\Opera Software
2015-05-12 04:24 . 2015-05-13 13:43 4149784 ----a-w- c:\windows\system32\drivers\athrx.sys
2015-05-11 22:57 . 2015-05-11 22:57 77824 ----a-w- c:\windows\SysWow64\fmcodec.DLL
2015-05-07 22:56 . 2015-05-07 22:56 -------- d-----w- c:\users\Ruda\AppData\Roaming\Lamantine
2015-05-07 22:49 . 2015-05-07 22:49 -------- d-----w- c:\programdata\Lamantine
2015-05-07 22:48 . 2015-05-07 22:49 -------- d-----w- c:\program files (x86)\Sticky Password
2015-05-06 15:00 . 2015-05-12 17:25 -------- d-----w- c:\programdata\BlazeVideo
2015-05-06 14:59 . 2015-05-12 17:28 -------- d-----w- c:\program files (x86)\BlazeVideo
2015-05-06 12:32 . 2015-05-06 12:32 -------- d-----w- C:\ProgDVBEngineLogs
2015-05-06 12:29 . 2015-05-06 14:50 -------- d-----w- c:\program files (x86)\ProgDVB
2015-05-04 17:04 . 2015-05-04 17:04 -------- d-----w- c:\programdata\Wondershare
2015-05-02 15:51 . 2015-03-11 15:04 535576 ----a-w- c:\windows\system32\drivers\RapportKE64.sys
2015-05-02 15:50 . 2015-05-02 15:50 -------- d-----w- c:\program files (x86)\Trusteer
2015-05-02 15:47 . 2015-05-02 15:47 -------- d-----w- c:\programdata\Trusteer
2015-05-02 14:58 . 2015-05-02 14:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2015-05-02 14:58 . 2015-05-02 14:58 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2015-05-02 14:58 . 2015-05-02 14:58 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2015-05-02 14:58 . 2015-05-02 14:58 6656 ----a-w- c:\windows\system32\shimeng.dll
2015-05-02 14:58 . 2015-05-02 14:58 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2015-05-02 14:58 . 2015-05-02 14:58 342016 ----a-w- c:\windows\system32\apphelp.dll
2015-05-02 14:58 . 2015-05-02 14:58 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2015-05-02 14:58 . 2015-05-02 14:58 23552 ----a-w- c:\windows\system32\sdbinst.exe
2015-05-02 14:58 . 2015-05-02 14:58 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2015-04-30 23:24 . 2015-04-30 23:24 -------- d-----w- c:\users\Ruda\AppData\Local\Trusteer
2015-04-24 09:15 . 2015-04-24 09:47 -------- d-----w- c:\users\Ruda\AppData\Roaming\eM Client
2015-04-23 20:44 . 2015-03-14 03:21 82944 ----a-w- c:\windows\system32\dwmapi.dll
2015-04-23 20:44 . 2015-03-14 03:21 1632768 ----a-w- c:\windows\system32\dwmcore.dll
2015-04-23 20:44 . 2015-03-14 03:04 67584 ----a-w- c:\windows\SysWow64\dwmapi.dll
2015-04-23 20:44 . 2015-03-14 03:04 1372160 ----a-w- c:\windows\SysWow64\dwmcore.dll
2015-04-23 20:44 . 2015-01-29 03:19 2543104 ----a-w- c:\windows\system32\wpdshext.dll
2015-04-23 20:44 . 2015-01-29 03:02 2311168 ----a-w- c:\windows\SysWow64\wpdshext.dll
2015-04-23 20:44 . 2015-01-29 03:19 1195008 ----a-w- c:\windows\system32\drivers\UMDF\WpdMtpDr.dll
2015-04-22 12:57 . 2015-05-16 06:20 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2015-04-21 17:51 . 2015-04-21 17:51 -------- d-----w- c:\program files\EPSON
2015-04-20 15:33 . 2015-04-20 15:33 45056 ----a-r- c:\users\Ruda\AppData\Roaming\Microsoft\Installer\{4154BF17-EE1F-4F25-9696-2FF191FE0787}\_15024A0ED067_4256_BFEE_46696AEE56A7.exe
2015-04-20 15:33 . 2015-04-20 15:33 -------- d-----w- c:\program files (x86)\Fireluke
2015-04-16 22:18 . 2015-04-18 07:19 -------- d-----w- c:\users\Ruda\AppData\Local\Wondershare
2015-04-16 22:18 . 2015-04-16 22:18 -------- d-----w- c:\program files (x86)\Common Files\Wondershare
2015-04-16 22:18 . 2015-04-16 22:29 -------- d-----w- c:\users\Ruda\AppData\Roaming\Wondershare
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-16 18:05 . 2013-03-07 01:52 466 ----a-w- c:\users\Ruda\AppData\Roaming\sp_data.sys
2015-05-16 18:04 . 2014-03-27 23:54 4194304 ----a-w- c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2015-05-15 15:24 . 2015-03-27 00:23 387 ----a-w- c:\users\63ruda99\AppData\Roaming\sp_data.sys
2015-05-13 23:58 . 2015-03-14 14:09 135824 ----a-w- c:\windows\system32\escsvc64.exe
2015-05-13 12:53 . 2013-03-07 08:48 140425016 ----a-w- c:\windows\system32\MRT.exe
2015-05-12 09:39 . 2015-01-29 22:41 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-05-12 09:39 . 2015-01-29 22:41 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-08 22:29 . 2015-05-08 22:29 113664 ----a-w- c:\windows\system32\sechost.dll
2015-05-08 22:29 . 2015-05-08 22:29 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-05-08 22:29 . 2015-05-08 22:29 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-06 14:36 . 2010-02-03 08:05 113280 ----a-w- c:\windows\system32\drivers\IT9135BDA.sys
2015-05-05 01:29 . 2015-05-13 01:15 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-05 01:12 . 2015-05-13 01:15 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-05-02 14:58 . 2015-05-02 14:58 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-05-02 14:58 . 2015-05-02 14:58 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-05-02 14:58 . 2015-05-02 14:58 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-05-02 14:58 . 2015-05-02 14:58 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-05-02 14:58 . 2015-05-02 14:58 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-04-22 08:02 . 2014-06-19 13:40 201216 ----a-w- c:\windows\SysWow64\mediarcpt.dll
2015-04-16 15:17 . 2015-04-16 15:03 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2015-04-15 11:14 . 2015-04-15 11:14 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-04-15 11:14 . 2015-04-15 11:14 566784 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-04-15 11:14 . 2015-04-15 11:14 36864 ----a-w- c:\windows\system32\wuapp.exe
2015-04-15 11:14 . 2015-04-15 11:14 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-04-15 11:14 . 2015-04-15 11:14 29696 ----a-w- c:\windows\SysWow64\wups.dll
2015-04-15 11:14 . 2015-04-15 11:14 173056 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-04-15 11:14 . 2015-04-15 11:14 135168 ----a-w- c:\windows\system32\wuauclt.exe
2015-04-15 11:14 . 2015-04-15 11:14 696320 ----a-w- c:\windows\system32\wuapi.dll
2015-04-15 11:14 . 2015-04-15 11:14 60416 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-04-15 11:14 . 2015-04-15 11:14 98304 ----a-w- c:\windows\system32\wudriver.dll
2015-04-15 11:14 . 2015-04-15 11:14 37376 ----a-w- c:\windows\system32\wups2.dll
2015-04-15 11:14 . 2015-04-15 11:14 35328 ----a-w- c:\windows\system32\wups.dll
2015-04-15 11:14 . 2015-04-15 11:14 3298816 ----a-w- c:\windows\system32\wucltux.dll
2015-04-15 11:14 . 2015-04-15 11:14 2553856 ----a-w- c:\windows\system32\wuaueng.dll
2015-04-15 11:14 . 2015-04-15 11:14 191488 ----a-w- c:\windows\system32\wuwebv.dll
2015-04-15 11:14 . 2015-04-15 11:14 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-04-15 11:14 . 2015-04-15 11:14 404480 ----a-w- c:\windows\system32\gdi32.dll
2015-04-15 11:14 . 2015-04-15 11:14 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2015-04-15 11:14 . 2015-04-15 11:14 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-04-15 11:14 . 2015-04-15 11:14 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-04-15 11:14 . 2015-04-15 11:14 1882624 ----a-w- c:\windows\system32\msxml3.dll
2015-04-15 11:14 . 2015-04-15 11:14 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-04-15 11:13 . 2015-04-15 11:13 754688 ----a-w- c:\windows\system32\drivers\http.sys
2015-04-15 11:12 . 2015-04-15 11:12 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-04-15 11:12 . 2015-04-15 11:12 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2015-04-15 11:12 . 2015-04-15 11:12 367552 ----a-w- c:\windows\system32\clfs.sys
2015-04-09 09:25 . 2015-04-09 09:25 957952 ----a-w- c:\windows\system32\appraiser.dll
2015-04-09 09:25 . 2015-04-09 09:25 769536 ----a-w- c:\windows\system32\invagent.dll
2015-04-09 09:25 . 2015-04-09 09:25 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-04-09 09:25 . 2015-04-09 09:25 419840 ----a-w- c:\windows\system32\devinv.dll
2015-04-09 09:25 . 2015-04-09 09:25 30720 ----a-w- c:\windows\system32\acmigration.dll
2015-04-09 09:25 . 2015-04-09 09:25 1111552 ----a-w- c:\windows\system32\aeinv.dll
2015-04-09 09:25 . 2015-04-09 09:25 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-04-09 09:25 . 2015-04-09 09:25 192000 ----a-w- c:\windows\system32\aepic.dll
2015-04-08 09:14 . 2015-04-08 09:14 21248 ----a-w- c:\windows\system32\drivers\rpkmdrv.sys
2015-04-08 09:14 . 2015-04-08 09:14 1354717 ----a-w- c:\windows\unins000.exe
2015-04-03 10:49 . 2015-04-03 10:49 26528 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2015-04-01 17:49 . 2014-12-08 23:20 104608 ----a-w- c:\windows\system32\drivers\inspect.sys
2015-04-01 17:49 . 2014-12-08 23:20 45880 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2015-04-01 17:49 . 2014-12-08 23:20 797280 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2015-04-01 17:49 . 2014-12-08 23:20 20696 ----a-w- c:\windows\system32\drivers\cmderd.sys
2015-04-01 17:48 . 2014-12-08 23:20 41248 ----a-w- c:\windows\system32\cmdcsr.dll
2015-04-01 17:48 . 2014-12-08 23:20 444472 ----a-w- c:\windows\SysWow64\guard32.dll
2015-04-01 17:48 . 2014-12-08 23:20 576848 ----a-w- c:\windows\system32\guard64.dll
2015-04-01 17:47 . 2014-12-08 23:20 358104 ----a-w- c:\windows\system32\cmdvrt64.dll
2015-04-01 17:46 . 2014-12-08 23:20 45784 ----a-w- c:\windows\system32\cmdkbd64.dll
2015-04-01 17:45 . 2014-12-08 23:20 288472 ----a-w- c:\windows\SysWow64\cmdvrt32.dll
2015-04-01 17:45 . 2014-12-08 23:20 40664 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2015-03-30 13:25 . 2013-07-15 18:59 33856 ---ha-w- c:\windows\system32\hamachi.sys
2015-03-23 16:19 . 2014-01-08 19:21 927520 ----a-w- c:\windows\system32\nvvsvc.exe
2015-03-23 16:17 . 2015-03-23 16:16 354016 ----a-w- c:\windows\system32\nvoglshim64.dll
2015-03-23 16:17 . 2015-03-23 16:16 305600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2015-03-23 16:17 . 2015-03-23 16:16 11599072 ----a-w- c:\windows\system32\nvopencl.dll
2015-03-23 16:17 . 2015-03-23 16:16 895776 ----a-w- c:\windows\system32\NvIFR64.dll
2015-03-23 16:17 . 2015-03-23 16:16 892704 ----a-w- c:\windows\system32\NvFBC64.dll
2015-03-23 16:17 . 2015-03-23 16:16 867784 ----a-w- c:\windows\SysWow64\NvIFR.dll
2015-03-23 16:17 . 2015-03-23 16:16 861128 ----a-w- c:\windows\SysWow64\NvFBC.dll
2015-03-23 16:17 . 2015-03-23 16:16 2785568 ----a-w- c:\windows\system32\nvcuvenc.dll
2015-03-23 16:17 . 2015-03-23 16:16 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-03-23 16:17 . 2015-03-23 16:16 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2015-03-23 16:17 . 2015-01-27 10:17 952952 ----a-w- c:\windows\system32\nvumdshimx.dll
2015-03-23 16:17 . 2015-01-27 10:17 3109248 ----a-w- c:\windows\system32\nvapi64.dll
2015-03-23 16:17 . 2014-05-27 11:05 837056 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2015-03-23 16:17 . 2015-03-23 16:16 9697640 ----a-w- c:\windows\SysWow64\nvopencl.dll
2015-03-23 16:17 . 2015-03-23 16:16 32544 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2015-03-23 16:17 . 2015-03-23 16:16 18531568 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-03-23 16:17 . 2015-03-23 16:16 16003912 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-03-23 16:17 . 2015-03-23 16:16 3141976 ----a-w- c:\windows\system32\nvcuvid.dll
2015-03-23 16:17 . 2015-03-23 16:16 2953672 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2015-03-23 16:17 . 2015-03-23 16:16 2412376 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2015-03-23 16:17 . 2015-03-23 16:16 17480432 ----a-w- c:\windows\system32\nvd3dumx.dll
2015-03-23 16:17 . 2015-03-23 16:16 12688328 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2015-03-23 16:17 . 2015-03-23 16:16 31387936 ----a-w- c:\windows\system32\nvoglv64.dll
2015-03-23 16:17 . 2015-03-23 16:16 24025376 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2015-03-23 16:17 . 2015-03-23 16:16 9735256 ----a-w- c:\windows\SysWow64\nvcuda.dll
2015-03-23 16:17 . 2015-03-23 16:16 166568 ----a-w- c:\windows\system32\nvinitx.dll
2015-03-23 16:17 . 2015-03-23 16:16 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-03-23 16:17 . 2015-03-23 16:16 11644928 ----a-w- c:\windows\system32\nvcuda.dll
2015-03-23 16:17 . 2015-03-23 16:16 17561544 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2015-03-23 16:17 . 2013-11-19 18:52 146480 ----a-w- c:\windows\SysWow64\nvinit.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-04-17 14:40 223432 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-04-17 14:40 223432 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-04-17 14:40 223432 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE" [2015-03-14 283232]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_pepper.exe" [2015-05-12 927920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2000-01-01 292088]
"ACMON"="c:\program files (x86)\ASUS\Splendid\ACMON.exe" [2012-02-21 102568]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2012-02-03 2321072]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2012-06-25 322208]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2012-06-19 174752]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2015-03-14 1057408]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"LedStatus"="c:\program files (x86)\Rapoo\RpWireless\LedStatus.exe" [2015-04-08 1709736]
"Wondershare Helper Compact.exe"="c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2015-04-16 2072928]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2015-03-30 3978600]
"iSkysoft Helper Compact.exe"="c:\program files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe" [2015-01-07 2066432]
.
c:\users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemExplorerDisabled\
Odeslat do OneNote.lnk - c:\program files\Microsoft Office 15\root\office15\ONENOTEM.EXE /tsr [2014-9-23 195240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoFileAssociate"= 0 (0x0)
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe"
"SystemExplorerAutoStart"="c:\program files (x86)\System Explorer\SystemExplorer.exe" /TRAY
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DirMngr;DirMngr;c:\program files (x86)\GNU\GnuPG\dirmngr.exe;c:\program files (x86)\GNU\GnuPG\dirmngr.exe [x]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R2 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 ssinstall;SInstalátor;c:\windows\SysWOW64\ssins.exe;c:\windows\SysWOW64\ssins.exe [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 cpuz134;cpuz134;c:\users\Ruda\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\Ruda\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys;c:\windows\SYSNATIVE\DRIVERS\EsgScanner.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys;c:\windows\SYSNATIVE\Drivers\IT9135BDA.sys [x]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
R3 PCWinSoft;ScreenCamera Video Camera;c:\windows\system32\DRIVERS\scrcamhrdrv_x64.sys;c:\windows\SYSNATIVE\DRIVERS\scrcamhrdrv_x64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 SystemExplorerHelpService;System Explorer Service;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R3 XHCIdrv;xHCI Compliance Test Host Controller;c:\windows\system32\DRIVERS\XHCIdrv.sys;c:\windows\SYSNATIVE\DRIVERS\XHCIdrv.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 RapportKE64;RapportKE64;c:\windows\System32\Drivers\RapportKE64.sys;c:\windows\SYSNATIVE\Drivers\RapportKE64.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys;c:\windows\SYSNATIVE\DRIVERS\CFRMD.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S1 RapportCerberus_80128;RapportCerberus_80128;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80128.sys;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80128.sys [x]
S1 RapportEI64;RapportEI64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [x]
S1 RapportPG64;RapportPG64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 ClickToRunSvc;Služba Microsoft Office ClickToRun;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 CLPSLauncher;COMODO LPS Launcher;c:\program files (x86)\Common Files\COMODO\launcher_service.exe;c:\program files (x86)\Common Files\COMODO\launcher_service.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [x]
S2 EPSON_PM_RPCV4_05;EPSON V3 Service4(05);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE [x]
S2 EpsonCustomerResearchParticipation;EpsonCustomerResearchParticipation;c:\program files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe;c:\program files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 GeekBuddyRSP;GeekBuddyRSP Server;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RapportMgmtService;Rapport Management Service;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AiCharger.sys [x]
S3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys;c:\windows\SYSNATIVE\drivers\anvsnddrv.sys [x]
S3 AsusVBus;AsusVBus;c:\windows\system32\DRIVERS\AsusVBus.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVBus.sys [x]
S3 AsusVTouch;AsusVTouch;c:\windows\system32\DRIVERS\AsusVTouch.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVTouch.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 rpkmdrv;Rapoo Wireless Device Driver;c:\windows\system32\drivers\rpkmdrv.sys;c:\windows\SYSNATIVE\drivers\rpkmdrv.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-05-15 15:19 988488 ----a-w- c:\program files (x86)\Google\Chrome\Application\42.0.2311.152\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-05-16 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_pepper.exe [2015-05-12 09:39]
.
2015-05-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-29 09:39]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-04-17 14:40 262344 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-04-17 14:40 262344 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-04-17 14:40 262344 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-03-10 08:43 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-03-10 08:43 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-03-10 08:43 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2012-11-05 06:07 1506688 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.144.298\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2012-11-05 06:07 1506688 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.144.298\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-11-05 06:07 1506688 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.144.298\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-05-26 361984]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\btvstack.exe" [2012-05-30 1023616]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\athbttray.exe" [2012-05-30 801920]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-12-13 2824504]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-29 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-29 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-29 442328]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2015-04-20 1426136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
mWindow Title = Microsoft Internet Explorer
mSearchAssistant =
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: LastPass - file://c:\users\Ruda\AppData\LocalLow\LastPass\context.html?cmd=lastpass
IE: LastPass Vyplňování formulářů - file://c:\users\Ruda\AppData\LocalLow\LastPass\context.html?cmd=fillforms
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\sign
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojeplatba.cz\www
TCP: Interfaces\{EB650A0A-9E1B-4002-8743-32FA3FD63317}\368616C6F65707B616: NameServer = 156.154.70.25,156.154.71.25
FF - ProfilePath - c:\users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\0hfd64x0.default-1423008048081\
FF - prefs.js: browser.startup.homepage - hxxps://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
Toolbar-Locked - (no file)
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk - c:\program files (x86)\Common Files\lpuninstall.exe -q -name=LastPass -ffuuid support@lastpass.com
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk - c:\program files (x86)\Common Files\lpuninstall.exe -p -name=LastPass -ffuuid support@lastpass.com
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{10921475-03CE-4E04-90CE-E2E7EF20C814} - (no file)
Toolbar-10 - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-ssinstall - c:\windows\system32\ssinstall-uninstall.bat
AddRemove-{1ce01891-839b-4ad1-b629-2e608ba0c6ba} - c:\programdata\Package Cache\{1ce01891-839b-4ad1-b629-2e608ba0c6ba}\adblockplusie-1.0.exe
AddRemove-{23A3F354-8AD9-AC11-2553-9FCCB4F3118C} - c:\progra~3\INSTAL~1\{DC42B~1\Setup.exe
AddRemove-{AA4A885A-1CB9-8347-DCDF-D6F71B558417} - c:\progra~3\INSTAL~1\{393B3~1\Setup.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
AddRemove-Akamai - c:\users\Ruda\AppData\Local\Akamai\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{9F6B5CC3-5C7B-4B5C-97AF-19DEC1E380E5}"=hex:51,66,7a,6c,4c,1d,38,12,ad,5f,78,
9b,49,12,32,0e,e8,b9,5a,9e,c4,bd,c4,f1
"{95D9ECF5-2A4D-4550-BE49-70D42F71296E}"=hex:51,66,7a,6c,4c,1d,38,12,9b,ef,ca,
91,7f,64,3e,00,c1,5f,33,94,2a,2f,6d,7a
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{3049C3E9-B461-4BC5-8870-4C09146192CA}"=hex:51,66,7a,6c,4c,1d,38,12,87,c0,5a,
34,53,fa,ab,0e,f7,66,0f,49,11,3f,d6,de
"{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}"=hex:51,66,7a,6c,4c,1d,38,12,aa,f5,03,
89,33,40,ba,0e,f9,17,52,ec,1a,81,c5,32
"{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}"=hex:51,66,7a,6c,4c,1d,38,12,ad,e6,05,
ff,d0,e7,cc,02,f1,ea,72,de,72,00,26,d8
"{FF2573AE-E1ED-40E1-83BA-F544CB2EE135}"=hex:51,66,7a,6c,4c,1d,38,12,c0,70,36,
fb,df,af,8f,05,fc,ac,b6,04,ce,70,a5,21
"{FFCB3198-32F3-4E8B-9539-4324694ED664}"=hex:51,66,7a,6c,4c,1d,38,12,f6,32,d8,
fb,c1,7c,e5,0b,ea,2f,00,64,6c,10,92,70
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d3,1a,a7,ac,0d,ac,82,45,84,39,17,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d3,1a,a7,ac,0d,ac,82,45,84,39,17,\
.
[HKEY_USERS\S-1-5-21-841361005-909514878-2309378359-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-841361005-909514878-2309378359-1002)
@Denied: (2) (LocalSystem)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-841361005-909514878-2309378359-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-841361005-909514878-2309378359-1002)
@Denied: (2) (LocalSystem)
"Progid"="eM Client.File.vcf"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Installer\Sym_Cam\CIS]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
@DACL=(02 0000)
"Description"="Java™ Deployment Toolkit"
"GeckoVersion"="1.9"
"Path"="c:\\Program Files (x86)\\Java\\jre7\\bin\\dtplugin\\npDeployJava1.dll"
"ProductName"="Java™ Deployment Toolkit"
"Vendor"="Oracle Corp."
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
@DACL=(02 0000)
"Description"="Oracle® Next Generation Java™ Plug-In"
"GeckoVersion"="1.9"
"Path"="c:\\Program Files (x86)\\Java\\jre7\\bin\\plugin2\\npjp2.dll"
"ProductName"="Oracle® Java™ Plug-In"
"Vendor"="Oracle Corp."
"Version"="1.7.0_67"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
@DACL=(02 0000)
"Description"="Ag Player Plugin"
"GeckoVersion"="1.7.5"
"Path"="c:\\Program Files (x86)\\Microsoft Silverlight\\5.1.30514.0\\npctrl.dll"
"ProductName"="Ag Player"
"Vendor"="Microsoft"
"Version"="5.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll"
"Description"="WLPG Install MIME type"
"GeckoVersion"="1.0"
"ProductName"="Windows Live Photo Gallery"
"Version"="15.4.3502.0922"
"Vendor"="Microsoft"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll"
"Description"="WLPG Install MIME type"
"GeckoVersion"="1.0"
"ProductName"="Windows Live Photo Gallery"
"Version"="16.4.3528.0331"
"Vendor"="Microsoft"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Skype Technologies S.A..com/Skype Web Plugin]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\SkypeWebPlugin\\npSkypeWebPlugin.dll"
"Description"="Skype Web Plugin"
"ProductName"="Skype Web Plugin"
"Vendor"="Skype Technologies S.A."
"Version"="2.9.13008.18866"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\Google\\Update\\1.3.24.15\\npGoogleUpdate3.dll"
"Description"="Google Update"
"ProductName"="Google Update"
"Vendor"="Google Inc."
"Version"="3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\Google\\Update\\1.3.24.15\\npGoogleUpdate3.dll"
"Description"="Google Update"
"ProductName"="Google Update"
"Vendor"="Google Inc."
"Version"="9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\Adobe\\Reader 11.0\\Reader\\AIR\\nppdf32.dll"
"Version"="11.0.09"
"Vendor"="Adobe Systems Incorporated. Copyright 1994-2010 All Rights Reserved"
"ProductName"="Adobe Reader Plugin for Firefox"
"Description"="Handles PDFs in-place in Firefox"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Configurations]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Data]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Options]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Cam]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Firewall Pro]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
Celkový čas: 2015-05-16 21:26:31
ComboFix-quarantined-files.txt 2015-05-16 19:26
.
Před spuštěním: Volných bajtů: 70 383 034 368
Po spuštění: Volných bajtů: 69 888 319 488
.
- - End Of File - - C50CD36300E6472E4A2B4C9BC168B349
-
Rudy
- Site Admin
- Příspěvky: 119315
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: velice pomalé načítání
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
[HKEY_USERS\S-1-5-21-841361005-909514878-2309378359-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
[HKEY_USERS\S-1-5-21-841361005-909514878-2309378359-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Installer\Sym_Cam\CIS]
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Skype Technologies S.A..com/Skype Web Plugin]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Configurations]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Data]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Options]
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Cam]
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Firewall Pro]
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: velice pomalé načítání
ComboFix 15-05-13.01 - Ruda 17.05.2015 0:36.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3980.1793 [GMT 2:00]
Spuštěný z: c:\perflogs\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\perflogs\Desktop\CFScript.txt
AV: COMODO Antivirus *Disabled/Updated* {F0BC89B2-8937-0933-021B-B17D981F2A71}
FW: COMODO Firewall *Disabled* {C8870897-C358-086B-2944-184866CC6D0A}
SP: Comodo Defense+ *Enabled/Updated* {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-04-16 do 2015-05-16 )))))))))))))))))))))))))))))))
.
.
2015-05-16 23:05 . 2015-05-16 23:05 -------- d-----w- c:\users\Guest\AppData\Local\temp
2015-05-16 23:05 . 2015-05-16 23:05 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp
2015-05-16 23:05 . 2015-05-16 23:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-05-16 23:05 . 2015-05-16 23:05 -------- d-----w- c:\users\Classic .NET AppPool\AppData\Local\temp
2015-05-16 23:05 . 2015-05-16 23:05 -------- d-----w- c:\users\63ruda99\AppData\Local\temp
2015-05-16 15:13 . 2015-05-16 22:21 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-16 15:12 . 2015-05-16 15:12 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-05-16 15:12 . 2015-05-16 15:12 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-05-16 15:12 . 2015-05-16 15:12 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-05-16 15:12 . 2015-05-16 15:12 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-05-16 15:12 . 2015-05-16 15:12 -------- d-----w- c:\programdata\Malwarebytes
2015-05-15 21:05 . 2015-05-15 21:05 -------- d-----w- c:\programdata\Baidu
2015-05-15 16:37 . 2015-05-15 16:38 -------- d-----w- c:\users\Ruda\AppData\Local\Plus500
2015-05-15 16:37 . 2015-05-15 16:37 -------- d-----w- c:\program files (x86)\Plus500
2015-05-15 15:52 . 2015-05-15 16:09 -------- d-----w- C:\AdwCleaner
2015-05-15 15:22 . 2015-05-15 15:22 -------- d-----w- c:\users\63ruda99\AppData\Local\Macromedia
2015-05-15 15:08 . 2015-05-15 15:08 -------- d-----w- c:\users\63ruda99\AppData\Local\NVIDIA Corporation
2015-05-15 15:08 . 2015-05-15 15:08 -------- d-----w- c:\users\63ruda99\AppData\Local\Programs
2015-05-15 15:07 . 2015-05-15 15:08 -------- d-----w- c:\users\63ruda99\AppData\Local\Mozilla
2015-05-15 15:07 . 2015-05-15 15:07 -------- d-----w- c:\users\63ruda99\AppData\Local\Wondershare
2015-05-15 15:07 . 2015-05-15 15:07 -------- d-----w- c:\users\63ruda99\AppData\Local\ArcSoft
2015-05-15 15:07 . 2015-05-15 15:07 -------- d-----w- c:\users\63ruda99\AppData\Local\LogMeIn
2015-05-15 15:07 . 2015-05-15 15:10 -------- d-----w- c:\users\63ruda99\AppData\Local\LogMeIn Hamachi
2015-05-15 15:05 . 2015-05-15 15:05 -------- d-----w- c:\users\63ruda99\AppData\Roaming\ASUS WebStorage
2015-05-15 15:03 . 2015-05-15 15:03 -------- d-----w- c:\users\63ruda99\AppData\Roaming\Local
2015-05-15 15:03 . 2015-05-15 15:03 -------- d-----w- c:\users\63ruda99\AppData\Local\BMExplorer
2015-05-15 15:03 . 2015-05-15 15:03 -------- d-----w- c:\users\63ruda99\AppData\Local\VirtualStore
2015-05-15 15:03 . 2015-05-15 15:03 -------- d-----w- c:\users\63ruda99\AppData\Roaming\Atheros
2015-05-15 15:02 . 2015-05-15 15:02 -------- d-----w- c:\users\63ruda99\AppData\Local\Trusteer
2015-05-15 09:06 . 2015-05-15 09:08 -------- d-----w- C:\c00fcbf951e24eb515
2015-05-13 20:28 . 2015-05-13 20:28 -------- d-----w- c:\users\Ruda\AppData\Roaming\2BrightSparks
2015-05-13 20:28 . 2015-05-13 20:28 -------- d-----w- c:\users\Ruda\AppData\Local\2BrightSparks
2015-05-13 20:28 . 2015-05-13 20:28 -------- d-----w- c:\program files (x86)\2BrightSparks
2015-05-13 19:22 . 2015-05-13 19:22 -------- d-----w- c:\users\Ruda\AppData\Roaming\com.adobe.amp
2015-05-13 13:57 . 2015-05-13 13:57 3584 ----a-r- c:\users\Ruda\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2015-05-13 13:57 . 2015-05-13 13:57 -------- d-----w- c:\program files (x86)\Windows Installer Clean Up
2015-05-13 12:36 . 2015-05-01 13:17 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 12:36 . 2015-05-01 13:16 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 11:30 . 2015-05-13 11:30 -------- d-----w- c:\users\Ruda\AppData\Roaming\AVG
2015-05-13 11:30 . 2015-05-13 11:30 -------- d-----w- c:\users\Ruda\AppData\Local\Avg
2015-05-13 11:29 . 2015-05-13 11:31 -------- d-----w- c:\programdata\AVG
2015-05-13 10:38 . 2015-05-13 10:39 -------- d-----w- c:\program files (x86)\Notepad++
2015-05-13 01:15 . 2015-05-05 01:29 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-13 01:15 . 2015-05-05 01:12 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-05-13 01:15 . 2015-04-18 03:10 460800 ----a-w- c:\windows\system32\certcli.dll
2015-05-13 01:15 . 2015-04-18 02:56 342016 ----a-w- c:\windows\SysWow64\certcli.dll
2015-05-13 01:12 . 2015-04-20 03:17 1647104 ----a-w- c:\windows\system32\DWrite.dll
2015-05-12 16:42 . 2015-05-12 17:24 -------- d-----w- c:\users\Ruda\AppData\Local\box-9ec6d6a762214a05f09b71757106fc8c
2015-05-12 09:26 . 2015-05-12 09:26 -------- d-----w- c:\users\Ruda\AppData\Local\Opera Software
2015-05-12 04:24 . 2015-05-13 13:43 4149784 ----a-w- c:\windows\system32\drivers\athrx.sys
2015-05-11 22:57 . 2015-05-11 22:57 77824 ----a-w- c:\windows\SysWow64\fmcodec.DLL
2015-05-07 22:56 . 2015-05-07 22:56 -------- d-----w- c:\users\Ruda\AppData\Roaming\Lamantine
2015-05-07 22:49 . 2015-05-07 22:49 -------- d-----w- c:\programdata\Lamantine
2015-05-07 22:48 . 2015-05-07 22:49 -------- d-----w- c:\program files (x86)\Sticky Password
2015-05-06 15:00 . 2015-05-12 17:25 -------- d-----w- c:\programdata\BlazeVideo
2015-05-06 14:59 . 2015-05-12 17:28 -------- d-----w- c:\program files (x86)\BlazeVideo
2015-05-06 12:32 . 2015-05-06 12:32 -------- d-----w- C:\ProgDVBEngineLogs
2015-05-06 12:29 . 2015-05-06 14:50 -------- d-----w- c:\program files (x86)\ProgDVB
2015-05-04 17:04 . 2015-05-04 17:04 -------- d-----w- c:\programdata\Wondershare
2015-05-02 15:51 . 2015-03-11 15:04 535576 ----a-w- c:\windows\system32\drivers\RapportKE64.sys
2015-05-02 15:50 . 2015-05-02 15:50 -------- d-----w- c:\program files (x86)\Trusteer
2015-05-02 15:47 . 2015-05-02 15:47 -------- d-----w- c:\programdata\Trusteer
2015-05-02 14:58 . 2015-05-02 14:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2015-05-02 14:58 . 2015-05-02 14:58 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2015-05-02 14:58 . 2015-05-02 14:58 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2015-05-02 14:58 . 2015-05-02 14:58 6656 ----a-w- c:\windows\system32\shimeng.dll
2015-05-02 14:58 . 2015-05-02 14:58 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2015-05-02 14:58 . 2015-05-02 14:58 342016 ----a-w- c:\windows\system32\apphelp.dll
2015-05-02 14:58 . 2015-05-02 14:58 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2015-05-02 14:58 . 2015-05-02 14:58 23552 ----a-w- c:\windows\system32\sdbinst.exe
2015-05-02 14:58 . 2015-05-02 14:58 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2015-04-30 23:24 . 2015-04-30 23:24 -------- d-----w- c:\users\Ruda\AppData\Local\Trusteer
2015-04-24 09:15 . 2015-04-24 09:47 -------- d-----w- c:\users\Ruda\AppData\Roaming\eM Client
2015-04-23 20:44 . 2015-03-14 03:21 82944 ----a-w- c:\windows\system32\dwmapi.dll
2015-04-23 20:44 . 2015-03-14 03:21 1632768 ----a-w- c:\windows\system32\dwmcore.dll
2015-04-23 20:44 . 2015-03-14 03:04 67584 ----a-w- c:\windows\SysWow64\dwmapi.dll
2015-04-23 20:44 . 2015-03-14 03:04 1372160 ----a-w- c:\windows\SysWow64\dwmcore.dll
2015-04-23 20:44 . 2015-01-29 03:19 2543104 ----a-w- c:\windows\system32\wpdshext.dll
2015-04-23 20:44 . 2015-01-29 03:02 2311168 ----a-w- c:\windows\SysWow64\wpdshext.dll
2015-04-23 20:44 . 2015-01-29 03:19 1195008 ----a-w- c:\windows\system32\drivers\UMDF\WpdMtpDr.dll
2015-04-22 12:57 . 2015-05-16 06:20 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2015-04-21 17:51 . 2015-04-21 17:51 -------- d-----w- c:\program files\EPSON
2015-04-20 15:33 . 2015-04-20 15:33 45056 ----a-r- c:\users\Ruda\AppData\Roaming\Microsoft\Installer\{4154BF17-EE1F-4F25-9696-2FF191FE0787}\_15024A0ED067_4256_BFEE_46696AEE56A7.exe
2015-04-20 15:33 . 2015-04-20 15:33 -------- d-----w- c:\program files (x86)\Fireluke
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-16 22:20 . 2013-03-07 01:52 466 ----a-w- c:\users\Ruda\AppData\Roaming\sp_data.sys
2015-05-16 22:19 . 2014-03-27 23:54 4194304 ----a-w- c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2015-05-15 15:24 . 2015-03-27 00:23 387 ----a-w- c:\users\63ruda99\AppData\Roaming\sp_data.sys
2015-05-13 23:58 . 2015-03-14 14:09 135824 ----a-w- c:\windows\system32\escsvc64.exe
2015-05-13 12:53 . 2013-03-07 08:48 140425016 ----a-w- c:\windows\system32\MRT.exe
2015-05-12 09:39 . 2015-01-29 22:41 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-05-12 09:39 . 2015-01-29 22:41 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-08 22:29 . 2015-05-08 22:29 113664 ----a-w- c:\windows\system32\sechost.dll
2015-05-08 22:29 . 2015-05-08 22:29 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-05-08 22:29 . 2015-05-08 22:29 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-06 14:36 . 2010-02-03 08:05 113280 ----a-w- c:\windows\system32\drivers\IT9135BDA.sys
2015-05-05 01:29 . 2015-05-13 01:15 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-05 01:12 . 2015-05-13 01:15 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-05-02 14:58 . 2015-05-02 14:58 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-05-02 14:58 . 2015-05-02 14:58 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-05-02 14:58 . 2015-05-02 14:58 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-05-02 14:58 . 2015-05-02 14:58 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-05-02 14:58 . 2015-05-02 14:58 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-04-22 08:02 . 2014-06-19 13:40 201216 ----a-w- c:\windows\SysWow64\mediarcpt.dll
2015-04-16 15:17 . 2015-04-16 15:03 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2015-04-15 11:14 . 2015-04-15 11:14 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-04-15 11:14 . 2015-04-15 11:14 566784 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-04-15 11:14 . 2015-04-15 11:14 36864 ----a-w- c:\windows\system32\wuapp.exe
2015-04-15 11:14 . 2015-04-15 11:14 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-04-15 11:14 . 2015-04-15 11:14 29696 ----a-w- c:\windows\SysWow64\wups.dll
2015-04-15 11:14 . 2015-04-15 11:14 173056 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-04-15 11:14 . 2015-04-15 11:14 135168 ----a-w- c:\windows\system32\wuauclt.exe
2015-04-15 11:14 . 2015-04-15 11:14 696320 ----a-w- c:\windows\system32\wuapi.dll
2015-04-15 11:14 . 2015-04-15 11:14 60416 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-04-15 11:14 . 2015-04-15 11:14 98304 ----a-w- c:\windows\system32\wudriver.dll
2015-04-15 11:14 . 2015-04-15 11:14 37376 ----a-w- c:\windows\system32\wups2.dll
2015-04-15 11:14 . 2015-04-15 11:14 35328 ----a-w- c:\windows\system32\wups.dll
2015-04-15 11:14 . 2015-04-15 11:14 3298816 ----a-w- c:\windows\system32\wucltux.dll
2015-04-15 11:14 . 2015-04-15 11:14 2553856 ----a-w- c:\windows\system32\wuaueng.dll
2015-04-15 11:14 . 2015-04-15 11:14 191488 ----a-w- c:\windows\system32\wuwebv.dll
2015-04-15 11:14 . 2015-04-15 11:14 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-04-15 11:14 . 2015-04-15 11:14 404480 ----a-w- c:\windows\system32\gdi32.dll
2015-04-15 11:14 . 2015-04-15 11:14 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2015-04-15 11:14 . 2015-04-15 11:14 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-04-15 11:14 . 2015-04-15 11:14 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-04-15 11:14 . 2015-04-15 11:14 1882624 ----a-w- c:\windows\system32\msxml3.dll
2015-04-15 11:14 . 2015-04-15 11:14 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-04-15 11:13 . 2015-04-15 11:13 754688 ----a-w- c:\windows\system32\drivers\http.sys
2015-04-15 11:12 . 2015-04-15 11:12 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-04-15 11:12 . 2015-04-15 11:12 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2015-04-15 11:12 . 2015-04-15 11:12 367552 ----a-w- c:\windows\system32\clfs.sys
2015-04-09 09:25 . 2015-04-09 09:25 957952 ----a-w- c:\windows\system32\appraiser.dll
2015-04-09 09:25 . 2015-04-09 09:25 769536 ----a-w- c:\windows\system32\invagent.dll
2015-04-09 09:25 . 2015-04-09 09:25 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-04-09 09:25 . 2015-04-09 09:25 419840 ----a-w- c:\windows\system32\devinv.dll
2015-04-09 09:25 . 2015-04-09 09:25 30720 ----a-w- c:\windows\system32\acmigration.dll
2015-04-09 09:25 . 2015-04-09 09:25 1111552 ----a-w- c:\windows\system32\aeinv.dll
2015-04-09 09:25 . 2015-04-09 09:25 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-04-09 09:25 . 2015-04-09 09:25 192000 ----a-w- c:\windows\system32\aepic.dll
2015-04-08 09:14 . 2015-04-08 09:14 21248 ----a-w- c:\windows\system32\drivers\rpkmdrv.sys
2015-04-08 09:14 . 2015-04-08 09:14 1354717 ----a-w- c:\windows\unins000.exe
2015-04-03 10:49 . 2015-04-03 10:49 26528 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2015-04-01 17:49 . 2014-12-08 23:20 104608 ----a-w- c:\windows\system32\drivers\inspect.sys
2015-04-01 17:49 . 2014-12-08 23:20 45880 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2015-04-01 17:49 . 2014-12-08 23:20 797280 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2015-04-01 17:49 . 2014-12-08 23:20 20696 ----a-w- c:\windows\system32\drivers\cmderd.sys
2015-04-01 17:48 . 2014-12-08 23:20 41248 ----a-w- c:\windows\system32\cmdcsr.dll
2015-04-01 17:48 . 2014-12-08 23:20 444472 ----a-w- c:\windows\SysWow64\guard32.dll
2015-04-01 17:48 . 2014-12-08 23:20 576848 ----a-w- c:\windows\system32\guard64.dll
2015-04-01 17:47 . 2014-12-08 23:20 358104 ----a-w- c:\windows\system32\cmdvrt64.dll
2015-04-01 17:46 . 2014-12-08 23:20 45784 ----a-w- c:\windows\system32\cmdkbd64.dll
2015-04-01 17:45 . 2014-12-08 23:20 288472 ----a-w- c:\windows\SysWow64\cmdvrt32.dll
2015-04-01 17:45 . 2014-12-08 23:20 40664 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2015-03-30 13:25 . 2013-07-15 18:59 33856 ---ha-w- c:\windows\system32\hamachi.sys
2015-03-23 16:19 . 2014-01-08 19:21 927520 ----a-w- c:\windows\system32\nvvsvc.exe
2015-03-23 16:17 . 2015-03-23 16:16 354016 ----a-w- c:\windows\system32\nvoglshim64.dll
2015-03-23 16:17 . 2015-03-23 16:16 305600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2015-03-23 16:17 . 2015-03-23 16:16 11599072 ----a-w- c:\windows\system32\nvopencl.dll
2015-03-23 16:17 . 2015-03-23 16:16 895776 ----a-w- c:\windows\system32\NvIFR64.dll
2015-03-23 16:17 . 2015-03-23 16:16 892704 ----a-w- c:\windows\system32\NvFBC64.dll
2015-03-23 16:17 . 2015-03-23 16:16 867784 ----a-w- c:\windows\SysWow64\NvIFR.dll
2015-03-23 16:17 . 2015-03-23 16:16 861128 ----a-w- c:\windows\SysWow64\NvFBC.dll
2015-03-23 16:17 . 2015-03-23 16:16 2785568 ----a-w- c:\windows\system32\nvcuvenc.dll
2015-03-23 16:17 . 2015-03-23 16:16 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-03-23 16:17 . 2015-03-23 16:16 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2015-03-23 16:17 . 2015-01-27 10:17 952952 ----a-w- c:\windows\system32\nvumdshimx.dll
2015-03-23 16:17 . 2015-01-27 10:17 3109248 ----a-w- c:\windows\system32\nvapi64.dll
2015-03-23 16:17 . 2014-05-27 11:05 837056 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2015-03-23 16:17 . 2015-03-23 16:16 9697640 ----a-w- c:\windows\SysWow64\nvopencl.dll
2015-03-23 16:17 . 2015-03-23 16:16 32544 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2015-03-23 16:17 . 2015-03-23 16:16 18531568 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-03-23 16:17 . 2015-03-23 16:16 16003912 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-03-23 16:17 . 2015-03-23 16:16 3141976 ----a-w- c:\windows\system32\nvcuvid.dll
2015-03-23 16:17 . 2015-03-23 16:16 2953672 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2015-03-23 16:17 . 2015-03-23 16:16 2412376 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2015-03-23 16:17 . 2015-03-23 16:16 17480432 ----a-w- c:\windows\system32\nvd3dumx.dll
2015-03-23 16:17 . 2015-03-23 16:16 12688328 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2015-03-23 16:17 . 2015-03-23 16:16 31387936 ----a-w- c:\windows\system32\nvoglv64.dll
2015-03-23 16:17 . 2015-03-23 16:16 24025376 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2015-03-23 16:17 . 2015-03-23 16:16 9735256 ----a-w- c:\windows\SysWow64\nvcuda.dll
2015-03-23 16:17 . 2015-03-23 16:16 166568 ----a-w- c:\windows\system32\nvinitx.dll
2015-03-23 16:17 . 2015-03-23 16:16 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-03-23 16:17 . 2015-03-23 16:16 11644928 ----a-w- c:\windows\system32\nvcuda.dll
2015-03-23 16:17 . 2015-03-23 16:16 17561544 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2015-03-23 16:17 . 2013-11-19 18:52 146480 ----a-w- c:\windows\SysWow64\nvinit.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-04-17 14:40 223432 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-04-17 14:40 223432 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-04-17 14:40 223432 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE" [2015-03-14 283232]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2000-01-01 292088]
"ACMON"="c:\program files (x86)\ASUS\Splendid\ACMON.exe" [2012-02-21 102568]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2012-02-03 2321072]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2012-06-25 322208]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2012-06-19 174752]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2015-03-14 1057408]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"LedStatus"="c:\program files (x86)\Rapoo\RpWireless\LedStatus.exe" [2015-04-08 1709736]
"Wondershare Helper Compact.exe"="c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2015-04-16 2072928]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2015-03-30 3978600]
"iSkysoft Helper Compact.exe"="c:\program files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe" [2015-01-07 2066432]
.
c:\users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemExplorerDisabled\
Odeslat do OneNote.lnk - c:\program files\Microsoft Office 15\root\office15\ONENOTEM.EXE /tsr [2014-9-23 195240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoFileAssociate"= 0 (0x0)
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe"
"SystemExplorerAutoStart"="c:\program files (x86)\System Explorer\SystemExplorer.exe" /TRAY
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DirMngr;DirMngr;c:\program files (x86)\GNU\GnuPG\dirmngr.exe;c:\program files (x86)\GNU\GnuPG\dirmngr.exe [x]
R2 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 cpuz134;cpuz134;c:\users\Ruda\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\Ruda\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys;c:\windows\SYSNATIVE\DRIVERS\EsgScanner.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys;c:\windows\SYSNATIVE\Drivers\IT9135BDA.sys [x]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
R3 PCWinSoft;ScreenCamera Video Camera;c:\windows\system32\DRIVERS\scrcamhrdrv_x64.sys;c:\windows\SYSNATIVE\DRIVERS\scrcamhrdrv_x64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 SystemExplorerHelpService;System Explorer Service;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 XHCIdrv;xHCI Compliance Test Host Controller;c:\windows\system32\DRIVERS\XHCIdrv.sys;c:\windows\SYSNATIVE\DRIVERS\XHCIdrv.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 RapportKE64;RapportKE64;c:\windows\System32\Drivers\RapportKE64.sys;c:\windows\SYSNATIVE\Drivers\RapportKE64.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys;c:\windows\SYSNATIVE\DRIVERS\CFRMD.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S1 RapportCerberus_80128;RapportCerberus_80128;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80128.sys;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80128.sys [x]
S1 RapportEI64;RapportEI64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [x]
S1 RapportPG64;RapportPG64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 ClickToRunSvc;Služba Microsoft Office ClickToRun;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 CLPSLauncher;COMODO LPS Launcher;c:\program files (x86)\Common Files\COMODO\launcher_service.exe;c:\program files (x86)\Common Files\COMODO\launcher_service.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [x]
S2 EPSON_PM_RPCV4_05;EPSON V3 Service4(05);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE [x]
S2 EpsonCustomerResearchParticipation;EpsonCustomerResearchParticipation;c:\program files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe;c:\program files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 GeekBuddyRSP;GeekBuddyRSP Server;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RapportMgmtService;Rapport Management Service;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [x]
S2 ssinstall;SInstalátor;c:\windows\SysWOW64\ssins.exe;c:\windows\SysWOW64\ssins.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AiCharger.sys [x]
S3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys;c:\windows\SYSNATIVE\drivers\anvsnddrv.sys [x]
S3 AsusVBus;AsusVBus;c:\windows\system32\DRIVERS\AsusVBus.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVBus.sys [x]
S3 AsusVTouch;AsusVTouch;c:\windows\system32\DRIVERS\AsusVTouch.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVTouch.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 rpkmdrv;Rapoo Wireless Device Driver;c:\windows\system32\drivers\rpkmdrv.sys;c:\windows\SYSNATIVE\drivers\rpkmdrv.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
S3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-05-15 15:19 988488 ----a-w- c:\program files (x86)\Google\Chrome\Application\42.0.2311.152\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-05-16 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_pepper.exe [2015-05-12 09:39]
.
2015-05-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-29 09:39]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-04-17 14:40 262344 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-04-17 14:40 262344 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-04-17 14:40 262344 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-03-10 08:43 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-03-10 08:43 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-03-10 08:43 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2012-11-05 06:07 1506688 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.144.298\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2012-11-05 06:07 1506688 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.144.298\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-11-05 06:07 1506688 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.144.298\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-05-26 361984]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\btvstack.exe" [2012-05-30 1023616]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\athbttray.exe" [2012-05-30 801920]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-12-13 2824504]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-29 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-29 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-29 442328]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2015-04-20 1426136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
mWindow Title = Microsoft Internet Explorer
mSearchAssistant =
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: LastPass - file://c:\users\Ruda\AppData\LocalLow\LastPass\context.html?cmd=lastpass
IE: LastPass Vyplňování formulářů - file://c:\users\Ruda\AppData\LocalLow\LastPass\context.html?cmd=fillforms
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\sign
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojeplatba.cz\www
TCP: Interfaces\{EB650A0A-9E1B-4002-8743-32FA3FD63317}\368616C6F65707B616: NameServer = 156.154.70.25,156.154.71.25
FF - ProfilePath - c:\users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\0hfd64x0.default-1423008048081\
FF - prefs.js: browser.startup.homepage - hxxps://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
Toolbar-Locked - (no file)
BHO-{10921475-03CE-4E04-90CE-E2E7EF20C814} - (no file)
AddRemove-ssinstall - c:\windows\system32\ssinstall-uninstall.bat
AddRemove-{1ce01891-839b-4ad1-b629-2e608ba0c6ba} - c:\programdata\Package Cache\{1ce01891-839b-4ad1-b629-2e608ba0c6ba}\adblockplusie-1.0.exe
AddRemove-{23A3F354-8AD9-AC11-2553-9FCCB4F3118C} - c:\progra~3\INSTAL~1\{DC42B~1\Setup.exe
AddRemove-{AA4A885A-1CB9-8347-DCDF-D6F71B558417} - c:\progra~3\INSTAL~1\{393B3~1\Setup.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{9F6B5CC3-5C7B-4B5C-97AF-19DEC1E380E5}"=hex:51,66,7a,6c,4c,1d,38,12,ad,5f,78,
9b,49,12,32,0e,e8,b9,5a,9e,c4,bd,c4,f1
"{95D9ECF5-2A4D-4550-BE49-70D42F71296E}"=hex:51,66,7a,6c,4c,1d,38,12,9b,ef,ca,
91,7f,64,3e,00,c1,5f,33,94,2a,2f,6d,7a
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{3049C3E9-B461-4BC5-8870-4C09146192CA}"=hex:51,66,7a,6c,4c,1d,38,12,87,c0,5a,
34,53,fa,ab,0e,f7,66,0f,49,11,3f,d6,de
"{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}"=hex:51,66,7a,6c,4c,1d,38,12,aa,f5,03,
89,33,40,ba,0e,f9,17,52,ec,1a,81,c5,32
"{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}"=hex:51,66,7a,6c,4c,1d,38,12,ad,e6,05,
ff,d0,e7,cc,02,f1,ea,72,de,72,00,26,d8
"{FF2573AE-E1ED-40E1-83BA-F544CB2EE135}"=hex:51,66,7a,6c,4c,1d,38,12,c0,70,36,
fb,df,af,8f,05,fc,ac,b6,04,ce,70,a5,21
"{FFCB3198-32F3-4E8B-9539-4324694ED664}"=hex:51,66,7a,6c,4c,1d,38,12,f6,32,d8,
fb,c1,7c,e5,0b,ea,2f,00,64,6c,10,92,70
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d3,1a,a7,ac,0d,ac,82,45,84,39,17,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d3,1a,a7,ac,0d,ac,82,45,84,39,17,\
.
[HKEY_USERS\S-1-5-21-841361005-909514878-2309378359-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-841361005-909514878-2309378359-1002)
@Denied: (2) (LocalSystem)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-841361005-909514878-2309378359-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-841361005-909514878-2309378359-1002)
@Denied: (2) (LocalSystem)
"Progid"="eM Client.File.vcf"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Installer\Sym_Cam\CIS]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
@DACL=(02 0000)
"Description"="Java™ Deployment Toolkit"
"GeckoVersion"="1.9"
"Path"="c:\\Program Files (x86)\\Java\\jre7\\bin\\dtplugin\\npDeployJava1.dll"
"ProductName"="Java™ Deployment Toolkit"
"Vendor"="Oracle Corp."
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
@DACL=(02 0000)
"Description"="Oracle® Next Generation Java™ Plug-In"
"GeckoVersion"="1.9"
"Path"="c:\\Program Files (x86)\\Java\\jre7\\bin\\plugin2\\npjp2.dll"
"ProductName"="Oracle® Java™ Plug-In"
"Vendor"="Oracle Corp."
"Version"="1.7.0_67"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
@DACL=(02 0000)
"Description"="Ag Player Plugin"
"GeckoVersion"="1.7.5"
"Path"="c:\\Program Files (x86)\\Microsoft Silverlight\\5.1.30514.0\\npctrl.dll"
"ProductName"="Ag Player"
"Vendor"="Microsoft"
"Version"="5.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll"
"Description"="WLPG Install MIME type"
"GeckoVersion"="1.0"
"ProductName"="Windows Live Photo Gallery"
"Version"="15.4.3502.0922"
"Vendor"="Microsoft"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll"
"Description"="WLPG Install MIME type"
"GeckoVersion"="1.0"
"ProductName"="Windows Live Photo Gallery"
"Version"="16.4.3528.0331"
"Vendor"="Microsoft"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Skype Technologies S.A..com/Skype Web Plugin]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\SkypeWebPlugin\\npSkypeWebPlugin.dll"
"Description"="Skype Web Plugin"
"ProductName"="Skype Web Plugin"
"Vendor"="Skype Technologies S.A."
"Version"="2.9.13008.18866"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\Google\\Update\\1.3.24.15\\npGoogleUpdate3.dll"
"Description"="Google Update"
"ProductName"="Google Update"
"Vendor"="Google Inc."
"Version"="3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\Google\\Update\\1.3.24.15\\npGoogleUpdate3.dll"
"Description"="Google Update"
"ProductName"="Google Update"
"Vendor"="Google Inc."
"Version"="9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\Adobe\\Reader 11.0\\Reader\\AIR\\nppdf32.dll"
"Version"="11.0.09"
"Vendor"="Adobe Systems Incorporated. Copyright 1994-2010 All Rights Reserved"
"ProductName"="Adobe Reader Plugin for Firefox"
"Description"="Handles PDFs in-place in Firefox"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Configurations]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Data]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Options]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Cam]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Firewall Pro]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
Celkový čas: 2015-05-17 01:17:44
ComboFix-quarantined-files.txt 2015-05-16 23:17
ComboFix2.txt 2015-05-16 19:26
.
Před spuštěním: Volných bajtů: 69 844 209 664
Po spuštění: Volných bajtů: 69 489 778 688
.
- - End Of File - - 45A35EDD156910B26FF7512B6A58741F
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3980.1793 [GMT 2:00]
Spuštěný z: c:\perflogs\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\perflogs\Desktop\CFScript.txt
AV: COMODO Antivirus *Disabled/Updated* {F0BC89B2-8937-0933-021B-B17D981F2A71}
FW: COMODO Firewall *Disabled* {C8870897-C358-086B-2944-184866CC6D0A}
SP: Comodo Defense+ *Enabled/Updated* {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-04-16 do 2015-05-16 )))))))))))))))))))))))))))))))
.
.
2015-05-16 23:05 . 2015-05-16 23:05 -------- d-----w- c:\users\Guest\AppData\Local\temp
2015-05-16 23:05 . 2015-05-16 23:05 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp
2015-05-16 23:05 . 2015-05-16 23:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-05-16 23:05 . 2015-05-16 23:05 -------- d-----w- c:\users\Classic .NET AppPool\AppData\Local\temp
2015-05-16 23:05 . 2015-05-16 23:05 -------- d-----w- c:\users\63ruda99\AppData\Local\temp
2015-05-16 15:13 . 2015-05-16 22:21 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-16 15:12 . 2015-05-16 15:12 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-05-16 15:12 . 2015-05-16 15:12 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-05-16 15:12 . 2015-05-16 15:12 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-05-16 15:12 . 2015-05-16 15:12 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-05-16 15:12 . 2015-05-16 15:12 -------- d-----w- c:\programdata\Malwarebytes
2015-05-15 21:05 . 2015-05-15 21:05 -------- d-----w- c:\programdata\Baidu
2015-05-15 16:37 . 2015-05-15 16:38 -------- d-----w- c:\users\Ruda\AppData\Local\Plus500
2015-05-15 16:37 . 2015-05-15 16:37 -------- d-----w- c:\program files (x86)\Plus500
2015-05-15 15:52 . 2015-05-15 16:09 -------- d-----w- C:\AdwCleaner
2015-05-15 15:22 . 2015-05-15 15:22 -------- d-----w- c:\users\63ruda99\AppData\Local\Macromedia
2015-05-15 15:08 . 2015-05-15 15:08 -------- d-----w- c:\users\63ruda99\AppData\Local\NVIDIA Corporation
2015-05-15 15:08 . 2015-05-15 15:08 -------- d-----w- c:\users\63ruda99\AppData\Local\Programs
2015-05-15 15:07 . 2015-05-15 15:08 -------- d-----w- c:\users\63ruda99\AppData\Local\Mozilla
2015-05-15 15:07 . 2015-05-15 15:07 -------- d-----w- c:\users\63ruda99\AppData\Local\Wondershare
2015-05-15 15:07 . 2015-05-15 15:07 -------- d-----w- c:\users\63ruda99\AppData\Local\ArcSoft
2015-05-15 15:07 . 2015-05-15 15:07 -------- d-----w- c:\users\63ruda99\AppData\Local\LogMeIn
2015-05-15 15:07 . 2015-05-15 15:10 -------- d-----w- c:\users\63ruda99\AppData\Local\LogMeIn Hamachi
2015-05-15 15:05 . 2015-05-15 15:05 -------- d-----w- c:\users\63ruda99\AppData\Roaming\ASUS WebStorage
2015-05-15 15:03 . 2015-05-15 15:03 -------- d-----w- c:\users\63ruda99\AppData\Roaming\Local
2015-05-15 15:03 . 2015-05-15 15:03 -------- d-----w- c:\users\63ruda99\AppData\Local\BMExplorer
2015-05-15 15:03 . 2015-05-15 15:03 -------- d-----w- c:\users\63ruda99\AppData\Local\VirtualStore
2015-05-15 15:03 . 2015-05-15 15:03 -------- d-----w- c:\users\63ruda99\AppData\Roaming\Atheros
2015-05-15 15:02 . 2015-05-15 15:02 -------- d-----w- c:\users\63ruda99\AppData\Local\Trusteer
2015-05-15 09:06 . 2015-05-15 09:08 -------- d-----w- C:\c00fcbf951e24eb515
2015-05-13 20:28 . 2015-05-13 20:28 -------- d-----w- c:\users\Ruda\AppData\Roaming\2BrightSparks
2015-05-13 20:28 . 2015-05-13 20:28 -------- d-----w- c:\users\Ruda\AppData\Local\2BrightSparks
2015-05-13 20:28 . 2015-05-13 20:28 -------- d-----w- c:\program files (x86)\2BrightSparks
2015-05-13 19:22 . 2015-05-13 19:22 -------- d-----w- c:\users\Ruda\AppData\Roaming\com.adobe.amp
2015-05-13 13:57 . 2015-05-13 13:57 3584 ----a-r- c:\users\Ruda\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2015-05-13 13:57 . 2015-05-13 13:57 -------- d-----w- c:\program files (x86)\Windows Installer Clean Up
2015-05-13 12:36 . 2015-05-01 13:17 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 12:36 . 2015-05-01 13:16 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 11:30 . 2015-05-13 11:30 -------- d-----w- c:\users\Ruda\AppData\Roaming\AVG
2015-05-13 11:30 . 2015-05-13 11:30 -------- d-----w- c:\users\Ruda\AppData\Local\Avg
2015-05-13 11:29 . 2015-05-13 11:31 -------- d-----w- c:\programdata\AVG
2015-05-13 10:38 . 2015-05-13 10:39 -------- d-----w- c:\program files (x86)\Notepad++
2015-05-13 01:15 . 2015-05-05 01:29 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-13 01:15 . 2015-05-05 01:12 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-05-13 01:15 . 2015-04-18 03:10 460800 ----a-w- c:\windows\system32\certcli.dll
2015-05-13 01:15 . 2015-04-18 02:56 342016 ----a-w- c:\windows\SysWow64\certcli.dll
2015-05-13 01:12 . 2015-04-20 03:17 1647104 ----a-w- c:\windows\system32\DWrite.dll
2015-05-12 16:42 . 2015-05-12 17:24 -------- d-----w- c:\users\Ruda\AppData\Local\box-9ec6d6a762214a05f09b71757106fc8c
2015-05-12 09:26 . 2015-05-12 09:26 -------- d-----w- c:\users\Ruda\AppData\Local\Opera Software
2015-05-12 04:24 . 2015-05-13 13:43 4149784 ----a-w- c:\windows\system32\drivers\athrx.sys
2015-05-11 22:57 . 2015-05-11 22:57 77824 ----a-w- c:\windows\SysWow64\fmcodec.DLL
2015-05-07 22:56 . 2015-05-07 22:56 -------- d-----w- c:\users\Ruda\AppData\Roaming\Lamantine
2015-05-07 22:49 . 2015-05-07 22:49 -------- d-----w- c:\programdata\Lamantine
2015-05-07 22:48 . 2015-05-07 22:49 -------- d-----w- c:\program files (x86)\Sticky Password
2015-05-06 15:00 . 2015-05-12 17:25 -------- d-----w- c:\programdata\BlazeVideo
2015-05-06 14:59 . 2015-05-12 17:28 -------- d-----w- c:\program files (x86)\BlazeVideo
2015-05-06 12:32 . 2015-05-06 12:32 -------- d-----w- C:\ProgDVBEngineLogs
2015-05-06 12:29 . 2015-05-06 14:50 -------- d-----w- c:\program files (x86)\ProgDVB
2015-05-04 17:04 . 2015-05-04 17:04 -------- d-----w- c:\programdata\Wondershare
2015-05-02 15:51 . 2015-03-11 15:04 535576 ----a-w- c:\windows\system32\drivers\RapportKE64.sys
2015-05-02 15:50 . 2015-05-02 15:50 -------- d-----w- c:\program files (x86)\Trusteer
2015-05-02 15:47 . 2015-05-02 15:47 -------- d-----w- c:\programdata\Trusteer
2015-05-02 14:58 . 2015-05-02 14:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2015-05-02 14:58 . 2015-05-02 14:58 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2015-05-02 14:58 . 2015-05-02 14:58 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2015-05-02 14:58 . 2015-05-02 14:58 6656 ----a-w- c:\windows\system32\shimeng.dll
2015-05-02 14:58 . 2015-05-02 14:58 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2015-05-02 14:58 . 2015-05-02 14:58 342016 ----a-w- c:\windows\system32\apphelp.dll
2015-05-02 14:58 . 2015-05-02 14:58 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2015-05-02 14:58 . 2015-05-02 14:58 23552 ----a-w- c:\windows\system32\sdbinst.exe
2015-05-02 14:58 . 2015-05-02 14:58 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2015-04-30 23:24 . 2015-04-30 23:24 -------- d-----w- c:\users\Ruda\AppData\Local\Trusteer
2015-04-24 09:15 . 2015-04-24 09:47 -------- d-----w- c:\users\Ruda\AppData\Roaming\eM Client
2015-04-23 20:44 . 2015-03-14 03:21 82944 ----a-w- c:\windows\system32\dwmapi.dll
2015-04-23 20:44 . 2015-03-14 03:21 1632768 ----a-w- c:\windows\system32\dwmcore.dll
2015-04-23 20:44 . 2015-03-14 03:04 67584 ----a-w- c:\windows\SysWow64\dwmapi.dll
2015-04-23 20:44 . 2015-03-14 03:04 1372160 ----a-w- c:\windows\SysWow64\dwmcore.dll
2015-04-23 20:44 . 2015-01-29 03:19 2543104 ----a-w- c:\windows\system32\wpdshext.dll
2015-04-23 20:44 . 2015-01-29 03:02 2311168 ----a-w- c:\windows\SysWow64\wpdshext.dll
2015-04-23 20:44 . 2015-01-29 03:19 1195008 ----a-w- c:\windows\system32\drivers\UMDF\WpdMtpDr.dll
2015-04-22 12:57 . 2015-05-16 06:20 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2015-04-21 17:51 . 2015-04-21 17:51 -------- d-----w- c:\program files\EPSON
2015-04-20 15:33 . 2015-04-20 15:33 45056 ----a-r- c:\users\Ruda\AppData\Roaming\Microsoft\Installer\{4154BF17-EE1F-4F25-9696-2FF191FE0787}\_15024A0ED067_4256_BFEE_46696AEE56A7.exe
2015-04-20 15:33 . 2015-04-20 15:33 -------- d-----w- c:\program files (x86)\Fireluke
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-16 22:20 . 2013-03-07 01:52 466 ----a-w- c:\users\Ruda\AppData\Roaming\sp_data.sys
2015-05-16 22:19 . 2014-03-27 23:54 4194304 ----a-w- c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2015-05-15 15:24 . 2015-03-27 00:23 387 ----a-w- c:\users\63ruda99\AppData\Roaming\sp_data.sys
2015-05-13 23:58 . 2015-03-14 14:09 135824 ----a-w- c:\windows\system32\escsvc64.exe
2015-05-13 12:53 . 2013-03-07 08:48 140425016 ----a-w- c:\windows\system32\MRT.exe
2015-05-12 09:39 . 2015-01-29 22:41 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-05-12 09:39 . 2015-01-29 22:41 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-08 22:29 . 2015-05-08 22:29 113664 ----a-w- c:\windows\system32\sechost.dll
2015-05-08 22:29 . 2015-05-08 22:29 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-05-08 22:29 . 2015-05-08 22:29 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-06 14:36 . 2010-02-03 08:05 113280 ----a-w- c:\windows\system32\drivers\IT9135BDA.sys
2015-05-05 01:29 . 2015-05-13 01:15 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-05 01:12 . 2015-05-13 01:15 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-05-02 14:58 . 2015-05-02 14:58 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-05-02 14:58 . 2015-05-02 14:58 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-05-02 14:58 . 2015-05-02 14:58 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-05-02 14:58 . 2015-05-02 14:58 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-05-02 14:58 . 2015-05-02 14:58 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-04-22 08:02 . 2014-06-19 13:40 201216 ----a-w- c:\windows\SysWow64\mediarcpt.dll
2015-04-16 15:17 . 2015-04-16 15:03 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2015-04-15 11:14 . 2015-04-15 11:14 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-04-15 11:14 . 2015-04-15 11:14 566784 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-04-15 11:14 . 2015-04-15 11:14 36864 ----a-w- c:\windows\system32\wuapp.exe
2015-04-15 11:14 . 2015-04-15 11:14 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-04-15 11:14 . 2015-04-15 11:14 29696 ----a-w- c:\windows\SysWow64\wups.dll
2015-04-15 11:14 . 2015-04-15 11:14 173056 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-04-15 11:14 . 2015-04-15 11:14 135168 ----a-w- c:\windows\system32\wuauclt.exe
2015-04-15 11:14 . 2015-04-15 11:14 696320 ----a-w- c:\windows\system32\wuapi.dll
2015-04-15 11:14 . 2015-04-15 11:14 60416 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-04-15 11:14 . 2015-04-15 11:14 98304 ----a-w- c:\windows\system32\wudriver.dll
2015-04-15 11:14 . 2015-04-15 11:14 37376 ----a-w- c:\windows\system32\wups2.dll
2015-04-15 11:14 . 2015-04-15 11:14 35328 ----a-w- c:\windows\system32\wups.dll
2015-04-15 11:14 . 2015-04-15 11:14 3298816 ----a-w- c:\windows\system32\wucltux.dll
2015-04-15 11:14 . 2015-04-15 11:14 2553856 ----a-w- c:\windows\system32\wuaueng.dll
2015-04-15 11:14 . 2015-04-15 11:14 191488 ----a-w- c:\windows\system32\wuwebv.dll
2015-04-15 11:14 . 2015-04-15 11:14 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-04-15 11:14 . 2015-04-15 11:14 404480 ----a-w- c:\windows\system32\gdi32.dll
2015-04-15 11:14 . 2015-04-15 11:14 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2015-04-15 11:14 . 2015-04-15 11:14 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-04-15 11:14 . 2015-04-15 11:14 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-04-15 11:14 . 2015-04-15 11:14 1882624 ----a-w- c:\windows\system32\msxml3.dll
2015-04-15 11:14 . 2015-04-15 11:14 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-04-15 11:13 . 2015-04-15 11:13 754688 ----a-w- c:\windows\system32\drivers\http.sys
2015-04-15 11:12 . 2015-04-15 11:12 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-04-15 11:12 . 2015-04-15 11:12 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2015-04-15 11:12 . 2015-04-15 11:12 367552 ----a-w- c:\windows\system32\clfs.sys
2015-04-09 09:25 . 2015-04-09 09:25 957952 ----a-w- c:\windows\system32\appraiser.dll
2015-04-09 09:25 . 2015-04-09 09:25 769536 ----a-w- c:\windows\system32\invagent.dll
2015-04-09 09:25 . 2015-04-09 09:25 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-04-09 09:25 . 2015-04-09 09:25 419840 ----a-w- c:\windows\system32\devinv.dll
2015-04-09 09:25 . 2015-04-09 09:25 30720 ----a-w- c:\windows\system32\acmigration.dll
2015-04-09 09:25 . 2015-04-09 09:25 1111552 ----a-w- c:\windows\system32\aeinv.dll
2015-04-09 09:25 . 2015-04-09 09:25 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-04-09 09:25 . 2015-04-09 09:25 192000 ----a-w- c:\windows\system32\aepic.dll
2015-04-08 09:14 . 2015-04-08 09:14 21248 ----a-w- c:\windows\system32\drivers\rpkmdrv.sys
2015-04-08 09:14 . 2015-04-08 09:14 1354717 ----a-w- c:\windows\unins000.exe
2015-04-03 10:49 . 2015-04-03 10:49 26528 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2015-04-01 17:49 . 2014-12-08 23:20 104608 ----a-w- c:\windows\system32\drivers\inspect.sys
2015-04-01 17:49 . 2014-12-08 23:20 45880 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2015-04-01 17:49 . 2014-12-08 23:20 797280 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2015-04-01 17:49 . 2014-12-08 23:20 20696 ----a-w- c:\windows\system32\drivers\cmderd.sys
2015-04-01 17:48 . 2014-12-08 23:20 41248 ----a-w- c:\windows\system32\cmdcsr.dll
2015-04-01 17:48 . 2014-12-08 23:20 444472 ----a-w- c:\windows\SysWow64\guard32.dll
2015-04-01 17:48 . 2014-12-08 23:20 576848 ----a-w- c:\windows\system32\guard64.dll
2015-04-01 17:47 . 2014-12-08 23:20 358104 ----a-w- c:\windows\system32\cmdvrt64.dll
2015-04-01 17:46 . 2014-12-08 23:20 45784 ----a-w- c:\windows\system32\cmdkbd64.dll
2015-04-01 17:45 . 2014-12-08 23:20 288472 ----a-w- c:\windows\SysWow64\cmdvrt32.dll
2015-04-01 17:45 . 2014-12-08 23:20 40664 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2015-03-30 13:25 . 2013-07-15 18:59 33856 ---ha-w- c:\windows\system32\hamachi.sys
2015-03-23 16:19 . 2014-01-08 19:21 927520 ----a-w- c:\windows\system32\nvvsvc.exe
2015-03-23 16:17 . 2015-03-23 16:16 354016 ----a-w- c:\windows\system32\nvoglshim64.dll
2015-03-23 16:17 . 2015-03-23 16:16 305600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2015-03-23 16:17 . 2015-03-23 16:16 11599072 ----a-w- c:\windows\system32\nvopencl.dll
2015-03-23 16:17 . 2015-03-23 16:16 895776 ----a-w- c:\windows\system32\NvIFR64.dll
2015-03-23 16:17 . 2015-03-23 16:16 892704 ----a-w- c:\windows\system32\NvFBC64.dll
2015-03-23 16:17 . 2015-03-23 16:16 867784 ----a-w- c:\windows\SysWow64\NvIFR.dll
2015-03-23 16:17 . 2015-03-23 16:16 861128 ----a-w- c:\windows\SysWow64\NvFBC.dll
2015-03-23 16:17 . 2015-03-23 16:16 2785568 ----a-w- c:\windows\system32\nvcuvenc.dll
2015-03-23 16:17 . 2015-03-23 16:16 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-03-23 16:17 . 2015-03-23 16:16 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2015-03-23 16:17 . 2015-01-27 10:17 952952 ----a-w- c:\windows\system32\nvumdshimx.dll
2015-03-23 16:17 . 2015-01-27 10:17 3109248 ----a-w- c:\windows\system32\nvapi64.dll
2015-03-23 16:17 . 2014-05-27 11:05 837056 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2015-03-23 16:17 . 2015-03-23 16:16 9697640 ----a-w- c:\windows\SysWow64\nvopencl.dll
2015-03-23 16:17 . 2015-03-23 16:16 32544 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2015-03-23 16:17 . 2015-03-23 16:16 18531568 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-03-23 16:17 . 2015-03-23 16:16 16003912 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-03-23 16:17 . 2015-03-23 16:16 3141976 ----a-w- c:\windows\system32\nvcuvid.dll
2015-03-23 16:17 . 2015-03-23 16:16 2953672 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2015-03-23 16:17 . 2015-03-23 16:16 2412376 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2015-03-23 16:17 . 2015-03-23 16:16 17480432 ----a-w- c:\windows\system32\nvd3dumx.dll
2015-03-23 16:17 . 2015-03-23 16:16 12688328 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2015-03-23 16:17 . 2015-03-23 16:16 31387936 ----a-w- c:\windows\system32\nvoglv64.dll
2015-03-23 16:17 . 2015-03-23 16:16 24025376 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2015-03-23 16:17 . 2015-03-23 16:16 9735256 ----a-w- c:\windows\SysWow64\nvcuda.dll
2015-03-23 16:17 . 2015-03-23 16:16 166568 ----a-w- c:\windows\system32\nvinitx.dll
2015-03-23 16:17 . 2015-03-23 16:16 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-03-23 16:17 . 2015-03-23 16:16 11644928 ----a-w- c:\windows\system32\nvcuda.dll
2015-03-23 16:17 . 2015-03-23 16:16 17561544 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2015-03-23 16:17 . 2013-11-19 18:52 146480 ----a-w- c:\windows\SysWow64\nvinit.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-04-17 14:40 223432 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-04-17 14:40 223432 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-04-17 14:40 223432 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE" [2015-03-14 283232]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2000-01-01 292088]
"ACMON"="c:\program files (x86)\ASUS\Splendid\ACMON.exe" [2012-02-21 102568]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2012-02-03 2321072]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2012-06-25 322208]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2012-06-19 174752]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2015-03-14 1057408]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"LedStatus"="c:\program files (x86)\Rapoo\RpWireless\LedStatus.exe" [2015-04-08 1709736]
"Wondershare Helper Compact.exe"="c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2015-04-16 2072928]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2015-03-30 3978600]
"iSkysoft Helper Compact.exe"="c:\program files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe" [2015-01-07 2066432]
.
c:\users\Ruda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemExplorerDisabled\
Odeslat do OneNote.lnk - c:\program files\Microsoft Office 15\root\office15\ONENOTEM.EXE /tsr [2014-9-23 195240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoFileAssociate"= 0 (0x0)
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe"
"SystemExplorerAutoStart"="c:\program files (x86)\System Explorer\SystemExplorer.exe" /TRAY
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DirMngr;DirMngr;c:\program files (x86)\GNU\GnuPG\dirmngr.exe;c:\program files (x86)\GNU\GnuPG\dirmngr.exe [x]
R2 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 cpuz134;cpuz134;c:\users\Ruda\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\Ruda\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys;c:\windows\SYSNATIVE\DRIVERS\EsgScanner.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys;c:\windows\SYSNATIVE\Drivers\IT9135BDA.sys [x]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
R3 PCWinSoft;ScreenCamera Video Camera;c:\windows\system32\DRIVERS\scrcamhrdrv_x64.sys;c:\windows\SYSNATIVE\DRIVERS\scrcamhrdrv_x64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 SystemExplorerHelpService;System Explorer Service;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe;c:\program files (x86)\System Explorer\service\SystemExplorerService64.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 XHCIdrv;xHCI Compliance Test Host Controller;c:\windows\system32\DRIVERS\XHCIdrv.sys;c:\windows\SYSNATIVE\DRIVERS\XHCIdrv.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 RapportKE64;RapportKE64;c:\windows\System32\Drivers\RapportKE64.sys;c:\windows\SYSNATIVE\Drivers\RapportKE64.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys;c:\windows\SYSNATIVE\DRIVERS\CFRMD.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S1 RapportCerberus_80128;RapportCerberus_80128;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80128.sys;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80128.sys [x]
S1 RapportEI64;RapportEI64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [x]
S1 RapportPG64;RapportPG64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 ClickToRunSvc;Služba Microsoft Office ClickToRun;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 CLPSLauncher;COMODO LPS Launcher;c:\program files (x86)\Common Files\COMODO\launcher_service.exe;c:\program files (x86)\Common Files\COMODO\launcher_service.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [x]
S2 EPSON_PM_RPCV4_05;EPSON V3 Service4(05);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE [x]
S2 EpsonCustomerResearchParticipation;EpsonCustomerResearchParticipation;c:\program files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe;c:\program files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 GeekBuddyRSP;GeekBuddyRSP Server;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RapportMgmtService;Rapport Management Service;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [x]
S2 ssinstall;SInstalátor;c:\windows\SysWOW64\ssins.exe;c:\windows\SysWOW64\ssins.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AiCharger.sys [x]
S3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys;c:\windows\SYSNATIVE\drivers\anvsnddrv.sys [x]
S3 AsusVBus;AsusVBus;c:\windows\system32\DRIVERS\AsusVBus.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVBus.sys [x]
S3 AsusVTouch;AsusVTouch;c:\windows\system32\DRIVERS\AsusVTouch.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVTouch.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 rpkmdrv;Rapoo Wireless Device Driver;c:\windows\system32\drivers\rpkmdrv.sys;c:\windows\SYSNATIVE\drivers\rpkmdrv.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
S3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-05-15 15:19 988488 ----a-w- c:\program files (x86)\Google\Chrome\Application\42.0.2311.152\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-05-16 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_pepper.exe [2015-05-12 09:39]
.
2015-05-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-29 09:39]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-04-17 14:40 262344 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-04-17 14:40 262344 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-04-17 14:40 262344 ----a-w- c:\users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-03-10 08:43 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-03-10 08:43 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-03-10 08:43 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2012-11-05 06:07 1506688 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.144.298\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2012-11-05 06:07 1506688 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.144.298\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-11-05 06:07 1506688 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.144.298\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-05-26 361984]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\btvstack.exe" [2012-05-30 1023616]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\athbttray.exe" [2012-05-30 801920]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-12-13 2824504]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-29 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-29 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-29 442328]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2015-04-20 1426136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
mWindow Title = Microsoft Internet Explorer
mSearchAssistant =
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: LastPass - file://c:\users\Ruda\AppData\LocalLow\LastPass\context.html?cmd=lastpass
IE: LastPass Vyplňování formulářů - file://c:\users\Ruda\AppData\LocalLow\LastPass\context.html?cmd=fillforms
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\sign
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojeplatba.cz\www
TCP: Interfaces\{EB650A0A-9E1B-4002-8743-32FA3FD63317}\368616C6F65707B616: NameServer = 156.154.70.25,156.154.71.25
FF - ProfilePath - c:\users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\0hfd64x0.default-1423008048081\
FF - prefs.js: browser.startup.homepage - hxxps://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
Toolbar-Locked - (no file)
BHO-{10921475-03CE-4E04-90CE-E2E7EF20C814} - (no file)
AddRemove-ssinstall - c:\windows\system32\ssinstall-uninstall.bat
AddRemove-{1ce01891-839b-4ad1-b629-2e608ba0c6ba} - c:\programdata\Package Cache\{1ce01891-839b-4ad1-b629-2e608ba0c6ba}\adblockplusie-1.0.exe
AddRemove-{23A3F354-8AD9-AC11-2553-9FCCB4F3118C} - c:\progra~3\INSTAL~1\{DC42B~1\Setup.exe
AddRemove-{AA4A885A-1CB9-8347-DCDF-D6F71B558417} - c:\progra~3\INSTAL~1\{393B3~1\Setup.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{9F6B5CC3-5C7B-4B5C-97AF-19DEC1E380E5}"=hex:51,66,7a,6c,4c,1d,38,12,ad,5f,78,
9b,49,12,32,0e,e8,b9,5a,9e,c4,bd,c4,f1
"{95D9ECF5-2A4D-4550-BE49-70D42F71296E}"=hex:51,66,7a,6c,4c,1d,38,12,9b,ef,ca,
91,7f,64,3e,00,c1,5f,33,94,2a,2f,6d,7a
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{3049C3E9-B461-4BC5-8870-4C09146192CA}"=hex:51,66,7a,6c,4c,1d,38,12,87,c0,5a,
34,53,fa,ab,0e,f7,66,0f,49,11,3f,d6,de
"{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}"=hex:51,66,7a,6c,4c,1d,38,12,aa,f5,03,
89,33,40,ba,0e,f9,17,52,ec,1a,81,c5,32
"{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}"=hex:51,66,7a,6c,4c,1d,38,12,ad,e6,05,
ff,d0,e7,cc,02,f1,ea,72,de,72,00,26,d8
"{FF2573AE-E1ED-40E1-83BA-F544CB2EE135}"=hex:51,66,7a,6c,4c,1d,38,12,c0,70,36,
fb,df,af,8f,05,fc,ac,b6,04,ce,70,a5,21
"{FFCB3198-32F3-4E8B-9539-4324694ED664}"=hex:51,66,7a,6c,4c,1d,38,12,f6,32,d8,
fb,c1,7c,e5,0b,ea,2f,00,64,6c,10,92,70
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d3,1a,a7,ac,0d,ac,82,45,84,39,17,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d3,1a,a7,ac,0d,ac,82,45,84,39,17,\
.
[HKEY_USERS\S-1-5-21-841361005-909514878-2309378359-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-841361005-909514878-2309378359-1002)
@Denied: (2) (LocalSystem)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-841361005-909514878-2309378359-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-841361005-909514878-2309378359-1002)
@Denied: (2) (LocalSystem)
"Progid"="eM Client.File.vcf"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Installer\Sym_Cam\CIS]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
@DACL=(02 0000)
"Description"="Java™ Deployment Toolkit"
"GeckoVersion"="1.9"
"Path"="c:\\Program Files (x86)\\Java\\jre7\\bin\\dtplugin\\npDeployJava1.dll"
"ProductName"="Java™ Deployment Toolkit"
"Vendor"="Oracle Corp."
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
@DACL=(02 0000)
"Description"="Oracle® Next Generation Java™ Plug-In"
"GeckoVersion"="1.9"
"Path"="c:\\Program Files (x86)\\Java\\jre7\\bin\\plugin2\\npjp2.dll"
"ProductName"="Oracle® Java™ Plug-In"
"Vendor"="Oracle Corp."
"Version"="1.7.0_67"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
@DACL=(02 0000)
"Description"="Ag Player Plugin"
"GeckoVersion"="1.7.5"
"Path"="c:\\Program Files (x86)\\Microsoft Silverlight\\5.1.30514.0\\npctrl.dll"
"ProductName"="Ag Player"
"Vendor"="Microsoft"
"Version"="5.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll"
"Description"="WLPG Install MIME type"
"GeckoVersion"="1.0"
"ProductName"="Windows Live Photo Gallery"
"Version"="15.4.3502.0922"
"Vendor"="Microsoft"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll"
"Description"="WLPG Install MIME type"
"GeckoVersion"="1.0"
"ProductName"="Windows Live Photo Gallery"
"Version"="16.4.3528.0331"
"Vendor"="Microsoft"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Skype Technologies S.A..com/Skype Web Plugin]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\SkypeWebPlugin\\npSkypeWebPlugin.dll"
"Description"="Skype Web Plugin"
"ProductName"="Skype Web Plugin"
"Vendor"="Skype Technologies S.A."
"Version"="2.9.13008.18866"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\Google\\Update\\1.3.24.15\\npGoogleUpdate3.dll"
"Description"="Google Update"
"ProductName"="Google Update"
"Vendor"="Google Inc."
"Version"="3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\Google\\Update\\1.3.24.15\\npGoogleUpdate3.dll"
"Description"="Google Update"
"ProductName"="Google Update"
"Vendor"="Google Inc."
"Version"="9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
@DACL=(02 0000)
"Path"="c:\\Program Files (x86)\\Adobe\\Reader 11.0\\Reader\\AIR\\nppdf32.dll"
"Version"="11.0.09"
"Vendor"="Adobe Systems Incorporated. Copyright 1994-2010 All Rights Reserved"
"ProductName"="Adobe Reader Plugin for Firefox"
"Description"="Handles PDFs in-place in Firefox"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Configurations]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Data]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Options]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Cam]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Firewall Pro]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
Celkový čas: 2015-05-17 01:17:44
ComboFix-quarantined-files.txt 2015-05-16 23:17
ComboFix2.txt 2015-05-16 19:26
.
Před spuštěním: Volných bajtů: 69 844 209 664
Po spuštění: Volných bajtů: 69 489 778 688
.
- - End Of File - - 45A35EDD156910B26FF7512B6A58741F
-
Rudy
- Site Admin
- Příspěvky: 119315
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: velice pomalé načítání
Opraveno. CF přejmenujte na uninstall a spusťte. Bude odinstalován. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: velice pomalé načítání
Omlouvám se, ale není mi úplně jasné, jak ho mám přejmenovat. Na ComboFix.uninstall, Uninstall, Uninstal.exe-nevím, abych něco nepo..
-
Rudy
- Site Admin
- Příspěvky: 119315
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: velice pomalé načítání
uninstall.exe se soubor musí jmenovat, aby to fungovalo. 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: velice pomalé načítání
Díky za trpělivost-odinstalováno. Jinak rozdíl je opět markantní, samozřejmě k lepšímu. +- 30s do naběhnutí prohlížeče. Mockrát děkuji za vaši pomoc.
-
Rudy
- Site Admin
- Příspěvky: 119315
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: velice pomalé načítání
Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?