Nějak se mi podařilo natáhnout havěť, a od té chvíle mám vyhledávač websearch, který nejde smazat.
Logfile of random's system information tool 1.10 (written by random/random)
Run by ředitel zeměgule at 2015-08-14 22:12:44
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 32 GB (23%) free of 138 GB
Total RAM: 2939 MB (45% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:12:52, on 14.8.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Rising\RSD\popwndexe.exe
C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
C:\Users\ředitel zeměgule\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
C:\ProgramData\EnobbQeubj\tyde3cuz.exe
C:\Program Files\trend micro\ředitel zeměgule.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlr4lojRSXB4NkHJeYHw0Ccp3sqJUT9ovUGzfoJbYf0div0fo8wgKR8fl1Wn717aKMwYLBthD9de62qIirOMiuGklQ0lcwzmqXUpoz4qOuKT_LyQ5J_S4FTd_wnibwQseXyCE3-O18zpozXR&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlr4lojRSXB4NkHJeYHw0Ccp3sqJUT9ovUGzfoJbYf0div0fo8wgKR8fl1Wn717aKMwYLBthD9de62qIirOMiuGklQ0lcwzmqXUpoz4qOuKT_LyQ5J_S4FTd_wnibwQseXyCE3-O18zpozXR&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlr4lojRSXB4NkHJeYHw0Ccp3sqJUT9ovUGzfoJbYf0div0fo8wgKR8fl1Wn717aKMwYLBthD9de62qIirOMiuGklQ0lcwzmqXUpoz4qOuKT_LyQ5J_S4FTd_wnibwQseXyCE3-O18zpozXR&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlr4lojRSXB4NkHJeYHw0Ccp3sqJUT9ovUGzfoJbYf0div0fo8wgKR8fl1Wn717aKMwYLBthD9de62qIirOMiuGklQ0lcwzmqXUpoz4qOuKT_LyQ5J_S4FTd_wnibwQseXyCE3-O18zpozXR&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: (no name) - {5FDF93AE-5D15-4732-8AB0-91FF1C252AF3} - (no file)
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\ředitel zeměgule\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\ředitel zeměgule\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\ProgramData\ExtTag\y4pidk2i.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Wire Professional Version (comyninu) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: cyiprumbii - Unknown owner - C:\ProgramData\EnobbQeubj\tydeacuz.exe
O23 - Service: Edit Chatroom (divunyvi) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ExtTag service (ExtTag) - Unknown owner - C:\ProgramData\ExtTag\ExtTag (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Check Service (fchk32) - Unknown owner - C:\Program Files\fchk32\fchk32.exe
O23 - Service: Kerning Down (gopibeko) - Unknown owner - C:\Users\ředitel.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Key In Bold Italic (hyverumu) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Office Software Protection Platform32 (msvcp110_clr0400) - Unknown owner - C:\Users\ředitel zeměgule\AppData\Local\OfficeSoftware\office.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: neuucpe - Unknown owner - C:\ProgramData\EnobbQeubj\tydewcuz.exe
O23 - Service: Origin Client Service - Electronic Arts - D:\AutoRun.exe\OriginClientService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Rsd Service (RsMgrSvc) - Beijing Rising Information Technology Co., Ltd. - C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10571 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
"C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\Explorer.EXE
"C:\Windows\system32\Dwm.exe"
taskeng.exe {25C42CBC-D123-416C-87D8-550E421B7990}
"taskhost.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\hnsuE285.tmp"
"C:\ProgramData\EnobbQeubj\tydeacuz.exe" /ts2=1
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\knsj379E.tmpfs"
C:\ProgramData\ExtTag\ExtTag
"C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe"
"C:\Program Files\fchk32\fchk32.exe" /s iid=1971804 did=Missing sid= ref= id=dfc77c2c4525cafceaab2450f3223a0dbbb9ced20ee3a8bf540b129fa09c5fe9
"C:\Users\ředitel zeměgule\AppData\Local\20F07F97-1439327335-DE11-8A54-001DBAB44A6A\snsf5EF5.tmp"
"C:\Program Files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\jnsoBF0B.tmp"
"C:\Users\ředitel zeměgule\AppData\Local\OfficeSoftware\office.exe" /s
"C:\ProgramData\EnobbQeubj\tydewcuz.exe" -cms
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\wmiprvse.exe
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-90f9c805-126b-4287-9c74-885b4aabf8b8 -SystemEventPortName:HostProcess-09af0bdb-9b93-417f-8a3e-5810847e2536 -IoCancelEventPortName:HostProcess-a345a7eb-5610-4463-a3cf-b58a9c06b927 -NonStateChangingEventPortName:HostProcess-1c223ce7-11c4-4c20-88f9-674931bc3dcd -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:40aa1d3c-cdcb-44d4-966a-de1461679d54 -DeviceGroupId:WpdFsGroup
taskeng.exe {58FC18C4-9D25-4CE7-BF77-1F8295A1CF7B}
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files (x86)\Rising\RSD\popwndexe.exe"
"C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe"
"C:\Users\ředitel zeměgule\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\ProgramData\EnobbQeubj\tyde3cuz.exe"
"C:\ProgramData\EnobbQeubj\tyde6cuz.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\ředitel zeměgule\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\0DiRuiihkTOq8inwIQ1p7.job - C:\Users\�editel zem�gule\AppData\Roaming\0DiRuiihkTOq8inwIQ1p7.exe --c=susbk/rIR9i9tbteMDVN0dz3KjVozte8h62AtnQsXDLJT+9QDkXk0AceKmSlj1LtFQkGQoMVZftfH8l9uwuC0ZMRagiA/PXkDrWjf73OsXWABiKL8+VrPuIxXoZFTEbFRXRk/PBPGAE87q6iwer1Htbzns+wjp75nbK6v51Tbx4JHy/IknASb4M/fMlzAipemh77rbV7NoLgAqaVrC29x3M2mqD7rX+hdJAwy2F9Y2EXj0cpEh8WVqoyOp1SeY5fLSPGwn/lCodXRAKPKyP8JAdvXTI27zk2NVdFurA6gIltP/W3cd4dO4LJrF+Z3uL5rNTLL+IVLCKWDVABSOoC/Q==
C:\Windows\tasks\8d1d04dc-a30a-44a5-8b4b-b90d81859584-1-6.job - C:\Program Files (x86)\GoHD\8d1d04dc-a30a-44a5-8b4b-b90d81859584-1-6.exe /rawdata=Gq/VPlKOSS6xn+UsIgSfuMTSCQiKtAQl839GZnwYgfb/W7IyRpKNl6vHrPlDCS3FNaWCno8yTY7YYmB8XlJA/4b5gV4/EBGL7+HOfvWsJP2r5OCWJz3fQDx3HNRKYxytDMA0Bc5veCCS1sR8nWWFXSGlML4wzpssC6TY95ijCohYYTogkbXEmJQIkzlcER91RSUG2ag+9Jgn/MZDJQdUDWpcQEkvrH1egxz+Zb4PNeixAnnWpl4S7i4cmkm+pNZ+q6SCGe468PwFpEu6p/RVQHz0AfzF5Qkvj9zmk4AC+J1gow5OJQC7wFISHa6qbzBWhWVsshlZH/qV5PPmlK/1TpQp458gjtL2ltyvKU9NrU8czwqYeVrTiOkt7zUCQybzUdgk/KggMZbiKUqr7MZrJGd3cMs/rmLGy2fBGwPMR1hDy5dOPsQsiZTYckPirfFXntT4lrBdTS7urqSZLaZTxsz4TjiLl1wIdyUCpn+QdHZADzAZQYcraWUchpaDZF6cNFc9RJ6zqzjWg9Vrf+NSdRr02iODSRoGm9fjLxowEZ7fNrrkA0X+fB+mOcn4bPiHlhRfpIR+vYYa46tTulr/gRFDQJ6vQ3VSQg0ctFnru40itUTuRzQvLROPVhjlAtFMuTXJO3hTg6naBJD3qoovUT/IrgkycY/65TPlwMSnH6YSike5tEYVhbUmBNqdQzgTss3VAuJSTUtMxGisjKb+kYYBdK0eg+r0Ql9QDeJpjhEgUfp6K71oLm4VTc7Y9Rytj6Rp9EXJNYcGwleCw+FAPRHn+ujBfR3+NLKu1HQ/bDP4YjQwb8W2TaYEBoclFdz5VmIB9jR9Y7g5NLau6l62GmX1VfL7h+p4rRJPwhX0RnCj3tE1AC7r36P7mbKFKcIbQ8wZ0owi1HC1yGMp3k7DW5SiWiC9gniS/8R0PyHUUAX+TXiAsblxjN8ouLkegSWp6ejqI9QN4yX1JEnGDCcVelECtnCkUJfdna3LMaqoJZVPS4zkbEqlSfk5BJhUa/OZN8v2eYxWJtlI4BZO5jRImMMqNjGNliQcCXQf4MFnEheRGdu9dUgQ6BNYe/2asfXRl64AuEoq9CW9j90Tukn9HdyJ2hGJZsLxfDAB8I4LgH7FTi69QFaCGn02jU/V/HJb4YvGZRmPiovJMtLyvAsMv6kbzoa8PdCLzdW031TU/rk6uDs7Zwv1zVvQAFQDdZVqJ07AG0tCBR3A2ID9NuS95NDgUgNFrnXuu4/9lvW4mvORcT1WBoX+5cExUm4ofhCLuTDCRuyHIs6iT2z/uNVRulV1poX0s5Ii37QcrpxjBF69I5ZNcxyuzkHME8d6tQnf+To/RCjeo6h7w2l2l2Xg4g==
C:\Windows\tasks\8d1d04dc-a30a-44a5-8b4b-b90d81859584-1-7.job - C:\Program Files (x86)\GoHD\8d1d04dc-a30a-44a5-8b4b-b90d81859584-1-7.exe /rawdata=tUTGZvEsX/EsDd/GHjwbFfU/2DX8v6Ady4XZEK3Ej0mF9CmaCNYPyYXyDMfiZAe1LouSsni4GQ9D0hHHVylAFc9SmvKgMLyRykVFnU7bZNgKMDj6+uu/pwFwX0tkln73kKCEUm0G2pz8DZL9/0ODOVwzsJBO3Hr7My7kE7a2gCu0z8vWaVhIDASIAjgHHEPv8PKr8sm6nn+XGp4m7IYEdGXENXEV3+/YJV4PAtLDX9nbaEt2fLP/X9qfDFSKdf/iSmVi1LRwOJ4NKYx/3rrIhX68f176GAXP2U34SH2bEl/jJMuBJGWRyS7JUqAhgpHT0547Mzta5ABYzANccIAaFxnjJJeIWRWErggeyb7DSUL8WBovlPudzpmUYPTMMtXMQvA6tmFJEFQWnJMKeSok5cSdCK1ZGFjHv/WXVPQrLMhNzLgIR4YJvgc71W35OlJ6OnXusxpib43zijKvVZYo4oi8ytwd3vAXJHWDiLaFQjyMefTdvbGOYssf1AI3QXhJMP2r+Chu75uq4iBUnOs7MlOfNHAT/Ggi14lNpOeZVMj6tC9o/7rSS+oecjaWByOVjyDby9MYMWXOBOGgLz6tedwybq7Ld9ESAkH7zRiBl4QQm0CyRlTzv4fvdT+YqQw90BasvF0ihK9ZoPyJq+lgh5COyiPNkoSXOjvtOV0nyJvAXB4CGyoWzhTvrYFFAK4UQOXrYzm/jaWHoGSo2TlQGjz9jX2BMI0nlg90bxiSZ9RME6yKoV4lfyBwjtrx1Qy6xQL3drr4Dt5c6e1MwEYe02XHuy2vyk9bppu5Yf2WObnM1H0OHkwaIjLfUkEybyW6EJU4wI2UQjv09XlzasJ2fr5lvLISkFPGIYpaL902FYc0YE94BndAY0X1xW90Nd57DvAb7wMa/+CtT3XOu09SFO+MGnUiyzPIW7NAVI1wn045LOhSLa8Dgar8sHtlBKs1C1Mi/FWXHQ9s7H+s315Hsj3uc1P0IH4umhAaV8Zm9MPsMBs3AF0dHzZIkUI02qyBiGMfrX/LZRJ4rJhqW2D02xqwwbpElM9dofhLxbZyb+hxwRMUeP7H5Q3kRe2Lq9NQjTeWKw6zA3hWVxE3jc7NrckvQfabuM6ybR52yeVm6KH+wYuD3p3VI2MNLI47jEr3geh2fLxHOwbnaFrxvvisK1KlSKYG6k+KeM98W0X5xjJ424ddkPn5e+T7DUXRadr6kkU7p/o+2+t1zmkgde4FX0izp0YvQirWIXXwOgyBUrC0UPdUaINzE+BX3GsiiRll/8/lze/B8nH30pkE+r90CsxxLtm2ppVPgGoZDVgM3hRmbgNQjWkRN9YIjSroc4J1/ILOrvbq3QZrR88Zpiz10XTgPJ/04cMMF9dFBKL40dpqCrFlS5DoKDXOu3oIH2cXPJywlVLp7BfKNwG7fPrOIyic48/smk+NHWUhEDseGRliLVJ9bePT03ejyZ4gd0ToZrhNLw0xiWNCF0IshvPLpVHaPpxSF1BgGMMsrUMTYK5B4NN7w62UkkTWvelPxyX1
C:\Windows\tasks\8d1d04dc-a30a-44a5-8b4b-b90d81859584-3.job - C:\Program Files (x86)\GoHD\8d1d04dc-a30a-44a5-8b4b-b90d81859584-3.exe /rawdata=vScWnAdxdoKrlaZhBXl86L//PF6Z0F2OndXWAV04LfVuphsd4zimse3VR3oYga/y+NIwrLcid9PNbyOAMGUOVB6s8/yRz+U6wHB+9Z6kGTm+8mROAxQJc5TRj9tGn7fIDOaObn3N2GNmMelW8bveM0g32zuLI/xLCZa/scoiK+diNRI7A6Iky85MwYfdKCxNsmJQ7TVZEZbcKuE+EqDEckzsW3C4qkg+GqMPYUklrbhlO6ndp/iirEGwbF1cGXHIq0Bo/bf9a/4b4yTkVyk+IY5uoDohi7RKPS/Yy2gG2AT+haUHVfwGU0Va5JJJOSB3sqOgAYrOHaIYDuY4WFF2Mh4jx741QJRx+iB3Cr/bKE0Gwz9+bhS4WhpWkKKtm7s6jgvaypJkP4sk+y5VtujGpwYn/k/APFlLRp9zxpYz6Qbcv9K1N3TIOobJ6buQ3uMk+Q1xG7pKB4kmfSchwVlIDArR6AzNEPvcE8DzBltXh8tfXFvO2NB0E9vQZ6PtTQcZFVkvn3Be0CmXDoNNma7MbHtVlA3ZJl4BO/S07QwMUl6PpjhzRgv7UjtuZnJIKDNnTog0dKm48PVYccot6rOPRSxnW9d76eXVJ3GVBsOgdDfRZdyrfAQovQaU0d3aHWuHvlKr+fI94dSsg//X1egM8XXDG75Dat/xuUv3hd07rvYdFwvT4obSRdU+SqiGIi7NXYbpRG7RVCY4OgR3MmuAK48BvHkTRL4q3xNftJur3VX9+0+6s9rOY/ZroKM9AccfnqKXdcOx5ENtpC1r0Mc1AknNqXVvMDLjfy6fZOkjQK08U4Y29D/yXULQ64H9o+5WTfUEsvgJ5koxDF/EWuVsDDrZDbkqetMJD/aQMqCtWX/jWGpUQzdQ1m5hFpz7zDy5XzgawBtihot9m4td6XJ0iXSfO4gLFCH6eMDfwGLvTdjhNcW6uoJreBz6AC39YwOt1dgTKv3my+6gNUb1y19aZaXhBLNfydWkDvAxq5wa6fGRxUXEHfQdySihMEKH2Ddxj+jPqeJVcRmKh2fs91AZBHlKcDxlRAmXLusPfLmpc3Zgfkx7dzNNAfsArWmunyYdzsHxEJmK6VsiHm0v3lJ3tMrwApvAy8pD3/F3xgohSuec2outLDmuJXN80aViyRUP2CkB7miZeHvmuKOzyiaDOVVq6ZXgNLJQs0NO/ULSohi4WXOM2mkYqGQSr3uv15xKV8gTlgolis2CyVz9xr97WNvv3l7U0Ge5bAZRuOx+tJ4nHWuHjMGahWzwAiNqdFjxM3e06TcVkVSeq4KjTpZmHHYDq4zWr0AmoiY6EUQS0KQgm6z9D7JJkXaCqC788zhPvzP51YMBdycM6lheLBKnrXKIAYchVc4CuLcqGTL0S8HwpxZN7OAdp2tCVu4aEd2YyWjLllV75A7snoHndr8oP4W8LNk8Vv8TLDuyfdVYKUyyQptW9rf/qQBrYhmAXROYrQg/SWxmVwxLqikIlaeHqI9Q6THnCK9jJ6NSCzxnPlsQOq7+LFB44rN1MhM8IMlhveDn2gfAVxpZHWKRV6nPchN7vDMCeXNgztXnpL5BaBIxbI6nsGPgmum687nHsX0eeXdNsugnAzOzqRvOUczz5mBVw7U372AFg8qBNMPX1Le0z6KaOFqO4yroizo1wwCYcDhb344iLzxsW4jF4DszBPenSBCWEqjeIEXdHn37oZB6jcOZZfXhJuQjEZmUOmWjQNRw+q5SQex6ODMoL3kT97uCt+R0oACjGuVzaVA+EttyXlUjXsPnViXphnwdaozA/HM5sk/IgxHzl8OJSCD8en4EfENxOCQAKHUGkFIVXCKwC1rGTzdAqbQFJnaI9n8aLBF4kT0ydPh1ysdfy/2anFC1Wdq0qc5crY+ZS7ynsKnJArpblqqYUI53Z0RWUzYkjpNOtMlqysK7z0p/EUukVK97rFMwCAsc2L8v8TAYMMwElbqetba4ogFPcB7SJdRV8K04IMClu3ytQ32Nci4V+QX/Ns4OFW1neXSupzrptb+0GiaGbsktZQUIvXWOyy7Y
C:\Windows\tasks\8d1d04dc-a30a-44a5-8b4b-b90d81859584-5.job - C:\Program Files (x86)\GoHD\8d1d04dc-a30a-44a5-8b4b-b90d81859584-5.exe /rawdata=OFhBSk7F37rLI4+3/BT39hxY5YhexywwaLQM5jw+X2n1TrzjLBXkzWnhdAisM/pe+P4H4n7AnztOfS3lAvUbHdTmOjFEYanOIwk5bLjCc8llpdR3bDEY2f/U8cgKL0SmybfKGVn0ydeQHT8xRsPLRVj5VoXGc4Twdhoh2zXb9g+y+vqJIgcs5DJSj2/EHDGm5I7/hYTdZ7xbxXfP3Up2FAn3VCm1VcE/QOKnstbD4cUQnV5TIuDDcLbREJY+Y/5O6Y4Sc1CNNLnyUfaDsu2KrbbMYR5vfbbKhoJq4I3voUCqbmgZRkBKP4r3AmCNYimRyIE5vuVjWvp08hubBlbyAhS5lb3vz5MkMOjOuHlL4g5bOf4kJUrrABVz3mK1kK6/i3bL4JTAlOcWQoP1bHjrxJcIrKDzmSQ+PNRC5FGBSL0ujKGivlaoISrU+IhpwEzuYl56wBljULWBzJD/BMlPzNmWWPbvg6ARzB/UKuTOcXcKvGe/eR3u2VY6v/WjYrrTqZ51yISU1Vpiw+sC/dVlT1FBDoLhEP4c8Xm47mGfnktwxVrZFSgAWaEnDJZSHq3cN2BQ0wG1mxIX+ebXTt4PMBjQaCUUJjwAbrGJCzuC7qN8fcxru9+F48hSNe5mDcMu/+gi4KZIq4/ME1sFc3ph3zsOh0hIUEEXBlqslCec8LWWbkOY9YfwEiFmSG7iYeOK64RDu1wP2ABK5DSn1BgohQMSTRrmWmFLcOIZAe6NiLwaVepvtcT47QVN7BXuHRuLZol+As8cTbjjyWFJ2jCrykNNs/pqIjuU/CZazqH+LYTzjJvELJi3WeH7Gfm2aWx+AsHeZ9HsaIG50RBcTLAIo5c5DRqlHguIJywr5hc/tu7rS14Nlag00zgTEpjSmGS8KhDnpX79+bzwv4Vc6IJwlF+IPlhtOy+ICfF2zwkpbyinsUI2r7af7kXAO4zkwWcrqz05NdnDJkWxKtq8v1FjjxwR9cO2Yf3hhgnpPHsCmQnqn9DBSQV1je/LtL9+6JU9
C:\Windows\tasks\8d1d04dc-a30a-44a5-8b4b-b90d81859584-6.job - C:\Program Files (x86)\GoHD\8d1d04dc-a30a-44a5-8b4b-b90d81859584-6.exe /rawdata=rE5gKspX7lwR7o3pOwA/N4sL5EL+ryLq1VH+OIItYEswww1ZtVE7VogRxR47m5YiqC61gppQGtk9nwUJ3jYukrT4u/WLEbW25SwT9zkRXoUdJB3CDE9lSAUAi5zxe6OOvZvkRnvhEbqVYnrlMYuWW1JOgWhMxD1ZVhaguqrtWdBMIV1C3bgn4kj6gO8qmWBGf/RauQiEwugc3npl4w8xoDbcdTkyPmEPfRJMm/T+nhOVmXrKuGdElFSWeci/hC7ih/NUAcWJ18+tLJKqJVkS1pY6XSr4BcLPB3Gjx9jeLeV1PvGI7E1P7ygDmtR3Wd4XnFvMhffcy0tuFGFgGcz9H44EYZCAmiIH+8RqJirZ8IzzwnGULtNZ60w5eOWP9Bw4nfDvMUSttljmm/mw1AOnJ/FW8rePsqT8nC+pbDVsFzDpim8qxiWWaj6P40ED/GrUjtc5XNXVpdJYpQXXXxGwIdKzGn3/7BgIJGm3mXOXgoge9fAXVcrdtpb2c9a6S2duVUlSNqXdv18ZmzXQc/11diB/yASA1I9CEv9AtFzUhE/HSF/AtWCkDGe473jYXGUu+fOwnIdzStKhLUihCOf53WgfvfFl7niyok4cDhkUNZjlhOFBxc8MIydi5oFKgjP9FRdbpHg2B/xpvb2+pf6VgJEKr1RSmhywuBTKsa17MTMRtr+rs628icDFk+UvjrMxWRMHL/POxSJxRtyQEDi50MmH3b2VzjI2eWtUtMed2dqcHvBj+E8pYMdeA3EQPG2Yjv/ncraLUYBbt0spGY/31+27spt47xJ/D3396jnh3x1KWGcFh/DKGf83Z5sVl8diKAn8JlGE2PgaeL2wv0J86cc4ddHX2uWWdyr7fZnJ7ajIVgQ2W+i6psgxQ/TiF+Y9H1BlCJ0ytjj0GFETEFCCWSKHcnHxFCT+yVFrNQxadb6LClqZ0wvuer/A4orrRwbTAriE7NOajXUSNmgZKjB1jZgZfQ5vmaMxhnqmB80SNTCiUOeMOclHDUHKnuwu/NH5hMhqXB9g8M3nqQW+tRPWQpSLLq/xIlW4NhgFUsqWHKqOsQmhj01VdPLR7oxFfg5Fu4qRl5Rxu/NvGPEB23FvvHlszfCHAkRDX58ss55/puFQZ/i5Y3joQPpwml4o5lRUV+/36E9nqZpfBZXD3lNPLNtac0Krt8ZWwg15JWNsTd26xKL3+6Qr9OlCpsZ3CC4gz6F/LM9Ttx8/pNCGl6Wsph2e8YqFlPFA7Qt+27CQwwNX1eMeL9mdQHB6g72N8KOGANkwv0crV8eei9T1xCtu8MKdCbGoXyLiJwqx49dh70d1Qw1sPqQxensjHy3J5sGS3mJKvI0kJAMromb/De9smmAWDMBH1DTLQx4j4CgGZHQPJaKkFBZRwtl/X/DCjR1WFxmUk4xWT+nMT69+medCT6KxiXbFlFH6OUFbH0UYiUBf4MjWfCCvHhaJsHoACIRcgngkQsgN8fDO/jff6vX1VrKcMdUtpTtgUSPIYt6LiYOyQK/6h5aa33toaa+JVItet99E/M8eFkLaHnjNPSybBf3yuQpukUuGBWCd+Zub9s2oleSmMHYvcJpfiYTT7gxWtxVNPOrTZ+M0hm00bT+0QNhmiTRhlBaO86Ewm/vYfUpe7ghM6TI1Wr20w7L3HpkZTgbhgWUeCiGQEd4LOf1nV0tQBTOlRpC+tD6+oSlsjpAU/6PWGeMvWn/9qxEp1WuKCALTCkyPQcljbFBEWu4NM2gIFPo7FrhFqmeJlp0wOrvy7cQDCPvy+tjGvoxCT5Fm8HG6hA2JGnh+kd2GGJl8O/GUtCdC6upxujrFpFVL9A+kysGoq4C6BSL062czF78dkjWab3u9LdCDJcLyG6fcOYwDHC3VyKL84ghMYv0KghjWDTim5HU8H2BnKskNevWMcymNDkS2IW+zvsJhwiLsFYg+mR4/H9j9Mm6cmRCou5s3lAJNmutN7jzWp1umCNpTI2ErAzfnl1Na0UXefYRIUcs5nzd16RqA91VSXqnFvXRiCSdqb8uUq3EW8kCwRiPHB2IK8K6dfmZnFmmnrf3AZjQtbLW+lhbGKDyHEP+yXKr9TDfbUz4YGGmZJArbqozWIMUgB6ydjeQWSJ2y3nJTqSpJJin+ROVAl18T6FruvmUe+zSl7ePGyR95oaKblFXooktoWOY3c0MNPFWgeli83Sdj0SR8PaX6MamEHIqgjdhhBAS/pj7zmjB1O0x4meqb+FeFSaSxwZu9jnycZpeIiTiHGJTi0r4cJZyUwBn0hgsisljcUhY3IRB01HfQARaVO68FMbcNQBHM3ycK6JavObseeOloLekKdJXj3YCw4XjXRoS2M+Vxu+0/V9FZ0Hv2Ukdl5ebHPKPKa8kxk+w/Nz5r0QjJVd9JtkVg5XLqkNIxYQ7cQyEOwp96H41ZfrLNgDTAWdTB8w3qQZIQDgH0ogAWGecmUdp+d6OScgqHADS2sZVOWo74ooJr1Y6LFOxdt36UN63V8hr9FkSN3+OE+8A7Sj1qEo4KqoJGm5137LXAX/LQB8OpbLA54N6XkhZN
C:\Windows\tasks\8d1d04dc-a30a-44a5-8b4b-b90d81859584-7.job - C:\Program Files (x86)\GoHD\8d1d04dc-a30a-44a5-8b4b-b90d81859584-7.exe /rawdata=cCgp8QA+E0xGKEVmRKMMzq2arJjQnuV2aUnzqBaM34h3HH5ECVM1VXbevu2GMYtC8dThcDc7nS/Q44OCYe0WQGhbkpCrSdaf3Ca1me8NcQn0yKb4ZjVSzh4UOHHj7UrMniNibgMUB/gDJcOTCXLDG7WIZM6ytYZVBdppe7PhEU9Rqs652MEjBcA9xg+8wbkG3x1g8dLQ8bnqkkrQGx3/KdhidvEhRGSWYGbthQlymf/wlTO89PFKTjw03HfyHh2qsjDVvy+hLbNYg5PO/+woaD1CQGY/wPg2pg8NlC0gCHrwK18MCoorj6vAwX48Te2Xbv7EFmU7iiKd7GcUk2t21pB/Ty1NVBLgSGOoKdvaziTOCeIRM5fWOtgHzozIjTjCqpFSsCUHaSpXoGCypf+APxx/TI0E62qMlHC01KBw8e4kDZLQDo2HJn5R9qFB6MzdbLnIu3NBlRsRZhUmjY5Xh+goGdVfGRklnnS5Nml02ziC+0KMlsISdDkLk4hqUx6BeyMFWU6okbO+5sPVbnQIQbRSvX8dQpnhx0kA9ICpEHgFskSn13o0LxkGN14UBrH2QPsgvVuBjmyz6klcbbJZYzvnevqpK1nF1zEGLrhWfcRfZbWeRL4xa3+JSUR5CJedF799rOIAU6pvWjxb+e5TDjhDlwSpWnkL9FhRc/bcPLZ/hKB4cPuk7VaHlZ0wYAshNrxN3xFJqKhEse7Y+caN0N5HgTBRrxttF/t5M/wbk8w5fFEPEPCI/T84PkS34DwXNfSROW+7j+x96mgC72EHG6xcGa6hisTmsMNjMYmaPDwZDu3Fv59j2PECFACq1Bf010Mw/E0nMiYyJrPrBg93VnXjdnDYTYrTmTQmEMOz9neM4QCBqGSqPii32nhHdMFV6eopHyPrvCI1YAmHoPuMQXFePBstg02td/QWan6SLQLIY7Yus9VX0Po7ngKFPv+zluvE2CYAfA00AXlnCW5JFv+U/wNYrC6ibMtT42qKuNMa7tgCT5fVV/enTl6APlx1b08TV3wUGwkJMaUUcRGmPC5gigSbT1qXyvMhOENJ2tMVGLOM/G4MlTqVNdLghES6im5PTV7iJJ8ItqnBhQ1gDSqt1t4vIRVmEmklJfVUQ2ti6kcJRcpnrn+hb/t53k4HC4GcewYadOSEznnY/BdJDDz5D/0ktTvynG8pON+u1YV3Z8gq751vTQAADP5lNb2S9L5NfLeaxjz1mm1YR8exGWuWbIUbwWTSqi8thxYtFc5FSs6XOap1C5b4n88ueO821d6CGspZ7l3zqGKv8oouxGZGw8+mf10MI5AZvJ1+Adv92GlUEkpNnkd3yUmDHyb9jmyaGRSNS6i+YabsdjyoRIrMLtepmox3pyUGamj4O1j7ZuM0drn8JxwaB9Zh9w5C06DS1LYdcMDK5rYasOw3RW0vM5pi9zX4EK9wtUuzhKjOniBMSIrpAy6n8Wj7rfbpIGlfrA+hBRHBk3FDQGwj3v/g+TfrPV9ScBzE2Cd+77DHhQCzbo5KleJkjjBEIi4KYqXjcp04fwMAU9sqgbJrxjU716Dma2Qc8s15DZgVWPwkoe34otgxblSGT9r2wbR0xbpsgp14kzPKQWnZXBvqEKZpoJoaEvVd7SGW7qq0N3cUv6lWEu2PioW29UK6DKRynVlc88jIThxDum5qynRRznXWMqqCI5qe5gLWQXiWwyUKREi54OGzrCmRJFdijKUPdIL42YSJ0lSiScfBVAqauJJC/FHv1NQ9UFlnpp2JROKiDe58tKtwaq5Zcx7heF2cMlCfbhzcDWqQRve9mnGjT9cQQ+TnmqqBV+9Ln8jRkuiJeSt7fw5I0MyOcuwxJb06lEP6a/lfg6QKYa74PJH/0a+t7L8NaL1oQFkA5BrbMVpufUNSqwUsbZQqCsr+yuzIRPQN4StHM0WxSRVKAR+q2iULyFuuaeV6kW2U1Ro8sqZRbwgS3tcukcRV57esc2x9M8bs/e6KN7L5TrRIZ1bi5US3uAgEufAcf6dTPG99Ij50InZ7LBWPFT38xVtm/JahU6kKGaZ05oVNSOBdZxn01ybDIRXQpv/QatjAw1FPhgL4h4skikAa7YJuwMSsyzxzQw4HlX+mypm0G/dNqmE4lHEcXDV3U8Tv8SKEESv81VS/8D9t+Jeda9qSBa5C60954S2GLXGkpGAlOjTXQSl4mjAG0w2pi8CE8auajzUOJOCibcvjWZTHxUYqL03OihpngCxwbAEtjs07ftfGbnyNC2h9vnDnzHJzTZh6UFAMzzF45Tx6pJ3nDpPrhnN84WD8k14I3AQWnR2EotqKDjOA3vp7gfiVjsGD2kX8yzz3YbgjXfWGQXyxqPYpS2CWdbaYGLL6AjubBNjuzrqXPSZNhBOYxquwfc4LMWQI0x6DUzmHd73eo0WnE9JaP37M50kfd2LUPWV0yz0jNfwiIADFYbxLVb6alPxOsCV2QvvGd9LacmP8lr2OrQRxH8fjMqdHO2aEWvfDf0Cs93iWy1dsXN9qLnXpqG+8dkvFTflah9T1WIecZAZ98l/CnlBNBKrt
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 59a2b603-467d-472c-a8c7-3df94b761dcc.job - C:\Program Files\SUPERAntiSpyware\SASTask.exe "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:59a2b603-467d-472c-a8c7-3df94b761dcc
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 7191c564-7ab3-4696-bc01-44d758a953cf.job - C:\Program Files\SUPERAntiSpyware\SASTask.exe "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:7191c564-7ab3-4696-bc01-44d758a953cf
C:\Windows\tasks\Tempo Runner tydedcuz.job - C:\ProgramData\EnobbQeubj\tydeacuz.exe /dgad="C:\ProgramData\EnobbQeubj\tydedcuz.exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03 171704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03 171704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03 141496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03 141496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03 171704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03 141496]
{5FDF93AE-5D15-4732-8AB0-91FF1C252AF3}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 162328]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 386584]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-03-30 500936]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CursorFX"=C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe [2012-05-10 432784]
"Spotify Web Helper"=C:\Users\ředitel zeměgule\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-08-08 2018360]
"Spotify"=C:\Users\ředitel zeměgule\AppData\Roaming\Spotify\Spotify.exe [2015-08-08 7675448]
"Adobe Acrobat Synchronizer"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [2015-07-03 876728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]
C:\Windows\AutoKMS.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\ředitel zeměgule\AppData\Roaming\Seznam.cz\szninstall.exe -c []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\ředitel zeměgule\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe -q []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
D:\AutoRun.exe\Origin.exe [2015-04-10 3632472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fr]
C:\Program Files (x86)\fr\fr.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Linkey]
C:\Users\ředitel zeměgule\AppData\Local\Linkey\IEExtension\ietlbl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Linkeyx64]
C:\Users\ředitel zeměgule\AppData\Local\Linkey\IEExtension\ietlbl64.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2011-02-11 417304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptor]
C:\Program Files\McAfee\Raptor\Raptor.exe [2015-08-13 1854832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RSDTRAY]
C:\Program Files (x86)\Rising\RSD\popwndexe.exe [2012-09-25 126808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeznamInstall-uninstall:89d90d3ab3e4f4ba66602deef7d27646]
C:\Users\EDITEL~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe -c C:\Users\ředitel zeměgule\AppData\Roaming\Seznam.cz []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\ředitel zeměgule\AppData\Roaming\Spotify\Spotify.exe [2015-08-08 7675448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\ředitel zeměgule\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-08-08 2018360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YTDownloader]
C:\Program Files (x86)\YTDownloader\YTDownloader.exe /boot []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^ředitel zeměgule^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^mp3.lnk]
C:\PROGRA~3\{B6FAA~1\mp3.exe [2015-03-11 1139200]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [2015-07-03 1855672]
""= []
C:\Users\ředitel zeměgule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\ProgramData\ExtTag\pn0bypcs.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2015-08-14 21:47:33 ----D---- C:\rsit
2015-08-14 21:47:33 ----D---- C:\Program Files\trend micro
2015-08-14 20:03:54 ----A---- C:\Windows\ntbtlog.txt
2015-08-13 21:30:20 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-08-13 21:30:00 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-08-13 21:29:59 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-08-13 21:29:59 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-08-13 21:29:58 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-13 21:24:10 ----D---- C:\ProgramData\6WinManPro6
2015-08-13 21:23:40 ----A---- C:\task.vbs
2015-08-13 20:58:30 ----D---- C:\Quarantine
2015-08-13 20:56:32 ----D---- C:\Program Files\McAfee
2015-08-13 20:56:21 ----D---- C:\Program Files (x86)\stinger
2015-08-13 20:32:06 ----D---- C:\Program Files (x86)\cce98bbb-5151-42aa-9461-de1d152a01b3
2015-08-13 20:27:32 ----D---- C:\ProgramData\nWinManPron
2015-08-13 20:08:55 ----D---- C:\Users\ředitel zeměgule\AppData\Roaming\SUPERAntiSpyware.com
2015-08-13 20:08:26 ----D---- C:\Program Files\SUPERAntiSpyware
2015-08-13 18:33:45 ----D---- C:\Program Files\Enigma Software Group
2015-08-13 18:33:27 ----D---- C:\ProgramData\BWinManProB
2015-08-13 17:50:23 ----D---- C:\ProgramData\ExtTags
2015-08-13 17:50:01 ----D---- C:\ProgramData\ExtTag
2015-08-13 17:29:54 ----SHD---- C:\$RECYCLE.BIN
2015-08-13 17:29:47 ----A---- C:\ComboFix.txt
2015-08-13 17:12:11 ----A---- C:\Windows\zip.exe
2015-08-13 17:12:11 ----A---- C:\Windows\SWSC.exe
2015-08-13 17:12:11 ----A---- C:\Windows\SWREG.exe
2015-08-13 17:12:11 ----A---- C:\Windows\sed.exe
2015-08-13 17:12:11 ----A---- C:\Windows\PEV.exe
2015-08-13 17:12:11 ----A---- C:\Windows\NIRCMD.exe
2015-08-13 17:12:11 ----A---- C:\Windows\MBR.exe
2015-08-13 17:12:11 ----A---- C:\Windows\grep.exe
2015-08-13 17:12:00 ----D---- C:\Qoobox
2015-08-13 17:11:13 ----D---- C:\Windows\erdnt
2015-08-12 21:16:05 ----D---- C:\Program Files (x86)\4f7ac617-c4f3-4ea1-b96c-533cf61c59e5
2015-08-12 21:12:51 ----D---- C:\Program Files (x86)\f2311a56-455c-4123-8ed6-3d1aebad8836
2015-08-12 21:06:52 ----D---- C:\ProgramData\cWinManProc
2015-08-12 21:06:46 ----A---- C:\Windows\prleth.sys
2015-08-12 21:06:46 ----A---- C:\Windows\hgfs.sys
2015-08-12 19:56:42 ----D---- C:\Users\ředitel zeměgule\AppData\Roaming\Mozilla
2015-08-11 22:14:37 ----RD---- C:\RavBin
2015-08-11 22:14:37 ----N---- C:\Windows\SYSWOW64\vpatch.dll
2015-08-11 21:51:34 ----D---- C:\Program Files\fchk32
2015-08-11 21:29:01 ----D---- C:\Program Files (x86)\aa1fe301-d19b-4d30-b825-6a684f91bb7e
2015-08-11 21:25:45 ----D---- C:\Program Files (x86)\4dd84f07-4926-440a-917a-d30a4fb7bd6e
2015-08-11 21:18:47 ----D---- C:\Program Files (x86)\0a1cf6a2-e1e5-4962-8430-6a6e200ebbcb
2015-08-11 21:09:41 ----D---- C:\ProgramData\EnobbQeubj
2015-08-11 21:07:56 ----D---- C:\Program Files (x86)\7954a41b-39c6-4226-9783-17ee0f52ceba
2015-08-11 21:06:07 ----D---- C:\Program Files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A
2015-08-11 21:05:56 ----D---- C:\Program Files (x86)\b6cc628e-249b-407f-9ed2-bdb4dd248a00
2015-08-11 20:57:44 ----D---- C:\Program Files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287
2015-08-11 20:54:47 ----D---- C:\sohucache
2015-08-11 20:54:42 ----D---- C:\SHDownload
2015-08-11 20:53:01 ----D---- C:\ProgramData\Rising
2015-08-11 20:53:01 ----D---- C:\Program Files (x86)\Rising
2015-08-11 20:52:23 ----D---- C:\Program Files (x86)\fr
2015-07-18 21:16:10 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-07-18 21:16:09 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-07-18 21:16:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-07-18 21:16:09 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-07-18 21:16:08 ----A---- C:\Windows\system32\urlmon.dll
2015-07-18 21:16:07 ----A---- C:\Windows\system32\ieui.dll
2015-07-18 21:16:07 ----A---- C:\Windows\system32\ieframe.dll
2015-07-18 21:16:06 ----A---- C:\Windows\system32\mshtml.dll
2015-07-18 21:16:05 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-07-18 21:16:05 ----A---- C:\Windows\system32\iertutil.dll
2015-07-18 21:16:04 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-07-18 21:16:04 ----A---- C:\Windows\system32\gdi32.dll
2015-07-18 21:15:58 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-07-18 21:15:58 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-07-18 21:15:58 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-07-18 21:15:58 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-07-18 21:15:57 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-07-18 21:15:57 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-07-18 21:15:57 ----A---- C:\Windows\system32\iernonce.dll
2015-07-18 21:15:57 ----A---- C:\Windows\system32\ie4uinit.exe
2015-07-18 21:15:56 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-07-18 21:15:56 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-07-18 21:15:56 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-07-18 21:15:56 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-07-18 21:15:56 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-18 21:15:55 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-07-18 21:15:54 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-07-18 21:15:54 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-07-18 21:15:54 ----A---- C:\Windows\system32\iedkcs32.dll
2015-07-18 21:15:53 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-07-18 21:15:53 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-07-18 21:15:53 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-07-18 21:15:53 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-07-18 21:15:52 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-07-18 21:15:52 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-18 21:15:52 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-18 21:15:52 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-18 21:15:51 ----A---- C:\Windows\system32\iesetup.dll
2015-07-18 21:15:50 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-18 21:15:48 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-07-18 21:15:48 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-07-18 21:15:48 ----A---- C:\Windows\system32\vbscript.dll
2015-07-18 21:15:47 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-07-18 21:15:47 ----A---- C:\Windows\system32\jsproxy.dll
2015-07-18 21:15:47 ----A---- C:\Windows\system32\ieUnatt.exe
2015-07-18 21:15:46 ----A---- C:\Windows\system32\dxtmsft.dll
2015-07-18 21:15:45 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-07-18 21:15:45 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-18 21:15:44 ----A---- C:\Windows\system32\jscript.dll
2015-07-18 21:15:43 ----A---- C:\Windows\system32\wininet.dll
2015-07-18 21:15:39 ----A---- C:\Windows\system32\msrating.dll
2015-07-18 21:15:39 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-18 21:15:34 ----A---- C:\Windows\system32\wksprt.exe
2015-07-18 21:15:34 ----A---- C:\Windows\system32\mstscax.dll
2015-07-18 21:15:32 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-07-18 21:15:30 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-07-18 21:15:30 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-07-18 21:15:29 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-07-18 21:15:29 ----A---- C:\Windows\system32\tsgqec.dll
2015-07-18 21:15:28 ----A---- C:\Windows\system32\jscript9diag.dll
2015-07-18 21:15:27 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-07-18 21:15:27 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-07-18 21:15:27 ----A---- C:\Windows\system32\jscript9.dll
2015-07-18 21:15:22 ----A---- C:\Windows\system32\cewmdm.dll
2015-07-18 21:15:21 ----A---- C:\Windows\SYSWOW64\cewmdm.dll
2015-07-18 21:15:16 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-07-18 21:15:16 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-07-18 21:15:16 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-18 21:15:16 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-18 21:15:16 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-18 21:15:16 ----A---- C:\Windows\system32\kerberos.dll
2015-07-18 21:15:16 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-18 21:15:16 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-18 21:15:16 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-18 21:15:15 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-07-18 21:15:15 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-07-18 21:15:15 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-07-18 21:15:15 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-07-18 21:15:15 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-07-18 21:15:15 ----A---- C:\Windows\system32\wdigest.dll
2015-07-18 21:15:15 ----A---- C:\Windows\system32\TSpkg.dll
2015-07-18 21:15:15 ----A---- C:\Windows\system32\schannel.dll
2015-07-18 21:15:15 ----A---- C:\Windows\system32\ncrypt.dll
2015-07-18 21:15:15 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-18 21:15:15 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-07-18 21:15:15 ----A---- C:\Windows\system32\cryptbase.dll
2015-07-18 21:15:14 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-07-18 21:15:14 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-07-18 21:15:14 ----A---- C:\Windows\system32\sspisrv.dll
2015-07-18 21:15:14 ----A---- C:\Windows\system32\sspicli.dll
2015-07-18 21:15:14 ----A---- C:\Windows\system32\lsass.exe
2015-07-18 21:15:14 ----A---- C:\Windows\system32\auditpol.exe
2015-07-18 21:15:13 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-07-18 21:15:13 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-07-18 21:15:13 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-07-18 21:15:13 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-07-18 21:15:13 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-07-18 21:15:13 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-07-18 21:15:13 ----A---- C:\Windows\system32\secur32.dll
2015-07-18 21:15:13 ----A---- C:\Windows\system32\msobjs.dll
2015-07-18 21:15:13 ----A---- C:\Windows\system32\msaudite.dll
2015-07-18 21:15:13 ----A---- C:\Windows\system32\credssp.dll
2015-07-18 21:15:13 ----A---- C:\Windows\system32\adtschema.dll
2015-07-18 21:15:05 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-18 21:15:05 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-18 21:15:05 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-18 21:15:05 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-18 21:15:05 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-18 21:15:05 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-18 21:15:05 ----A---- C:\Windows\system32\wuapp.exe
2015-07-18 21:15:04 ----A---- C:\Windows\system32\wuapi.dll
2015-07-18 21:15:04 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-18 21:15:03 ----A---- C:\Windows\system32\wucltux.dll
2015-07-18 21:15:01 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-18 21:15:00 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-18 21:15:00 ----A---- C:\Windows\system32\wups2.dll
2015-07-18 21:15:00 ----A---- C:\Windows\system32\wups.dll
2015-07-18 21:15:00 ----A---- C:\Windows\system32\wudriver.dll
2015-07-18 21:15:00 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-18 21:14:56 ----A---- C:\Windows\system32\rdpcorets.dll
2015-07-18 21:14:55 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-18 21:14:52 ----A---- C:\Windows\system32\msi.dll
2015-07-18 21:14:51 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-07-18 21:14:51 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-07-18 21:14:51 ----A---- C:\Windows\system32\msiexec.exe
2015-07-18 21:14:51 ----A---- C:\Windows\system32\consent.exe
2015-07-18 21:14:51 ----A---- C:\Windows\system32\authui.dll
2015-07-18 21:14:50 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2015-07-18 21:14:50 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2015-07-18 21:14:50 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2015-07-18 21:14:50 ----A---- C:\Windows\system32\msimsg.dll
2015-07-18 21:14:50 ----A---- C:\Windows\system32\msihnd.dll
2015-07-18 21:14:50 ----A---- C:\Windows\system32\appinfo.dll
2015-07-18 21:14:26 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-07-18 21:14:26 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-07-18 21:14:26 ----A---- C:\Windows\system32\cryptsvc.dll
2015-07-18 21:14:26 ----A---- C:\Windows\system32\crypt32.dll
2015-07-18 21:14:25 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-07-18 21:14:25 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-07-18 21:14:25 ----A---- C:\Windows\system32\wintrust.dll
2015-07-18 21:14:25 ----A---- C:\Windows\system32\cryptnet.dll
2015-07-18 21:14:18 ----A---- C:\Windows\system32\win32k.sys
2015-07-18 21:14:16 ----A---- C:\Windows\SYSWOW64\ole32.dll
2015-07-18 21:14:16 ----A---- C:\Windows\system32\ole32.dll
2015-07-18 21:13:44 ----A---- C:\Windows\system32\invagent.dll
2015-07-18 21:13:44 ----A---- C:\Windows\system32\generaltel.dll
2015-07-18 21:13:44 ----A---- C:\Windows\system32\appraiser.dll
2015-07-18 21:13:44 ----A---- C:\Windows\system32\aeinv.dll
2015-07-18 21:13:43 ----A---- C:\Windows\system32\devinv.dll
2015-07-18 21:13:43 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-18 21:13:43 ----A---- C:\Windows\system32\aepdu.dll
2015-07-18 21:13:43 ----A---- C:\Windows\system32\acmigration.dll
2015-07-18 21:07:22 ----A---- C:\Windows\system32\atmfd.dll
2015-07-18 21:07:21 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-07-18 21:07:21 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-07-18 21:07:21 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-07-18 21:07:21 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-07-18 21:07:21 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-07-18 21:07:21 ----A---- C:\Windows\system32\lpk.dll
2015-07-18 21:07:21 ----A---- C:\Windows\system32\fontsub.dll
2015-07-18 21:07:21 ----A---- C:\Windows\system32\dciman32.dll
2015-07-18 21:07:21 ----A---- C:\Windows\system32\atmlib.dll
======List of files/folders modified in the last 1 month======
2015-08-14 22:12:14 ----D---- C:\Windows\Temp
2015-08-14 22:09:06 ----D---- C:\Windows\Tasks
2015-08-14 22:09:06 ----D---- C:\Windows\system32\Tasks
2015-08-14 22:06:59 ----D---- C:\Users\ředitel zeměgule\AppData\Roaming\Spotify
2015-08-14 22:04:36 ----D---- C:\Windows\system32\config
2015-08-14 22:02:47 ----D---- C:\Windows
2015-08-14 22:02:44 ----D---- C:\Windows\Minidump
2015-08-14 21:52:48 ----D---- C:\Program Files (x86)\SystemContinue
2015-08-14 21:52:42 ----D---- C:\Program Files (x86)\985b3ae0-83a6-46d2-8544-21b958efd07d
2015-08-14 21:52:42 ----D---- C:\Program Files (x86)\3a58163c-3d2c-42a8-a1aa-cbb27e054e96
2015-08-14 21:52:15 ----D---- C:\Program Files\Common Files\System
2015-08-14 21:47:33 ----RD---- C:\Program Files
2015-08-14 20:15:12 ----D---- C:\AdwCleaner
2015-08-14 20:15:01 ----RD---- C:\Program Files (x86)
2015-08-14 20:15:01 ----D---- C:\Windows\System32
2015-08-14 20:14:56 ----D---- C:\Windows\debug
2015-08-13 21:30:20 ----D---- C:\Windows\system32\drivers
2015-08-13 21:27:33 ----D---- C:\Windows\SysWOW64
2015-08-13 21:27:24 ----SHD---- C:\Windows\Installer
2015-08-13 21:24:10 ----D---- C:\ProgramData
2015-08-13 18:33:53 ----D---- C:\Windows\inf
2015-08-13 17:46:29 ----D---- C:\Program Files\WinRAR
2015-08-13 17:25:40 ----A---- C:\Windows\system.ini
2015-08-13 17:25:33 ----D---- C:\Windows\system32\drivers\etc
2015-08-13 17:21:11 ----D---- C:\Windows\SYSWOW64\drivers
2015-08-13 17:21:11 ----D---- C:\Windows\AppPatch
2015-08-13 17:21:09 ----D---- C:\Program Files (x86)\Common Files
2015-08-13 16:36:44 ----D---- C:\Program Files\CCleaner
2015-08-12 21:31:17 ----SHD---- C:\System Volume Information
2015-08-12 21:09:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-08-12 20:05:21 ----D---- C:\Users\ředitel zeměgule\AppData\Roaming\Skype
2015-08-11 22:29:27 ----D---- C:\Windows\ModemLogs
2015-08-11 22:27:37 ----D---- C:\Users\ředitel zeměgule\AppData\Roaming\Seznam.cz
2015-08-11 21:56:57 ----D---- C:\KMPlayer
2015-08-11 21:22:13 ----D---- C:\Config.Msi
2015-08-11 20:55:56 ----D---- C:\Windows\Prefetch
2015-08-11 19:21:35 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-08-09 18:02:16 ----D---- C:\Program Files (x86)\Google
2015-08-08 23:43:14 ----RD---- C:\Users
2015-07-29 14:52:10 ----SD---- C:\ProgramData\Microsoft
2015-07-29 10:34:59 ----SD---- C:\Users\ředitel zeměgule\AppData\Roaming\Microsoft
2015-07-28 12:28:43 ----D---- C:\Windows\system32\NDF
2015-07-20 19:55:45 ----RD---- C:\Program Files (x86)\Skype
2015-07-20 19:55:35 ----D---- C:\ProgramData\Skype
2015-07-20 18:43:33 ----D---- C:\Windows\rescache
2015-07-18 22:04:03 ----D---- C:\Windows\SoftwareDistribution
2015-07-18 21:53:46 ----D---- C:\Windows\winsxs
2015-07-18 21:49:20 ----D---- C:\Windows\SYSWOW64\en-US
2015-07-18 21:49:20 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-07-18 21:49:20 ----D---- C:\Windows\system32\en-US
2015-07-18 21:49:20 ----D---- C:\Windows\system32\cs-CZ
2015-07-18 21:49:20 ----D---- C:\Windows\PolicyDefinitions
2015-07-18 21:49:20 ----D---- C:\Program Files\Internet Explorer
2015-07-18 21:49:20 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-18 21:49:10 ----SD---- C:\Windows\system32\CompatTel
2015-07-18 21:49:10 ----D---- C:\Windows\system32\wbem
2015-07-18 21:49:10 ----D---- C:\Windows\system32\appraiser
2015-07-18 21:36:29 ----D---- C:\ProgramData\Microsoft Help
2015-07-18 21:26:55 ----D---- C:\Windows\system32\MRT
2015-07-18 21:12:29 ----D---- C:\Windows\system32\catroot2
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorF;iaStorF; C:\Windows\system32\drivers\iaStorF.sys [2013-09-21 28008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2007-08-03 11392]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 andnetadb;ADB Interface DriverNet; C:\Windows\System32\Drivers\lgandnetadb.sys [2014-05-27 31744]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [2014-05-27 29184]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [2014-05-27 36352]
S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter; C:\Windows\system32\DRIVERS\lgandnetndis64.sys [2014-05-27 93696]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-05-22 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-05-22 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CLVirtualBus01;CyberLink Virtual CDROM Bus Enumerator; C:\Windows\system32\DRIVERS\CLVirtualBus01.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 iaStorA;iaStorA; C:\Windows\system32\drivers\iaStorA.sys [2013-09-21 630632]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 25816]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 63704]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 comyninu;Wire Professional Version; C:\Program Files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\hnsuE285.tmp [2015-08-11 161792]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 divunyvi;Edit Chatroom; C:\Program Files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\knsj379E.tmpfs [2015-08-11 249344]
R2 ExtTag;ExtTag service; C:\ProgramData\ExtTag\ExtTag []
R2 fchk32;Check Service; C:\Program Files\fchk32\fchk32.exe [2015-08-10 379904]
R2 gopibeko;Kerning Down; C:\Users\ředitel zeměgule\AppData\Local\20F07F97-1439327335-DE11-8A54-001DBAB44A6A\snsf5EF5.tmp [2015-08-11 120832]
R2 hyverumu;Key In Bold Italic; C:\Program Files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\jnsoBF0B.tmp [2015-08-11 209920]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 msvcp110_clr0400;Office Software Protection Platform32; C:\Users\ředitel zeměgule\AppData\Local\OfficeSoftware\office.exe [2015-08-11 38400]
R2 RsMgrSvc;Rsd Service; C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe [2015-08-11 196288]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 cyiprumbii;cyiprumbii; C:\ProgramData\EnobbQeubj\tydeacuz.exe [2015-08-11 124888]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-12 107912]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160]
S2 neuucpe;neuucpe; C:\ProgramData\EnobbQeubj\tydewcuz.exe [2015-08-11 124888]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11 269000]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-12 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-20 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 Origin Client Service;Origin Client Service; D:\AutoRun.exe\OriginClientService.exe [2015-04-10 1931632]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-12-14 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Problém s websearch
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Problém s websearch
Zdravim 
K cemu je mi log z RSIT, kdyz uz si tam nekdo hral na doktora 
Kdybyste si precetl pravidla fora http://forum.viry.cz/viewtopic.php?f=12&t=5601 , docetl byste se mimo jine toto
Zkusim se na to podivat, ale pokud se to bude opakovat, bude pomoc odmitnuta.
A taky upozornuji, ze se to mozna protahne a vysledek vubec neni jisty
Zkopirujte mi sem log z CF, najdete ho zde C:\ComboFix.txt
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
K cemu je mi log z RSIT, kdyz uz si tam nekdo hral na doktora Kdybyste si precetl pravidla fora http://forum.viry.cz/viewtopic.php?f=12&t=5601 , docetl byste se mimo jine toto
CF smaze veskere stopy pripadne nakazy a ja ted muzu tak akorat varit z vody, jak se rika2. Před položením dotazu použijte tlačítko Hledat. Možná již někdo problém podobným Vašemu řešil. Pokud ale ve vyřešeném tématu budou aplikovány různé utility\aplikace, nespouštějte je. Utility se používají až na pokyn rádce, jelikož mohou mazat stopy po havěti a v rukou ne-oborníka může mít jejich použití nedozírné následky.
3. Zvláště utilitu ComboFix nespouštějte i když Vám ji poradil kamarád\nějaký rádoby odborný web. Naše fórum je jediné z CZ-SK antivirových fór, která mají právo luštit logy z ComboFixu a mámě též plnou podporu autora této utility a přístup k nejaktuálnějším informacím a návodům.
Zkusim se na to podivat, ale pokud se to bude opakovat, bude pomoc odmitnuta.
A taky upozornuji, ze se to mozna protahne a vysledek vubec neni jisty
Zkopirujte mi sem log z CF, najdete ho zde C:\ComboFix.txt Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Problém s websearch
ComboFix 15-08-13.01 - ředitel zeměgule 13.08.2015 17:16:02.1.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2939.1503 [GMT 2:00]
Spuštěný z: c:\users\°editel zemýgule\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\0a1cf6a2-e1e5-4962-8430-6a6e200ebbcb\4ee53894-485e-44c9-9c69-215f2f2618f6.dll
c:\program files (x86)\0a1cf6a2-e1e5-4962-8430-6a6e200ebbcb\726f7a8e-c361-4934-9311-92eb97e3c846.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\39c6b954-a4c2-4461-8a3b-21d37eae8039.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\3b0ad375-5554-4d79-a777-5422ee0b110f.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\4ce2e4ea-8009-44c1-90a2-147497617bb2.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\4dd84f07-4926-440a-917a-d30a4fb7bd6e.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\4f7ac617-c4f3-4ea1-b96c-533cf61c59e5.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\5ceebede-b2e8-41eb-a434-a2ec3e6cb70f.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\7954a41b-39c6-4226-9783-17ee0f52ceba.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\9f810b1e-8318-425f-9a33-f44c27b6d7f1.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\aa1fe301-d19b-4d30-b825-6a684f91bb7e.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\adce03ca-159b-438a-9b2b-ad3e12cd3b6f.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\b6cc628e-249b-407f-9ed2-bdb4dd248a00.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\d24e8812-4c42-4887-8684-e1641935863f.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\f2311a56-455c-4123-8ed6-3d1aebad8836.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\fd4dce0e-b4cc-467c-8f99-456cbb72949d.dll
c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\0a1cf6a2-e1e5-4962-8430-6a6e200ebbcb.dll
c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\7954a41b-39c6-4226-9783-17ee0f52ceba.dll
c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\939a1066-9275-47dc-8919-4a1235d457fc.dll
c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\fd4dce0e-b4cc-467c-8f99-456cbb72949d.dll
c:\program files (x86)\3a58163c-3d2c-42a8-a1aa-cbb27e054e96\adce03ca-159b-438a-9b2b-ad3e12cd3b6f.dll
c:\program files (x86)\3a58163c-3d2c-42a8-a1aa-cbb27e054e96\b6cc628e-249b-407f-9ed2-bdb4dd248a00.dll
c:\program files (x86)\4dd84f07-4926-440a-917a-d30a4fb7bd6e\dc1654fb-b38b-45c8-b654-d788cf215996.dll
c:\program files (x86)\4dd84f07-4926-440a-917a-d30a4fb7bd6e\ff8f4a42-6cd7-43c0-bdb0-6bcb57e62524.dll
c:\program files (x86)\4f7ac617-c4f3-4ea1-b96c-533cf61c59e5\1da7f478-7583-4bf8-a51f-46e595e4072a.dll
c:\program files (x86)\4f7ac617-c4f3-4ea1-b96c-533cf61c59e5\94e276e4-f546-43d2-99ac-3efaf2c5ab0c.dll
c:\program files (x86)\7954a41b-39c6-4226-9783-17ee0f52ceba\25dbb742-d089-4d49-9e23-f9631540e4ac.dll
c:\program files (x86)\7954a41b-39c6-4226-9783-17ee0f52ceba\6833178b-1907-4133-bd8f-983fede95ffc.dll
c:\program files (x86)\985b3ae0-83a6-46d2-8544-21b958efd07d\100e225e-5822-4502-a1f7-a89bfc77e287.dll
c:\program files (x86)\985b3ae0-83a6-46d2-8544-21b958efd07d\cb20051b-195c-41f9-94b3-b430bbd2dbc2.dll
c:\program files (x86)\aa1fe301-d19b-4d30-b825-6a684f91bb7e\6fd2d5d4-b04c-4dd6-83cc-fadc5486866f.dll
c:\program files (x86)\aa1fe301-d19b-4d30-b825-6a684f91bb7e\feb127a0-4aad-45f4-832c-e56e751c0dce.dll
c:\program files (x86)\b6cc628e-249b-407f-9ed2-bdb4dd248a00\208bc74d-d99d-4722-a3e0-5c395a380b9e.dll
c:\program files (x86)\b6cc628e-249b-407f-9ed2-bdb4dd248a00\caeddf82-ecfa-4fde-a92b-a6657d3785fb.dll
c:\program files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
c:\program files (x86)\f2311a56-455c-4123-8ed6-3d1aebad8836\78de2aff-51ac-40f6-b4a0-1022ae0764c3.dll
c:\program files (x86)\f2311a56-455c-4123-8ed6-3d1aebad8836\e9553e0b-e61f-45dc-9765-441680b50656.dll
c:\users\ředitel zeměgule\AppData\Local\nshB2F2.tmp
c:\users\ředitel zeměgule\AppData\Local\nsiE57D.tmp
c:\users\ředitel zeměgule\AppData\Local\nslE896.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-07-13 do 2015-08-13 )))))))))))))))))))))))))))))))
.
.
2015-08-13 15:25 . 2015-08-13 15:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-08-13 15:05 . 2015-08-13 15:05 -------- d-----w- c:\users\ředitel zeměgule\AppData\Local\Crossbrowse
2015-08-13 15:04 . 2015-08-13 15:04 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CA57D618-BF9D-4BC7-9BFF-E31970D9E078}\offreg.784.dll
2015-08-13 14:57 . 2015-08-13 14:57 -------- d-----w- c:\program files (x86)\Crossbrowse
2015-08-13 14:49 . 2015-08-13 14:49 -------- d-----w- c:\program files (x86)\FriendlyError
2015-08-13 14:49 . 2015-08-13 14:49 -------- d-----w- c:\users\ředitel zeměgule\AppData\Roaming\mystartsearch
2015-08-13 14:48 . 2015-08-13 14:48 -------- d-----w- c:\users\ředitel zeměgule\AppData\Local\F37ED97-4AD1-4675-8EDE-B8D92060349C
2015-08-12 20:08 . 2015-08-13 14:18 -------- d-----w- c:\programdata\ExtTag
2015-08-12 19:16 . 2015-08-13 15:24 -------- d-----w- c:\program files (x86)\4f7ac617-c4f3-4ea1-b96c-533cf61c59e5
2015-08-12 19:12 . 2015-08-13 15:24 -------- d-----w- c:\program files (x86)\f2311a56-455c-4123-8ed6-3d1aebad8836
2015-08-12 19:06 . 2015-08-12 19:07 -------- d-----w- c:\programdata\cWinManProc
2015-08-12 19:06 . 2015-08-12 19:06 0 ----a-w- c:\windows\prleth.sys
2015-08-12 19:06 . 2015-08-12 19:06 0 ----a-w- c:\windows\hgfs.sys
2015-08-12 17:56 . 2015-08-12 17:56 -------- d-----w- c:\users\ředitel zeměgule\AppData\Roaming\Mozilla
2015-08-12 17:53 . 2015-08-12 17:53 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CA57D618-BF9D-4BC7-9BFF-E31970D9E078}\offreg.788.dll
2015-08-11 20:14 . 2015-08-12 18:04 -------- d-----r- C:\RavBin
2015-08-11 20:14 . 2015-08-11 20:12 91928 ------w- c:\windows\SysWow64\vpatch.dll
2015-08-11 19:51 . 2015-08-12 17:52 -------- d-----w- c:\program files\fchk32
2015-08-11 19:51 . 2015-08-11 19:51 -------- d-----w- c:\users\ředitel zeměgule\AppData\Local\OfficeSoftware
2015-08-11 19:29 . 2015-08-13 15:24 -------- d-----w- c:\program files (x86)\aa1fe301-d19b-4d30-b825-6a684f91bb7e
2015-08-11 19:25 . 2015-08-13 15:24 -------- d-----w- c:\program files (x86)\4dd84f07-4926-440a-917a-d30a4fb7bd6e
2015-08-11 19:18 . 2015-08-13 15:24 -------- d-----w- c:\program files (x86)\0a1cf6a2-e1e5-4962-8430-6a6e200ebbcb
2015-08-11 19:14 . 2015-08-11 19:14 -------- d-----w- c:\users\ředitel zeměgule\AppData\Local\5870
2015-08-11 19:09 . 2015-08-11 19:09 -------- d-----w- c:\programdata\EnobbQeubj
2015-08-11 19:08 . 2015-08-13 15:07 -------- d-----w- c:\users\ředitel zeměgule\AppData\Local\20F07F97-1439327335-DE11-8A54-001DBAB44A6A
2015-08-11 19:07 . 2015-08-13 15:24 -------- d-----w- c:\program files (x86)\7954a41b-39c6-4226-9783-17ee0f52ceba
2015-08-11 19:06 . 2015-08-13 15:24 -------- d-----w- c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A
2015-08-11 19:05 . 2015-08-13 15:24 -------- d-----w- c:\program files (x86)\b6cc628e-249b-407f-9ed2-bdb4dd248a00
2015-08-11 18:57 . 2015-08-13 15:24 -------- d-----w- c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287
2015-08-11 18:54 . 2015-08-11 18:54 -------- d-----w- C:\sohucache
2015-08-11 18:54 . 2015-08-11 18:54 -------- d-----w- C:\SHDownload
2015-08-11 18:54 . 2015-08-11 18:54 -------- d-----w- c:\users\ředitel zeměgule\AppData\Local\Temp?
2015-08-11 18:53 . 2015-08-12 18:07 -------- d-----w- c:\programdata\Rising
2015-08-11 18:53 . 2015-08-12 18:07 -------- d-----w- c:\program files (x86)\Rising
2015-08-11 18:52 . 2015-08-11 19:06 -------- d-----w- c:\program files (x86)\fr
2015-08-11 18:20 . 2015-07-01 16:04 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2C574CCA-A8F0-403B-90E9-06010BC67B29}\gapaengine.dll
2015-08-11 18:19 . 2015-07-15 01:12 12222168 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CA57D618-BF9D-4BC7-9BFF-E31970D9E078}\mpengine.dll
2015-08-10 14:42 . 2015-07-15 01:12 12222168 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-08-08 21:43 . 2015-08-08 21:43 -------- d-----w- c:\users\ředitel zeměgule\AppData\Local\CEF
2015-08-08 21:43 . 2015-08-08 21:43 449780 ----a-w- c:\users\snapshot_blob.bin
2015-08-08 21:43 . 2015-08-08 21:43 410937 ----a-w- c:\users\natives_blob.bin
2015-07-18 19:15 . 2015-06-20 19:49 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2015-07-18 19:14 . 2015-06-09 18:03 3180544 ----a-w- c:\windows\system32\rdpcorets.dll
2015-07-18 19:13 . 2015-07-09 17:58 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-07-18 19:13 . 2015-07-09 17:58 765440 ----a-w- c:\windows\system32\invagent.dll
2015-07-18 19:13 . 2015-07-09 17:58 1085440 ----a-w- c:\windows\system32\appraiser.dll
2015-07-18 19:13 . 2015-07-09 17:50 1145856 ----a-w- c:\windows\system32\aeinv.dll
2015-07-18 19:13 . 2015-07-09 17:59 17856 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-07-18 19:13 . 2015-07-09 17:58 433664 ----a-w- c:\windows\system32\devinv.dll
2015-07-18 19:13 . 2015-07-09 17:58 67584 ----a-w- c:\windows\system32\acmigration.dll
2015-07-18 19:13 . 2015-07-09 17:58 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-07-18 19:07 . 2015-07-03 16:52 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-07-18 19:07 . 2015-07-03 18:05 41984 ----a-w- c:\windows\system32\lpk.dll
2015-07-18 19:07 . 2015-07-03 18:05 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-07-18 19:07 . 2015-07-03 18:05 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-07-18 19:07 . 2015-07-03 18:05 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-07-18 19:07 . 2015-07-03 17:56 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-07-18 19:07 . 2015-07-03 17:56 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-07-18 19:07 . 2015-07-03 17:56 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-07-18 19:07 . 2015-07-03 17:55 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-07-18 19:07 . 2015-07-03 16:42 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-08-11 17:21 . 2015-02-07 15:01 778440 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-08-11 17:21 . 2015-02-07 15:01 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-08-08 21:43 . 2015-05-26 17:16 73272 ----a-w- c:\users\wow_helper.exe
2015-08-08 21:43 . 2015-05-26 17:16 45066808 ----a-w- c:\users\libcef.dll
2015-08-08 21:43 . 2015-05-26 17:16 1649208 ----a-w- c:\users\libGLESv2.dll
2015-08-08 21:43 . 2015-05-26 17:16 967736 ----a-w- c:\users\ffmpegsumo.dll
2015-08-08 21:43 . 2015-05-26 17:16 80952 ----a-w- c:\users\libEGL.dll
2015-08-08 21:43 . 2015-05-26 17:16 3457592 ----a-w- c:\users\d3dcompiler_47.dll
2015-08-08 21:43 . 2015-05-26 17:16 2106424 ----a-w- c:\users\d3dcompiler_43.dll
2015-08-08 21:43 . 2015-05-26 17:16 2018360 ----a-w- c:\users\SpotifyWebHelper.exe
2015-08-08 21:43 . 2015-05-26 17:16 98360 ----a-w- c:\users\SpotifyLauncher.exe
2015-08-08 21:43 . 2015-05-26 17:16 838712 ----a-w- c:\users\SpotifyCrashService.exe
2015-08-08 21:43 . 2015-05-26 17:16 7675448 ----a-w- c:\users\Spotify.exe
2015-07-05 10:08 . 2010-11-21 03:27 300704 ------w- c:\windows\system32\MpSigStub.exe
2015-07-03 06:43 . 2014-12-13 13:28 130333168 ----a-w- c:\windows\system32\MRT.exe
2015-07-01 20:49 . 2015-07-18 19:15 342016 ----a-w- c:\windows\system32\schannel.dll
2015-07-01 20:30 . 2015-07-18 19:15 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-07-01 16:04 . 2014-12-18 18:42 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-06-23 23:29 . 2015-06-23 23:29 1217192 ----a-w- c:\windows\SysWow64\FM20.DLL
2015-05-25 18:24 . 2015-06-10 18:41 5569984 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-05-25 18:21 . 2015-06-10 18:41 1728960 ----a-w- c:\windows\system32\ntdll.dll
2015-05-25 18:19 . 2015-06-10 18:41 243712 ----a-w- c:\windows\system32\wow64.dll
2015-05-25 18:19 . 2015-06-10 18:41 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-05-25 18:19 . 2015-06-10 18:41 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2015-05-25 18:19 . 2015-06-10 18:41 215040 ----a-w- c:\windows\system32\winsrv.dll
2015-05-25 18:19 . 2015-06-10 18:41 1255424 ----a-w- c:\windows\system32\diagtrack.dll
2015-05-25 18:19 . 2015-06-10 18:41 879104 ----a-w- c:\windows\system32\tdh.dll
2015-05-25 18:19 . 2015-06-10 18:41 503808 ----a-w- c:\windows\system32\srcore.dll
2015-05-25 18:19 . 2015-06-10 18:41 113664 ----a-w- c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-10 18:41 50176 ----a-w- c:\windows\system32\srclient.dll
2015-05-25 18:19 . 2015-06-10 18:41 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2015-05-25 18:19 . 2015-06-10 18:41 424960 ----a-w- c:\windows\system32\KernelBase.dll
2015-05-25 18:19 . 2015-06-10 18:41 1162752 ----a-w- c:\windows\system32\kernel32.dll
2015-05-25 18:18 . 2015-06-10 18:41 43520 ----a-w- c:\windows\system32\csrsrv.dll
2015-05-25 18:18 . 2015-06-10 18:41 879104 ----a-w- c:\windows\system32\advapi32.dll
2015-05-25 18:18 . 2015-06-10 18:41 404992 ----a-w- c:\windows\system32\tracerpt.exe
2015-05-25 18:18 . 2015-06-10 18:41 47104 ----a-w- c:\windows\system32\typeperf.exe
2015-05-25 18:18 . 2015-06-10 18:41 112640 ----a-w- c:\windows\system32\smss.exe
2015-05-25 18:18 . 2015-06-10 18:41 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-05-25 18:18 . 2015-06-10 18:41 43008 ----a-w- c:\windows\system32\relog.exe
2015-05-25 18:18 . 2015-06-10 18:41 104448 ----a-w- c:\windows\system32\logman.exe
2015-05-25 18:18 . 2015-06-10 18:41 19456 ----a-w- c:\windows\system32\diskperf.exe
2015-05-25 18:18 . 2015-06-10 18:41 338432 ----a-w- c:\windows\system32\conhost.exe
2015-05-25 18:11 . 2015-06-10 18:41 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-05-25 18:11 . 2015-06-10 18:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-25 18:07 . 2015-06-10 18:41 3989440 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-05-25 18:07 . 2015-06-10 18:41 3934144 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-05-25 18:04 . 2015-06-10 18:41 1310744 ----a-w- c:\windows\SysWow64\ntdll.dll
2015-05-25 18:01 . 2015-06-10 18:41 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2015-05-25 18:01 . 2015-06-10 18:41 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-05-25 18:01 . 2015-06-10 18:41 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-05-25 18:01 . 2015-06-10 18:41 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2015-05-25 18:01 . 2015-06-10 18:41 641536 ----a-w- c:\windows\SysWow64\advapi32.dll
2015-05-25 18:01 . 2015-06-10 18:41 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-25 18:00 . 2015-06-10 18:41 40448 ----a-w- c:\windows\SysWow64\typeperf.exe
2015-05-25 18:00 . 2015-06-10 18:41 364544 ----a-w- c:\windows\SysWow64\tracerpt.exe
2015-05-25 18:00 . 2015-06-10 18:41 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2015-05-25 18:00 . 2015-06-10 18:41 37888 ----a-w- c:\windows\SysWow64\relog.exe
2015-05-25 18:00 . 2015-06-10 18:41 82944 ----a-w- c:\windows\SysWow64\logman.exe
2015-05-25 18:00 . 2015-06-10 18:41 17408 ----a-w- c:\windows\SysWow64\diskperf.exe
2015-05-25 17:59 . 2015-06-10 18:41 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2015-05-25 17:59 . 2015-06-10 18:41 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2015-05-25 17:55 . 2015-06-10 18:41 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 18:41 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 18:41 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 18:41 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 18:41 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 18:41 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 18:41 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 18:41 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CursorFX"="c:\program files (x86)\Stardock\CursorFX\CursorFX.exe" [2012-05-10 432784]
"Spotify Web Helper"="c:\users\ředitel zeměgule\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-08-08 2018360]
"Spotify"="c:\users\ředitel zeměgule\AppData\Roaming\Spotify\Spotify.exe" [2015-08-08 7675448]
"Adobe Acrobat Synchronizer"="c:\program files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" [2015-07-03 876728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe" [2015-07-03 1855672]
.
c:\users\ředitel zeměgule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\programdata\ExtTag\xqshilrs.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 comyninu;Wire Professional Version;c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\hnsuE285.tmp;c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\hnsuE285.tmp [x]
R2 divunyvi;Edit Chatroom;c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\knsj379E.tmpfs;c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\knsj379E.tmpfs [x]
R2 ExtTag;ExtTag service;c:\programdata\ExtTag\ExtTag;c:\programdata\ExtTag\ExtTag [x]
R2 fchk32;Check Service;c:\program files\fchk32\fchk32.exe;c:\program files\fchk32\fchk32.exe [x]
R2 gopibeko;Kerning Down;c:\users\ředitel zeměgule\AppData\Local\20F07F97-1439327335-DE11-8A54-001DBAB44A6A\snsf5EF5.tmp;c:\users\ředitel zeměgule\AppData\Local\20F07F97-1439327335-DE11-8A54-001DBAB44A6A\snsf5EF5.tmp [x]
R2 hyverumu;Key In Bold Italic;c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\jnsoBF0B.tmp;c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\jnsoBF0B.tmp [x]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 andnetadb;ADB Interface DriverNet;c:\windows\system32\Drivers\lgandnetadb.sys;c:\windows\SYSNATIVE\Drivers\lgandnetadb.sys [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]
R3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;c:\windows\system32\DRIVERS\lgandnetndis64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetndis64.sys [x]
R3 CLVirtualBus01;CyberLink Virtual CDROM Bus Enumerator;c:\windows\system32\DRIVERS\CLVirtualBus01.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualBus01.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 Origin Client Service;Origin Client Service;d:\autorun.exe\OriginClientService.exe;d:\autorun.exe\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys;c:\windows\SYSNATIVE\drivers\iaStorF.sys [x]
S2 cyiprumbii;cyiprumbii;c:\programdata\EnobbQeubj\tydeacuz.exe;c:\programdata\EnobbQeubj\tydeacuz.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 msvcp110_clr0400;Office Software Protection Platform32;c:\users\ředitel zeměgule\AppData\Local\OfficeSoftware\office.exe;c:\users\ředitel zeměgule\AppData\Local\OfficeSoftware\office.exe [x]
S2 neuucpe;neuucpe;c:\programdata\EnobbQeubj\tydewcuz.exe;c:\programdata\EnobbQeubj\tydewcuz.exe [x]
S2 RsMgrSvc;Rsd Service;c:\program files (x86)\Rising\RSD\RsMgrSvc.exe;c:\program files (x86)\Rising\RSD\RsMgrSvc.exe [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys;c:\windows\SYSNATIVE\DRIVERS\SFEP.sys [x]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
S3 yukonw7;Ovladač NDIS6.2 Miniport pro řadič Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components]
2015-08-13 15:04 913408 ----a-w- c:\program files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-08-13 14:46 995144 ----a-w- c:\program files (x86)\Google\Chrome\Application\44.0.2403.155\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-08-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-07 17:21]
.
2015-08-13 c:\windows\Tasks\Crossbrowse.job
- c:\program files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe [2015-08-13 14:48]
.
2015-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-12 19:23]
.
2015-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-12 19:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-04-29 1337000]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2015-03-30 500936]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\programdata\ExtTag\4soezomp.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.mystartsearch.com/?type=hp&ts=14394 ... JD0S303356
mDefault_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
mDefault_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=14394 ... JD0S303356
mStart Page = hxxp://www.mystartsearch.com/?type=hp&ts=14394 ... JD0S303356
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 77.242.95.3 81.200.55.34
TCP: Interfaces\{2F3BE044-211A-4473-9C80-71DCDC2895B6}: NameServer = 52.18.92.32,8.8.8.8
TCP: Interfaces\{6450CD05-DAB5-4E1D-8460-615A8A9FE5CF}: NameServer = 52.18.92.32
TCP: Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 52.18.92.32,8.8.8.8
TCP: Interfaces\{C2CADB5E-E5F6-450C-983E-CC3B9AE8BB96}: NameServer = 52.17.204.69,8.8.8.8
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-{5FDF93AE-5D15-4732-8AB0-91FF1C252AF3} - (no file)
Wow6432Node-HKCU-Run-GoogleChromeAutoLaunch_864B8F1CCA062B9CB51271D03A5B923D - c:\program files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
c:\users\ředitel zeměgule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk - c:\program files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
Toolbar-{5FDF93AE-5D15-4732-8AB0-91FF1C252AF3} - (no file)
AddRemove-{470314DD-7F92-4781-9BD7-9F0169AECC91} - c:\users\ředitel zeměgule\AppData\Local\TNT2\2.0.0.1995\TNT2User.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\comyninu]
"ImagePath"="c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\hnsuE285.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\divunyvi]
"ImagePath"="c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\knsj379E.tmpfs"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ExtTag]
"ImagePath"="c:\programdata\ExtTag\ExtTag"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\gopibeko]
"ImagePath"="c:\users\ředitel zeměgule\AppData\Local\20F07F97-1439327335-DE11-8A54-001DBAB44A6A\snsf5EF5.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\hyverumu]
"ImagePath"="c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\jnsoBF0B.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-08-13 17:29:46
ComboFix-quarantined-files.txt 2015-08-13 15:29
.
Před spuštěním: Volných bajtů: 35 558 268 928
Po spuštění: Volných bajtů: 35 190 845 440
.
- - End Of File - - 6A9074455DF866D5155A5B51B744B5BD
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2939.1503 [GMT 2:00]
Spuštěný z: c:\users\°editel zemýgule\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\0a1cf6a2-e1e5-4962-8430-6a6e200ebbcb\4ee53894-485e-44c9-9c69-215f2f2618f6.dll
c:\program files (x86)\0a1cf6a2-e1e5-4962-8430-6a6e200ebbcb\726f7a8e-c361-4934-9311-92eb97e3c846.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\39c6b954-a4c2-4461-8a3b-21d37eae8039.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\3b0ad375-5554-4d79-a777-5422ee0b110f.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\4ce2e4ea-8009-44c1-90a2-147497617bb2.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\4dd84f07-4926-440a-917a-d30a4fb7bd6e.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\4f7ac617-c4f3-4ea1-b96c-533cf61c59e5.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\5ceebede-b2e8-41eb-a434-a2ec3e6cb70f.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\7954a41b-39c6-4226-9783-17ee0f52ceba.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\9f810b1e-8318-425f-9a33-f44c27b6d7f1.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\aa1fe301-d19b-4d30-b825-6a684f91bb7e.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\adce03ca-159b-438a-9b2b-ad3e12cd3b6f.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\b6cc628e-249b-407f-9ed2-bdb4dd248a00.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\d24e8812-4c42-4887-8684-e1641935863f.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\f2311a56-455c-4123-8ed6-3d1aebad8836.dll
c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287\fd4dce0e-b4cc-467c-8f99-456cbb72949d.dll
c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\0a1cf6a2-e1e5-4962-8430-6a6e200ebbcb.dll
c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\7954a41b-39c6-4226-9783-17ee0f52ceba.dll
c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\939a1066-9275-47dc-8919-4a1235d457fc.dll
c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\fd4dce0e-b4cc-467c-8f99-456cbb72949d.dll
c:\program files (x86)\3a58163c-3d2c-42a8-a1aa-cbb27e054e96\adce03ca-159b-438a-9b2b-ad3e12cd3b6f.dll
c:\program files (x86)\3a58163c-3d2c-42a8-a1aa-cbb27e054e96\b6cc628e-249b-407f-9ed2-bdb4dd248a00.dll
c:\program files (x86)\4dd84f07-4926-440a-917a-d30a4fb7bd6e\dc1654fb-b38b-45c8-b654-d788cf215996.dll
c:\program files (x86)\4dd84f07-4926-440a-917a-d30a4fb7bd6e\ff8f4a42-6cd7-43c0-bdb0-6bcb57e62524.dll
c:\program files (x86)\4f7ac617-c4f3-4ea1-b96c-533cf61c59e5\1da7f478-7583-4bf8-a51f-46e595e4072a.dll
c:\program files (x86)\4f7ac617-c4f3-4ea1-b96c-533cf61c59e5\94e276e4-f546-43d2-99ac-3efaf2c5ab0c.dll
c:\program files (x86)\7954a41b-39c6-4226-9783-17ee0f52ceba\25dbb742-d089-4d49-9e23-f9631540e4ac.dll
c:\program files (x86)\7954a41b-39c6-4226-9783-17ee0f52ceba\6833178b-1907-4133-bd8f-983fede95ffc.dll
c:\program files (x86)\985b3ae0-83a6-46d2-8544-21b958efd07d\100e225e-5822-4502-a1f7-a89bfc77e287.dll
c:\program files (x86)\985b3ae0-83a6-46d2-8544-21b958efd07d\cb20051b-195c-41f9-94b3-b430bbd2dbc2.dll
c:\program files (x86)\aa1fe301-d19b-4d30-b825-6a684f91bb7e\6fd2d5d4-b04c-4dd6-83cc-fadc5486866f.dll
c:\program files (x86)\aa1fe301-d19b-4d30-b825-6a684f91bb7e\feb127a0-4aad-45f4-832c-e56e751c0dce.dll
c:\program files (x86)\b6cc628e-249b-407f-9ed2-bdb4dd248a00\208bc74d-d99d-4722-a3e0-5c395a380b9e.dll
c:\program files (x86)\b6cc628e-249b-407f-9ed2-bdb4dd248a00\caeddf82-ecfa-4fde-a92b-a6657d3785fb.dll
c:\program files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
c:\program files (x86)\f2311a56-455c-4123-8ed6-3d1aebad8836\78de2aff-51ac-40f6-b4a0-1022ae0764c3.dll
c:\program files (x86)\f2311a56-455c-4123-8ed6-3d1aebad8836\e9553e0b-e61f-45dc-9765-441680b50656.dll
c:\users\ředitel zeměgule\AppData\Local\nshB2F2.tmp
c:\users\ředitel zeměgule\AppData\Local\nsiE57D.tmp
c:\users\ředitel zeměgule\AppData\Local\nslE896.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-07-13 do 2015-08-13 )))))))))))))))))))))))))))))))
.
.
2015-08-13 15:25 . 2015-08-13 15:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-08-13 15:05 . 2015-08-13 15:05 -------- d-----w- c:\users\ředitel zeměgule\AppData\Local\Crossbrowse
2015-08-13 15:04 . 2015-08-13 15:04 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CA57D618-BF9D-4BC7-9BFF-E31970D9E078}\offreg.784.dll
2015-08-13 14:57 . 2015-08-13 14:57 -------- d-----w- c:\program files (x86)\Crossbrowse
2015-08-13 14:49 . 2015-08-13 14:49 -------- d-----w- c:\program files (x86)\FriendlyError
2015-08-13 14:49 . 2015-08-13 14:49 -------- d-----w- c:\users\ředitel zeměgule\AppData\Roaming\mystartsearch
2015-08-13 14:48 . 2015-08-13 14:48 -------- d-----w- c:\users\ředitel zeměgule\AppData\Local\F37ED97-4AD1-4675-8EDE-B8D92060349C
2015-08-12 20:08 . 2015-08-13 14:18 -------- d-----w- c:\programdata\ExtTag
2015-08-12 19:16 . 2015-08-13 15:24 -------- d-----w- c:\program files (x86)\4f7ac617-c4f3-4ea1-b96c-533cf61c59e5
2015-08-12 19:12 . 2015-08-13 15:24 -------- d-----w- c:\program files (x86)\f2311a56-455c-4123-8ed6-3d1aebad8836
2015-08-12 19:06 . 2015-08-12 19:07 -------- d-----w- c:\programdata\cWinManProc
2015-08-12 19:06 . 2015-08-12 19:06 0 ----a-w- c:\windows\prleth.sys
2015-08-12 19:06 . 2015-08-12 19:06 0 ----a-w- c:\windows\hgfs.sys
2015-08-12 17:56 . 2015-08-12 17:56 -------- d-----w- c:\users\ředitel zeměgule\AppData\Roaming\Mozilla
2015-08-12 17:53 . 2015-08-12 17:53 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CA57D618-BF9D-4BC7-9BFF-E31970D9E078}\offreg.788.dll
2015-08-11 20:14 . 2015-08-12 18:04 -------- d-----r- C:\RavBin
2015-08-11 20:14 . 2015-08-11 20:12 91928 ------w- c:\windows\SysWow64\vpatch.dll
2015-08-11 19:51 . 2015-08-12 17:52 -------- d-----w- c:\program files\fchk32
2015-08-11 19:51 . 2015-08-11 19:51 -------- d-----w- c:\users\ředitel zeměgule\AppData\Local\OfficeSoftware
2015-08-11 19:29 . 2015-08-13 15:24 -------- d-----w- c:\program files (x86)\aa1fe301-d19b-4d30-b825-6a684f91bb7e
2015-08-11 19:25 . 2015-08-13 15:24 -------- d-----w- c:\program files (x86)\4dd84f07-4926-440a-917a-d30a4fb7bd6e
2015-08-11 19:18 . 2015-08-13 15:24 -------- d-----w- c:\program files (x86)\0a1cf6a2-e1e5-4962-8430-6a6e200ebbcb
2015-08-11 19:14 . 2015-08-11 19:14 -------- d-----w- c:\users\ředitel zeměgule\AppData\Local\5870
2015-08-11 19:09 . 2015-08-11 19:09 -------- d-----w- c:\programdata\EnobbQeubj
2015-08-11 19:08 . 2015-08-13 15:07 -------- d-----w- c:\users\ředitel zeměgule\AppData\Local\20F07F97-1439327335-DE11-8A54-001DBAB44A6A
2015-08-11 19:07 . 2015-08-13 15:24 -------- d-----w- c:\program files (x86)\7954a41b-39c6-4226-9783-17ee0f52ceba
2015-08-11 19:06 . 2015-08-13 15:24 -------- d-----w- c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A
2015-08-11 19:05 . 2015-08-13 15:24 -------- d-----w- c:\program files (x86)\b6cc628e-249b-407f-9ed2-bdb4dd248a00
2015-08-11 18:57 . 2015-08-13 15:24 -------- d-----w- c:\program files (x86)\100e225e-5822-4502-a1f7-a89bfc77e287
2015-08-11 18:54 . 2015-08-11 18:54 -------- d-----w- C:\sohucache
2015-08-11 18:54 . 2015-08-11 18:54 -------- d-----w- C:\SHDownload
2015-08-11 18:54 . 2015-08-11 18:54 -------- d-----w- c:\users\ředitel zeměgule\AppData\Local\Temp?
2015-08-11 18:53 . 2015-08-12 18:07 -------- d-----w- c:\programdata\Rising
2015-08-11 18:53 . 2015-08-12 18:07 -------- d-----w- c:\program files (x86)\Rising
2015-08-11 18:52 . 2015-08-11 19:06 -------- d-----w- c:\program files (x86)\fr
2015-08-11 18:20 . 2015-07-01 16:04 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2C574CCA-A8F0-403B-90E9-06010BC67B29}\gapaengine.dll
2015-08-11 18:19 . 2015-07-15 01:12 12222168 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CA57D618-BF9D-4BC7-9BFF-E31970D9E078}\mpengine.dll
2015-08-10 14:42 . 2015-07-15 01:12 12222168 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-08-08 21:43 . 2015-08-08 21:43 -------- d-----w- c:\users\ředitel zeměgule\AppData\Local\CEF
2015-08-08 21:43 . 2015-08-08 21:43 449780 ----a-w- c:\users\snapshot_blob.bin
2015-08-08 21:43 . 2015-08-08 21:43 410937 ----a-w- c:\users\natives_blob.bin
2015-07-18 19:15 . 2015-06-20 19:49 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2015-07-18 19:14 . 2015-06-09 18:03 3180544 ----a-w- c:\windows\system32\rdpcorets.dll
2015-07-18 19:13 . 2015-07-09 17:58 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-07-18 19:13 . 2015-07-09 17:58 765440 ----a-w- c:\windows\system32\invagent.dll
2015-07-18 19:13 . 2015-07-09 17:58 1085440 ----a-w- c:\windows\system32\appraiser.dll
2015-07-18 19:13 . 2015-07-09 17:50 1145856 ----a-w- c:\windows\system32\aeinv.dll
2015-07-18 19:13 . 2015-07-09 17:59 17856 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-07-18 19:13 . 2015-07-09 17:58 433664 ----a-w- c:\windows\system32\devinv.dll
2015-07-18 19:13 . 2015-07-09 17:58 67584 ----a-w- c:\windows\system32\acmigration.dll
2015-07-18 19:13 . 2015-07-09 17:58 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-07-18 19:07 . 2015-07-03 16:52 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-07-18 19:07 . 2015-07-03 18:05 41984 ----a-w- c:\windows\system32\lpk.dll
2015-07-18 19:07 . 2015-07-03 18:05 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-07-18 19:07 . 2015-07-03 18:05 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-07-18 19:07 . 2015-07-03 18:05 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-07-18 19:07 . 2015-07-03 17:56 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-07-18 19:07 . 2015-07-03 17:56 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-07-18 19:07 . 2015-07-03 17:56 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-07-18 19:07 . 2015-07-03 17:55 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-07-18 19:07 . 2015-07-03 16:42 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-08-11 17:21 . 2015-02-07 15:01 778440 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-08-11 17:21 . 2015-02-07 15:01 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-08-08 21:43 . 2015-05-26 17:16 73272 ----a-w- c:\users\wow_helper.exe
2015-08-08 21:43 . 2015-05-26 17:16 45066808 ----a-w- c:\users\libcef.dll
2015-08-08 21:43 . 2015-05-26 17:16 1649208 ----a-w- c:\users\libGLESv2.dll
2015-08-08 21:43 . 2015-05-26 17:16 967736 ----a-w- c:\users\ffmpegsumo.dll
2015-08-08 21:43 . 2015-05-26 17:16 80952 ----a-w- c:\users\libEGL.dll
2015-08-08 21:43 . 2015-05-26 17:16 3457592 ----a-w- c:\users\d3dcompiler_47.dll
2015-08-08 21:43 . 2015-05-26 17:16 2106424 ----a-w- c:\users\d3dcompiler_43.dll
2015-08-08 21:43 . 2015-05-26 17:16 2018360 ----a-w- c:\users\SpotifyWebHelper.exe
2015-08-08 21:43 . 2015-05-26 17:16 98360 ----a-w- c:\users\SpotifyLauncher.exe
2015-08-08 21:43 . 2015-05-26 17:16 838712 ----a-w- c:\users\SpotifyCrashService.exe
2015-08-08 21:43 . 2015-05-26 17:16 7675448 ----a-w- c:\users\Spotify.exe
2015-07-05 10:08 . 2010-11-21 03:27 300704 ------w- c:\windows\system32\MpSigStub.exe
2015-07-03 06:43 . 2014-12-13 13:28 130333168 ----a-w- c:\windows\system32\MRT.exe
2015-07-01 20:49 . 2015-07-18 19:15 342016 ----a-w- c:\windows\system32\schannel.dll
2015-07-01 20:30 . 2015-07-18 19:15 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-07-01 16:04 . 2014-12-18 18:42 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-06-23 23:29 . 2015-06-23 23:29 1217192 ----a-w- c:\windows\SysWow64\FM20.DLL
2015-05-25 18:24 . 2015-06-10 18:41 5569984 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-05-25 18:21 . 2015-06-10 18:41 1728960 ----a-w- c:\windows\system32\ntdll.dll
2015-05-25 18:19 . 2015-06-10 18:41 243712 ----a-w- c:\windows\system32\wow64.dll
2015-05-25 18:19 . 2015-06-10 18:41 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-05-25 18:19 . 2015-06-10 18:41 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2015-05-25 18:19 . 2015-06-10 18:41 215040 ----a-w- c:\windows\system32\winsrv.dll
2015-05-25 18:19 . 2015-06-10 18:41 1255424 ----a-w- c:\windows\system32\diagtrack.dll
2015-05-25 18:19 . 2015-06-10 18:41 879104 ----a-w- c:\windows\system32\tdh.dll
2015-05-25 18:19 . 2015-06-10 18:41 503808 ----a-w- c:\windows\system32\srcore.dll
2015-05-25 18:19 . 2015-06-10 18:41 113664 ----a-w- c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-10 18:41 50176 ----a-w- c:\windows\system32\srclient.dll
2015-05-25 18:19 . 2015-06-10 18:41 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2015-05-25 18:19 . 2015-06-10 18:41 424960 ----a-w- c:\windows\system32\KernelBase.dll
2015-05-25 18:19 . 2015-06-10 18:41 1162752 ----a-w- c:\windows\system32\kernel32.dll
2015-05-25 18:18 . 2015-06-10 18:41 43520 ----a-w- c:\windows\system32\csrsrv.dll
2015-05-25 18:18 . 2015-06-10 18:41 879104 ----a-w- c:\windows\system32\advapi32.dll
2015-05-25 18:18 . 2015-06-10 18:41 404992 ----a-w- c:\windows\system32\tracerpt.exe
2015-05-25 18:18 . 2015-06-10 18:41 47104 ----a-w- c:\windows\system32\typeperf.exe
2015-05-25 18:18 . 2015-06-10 18:41 112640 ----a-w- c:\windows\system32\smss.exe
2015-05-25 18:18 . 2015-06-10 18:41 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-05-25 18:18 . 2015-06-10 18:41 43008 ----a-w- c:\windows\system32\relog.exe
2015-05-25 18:18 . 2015-06-10 18:41 104448 ----a-w- c:\windows\system32\logman.exe
2015-05-25 18:18 . 2015-06-10 18:41 19456 ----a-w- c:\windows\system32\diskperf.exe
2015-05-25 18:18 . 2015-06-10 18:41 338432 ----a-w- c:\windows\system32\conhost.exe
2015-05-25 18:11 . 2015-06-10 18:41 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-05-25 18:11 . 2015-06-10 18:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-25 18:07 . 2015-06-10 18:41 3989440 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-05-25 18:07 . 2015-06-10 18:41 3934144 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-05-25 18:04 . 2015-06-10 18:41 1310744 ----a-w- c:\windows\SysWow64\ntdll.dll
2015-05-25 18:01 . 2015-06-10 18:41 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2015-05-25 18:01 . 2015-06-10 18:41 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-05-25 18:01 . 2015-06-10 18:41 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-05-25 18:01 . 2015-06-10 18:41 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2015-05-25 18:01 . 2015-06-10 18:41 641536 ----a-w- c:\windows\SysWow64\advapi32.dll
2015-05-25 18:01 . 2015-06-10 18:41 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-25 18:00 . 2015-06-10 18:41 40448 ----a-w- c:\windows\SysWow64\typeperf.exe
2015-05-25 18:00 . 2015-06-10 18:41 364544 ----a-w- c:\windows\SysWow64\tracerpt.exe
2015-05-25 18:00 . 2015-06-10 18:41 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2015-05-25 18:00 . 2015-06-10 18:41 37888 ----a-w- c:\windows\SysWow64\relog.exe
2015-05-25 18:00 . 2015-06-10 18:41 82944 ----a-w- c:\windows\SysWow64\logman.exe
2015-05-25 18:00 . 2015-06-10 18:41 17408 ----a-w- c:\windows\SysWow64\diskperf.exe
2015-05-25 17:59 . 2015-06-10 18:41 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2015-05-25 17:59 . 2015-06-10 18:41 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2015-05-25 17:55 . 2015-06-10 18:41 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 18:41 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 18:41 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 18:41 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 18:41 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 18:41 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 18:41 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 18:41 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 17:55 . 2015-06-10 18:41 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CursorFX"="c:\program files (x86)\Stardock\CursorFX\CursorFX.exe" [2012-05-10 432784]
"Spotify Web Helper"="c:\users\ředitel zeměgule\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-08-08 2018360]
"Spotify"="c:\users\ředitel zeměgule\AppData\Roaming\Spotify\Spotify.exe" [2015-08-08 7675448]
"Adobe Acrobat Synchronizer"="c:\program files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" [2015-07-03 876728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe" [2015-07-03 1855672]
.
c:\users\ředitel zeměgule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\programdata\ExtTag\xqshilrs.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 comyninu;Wire Professional Version;c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\hnsuE285.tmp;c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\hnsuE285.tmp [x]
R2 divunyvi;Edit Chatroom;c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\knsj379E.tmpfs;c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\knsj379E.tmpfs [x]
R2 ExtTag;ExtTag service;c:\programdata\ExtTag\ExtTag;c:\programdata\ExtTag\ExtTag [x]
R2 fchk32;Check Service;c:\program files\fchk32\fchk32.exe;c:\program files\fchk32\fchk32.exe [x]
R2 gopibeko;Kerning Down;c:\users\ředitel zeměgule\AppData\Local\20F07F97-1439327335-DE11-8A54-001DBAB44A6A\snsf5EF5.tmp;c:\users\ředitel zeměgule\AppData\Local\20F07F97-1439327335-DE11-8A54-001DBAB44A6A\snsf5EF5.tmp [x]
R2 hyverumu;Key In Bold Italic;c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\jnsoBF0B.tmp;c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\jnsoBF0B.tmp [x]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 andnetadb;ADB Interface DriverNet;c:\windows\system32\Drivers\lgandnetadb.sys;c:\windows\SYSNATIVE\Drivers\lgandnetadb.sys [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]
R3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;c:\windows\system32\DRIVERS\lgandnetndis64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetndis64.sys [x]
R3 CLVirtualBus01;CyberLink Virtual CDROM Bus Enumerator;c:\windows\system32\DRIVERS\CLVirtualBus01.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualBus01.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 Origin Client Service;Origin Client Service;d:\autorun.exe\OriginClientService.exe;d:\autorun.exe\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys;c:\windows\SYSNATIVE\drivers\iaStorF.sys [x]
S2 cyiprumbii;cyiprumbii;c:\programdata\EnobbQeubj\tydeacuz.exe;c:\programdata\EnobbQeubj\tydeacuz.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 msvcp110_clr0400;Office Software Protection Platform32;c:\users\ředitel zeměgule\AppData\Local\OfficeSoftware\office.exe;c:\users\ředitel zeměgule\AppData\Local\OfficeSoftware\office.exe [x]
S2 neuucpe;neuucpe;c:\programdata\EnobbQeubj\tydewcuz.exe;c:\programdata\EnobbQeubj\tydewcuz.exe [x]
S2 RsMgrSvc;Rsd Service;c:\program files (x86)\Rising\RSD\RsMgrSvc.exe;c:\program files (x86)\Rising\RSD\RsMgrSvc.exe [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys;c:\windows\SYSNATIVE\DRIVERS\SFEP.sys [x]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
S3 yukonw7;Ovladač NDIS6.2 Miniport pro řadič Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components]
2015-08-13 15:04 913408 ----a-w- c:\program files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-08-13 14:46 995144 ----a-w- c:\program files (x86)\Google\Chrome\Application\44.0.2403.155\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-08-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-07 17:21]
.
2015-08-13 c:\windows\Tasks\Crossbrowse.job
- c:\program files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe [2015-08-13 14:48]
.
2015-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-12 19:23]
.
2015-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-12-12 19:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-04-29 1337000]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2015-03-30 500936]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\programdata\ExtTag\4soezomp.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.mystartsearch.com/?type=hp&ts=14394 ... JD0S303356
mDefault_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
mDefault_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=14394 ... JD0S303356
mStart Page = hxxp://www.mystartsearch.com/?type=hp&ts=14394 ... JD0S303356
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 77.242.95.3 81.200.55.34
TCP: Interfaces\{2F3BE044-211A-4473-9C80-71DCDC2895B6}: NameServer = 52.18.92.32,8.8.8.8
TCP: Interfaces\{6450CD05-DAB5-4E1D-8460-615A8A9FE5CF}: NameServer = 52.18.92.32
TCP: Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 52.18.92.32,8.8.8.8
TCP: Interfaces\{C2CADB5E-E5F6-450C-983E-CC3B9AE8BB96}: NameServer = 52.17.204.69,8.8.8.8
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-{5FDF93AE-5D15-4732-8AB0-91FF1C252AF3} - (no file)
Wow6432Node-HKCU-Run-GoogleChromeAutoLaunch_864B8F1CCA062B9CB51271D03A5B923D - c:\program files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
c:\users\ředitel zeměgule\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk - c:\program files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
Toolbar-{5FDF93AE-5D15-4732-8AB0-91FF1C252AF3} - (no file)
AddRemove-{470314DD-7F92-4781-9BD7-9F0169AECC91} - c:\users\ředitel zeměgule\AppData\Local\TNT2\2.0.0.1995\TNT2User.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\comyninu]
"ImagePath"="c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\hnsuE285.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\divunyvi]
"ImagePath"="c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\knsj379E.tmpfs"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ExtTag]
"ImagePath"="c:\programdata\ExtTag\ExtTag"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\gopibeko]
"ImagePath"="c:\users\ředitel zeměgule\AppData\Local\20F07F97-1439327335-DE11-8A54-001DBAB44A6A\snsf5EF5.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\hyverumu]
"ImagePath"="c:\program files (x86)\20F07F97-1439319967-DE11-8A54-001DBAB44A6A\jnsoBF0B.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-08-13 17:29:46
ComboFix-quarantined-files.txt 2015-08-13 15:29
.
Před spuštěním: Volných bajtů: 35 558 268 928
Po spuštění: Volných bajtů: 35 190 845 440
.
- - End Of File - - 6A9074455DF866D5155A5B51B744B5BD
A36C5E4F47E84449FF07ED3517B43A31
Re: Problém s websearch
# AdwCleaner v5.000 - Logfile created 15/08/2015 at 12:20:11
# Updated 14/08/2015 by Xplode
# Database : 2015-08-14.3 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : ředitel zeměgule - ŘEDITELZEMĚGULE
# Running from : C:\Users\ředitel zeměgule\Desktop\adwcleaner_5.000.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\ProgramData\{b6faa326-e1ac-bc20-b6fa-aa326e1a8c9b}
***** [ Files ] *****
[-] File Deleted : C:\Users\ředitel zeměgule\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\akaelkiagnbfcccfnmbimdbplecgbikh
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE
***** [ Web browsers ] *****
[-] [C:\Users\ředitel zeměgule\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted :
[-] [C:\Users\ředitel zeměgule\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.seznam.cz/","hxxp://www.google.com" ... seznam.cz/
*************************
:: Proxy settings cleared
:: Winsock settings cleared
*************************
C:\AdwCleaner[C10].txt - [2044 octets] - [15/08/2015 12:20:11]
C:\AdwCleaner[S12].txt - [8060 octets] - [15/08/2015 12:16:31]
C:\AdwCleaner[S13].txt - [8124 octets] - [15/08/2015 12:18:55]
########## EOF - C:\AdwCleaner[C10].txt - [2236 octets] ##########
# Updated 14/08/2015 by Xplode
# Database : 2015-08-14.3 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : ředitel zeměgule - ŘEDITELZEMĚGULE
# Running from : C:\Users\ředitel zeměgule\Desktop\adwcleaner_5.000.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\ProgramData\{b6faa326-e1ac-bc20-b6fa-aa326e1a8c9b}
***** [ Files ] *****
[-] File Deleted : C:\Users\ředitel zeměgule\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\akaelkiagnbfcccfnmbimdbplecgbikh
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE
***** [ Web browsers ] *****
[-] [C:\Users\ředitel zeměgule\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted :
[-] [C:\Users\ředitel zeměgule\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.seznam.cz/","hxxp://www.google.com" ... seznam.cz/
*************************
:: Proxy settings cleared
:: Winsock settings cleared
*************************
C:\AdwCleaner[C10].txt - [2044 octets] - [15/08/2015 12:20:11]
C:\AdwCleaner[S12].txt - [8060 octets] - [15/08/2015 12:16:31]
C:\AdwCleaner[S13].txt - [8124 octets] - [15/08/2015 12:18:55]
########## EOF - C:\AdwCleaner[C10].txt - [2236 octets] ##########
Re: Problém s websearch
Postupujte podle navodu kolegy
vyosek píše:
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Postupujte podle navodu kolegy
vyosek píše:
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; autoclean; resethosts; emptyclsid; IEdefaults; FFdefaults; CHRdefaults; emptyIEcache; emptyFFcache; emptyCHRcache; emptyalltemp; emptyflash; emptyjava; emptyrecycle.bin;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Problém s websearch
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.6 (08.10.2015:1)
OS: Windows 7 Professional x64
Ran by ýeditel zemŘgule on so 15.08.2015 at 21:13:20,27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{5FDF93AE-5D15-4732-8AB0-91FF1C252AF3}
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3A1271DB-3264-4809-ACBC-C3EA8DD80812}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
~~~ Files
Successfully deleted: [File] C:\Users\ýeditel zemŘgule\AppData\Roaming\appdataFr3.bin
Successfully deleted: [File] C:\Users\ýeditel zemŘgule\Appdata\Local\google\chrome\user data\default\local storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage
~~~ Folders
Successfully deleted: [Folder] C:\Program Files (x86)\systemcontinue
Successfully deleted: [Folder] C:\Users\ýeditel zemŘgule\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Users\ýeditel zemŘgule\Appdata\Local\fileviewpro
Successfully deleted: [Folder] C:\Users\ýeditel zemŘgule\AppData\Roaming\software informer
Successfully deleted: [Folder] C:\Users\ýeditel zemŘgule\AppData\Roaming\solvusoft
Successfully deleted: [Folder] C:\Users\ýeditel zemŘgule\Appdata\Local\5870
~~~ Chrome
[C:\Users\ýeditel zemŘgule\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\ýeditel zemŘgule\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\ýeditel zemŘgule\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\ýeditel zemŘgule\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
dkmjljdbbgogihjcapfhgkonfmccbffp,
ljefoakgfhcoeobgicjgejglnpfpemgb
]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 15.08.2015 at 21:18:17,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.6 (08.10.2015:1)
OS: Windows 7 Professional x64
Ran by ýeditel zemŘgule on so 15.08.2015 at 21:13:20,27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{5FDF93AE-5D15-4732-8AB0-91FF1C252AF3}
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3A1271DB-3264-4809-ACBC-C3EA8DD80812}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
~~~ Files
Successfully deleted: [File] C:\Users\ýeditel zemŘgule\AppData\Roaming\appdataFr3.bin
Successfully deleted: [File] C:\Users\ýeditel zemŘgule\Appdata\Local\google\chrome\user data\default\local storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage
~~~ Folders
Successfully deleted: [Folder] C:\Program Files (x86)\systemcontinue
Successfully deleted: [Folder] C:\Users\ýeditel zemŘgule\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Users\ýeditel zemŘgule\Appdata\Local\fileviewpro
Successfully deleted: [Folder] C:\Users\ýeditel zemŘgule\AppData\Roaming\software informer
Successfully deleted: [Folder] C:\Users\ýeditel zemŘgule\AppData\Roaming\solvusoft
Successfully deleted: [Folder] C:\Users\ýeditel zemŘgule\Appdata\Local\5870
~~~ Chrome
[C:\Users\ýeditel zemŘgule\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\ýeditel zemŘgule\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\ýeditel zemŘgule\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\ýeditel zemŘgule\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
dkmjljdbbgogihjcapfhgkonfmccbffp,
ljefoakgfhcoeobgicjgejglnpfpemgb
]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 15.08.2015 at 21:18:17,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: Problém s websearch
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by ýeditel zemŘgule on so 15.08.2015 at 21:40:50,76.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\EDITEL~1\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
15.8.2015 21:46:37 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\0a1cf6a2-e1e5-4962-8430-6a6e200ebbcb deleted successfully
C:\PROGRA~2\100e225e-5822-4502-a1f7-a89bfc77e287 deleted successfully
C:\PROGRA~2\3a58163c-3d2c-42a8-a1aa-cbb27e054e96 deleted successfully
C:\PROGRA~2\4dd84f07-4926-440a-917a-d30a4fb7bd6e deleted successfully
C:\PROGRA~2\4f7ac617-c4f3-4ea1-b96c-533cf61c59e5 deleted successfully
C:\PROGRA~2\7954a41b-39c6-4226-9783-17ee0f52ceba deleted successfully
C:\PROGRA~2\985b3ae0-83a6-46d2-8544-21b958efd07d deleted successfully
C:\PROGRA~2\aa1fe301-d19b-4d30-b825-6a684f91bb7e deleted successfully
C:\PROGRA~2\abaed82f-f647-417e-8d9d-02dae98d42b5 deleted successfully
C:\PROGRA~2\b6cc628e-249b-407f-9ed2-bdb4dd248a00 deleted successfully
C:\PROGRA~2\cce98bbb-5151-42aa-9461-de1d152a01b3 deleted successfully
C:\PROGRA~2\f2311a56-455c-4123-8ed6-3d1aebad8836 deleted successfully
C:\PROGRA~2\fr deleted successfully
C:\PROGRA~2\SDA deleted successfully
C:\PROGRA~2\SmartPack deleted successfully
C:\PROGRA~2\stinger deleted successfully
C:\Users\EDITEL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\SmartPack deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\\LocalLow deleted successfully
C:\Users\ýeditel zemŘgule\AppData\Local\AutoSoftware deleted successfully
C:\Users\ýeditel zemŘgule\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\ýeditel zemŘgule\AppData\Local\EmieSiteList deleted successfully
C:\Users\ýeditel zemŘgule\AppData\Local\EmieUserList deleted successfully
C:\Users\ýeditel zemŘgule\AppData\Local\F37ED97-4AD1-4675-8EDE-B8D92060349C deleted successfully
C:\Users\ýeditel zemŘgule\AppData\Local\Opera Software deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\CrashDumps deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-1810551528-985197754-2082368445-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{5FDF93AE-5D15-4732-8AB0-91FF1C252AF3} deleted successfully
HKEY_USERS\S-1-5-21-1810551528-985197754-2082368445-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{82A76710-4F98-4957-92BE-99648A4E2475} deleted successfully
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\0a1cf6a2-e1e5-4962-8430-6a6e200ebbcb not found
C:\PROGRA~2\100e225e-5822-4502-a1f7-a89bfc77e287 not found
C:\PROGRA~2\3a58163c-3d2c-42a8-a1aa-cbb27e054e96 not found
C:\PROGRA~2\4dd84f07-4926-440a-917a-d30a4fb7bd6e not found
C:\PROGRA~2\4f7ac617-c4f3-4ea1-b96c-533cf61c59e5 not found
C:\PROGRA~2\7954a41b-39c6-4226-9783-17ee0f52ceba not found
C:\PROGRA~2\985b3ae0-83a6-46d2-8544-21b958efd07d not found
C:\PROGRA~2\aa1fe301-d19b-4d30-b825-6a684f91bb7e not found
C:\PROGRA~2\abaed82f-f647-417e-8d9d-02dae98d42b5 not found
C:\PROGRA~2\b6cc628e-249b-407f-9ed2-bdb4dd248a00 not found
C:\PROGRA~2\cce98bbb-5151-42aa-9461-de1d152a01b3 not found
C:\PROGRA~2\f2311a56-455c-4123-8ed6-3d1aebad8836 not found
C:\PROGRA~2\fr not found
C:\PROGRA~2\SDA not found
C:\PROGRA~2\SmartPack not found
C:\PROGRA~2\stinger not found
C:\Users\ředitel zeměgule\.android not found
C:\task.vbs deleted
C:\PROGRA~3\Package Cache deleted
C:\Windows\SysNative\roboot64.exe deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\EDITEL~1\Desktop\CyberLink_Power2Go_Downloader.exe deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"web2pdfextension@web2pdf.adobedotcom"="C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn" [22.06.2015 20:43]
==== Fake Chromium Profiles Check ======================
Fake profile C:\Users\ředitel zeměgule\AppData\Local\Google\Chrome deleted
==== Chromium Look ======================
Google Chrome Version: 44.0.2403.155
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
ommdhdklpcakkienhhoidoobndjceljn - No path found[]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{99A3D741-21EF-4062-8449-704F57793388}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"
{397F97B1-A2A2-4EA7-B4ED-841B809C789B} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_16194"
{99A3D741-21EF-4062-8449-704F57793388} Google Url="https://www.google.com/search?q={searchTerms}"
==== Reset Google Chrome ======================
Nothing found to reset
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fr deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Linkey deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Linkeyx64 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeznamInstall-uninstall:89d90d3ab3e4f4ba66602deef7d27646 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YTDownloader deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ředitel zeměgule\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ředitel zeměgule\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\EDITEL~2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=19 folders=18 14919968 bytes)
==== Empty Temp Folders ======================
C:\Users\Apps\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\locales\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\ředitel zeměgule\AppData\Local\Temp emptied successfully
C:\Users\EDITEL~2\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\EDITEL~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on so 15.08.2015 at 22:17:40,11 ======================
Tool run by ýeditel zemŘgule on so 15.08.2015 at 21:40:50,76.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\EDITEL~1\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
15.8.2015 21:46:37 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\0a1cf6a2-e1e5-4962-8430-6a6e200ebbcb deleted successfully
C:\PROGRA~2\100e225e-5822-4502-a1f7-a89bfc77e287 deleted successfully
C:\PROGRA~2\3a58163c-3d2c-42a8-a1aa-cbb27e054e96 deleted successfully
C:\PROGRA~2\4dd84f07-4926-440a-917a-d30a4fb7bd6e deleted successfully
C:\PROGRA~2\4f7ac617-c4f3-4ea1-b96c-533cf61c59e5 deleted successfully
C:\PROGRA~2\7954a41b-39c6-4226-9783-17ee0f52ceba deleted successfully
C:\PROGRA~2\985b3ae0-83a6-46d2-8544-21b958efd07d deleted successfully
C:\PROGRA~2\aa1fe301-d19b-4d30-b825-6a684f91bb7e deleted successfully
C:\PROGRA~2\abaed82f-f647-417e-8d9d-02dae98d42b5 deleted successfully
C:\PROGRA~2\b6cc628e-249b-407f-9ed2-bdb4dd248a00 deleted successfully
C:\PROGRA~2\cce98bbb-5151-42aa-9461-de1d152a01b3 deleted successfully
C:\PROGRA~2\f2311a56-455c-4123-8ed6-3d1aebad8836 deleted successfully
C:\PROGRA~2\fr deleted successfully
C:\PROGRA~2\SDA deleted successfully
C:\PROGRA~2\SmartPack deleted successfully
C:\PROGRA~2\stinger deleted successfully
C:\Users\EDITEL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\SmartPack deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\\LocalLow deleted successfully
C:\Users\ýeditel zemŘgule\AppData\Local\AutoSoftware deleted successfully
C:\Users\ýeditel zemŘgule\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\ýeditel zemŘgule\AppData\Local\EmieSiteList deleted successfully
C:\Users\ýeditel zemŘgule\AppData\Local\EmieUserList deleted successfully
C:\Users\ýeditel zemŘgule\AppData\Local\F37ED97-4AD1-4675-8EDE-B8D92060349C deleted successfully
C:\Users\ýeditel zemŘgule\AppData\Local\Opera Software deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\CrashDumps deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-1810551528-985197754-2082368445-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{5FDF93AE-5D15-4732-8AB0-91FF1C252AF3} deleted successfully
HKEY_USERS\S-1-5-21-1810551528-985197754-2082368445-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{82A76710-4F98-4957-92BE-99648A4E2475} deleted successfully
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\0a1cf6a2-e1e5-4962-8430-6a6e200ebbcb not found
C:\PROGRA~2\100e225e-5822-4502-a1f7-a89bfc77e287 not found
C:\PROGRA~2\3a58163c-3d2c-42a8-a1aa-cbb27e054e96 not found
C:\PROGRA~2\4dd84f07-4926-440a-917a-d30a4fb7bd6e not found
C:\PROGRA~2\4f7ac617-c4f3-4ea1-b96c-533cf61c59e5 not found
C:\PROGRA~2\7954a41b-39c6-4226-9783-17ee0f52ceba not found
C:\PROGRA~2\985b3ae0-83a6-46d2-8544-21b958efd07d not found
C:\PROGRA~2\aa1fe301-d19b-4d30-b825-6a684f91bb7e not found
C:\PROGRA~2\abaed82f-f647-417e-8d9d-02dae98d42b5 not found
C:\PROGRA~2\b6cc628e-249b-407f-9ed2-bdb4dd248a00 not found
C:\PROGRA~2\cce98bbb-5151-42aa-9461-de1d152a01b3 not found
C:\PROGRA~2\f2311a56-455c-4123-8ed6-3d1aebad8836 not found
C:\PROGRA~2\fr not found
C:\PROGRA~2\SDA not found
C:\PROGRA~2\SmartPack not found
C:\PROGRA~2\stinger not found
C:\Users\ředitel zeměgule\.android not found
C:\task.vbs deleted
C:\PROGRA~3\Package Cache deleted
C:\Windows\SysNative\roboot64.exe deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\EDITEL~1\Desktop\CyberLink_Power2Go_Downloader.exe deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"web2pdfextension@web2pdf.adobedotcom"="C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn" [22.06.2015 20:43]
==== Fake Chromium Profiles Check ======================
Fake profile C:\Users\ředitel zeměgule\AppData\Local\Google\Chrome deleted
==== Chromium Look ======================
Google Chrome Version: 44.0.2403.155
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
ommdhdklpcakkienhhoidoobndjceljn - No path found[]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{99A3D741-21EF-4062-8449-704F57793388}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"
{397F97B1-A2A2-4EA7-B4ED-841B809C789B} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_16194"
{99A3D741-21EF-4062-8449-704F57793388} Google Url="https://www.google.com/search?q={searchTerms}"
==== Reset Google Chrome ======================
Nothing found to reset
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fr deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Linkey deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Linkeyx64 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeznamInstall-uninstall:89d90d3ab3e4f4ba66602deef7d27646 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YTDownloader deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ředitel zeměgule\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ředitel zeměgule\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\EDITEL~2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=19 folders=18 14919968 bytes)
==== Empty Temp Folders ======================
C:\Users\Apps\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\locales\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\ředitel zeměgule\AppData\Local\Temp emptied successfully
C:\Users\EDITEL~2\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\EDITEL~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on so 15.08.2015 at 22:17:40,11 ======================
Re: Problém s websearch
Fajn, tak jeste ten MBAM a podle vysledku se zaridime dale
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Problém s websearch
již je to o.k.,ale nedaří se mi vytvořit ten log z MBAM, ke konci se mi hryzne ntb. Ale to mi dělalo i předtím, prý asi disk. 
moc díky za pomoc. Hvala
moc díky za pomoc. Hvala
Re: Problém s websearch
Koukneme na disk
Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Taky by bylo dobre to docistit. I kdyz treba problemy zmizely, muze se to zase rychle vratit.
13.9. pro neaktivitu
http://forum.viry.cz/viewtopic.php?f=12&t=123975
Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Taky by bylo dobre to docistit. I kdyz treba problemy zmizely, muze se to zase rychle vratit.
13.9. pro neaktivitu
http://forum.viry.cz/viewtopic.php?f=12&t=123975Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?