Prosím o kontrolu s ohledem na to, že jsem měla počítač den bez funkčního antiviru, nyní už mám nainstalovaná Kasperskeho a dnes jsem otevřela stránku na netu s hláškou Policie ČR vás sleduje a s žádostí o zaplacení pokuty 2000 Kč.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Jirka at 2015-10-21 18:04:21
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 294 GB (68%) free of 430 GB
Total RAM: 4029 MB (20% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:04:29, on 21.10.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avpui.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\SpScreen.exe
C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\LibreOffice 5\program\swriter.exe
C:\Program Files (x86)\LibreOffice 5\program\soffice.exe
C:\Program Files (x86)\LibreOffice 5\program\soffice.bin
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Jirka.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Safe Money Plugin - {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
O4 - HKLM\..\Run: [MuteSync] C:\PROGRA~2\Lenovo\LENOVO~2\MuteSync.exe
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [MDS_Menu] "c:\Program Files (x86)\Lenovo\MediaShow\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Lenovo\MediaShow" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1"
O4 - HKLM\..\Run: [Lenovo SlideNav2] "C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe"
O4 - HKLM\..\Run: [UCam_Menu] "c:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Lenovo\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
O4 - HKLM\..\Run: [YouCam Mirror Tray icon] "c:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [Lenovo SplitScreen] "C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe"
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [RIM PeerManager] "C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1445410092
O4 - HKUS\S-1-5-18\..\RunOnce: [WLStart] "C:\Program Files (x86)\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [WLStart] "C:\Program Files (x86)\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Virtuální klávesnice - {5547CE1F-74E9-41E5-9CBF-5211ECC37341} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Služba Kaspersky Anti-Virus 15.0.2 (AVP15.0.2) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe
O23 - Service: BlackBerry Device Manager - BlackBerry Limited - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service: GalaxyService - GOG.com - C:\Program Files (x86)\GalaxyClient\GalaxyService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - c:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
O23 - Service: RIM MDNS - Apple Inc. - C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
O23 - Service: BlackBerry Link Communication Manager (RIM Tunnel Service) - BlackBerry Limited - C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Slidebar Notifier Service - Lenovo - C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 17569 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
winlogon.exe
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
atieclxx
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe" -r
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe"
C:\windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe"
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe" service
WLIDSvcM.exe 2516
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avpui.exe" -hidden
"C:\windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe"
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-23953251-c1b2-414a-8039-a5a81bf957d5 -SystemEventPortName:HostProcess-6b1724a6-d1d8-4e1f-a7f9-5048f4c61e4c -IoCancelEventPortName:HostProcess-a8afd892-2fd7-43b1-b5cb-58502c0cdc15 -NonStateChangingEventPortName:HostProcess-2a36f61a-124d-4f51-aaf0-11cdd0188293 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8384361f-0011-4731-82ca-fdc16cdcfc1a -DeviceGroupId:WpdFsGroup
C:\windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe" Utility_Window
"C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe"
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
"C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\USB Camera2\VM332_STI.EXE"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe"
"C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe"
KHALMNPR.EXE /API
"C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
"C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe"
"C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"
"C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe"
"C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe" Default
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" /logon
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\SpScreen.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
SpScreen64.exe 0
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Common Files\Research In Motion\nginx\\nginx.exe" -c "C:\Users\Jirka\AppData\Roaming\Research In Motion\BlackBerry 10 Desktop\RemoteAccess\nginx\conf\nginx.conf"
"C:\Program Files (x86)\Common Files\Research In Motion\nginx\\nginx.exe" -c "C:\Users\Jirka\AppData\Roaming\Research In Motion\BlackBerry 10 Desktop\RemoteAccess\nginx\conf\nginx.conf"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
\??\C:\windows\system32\conhost.exe "-309245561349955384-1606057030-1324168797-615189877-1632059722-1220524088363126706
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\splwow64.exe 8192
"C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE"
"C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe" /MainProcess 5636 /PrinterName "Canon MX720 series Printer" /ScannerName "Canon MX720 series Network" /Language cs-CZ /Startup
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\totalcmd\TOTALCMD.EXE"
"C:\Program Files (x86)\LibreOffice 5\program\swriter.exe" -o "C:\Dokumenty\______________FIRMA______________\04_PROJEKTY\Strakonice\Sádlík_přístřešek\plná moc_Sadlik.odt"
"C:\Program Files (x86)\LibreOffice 5\program\swriter.exe" -o "C:\Dokumenty\______________FIRMA______________\04_PROJEKTY\Strakonice\Sádlík_přístřešek\plná moc_Sadlik.odt" --writer
"C:\Program Files (x86)\LibreOffice 5\program\swriter.exe" "-o" "C:\Dokumenty\______________FIRMA______________\04_PROJEKTY\Strakonice\Sádlík_přístřešek\plná moc_Sadlik.odt" "--writer" "-env:OOO_CWD=2c:\\Dokumenty\\______________FIRMA______________\\04_PROJEKTY\\Strakonice\\Sádlík_přístřešek"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4344.0.1214573620\889158549" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,20,45 --gpu-vendor-id=0x1002 --gpu-device-id=0x68c0 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.683.3.1000 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Conservative/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Control/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4344.3.17218680\1649038104" --font-cache-shared-handle=3576 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AppBannerTriggering/Conservative/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Control/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4344.4.286870456\1964015148" --font-cache-shared-handle=4180 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AppBannerTriggering/Conservative/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Control/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4344.5.1564631014\335564036" --font-cache-shared-handle=4108 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AppBannerTriggering/Conservative/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Control/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4344.6.259092957\274537399" --font-cache-shared-handle=4868 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AppBannerTriggering/Conservative/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Control/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4344.7.2018176268\365293146" --font-cache-shared-handle=5516 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AppBannerTriggering/Conservative/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Control/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4344.8.1629069047\1715065590" --font-cache-shared-handle=5292 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AppBannerTriggering/Conservative/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Control/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4344.9.1768427566\23670968" --font-cache-shared-handle=6440 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AppBannerTriggering/Conservative/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Control/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4344.10.432212908\1977670488" --font-cache-shared-handle=6548 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AppBannerTriggering/Conservative/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Control/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4344.11.326564744\767226687" --font-cache-shared-handle=6708 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AppBannerTriggering/Conservative/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Control/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4344.12.1174922667\729153834" --font-cache-shared-handle=3220 /prefetch:673131151
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\sppsvc.exe
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe17_ Global\UsGthrCtrlFltPipeMssGthrPipe17 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 536 540 548 65536 544
"C:\Users\Jirka\Downloads\RSITx64 (2).exe"
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2249021379-2990354348-808532824-100318_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2249021379-2990354348-808532824-100318 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
======Scheduled tasks folder======
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23 209504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93BC2EA7-2F17-4729-948A-D2E03FFB2412}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB379017-4C03-4E00-8EDF-E6D6AF7CCF82}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19 433944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-03-10 79240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23 176736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-11 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93BC2EA7-2F17-4729-948A-D2E03FFB2412}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB379017-4C03-4E00-8EDF-E6D6AF7CCF82}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19 364824]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-11 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23 6141528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23 4445272]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-01-29 10038304]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-01-29 877600]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-01-07 1894696]
"SynBtnAsst"=C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe [2010-01-07 54568]
"OnekeyStudio"=C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [2009-12-19 776608]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [2010-03-11 4448704]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2010-03-11 7056832]
"Windows Mobile Device Center"=C:\windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2014-05-19 3100440]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2014-03-13 779776]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Adobe Speed Launcher"=1445410092 []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2009-11-20 284696]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-03-03 98304]
"332BigDog"=C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [2009-09-15 536576]
"MuteSync"=C:\PROGRA~2\Lenovo\LENOVO~2\MuteSync.exe [2009-12-28 336384]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]
"MDS_Menu"=c:\Program Files (x86)\Lenovo\MediaShow\MUITransfer\MUIStartMenu.exe [2009-02-25 218408]
"Lenovo SlideNav2"=C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe [2009-12-30 318400]
"UCam_Menu"=c:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"YouCam Mirror Tray icon"=c:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2010-02-04 167008]
"VeriFaceManager"=C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [2010-04-21 3122528]
"Lenovo SplitScreen"=C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe [2010-01-26 779104]
"RIMBBLaunchAgent.exe"=C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2014-09-03 443640]
"RIM PeerManager"=C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [2014-09-15 4836088]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2014-11-08 1298504]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2012-08-31 452272]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2014-03-25 66328]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe"="C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe"="C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2015-10-21 18:04:21 ----D---- C:\rsit
2015-10-15 13:38:57 ----A---- C:\windows\system32\invagent.dll
2015-10-15 13:38:57 ----A---- C:\windows\system32\generaltel.dll
2015-10-15 13:38:57 ----A---- C:\windows\system32\devinv.dll
2015-10-15 13:38:57 ----A---- C:\windows\system32\CompatTelRunner.exe
2015-10-15 13:38:57 ----A---- C:\windows\system32\appraiser.dll
2015-10-15 13:38:57 ----A---- C:\windows\system32\aeinv.dll
2015-10-15 13:38:57 ----A---- C:\windows\system32\acmigration.dll
2015-10-15 12:06:44 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2015-10-15 12:06:44 ----A---- C:\windows\system32\ieetwcollector.exe
2015-10-15 12:06:43 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2015-10-15 12:06:43 ----A---- C:\windows\system32\ieetwproxystub.dll
2015-10-15 12:06:42 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2015-10-15 12:06:41 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-10-15 12:06:41 ----A---- C:\windows\SYSWOW64\occache.dll
2015-10-15 12:06:41 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2015-10-15 12:06:41 ----A---- C:\windows\system32\iernonce.dll
2015-10-15 12:06:41 ----A---- C:\windows\system32\ie4uinit.exe
2015-10-15 12:06:40 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-10-15 12:06:40 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-10-15 12:06:40 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2015-10-15 12:06:39 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-10-15 12:06:39 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-10-15 12:06:39 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2015-10-15 12:06:34 ----A---- C:\windows\SYSWOW64\iesetup.dll
2015-10-15 12:06:34 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2015-10-15 12:06:34 ----A---- C:\windows\system32\occache.dll
2015-10-15 12:06:33 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-10-15 12:06:33 ----A---- C:\windows\system32\urlmon.dll
2015-10-15 12:06:33 ----A---- C:\windows\system32\iedkcs32.dll
2015-10-15 12:06:32 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2015-10-15 12:06:32 ----A---- C:\windows\SYSWOW64\jscript.dll
2015-10-15 12:06:32 ----A---- C:\windows\system32\ieetwcollectorres.dll
2015-10-15 12:06:31 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2015-10-15 12:06:31 ----A---- C:\windows\SYSWOW64\iernonce.dll
2015-10-15 12:06:31 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2015-10-15 12:06:30 ----A---- C:\windows\SYSWOW64\ieui.dll
2015-10-15 12:06:30 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2015-10-15 12:06:30 ----A---- C:\windows\system32\msfeeds.dll
2015-10-15 12:06:30 ----A---- C:\windows\system32\dxtrans.dll
2015-10-15 12:06:29 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-10-15 12:06:27 ----A---- C:\windows\system32\iesetup.dll
2015-10-15 12:06:26 ----A---- C:\windows\system32\ieapfltr.dll
2015-10-15 12:06:24 ----A---- C:\windows\system32\iertutil.dll
2015-10-15 12:06:22 ----A---- C:\windows\SYSWOW64\webcheck.dll
2015-10-15 12:06:22 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2015-10-15 12:06:22 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2015-10-15 12:06:22 ----A---- C:\windows\system32\vbscript.dll
2015-10-15 12:06:21 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-10-15 12:06:20 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-10-15 12:06:20 ----A---- C:\windows\system32\jsproxy.dll
2015-10-15 12:06:19 ----A---- C:\windows\SYSWOW64\msrating.dll
2015-10-15 12:06:18 ----A---- C:\windows\system32\dxtmsft.dll
2015-10-15 12:06:17 ----A---- C:\windows\system32\ieui.dll
2015-10-15 12:06:16 ----A---- C:\windows\system32\ieframe.dll
2015-10-15 12:06:14 ----A---- C:\windows\system32\mshtmled.dll
2015-10-15 12:06:13 ----A---- C:\windows\system32\mshtmlmedia.dll
2015-10-15 12:06:13 ----A---- C:\windows\system32\ieUnatt.exe
2015-10-15 12:06:12 ----A---- C:\windows\system32\webcheck.dll
2015-10-15 12:06:11 ----A---- C:\windows\system32\jscript9diag.dll
2015-10-15 12:06:11 ----A---- C:\windows\system32\jscript.dll
2015-10-15 12:06:10 ----A---- C:\windows\system32\jscript9.dll
2015-10-15 12:06:08 ----A---- C:\windows\system32\wininet.dll
2015-10-15 12:06:05 ----A---- C:\windows\system32\msrating.dll
2015-10-15 12:06:05 ----A---- C:\windows\system32\MshtmlDac.dll
2015-10-15 12:06:02 ----A---- C:\windows\system32\mshtml.dll
2015-10-15 10:38:58 ----A---- C:\windows\system32\shell32.dll
2015-10-15 10:38:57 ----A---- C:\windows\system32\ExplorerFrame.dll
2015-10-15 10:38:56 ----A---- C:\windows\SYSWOW64\shell32.dll
2015-10-15 10:38:54 ----A---- C:\windows\SYSWOW64\ExplorerFrame.dll
2015-10-15 10:38:45 ----A---- C:\windows\system32\wuaueng.dll
2015-10-15 10:38:44 ----A---- C:\windows\system32\wucltux.dll
2015-10-15 10:38:43 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2015-10-15 10:38:43 ----A---- C:\windows\SYSWOW64\wudriver.dll
2015-10-15 10:38:43 ----A---- C:\windows\SYSWOW64\wuapp.exe
2015-10-15 10:38:43 ----A---- C:\windows\SYSWOW64\wuapi.dll
2015-10-15 10:38:43 ----A---- C:\windows\system32\wuwebv.dll
2015-10-15 10:38:43 ----A---- C:\windows\system32\wudriver.dll
2015-10-15 10:38:43 ----A---- C:\windows\system32\wuauclt.exe
2015-10-15 10:38:43 ----A---- C:\windows\system32\wuapp.exe
2015-10-15 10:38:43 ----A---- C:\windows\system32\wuapi.dll
2015-10-15 10:38:43 ----A---- C:\windows\system32\WinSetupUI.dll
2015-10-15 10:38:42 ----A---- C:\windows\SYSWOW64\wups.dll
2015-10-15 10:38:42 ----A---- C:\windows\system32\wups2.dll
2015-10-15 10:38:42 ----A---- C:\windows\system32\wups.dll
2015-10-15 10:38:42 ----A---- C:\windows\system32\wu.upgrade.ps.dll
2015-10-15 10:38:09 ----A---- C:\windows\system32\ntoskrnl.exe
2015-10-15 10:38:07 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2015-10-15 10:38:07 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2015-10-15 10:38:05 ----A---- C:\windows\system32\kernel32.dll
2015-10-15 10:38:05 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-10-15 10:38:04 ----A---- C:\windows\SYSWOW64\kernel32.dll
2015-10-15 10:38:04 ----A---- C:\windows\system32\ntdll.dll
2015-10-15 10:38:04 ----A---- C:\windows\system32\lsasrv.dll
2015-10-15 10:38:04 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2015-10-15 10:38:04 ----A---- C:\windows\system32\drivers\ksecdd.sys
2015-10-15 10:38:03 ----A---- C:\windows\system32\wow64.dll
2015-10-15 10:38:03 ----A---- C:\windows\system32\rpcrt4.dll
2015-10-15 10:38:03 ----A---- C:\windows\system32\KernelBase.dll
2015-10-15 10:38:03 ----A---- C:\windows\system32\conhost.exe
2015-10-15 10:38:02 ----A---- C:\windows\SYSWOW64\kerberos.dll
2015-10-15 10:38:02 ----A---- C:\windows\system32\winsrv.dll
2015-10-15 10:38:02 ----A---- C:\windows\system32\srcore.dll
2015-10-15 10:38:02 ----A---- C:\windows\system32\rstrui.exe
2015-10-15 10:38:02 ----A---- C:\windows\system32\kerberos.dll
2015-10-15 10:38:01 ----A---- C:\windows\SYSWOW64\schannel.dll
2015-10-15 10:38:01 ----A---- C:\windows\SYSWOW64\ntdll.dll
2015-10-15 10:38:01 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2015-10-15 10:38:01 ----A---- C:\windows\system32\schannel.dll
2015-10-15 10:38:00 ----A---- C:\windows\SYSWOW64\wdigest.dll
2015-10-15 10:38:00 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2015-10-15 10:38:00 ----A---- C:\windows\SYSWOW64\setup16.exe
2015-10-15 10:38:00 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2015-10-15 10:38:00 ----A---- C:\windows\SYSWOW64\auditpol.exe
2015-10-15 10:38:00 ----A---- C:\windows\system32\wdigest.dll
2015-10-15 10:38:00 ----A---- C:\windows\system32\TSpkg.dll
2015-10-15 10:38:00 ----A---- C:\windows\system32\sspicli.dll
2015-10-15 10:38:00 ----A---- C:\windows\system32\smss.exe
2015-10-15 10:38:00 ----A---- C:\windows\system32\ncrypt.dll
2015-10-15 10:38:00 ----A---- C:\windows\system32\msv1_0.dll
2015-10-15 10:38:00 ----A---- C:\windows\system32\lsass.exe
2015-10-15 10:38:00 ----A---- C:\windows\system32\auditpol.exe
2015-10-15 10:37:59 ----A---- C:\windows\SYSWOW64\srclient.dll
2015-10-15 10:37:59 ----A---- C:\windows\SYSWOW64\secur32.dll
2015-10-15 10:37:59 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2015-10-15 10:37:59 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2015-10-15 10:37:59 ----A---- C:\windows\SYSWOW64\credssp.dll
2015-10-15 10:37:59 ----A---- C:\windows\system32\wow64win.dll
2015-10-15 10:37:59 ----A---- C:\windows\system32\wow64cpu.dll
2015-10-15 10:37:59 ----A---- C:\windows\system32\sspisrv.dll
2015-10-15 10:37:59 ----A---- C:\windows\system32\srclient.dll
2015-10-15 10:37:59 ----A---- C:\windows\system32\secur32.dll
2015-10-15 10:37:59 ----A---- C:\windows\system32\ntvdm64.dll
2015-10-15 10:37:59 ----A---- C:\windows\system32\csrsrv.dll
2015-10-15 10:37:59 ----A---- C:\windows\system32\cryptbase.dll
2015-10-15 10:37:59 ----A---- C:\windows\system32\credssp.dll
2015-10-15 10:37:58 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-15 10:37:58 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-15 10:37:58 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-15 10:37:58 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-15 10:37:58 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-15 10:37:58 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-15 10:37:58 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-15 10:37:58 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-15 10:37:58 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-15 10:37:58 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-15 10:37:58 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-15 10:37:58 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-15 10:37:58 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-15 10:37:58 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-15 10:37:58 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-15 10:37:58 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-15 10:37:58 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-15 10:37:58 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-15 10:37:58 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-15 10:37:58 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-15 10:37:58 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-15 10:37:58 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-15 10:37:58 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-15 10:37:58 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-15 10:37:58 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-15 10:37:58 ----A---- C:\windows\SYSWOW64\wow32.dll
2015-10-15 10:37:58 ----A---- C:\windows\SYSWOW64\sspicli.dll
2015-10-15 10:37:58 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2015-10-15 10:37:58 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2015-10-15 10:37:58 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2015-10-15 10:37:58 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2015-10-15 10:37:57 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-15 10:37:57 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-15 10:37:57 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-15 10:37:57 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-15 10:37:57 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-15 10:37:57 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-15 10:37:57 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-15 10:37:57 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-15 10:37:57 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-15 10:37:57 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-15 10:37:57 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-15 10:37:57 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-15 10:37:57 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-15 10:37:57 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-15 10:37:57 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-15 10:37:57 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-15 10:37:57 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-15 10:37:57 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-15 10:37:57 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-15 10:37:57 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-15 10:37:57 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-15 10:37:57 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-15 10:37:57 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-15 10:37:57 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-15 10:37:57 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-15 10:37:57 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-15 10:37:57 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-15 10:37:57 ----A---- C:\windows\SYSWOW64\instnm.exe
2015-10-15 10:37:57 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2015-10-15 10:37:57 ----A---- C:\windows\system32\apisetschema.dll
2015-10-15 10:37:56 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-15 10:37:56 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-15 10:37:56 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-15 10:37:56 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-15 10:37:56 ----A---- C:\windows\SYSWOW64\user.exe
2015-10-15 10:37:56 ----A---- C:\windows\SYSWOW64\adtschema.dll
2015-10-15 10:37:56 ----A---- C:\windows\system32\adtschema.dll
2015-10-15 10:37:55 ----A---- C:\windows\SYSWOW64\msobjs.dll
2015-10-15 10:37:55 ----A---- C:\windows\SYSWOW64\msaudite.dll
2015-10-15 10:37:55 ----A---- C:\windows\system32\msobjs.dll
2015-10-15 10:37:55 ----A---- C:\windows\system32\msaudite.dll
2015-10-15 10:35:16 ----A---- C:\windows\SYSWOW64\appidapi.dll
2015-10-15 10:35:16 ----A---- C:\windows\system32\appidsvc.dll
2015-10-15 10:35:16 ----A---- C:\windows\system32\appidpolicyconverter.exe
2015-10-15 10:35:16 ----A---- C:\windows\system32\appidapi.dll
2015-10-15 10:35:15 ----A---- C:\windows\system32\setbcdlocale.dll
2015-10-15 10:35:15 ----A---- C:\windows\system32\appidcertstorecheck.exe
2015-10-15 10:35:14 ----A---- C:\windows\system32\drivers\appid.sys
2015-10-15 10:32:24 ----A---- C:\windows\SYSWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-15 10:32:24 ----A---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\system32\ucrtbase.dll
2015-10-15 10:32:24 ----A---- C:\windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-15 10:32:24 ----A---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-15 10:32:24 ----A---- C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-15 10:32:23 ----A---- C:\windows\SYSWOW64\ucrtbase.dll
2015-10-15 10:32:23 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-15 10:32:23 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-15 10:32:23 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-15 10:32:23 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-15 10:32:23 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-15 10:32:23 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-15 10:32:23 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-15 10:32:23 ----A---- C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-15 10:32:23 ----A---- C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-15 10:32:23 ----A---- C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-15 10:32:23 ----A---- C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-15 10:32:23 ----A---- C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-15 10:32:23 ----A---- C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-15 10:32:23 ----A---- C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-15 10:32:23 ----A---- C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-15 10:32:23 ----A---- C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-15 10:15:58 ----HD---- C:\ProgramData\CanonIJMIG
2015-10-15 10:15:15 ----HD---- C:\ProgramData\CanonIJScan
2015-10-11 17:01:24 ----D---- C:\Users\Jirka\AppData\Roaming\CrashReport
2015-09-25 17:44:32 ----A---- C:\windows\SYSWOW64\CNHMCA.dll
2015-09-25 17:44:32 ----A---- C:\windows\SYSWOW64\CNC_BKU.dll
2015-09-25 17:44:32 ----A---- C:\windows\SYSWOW64\CNC_BKL.dll
2015-09-25 17:44:13 ----HD---- C:\ProgramData\CanonIJFAX
2015-09-25 17:30:23 ----A---- C:\windows\system32\CNMLMBK.DLL
2015-09-25 17:30:09 ----A---- C:\windows\system32\CNCALBK.DLL
======List of files/folders modified in the last 1 month======
2015-10-21 18:04:29 ----D---- C:\windows\Prefetch
2015-10-21 18:04:24 ----D---- C:\Program Files\trend micro
2015-10-21 18:04:23 ----D---- C:\windows\temp
2015-10-21 16:55:26 ----D---- C:\ProgramData\Kaspersky Lab
2015-10-21 16:38:19 ----D---- C:\ProgramData\VeriFace
2015-10-21 13:13:28 ----D---- C:\windows\rescache
2015-10-21 10:37:34 ----SHD---- C:\windows\Installer
2015-10-21 08:47:20 ----D---- C:\windows\system32\config
2015-10-21 08:46:50 ----A---- C:\windows\SYSWOW64\log.txt
2015-10-21 08:46:49 ----SHD---- C:\System Volume Information
2015-10-20 22:03:45 ----D---- C:\Users\Jirka\AppData\Roaming\PrimoPDF
2015-10-20 19:43:44 ----D---- C:\windows\system32\NDF
2015-10-20 13:42:22 ----D---- C:\windows\system32\catroot
2015-10-20 13:39:15 ----D---- C:\windows\system32\drivers
2015-10-20 13:31:40 ----D---- C:\ProgramData
2015-10-20 13:31:38 ----D---- C:\Program Files
2015-10-20 13:31:26 ----D---- C:\windows\system32\DriverStore
2015-10-20 13:31:26 ----D---- C:\windows\inf
2015-10-20 11:46:32 ----D---- C:\windows\winsxs
2015-10-20 11:45:49 ----D---- C:\windows\SysWOW64
2015-10-20 11:45:49 ----D---- C:\windows\System32
2015-10-19 12:35:41 ----D---- C:\windows\SYSWOW64\cs-CZ
2015-10-19 12:35:41 ----D---- C:\Program Files\Internet Explorer
2015-10-19 12:35:40 ----D---- C:\windows\SYSWOW64\en-US
2015-10-19 12:35:40 ----D---- C:\windows\system32\cs-CZ
2015-10-19 12:35:39 ----D---- C:\windows\system32\en-US
2015-10-19 12:35:38 ----D---- C:\Program Files (x86)\Internet Explorer
2015-10-19 12:35:33 ----D---- C:\windows\AppPatch
2015-10-19 12:35:32 ----SD---- C:\windows\system32\CompatTel
2015-10-19 12:35:32 ----D---- C:\windows\system32\appraiser
2015-10-19 12:35:31 ----D---- C:\windows\system32\CodeIntegrity
2015-10-19 12:35:31 ----D---- C:\windows\system32\Boot
2015-10-19 10:49:01 ----D---- C:\ProgramData\Microsoft Help
2015-10-19 10:42:01 ----D---- C:\windows\system32\MRT
2015-10-19 10:17:54 ----A---- C:\windows\system32\MRT.exe
2015-10-19 10:09:46 ----A---- C:\windows\win.ini
2015-10-16 05:35:30 ----D---- C:\windows\system32\wdi
2015-10-15 10:21:38 ----D---- C:\ProgramData\CanonIJPLM
2015-10-15 10:21:19 ----D---- C:\windows\system32\catroot2
2015-10-15 10:15:45 ----D---- C:\Users\Jirka\AppData\Roaming\Canon
2015-10-11 17:05:51 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-10-09 10:43:48 ----SD---- C:\windows\SYSWOW64\GWX
2015-10-09 10:43:48 ----SD---- C:\windows\system32\GWX
2015-10-07 17:28:16 ----D---- C:\Users\Jirka\AppData\Roaming\Nitro PDF
2015-10-07 17:28:11 ----D---- C:\windows\system32\FxsTmp
2015-09-25 19:09:01 ----D---- C:\Program Files (x86)\Canon
2015-09-25 17:44:33 ----RSD---- C:\windows\Media
2015-09-25 17:44:30 ----D---- C:\windows\twain_32
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK); C:\windows\system32\DRIVERS\cm_km_w.sys [2015-07-03 247016]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-11-20 537112]
R0 kl1;kl1; C:\windows\system32\DRIVERS\kl1.sys [2015-07-03 478392]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2010-01-15 39008]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 klhk;klhk; C:\windows\system32\DRIVERS\klhk.sys [2015-07-03 225976]
R1 KLIF;Kaspersky Lab Driver; C:\windows\system32\DRIVERS\klif.sys [2015-10-20 831672]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\windows\system32\DRIVERS\klim6.sys [2015-07-03 39280]
R1 klpd;klpd; C:\windows\system32\DRIVERS\klpd.sys [2015-07-03 24944]
R1 kltdi;kltdi; C:\windows\system32\DRIVERS\kltdi.sys [2015-07-03 65208]
R1 Klwtp;Klwtp; C:\windows\system32\DRIVERS\klwtp.sys [2015-07-03 85360]
R1 kneps;kneps; C:\windows\system32\DRIVERS\kneps.sys [2015-10-20 190648]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 kldisk;kldisk; C:\windows\system32\DRIVERS\kldisk.sys [2015-07-03 64368]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2009-10-19 28176]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2009-11-06 1550848]
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2010-03-03 6177280]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btusbflt;Bluetooth USB Filter; C:\windows\system32\drivers\btusbflt.sys [2009-12-14 53800]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-01-15 98344]
R3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2010-01-15 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-01-15 21288]
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2010-01-29 2260256]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2010-01-20 157296]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60a.sys [2009-10-16 321064]
R3 klflt;Kaspersky Lab Kernel DLL; C:\windows\system32\DRIVERS\klflt.sys [2015-07-03 159960]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\windows\system32\DRIVERS\klkbdflt.sys [2015-07-03 40304]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\windows\system32\DRIVERS\klmouflt.sys [2015-07-03 39280]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 rimvndis;BlackBerry Virtual Private Network; C:\windows\System32\Drivers\rimvndis6_AMD64.sys [2014-09-15 17920]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\windows\system32\DRIVERS\RimSerial_AMD64.sys [2012-12-10 44544]
R3 ROCKEYNT;Feitian ROCKEY4 Device Service; C:\windows\system32\DRIVERS\Rockey4.sys [2015-08-22 36904]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 RTHDMIAzAudService;Service for HDMI; C:\windows\system32\drivers\RtHDMIVX.sys [2010-01-27 231328]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-01-07 302128]
R3 vm332avs;Lenovo Camera2; C:\windows\System32\Drivers\vm332avs.sys [2010-02-01 214000]
R3 wdmirror;wdmirror; C:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11280]
S3 blackberryncm;BlackBerryNCM Service; C:\windows\system32\DRIVERS\blackberryncm6_AMD64.sys [2014-04-15 24576]
S3 Bridge0;Bridge0; C:\windows\system32\drivers\WDBridge.sys [2009-07-16 79376]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 ESETCleanersDriver;ESET Cleaner Service; \??\C:\windows\system32\Drivers\ESETCleanersDriver.sys [2015-08-20 170280]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\windows\system32\DRIVERS\LHidFilt.Sys [2014-03-19 76568]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\windows\system32\DRIVERS\LMouFilt.Sys [2014-03-19 59160]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\windows\System32\Drivers\RimUsb_AMD64.sys [2014-05-06 79872]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usb_rndisx;Adaptér USB RNDIS; C:\windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbrndis6;Adaptér USB RNDIS6; C:\windows\system32\DRIVERS\usb80236.sys [2013-02-12 19968]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S4 klkbdflt2;Kaspersky Lab KlKbdFlt2; C:\windows\system32\DRIVERS\klkbdflt2.sys []
S4 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\windows\System32\drivers\sfdrv01.sys [2005-08-10 68608]
S4 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\windows\System32\drivers\sfhlp02.sys [2005-05-16 7168]
S4 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\windows\System32\drivers\sfvfs02.sys [2005-11-03 89600]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2010-03-03 202752]
R2 AVP15.0.2;Služba Kaspersky Anti-Virus 15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe [2015-07-03 194000]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2010-01-12 873248]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2013-06-28 84616]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-11-04 268824]
R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [2013-07-26 230416]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2013-01-02 75136]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\windows\system32\svchost.exe [2009-07-14 27136]
R2 RIM MDNS;RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [2014-09-15 396024]
R2 RIM Tunnel Service;BlackBerry Link Communication Manager; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [2014-09-15 1343224]
R2 Slidebar Notifier Service;Slidebar Notifier Service; C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe [2009-12-30 69568]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-25 153952]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\windows\system32\svchost.exe [2009-07-14 27136]
R3 BlackBerry Device Manager;BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [2014-09-04 588024]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-20 144200]
S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter; C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FlexNet Licensing Service;FlexNet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [2015-08-22 1087792]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 GalaxyService;GalaxyService; C:\Program Files (x86)\GalaxyClient\GalaxyService.exe [2014-09-18 2191648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-20 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-09-16 114688]
S3 IGRS;IGRS; C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-15 38152]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2014-03-25 357144]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2009-11-17 575304]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PS_MDP;ReadyComm Presentation Space Helper Service; C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs []
S3 RichVideo;Cyberlink RichVideo Service(CRVS); c:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [2009-10-29 244904]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-01-24 834752]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-09-09 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
den bez antiviru + policie vás sleduje
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: den bez antiviru + policie vás sleduje
Zdravím!
Dejte log ComboFix:
Dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: den bez antiviru + policie vás sleduje
ComboFix 15-10-21.01 - Jirka 21.10.2015 19:08:23.3.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4029.2331 [GMT 2:00]
Spuštěný z: c:\users\Jirka\Downloads\ComboFix.exe
AV: Kaspersky Anti-Virus *Disabled/Updated* {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
SP: Kaspersky Anti-Virus *Disabled/Updated* {0F7D947C-13CC-4207-47BE-41AC12334EC6}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-09-21 do 2015-10-21 )))))))))))))))))))))))))))))))
.
.
2015-10-21 17:15 . 2015-10-21 17:15 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-10-21 17:15 . 2015-10-21 17:15 -------- d-----w- c:\users\Jiří Hálek\AppData\Local\temp
2015-10-21 17:15 . 2015-10-21 17:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-10-21 16:04 . 2015-10-21 16:04 -------- d-----w- C:\rsit
2015-10-21 07:09 . 2015-10-21 07:09 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4B99C2AF-F35C-414D-8A8C-C1D31806F78F}\offreg.2492.dll
2015-10-21 06:58 . 2015-10-13 09:47 11140960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4B99C2AF-F35C-414D-8A8C-C1D31806F78F}\mpengine.dll
2015-10-15 11:38 . 2015-09-18 19:22 25432 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-10-15 11:38 . 2015-09-18 19:19 700416 ----a-w- c:\windows\system32\invagent.dll
2015-10-15 11:38 . 2015-09-18 19:19 766464 ----a-w- c:\windows\system32\generaltel.dll
2015-10-15 11:38 . 2015-09-18 19:19 503808 ----a-w- c:\windows\system32\devinv.dll
2015-10-15 11:38 . 2015-09-18 19:19 73216 ----a-w- c:\windows\system32\acmigration.dll
2015-10-15 11:38 . 2015-09-18 19:19 1291264 ----a-w- c:\windows\system32\appraiser.dll
2015-10-15 11:38 . 2015-09-18 19:09 1163776 ----a-w- c:\windows\system32\aeinv.dll
2015-10-15 10:05 . 2015-09-16 04:32 10949120 ----a-w- c:\program files\Internet Explorer\F12Resources.dll
2015-10-15 08:37 . 2015-09-29 03:11 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-10-15 08:35 . 2015-10-01 18:06 692672 ----a-w- c:\windows\system32\winload.efi
2015-10-15 08:35 . 2015-10-01 18:04 616360 ----a-w- c:\windows\system32\winresume.efi
2015-10-15 08:35 . 2015-10-01 18:00 59392 ----a-w- c:\windows\system32\appidapi.dll
2015-10-15 08:35 . 2015-10-01 18:00 32768 ----a-w- c:\windows\system32\appidsvc.dll
2015-10-15 08:35 . 2015-10-01 18:00 147456 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-10-15 08:35 . 2015-10-01 17:50 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2015-10-15 08:35 . 2015-10-01 18:00 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-10-15 08:35 . 2015-10-01 18:00 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2015-10-15 08:35 . 2015-10-01 17:00 61440 ----a-w- c:\windows\system32\drivers\appid.sys
2015-10-15 08:15 . 2015-10-15 08:21 -------- d--h--w- c:\programdata\CanonIJMIG
2015-10-15 08:15 . 2015-10-15 08:15 -------- d--h--w- c:\programdata\CanonIJScan
2015-10-11 15:01 . 2015-10-11 15:01 -------- d-----w- c:\users\Jirka\AppData\Roaming\CrashReport
2015-09-25 15:44 . 2012-09-21 07:33 321024 ----a-w- c:\windows\SysWow64\CNC_BKL.dll
2015-09-25 15:44 . 2012-05-25 07:21 103936 ----a-w- c:\windows\SysWow64\CNC_BKU.dll
2015-09-25 15:44 . 2008-08-25 16:02 15872 ----a-w- c:\windows\SysWow64\CNHMCA.dll
2015-09-25 15:44 . 2015-09-25 15:44 -------- d--h--w- c:\programdata\CanonIJFAX
2015-09-25 15:31 . 2012-09-20 03:00 30208 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPDBK.DLL
2015-09-25 15:31 . 2012-09-20 03:00 101888 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPPBK.DLL
2015-09-25 15:30 . 2012-09-20 03:00 390656 ----a-w- c:\windows\system32\CNMLMBK.DLL
2015-09-25 15:30 . 2012-09-21 03:00 303104 ----a-w- c:\windows\system32\CNCALBK.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-20 11:38 . 2015-08-20 19:29 831672 ----a-w- c:\windows\system32\drivers\klif.sys
2015-10-20 11:38 . 2015-07-03 00:20 190648 ----a-w- c:\windows\system32\drivers\kneps.sys
2015-10-19 08:17 . 2010-09-09 05:42 143481208 ----a-w- c:\windows\system32\MRT.exe
2015-09-29 02:58 . 2015-10-15 08:38 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-09-15 18:11 . 2015-10-15 08:38 342016 ----a-w- c:\windows\system32\schannel.dll
2015-09-15 17:36 . 2015-10-15 08:38 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-09-02 03:04 . 2015-09-09 08:34 41984 ----a-w- c:\windows\system32\lpk.dll
2015-09-02 03:04 . 2015-09-09 08:34 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-09-02 03:04 . 2015-09-09 08:34 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-09-02 03:04 . 2015-09-09 08:34 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-09-02 02:48 . 2015-09-09 08:34 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-09-02 02:48 . 2015-09-09 08:34 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-09-02 02:48 . 2015-09-09 08:34 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-09-02 02:47 . 2015-09-09 08:34 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-09-02 01:51 . 2015-09-09 08:34 3209216 ----a-w- c:\windows\system32\win32k.sys
2015-09-02 01:47 . 2015-09-09 08:34 372736 ----a-w- c:\windows\system32\atmfd.dll
2015-09-02 01:33 . 2015-09-09 08:34 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-08-27 18:18 . 2015-09-09 08:35 2004480 ----a-w- c:\windows\system32\msxml6.dll
2015-08-27 18:18 . 2015-09-09 08:35 1887232 ----a-w- c:\windows\system32\msxml3.dll
2015-08-27 18:13 . 2015-09-09 08:35 2048 ----a-w- c:\windows\system32\msxml6r.dll
2015-08-27 18:13 . 2015-09-09 08:35 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-08-27 17:58 . 2015-09-09 08:35 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
2015-08-27 17:58 . 2015-09-09 08:35 1241088 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-08-27 17:51 . 2015-09-09 08:35 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2015-08-27 17:51 . 2015-09-09 08:35 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-08-22 07:52 . 2015-08-22 07:52 7680 ----a-w- c:\windows\system32\Ry4CoInst.dll
2015-08-22 07:52 . 2015-08-22 07:52 36904 ----a-w- c:\windows\system32\drivers\Rockey4.sys
2015-08-22 07:52 . 2015-08-22 07:52 23592 ----a-w- c:\windows\system32\drivers\Rockey4USB.sys
2015-08-20 14:17 . 2015-08-20 13:44 170280 ----a-w- c:\windows\system32\drivers\ESETCleanersDriver.sys
2015-08-19 17:03 . 2014-06-03 16:34 778440 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-08-19 17:03 . 2014-06-03 16:34 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-08-05 17:56 . 2015-09-09 08:36 1110016 ----a-w- c:\windows\system32\schedsvc.dll
2015-08-05 17:56 . 2015-09-09 08:36 24576 ----a-w- c:\windows\system32\jnwmon.dll
2015-08-05 17:56 . 2015-09-09 08:36 275456 ----a-w- c:\windows\system32\InkEd.dll
2015-08-05 17:40 . 2015-09-09 08:36 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
2015-07-30 18:06 . 2015-08-20 17:35 1648128 ----a-w- c:\windows\system32\DWrite.dll
2015-07-30 18:06 . 2015-08-20 17:35 1180160 ----a-w- c:\windows\system32\FntCache.dll
2015-07-30 18:06 . 2015-08-20 17:35 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2015-07-30 17:57 . 2015-08-20 17:35 1251328 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-07-30 17:57 . 2015-08-20 17:35 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2015-07-30 13:13 . 2015-08-22 02:58 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-07-30 13:13 . 2015-08-22 02:58 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE" [2014-03-13 779776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-03 98304]
"332BigDog"="c:\program files (x86)\USB Camera2\VM332_STI.EXE" [2009-09-15 536576]
"MuteSync"="c:\progra~2\Lenovo\LENOVO~2\MuteSync.exe" [2009-12-28 336384]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"MDS_Menu"="c:\program files (x86)\Lenovo\MediaShow\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"Lenovo SlideNav2"="c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe" [2009-12-30 318400]
"UCam_Menu"="c:\program files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"YouCam Mirror Tray icon"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2010-02-03 167008]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2010-04-21 3122528]
"Lenovo SplitScreen"="c:\program files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe" [2010-01-26 779104]
"RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2014-09-03 443640]
"RIM PeerManager"="c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe" [2014-09-15 4836088]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-11-20 1021128]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2014-11-08 1298504]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2012-08-31 452272]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WLStart"="c:\program files (x86)\Windows Live\Installer\wlstart.exe" [2009-07-26 779600]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2010-1-12 1082656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 AVP15.0.2;Služba Kaspersky Anti-Virus 15.0.2;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe;c:\windows\SYSNATIVE\IgrsSvcs.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 blackberryncm;BlackBerryNCM Service;c:\windows\system32\DRIVERS\blackberryncm6_AMD64.sys;c:\windows\SYSNATIVE\DRIVERS\blackberryncm6_AMD64.sys [x]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys;c:\windows\SYSNATIVE\drivers\WDBridge.sys [x]
R3 ESETCleanersDriver;ESET Cleaner Service;c:\windows\system32\Drivers\ESETCleanersDriver.sys;c:\windows\SYSNATIVE\Drivers\ESETCleanersDriver.sys [x]
R3 GalaxyService;GalaxyService;c:\program files (x86)\GalaxyClient\GalaxyService.exe;c:\program files (x86)\GalaxyClient\GalaxyService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [x]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe;c:\program files\Lenovo\ReadyComm\AppSvc.exe [x]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe;c:\windows\SYSNATIVE\IgrsSvcs.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 usbrndis6;Adaptér USB RNDIS6;c:\windows\system32\DRIVERS\usb80236.sys;c:\windows\SYSNATIVE\DRIVERS\usb80236.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK);c:\windows\system32\DRIVERS\cm_km_w.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km_w.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S1 klhk;klhk;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 Klwtp;Klwtp;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x]
S2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [x]
S2 RIM MDNS;RIM MDNS;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [x]
S2 RIM Tunnel Service;BlackBerry Link Communication Manager;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe service;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe service [x]
S2 Slidebar Notifier Service;Slidebar Notifier Service;c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe;c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 BlackBerry Device Manager;BlackBerry Device Manager;c:\program files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe;c:\program files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 rimvndis;BlackBerry Virtual Private Network;c:\windows\system32\Drivers\rimvndis6_AMD64.sys;c:\windows\SYSNATIVE\Drivers\rimvndis6_AMD64.sys [x]
S3 vm332avs;Lenovo Camera2;c:\windows\system32\Drivers\vm332avs.sys;c:\windows\SYSNATIVE\Drivers\vm332avs.sys [x]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys;c:\windows\SYSNATIVE\DRIVERS\WDMirror.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
<NO NAME> REG_SZ
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-10-16 10:05 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\46.0.2490.71\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-08-20 12:16]
.
2015-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-08-20 12:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2010-04-21 10:39 1502720 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-01-29 10038304]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-01-29 877600]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2009-12-19 776608]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2010-03-11 4448704]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2010-03-11 7056832]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2014-05-19 3100440]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://lenovo.msn.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: {{5547CE1F-74E9-41E5-9CBF-5211ECC37341} - {BB7DC12B-C59D-4138-AD28-BBB65DE62A3B} - c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynBtnAsst - c:\program files (x86)\Synaptics\SynTP\SynBtnAsst.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2249021379-2990354348-808532824-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:b8,ea,35,67,ea,b9,2d,a8,b3,bc,cf,20,53,ed,04,65,19,25,50,d3,0f,f2,fe,
37,11,49,ff,53,fd,d5,93,16,f2,cc,d9,a8,ac,e2,f4,63,19,33,17,6d,e1,c8,70,e6,\
"??"=hex:ec,7f,62,96,57,2c,d6,08,cc,a5,1f,55,b4,c4,7c,48
.
[HKEY_USERS\S-1-5-21-2249021379-2990354348-808532824-1003\Software\SecuROM\License information*]
"datasecu"=hex:45,7d,8c,b6,8e,21,2e,3d,af,2d,10,8b,b1,0e,60,13,5a,b6,91,43,10,
17,4c,6e,93,5a,7c,e2,39,91,ca,57,ea,d2,01,d3,14,ca,eb,2f,84,62,fb,ca,14,87,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2015-10-21 19:20:11
ComboFix-quarantined-files.txt 2015-10-21 17:20
.
Před spuštěním: Volných bajtů: 310 332 375 040
Po spuštění: Volných bajtů: 311 833 382 912
.
- - End Of File - - E17DEEBFD0A103ED2E8B7BF58395EDB6
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4029.2331 [GMT 2:00]
Spuštěný z: c:\users\Jirka\Downloads\ComboFix.exe
AV: Kaspersky Anti-Virus *Disabled/Updated* {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
SP: Kaspersky Anti-Virus *Disabled/Updated* {0F7D947C-13CC-4207-47BE-41AC12334EC6}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-09-21 do 2015-10-21 )))))))))))))))))))))))))))))))
.
.
2015-10-21 17:15 . 2015-10-21 17:15 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-10-21 17:15 . 2015-10-21 17:15 -------- d-----w- c:\users\Jiří Hálek\AppData\Local\temp
2015-10-21 17:15 . 2015-10-21 17:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-10-21 16:04 . 2015-10-21 16:04 -------- d-----w- C:\rsit
2015-10-21 07:09 . 2015-10-21 07:09 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4B99C2AF-F35C-414D-8A8C-C1D31806F78F}\offreg.2492.dll
2015-10-21 06:58 . 2015-10-13 09:47 11140960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4B99C2AF-F35C-414D-8A8C-C1D31806F78F}\mpengine.dll
2015-10-15 11:38 . 2015-09-18 19:22 25432 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-10-15 11:38 . 2015-09-18 19:19 700416 ----a-w- c:\windows\system32\invagent.dll
2015-10-15 11:38 . 2015-09-18 19:19 766464 ----a-w- c:\windows\system32\generaltel.dll
2015-10-15 11:38 . 2015-09-18 19:19 503808 ----a-w- c:\windows\system32\devinv.dll
2015-10-15 11:38 . 2015-09-18 19:19 73216 ----a-w- c:\windows\system32\acmigration.dll
2015-10-15 11:38 . 2015-09-18 19:19 1291264 ----a-w- c:\windows\system32\appraiser.dll
2015-10-15 11:38 . 2015-09-18 19:09 1163776 ----a-w- c:\windows\system32\aeinv.dll
2015-10-15 10:05 . 2015-09-16 04:32 10949120 ----a-w- c:\program files\Internet Explorer\F12Resources.dll
2015-10-15 08:37 . 2015-09-29 03:11 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-10-15 08:35 . 2015-10-01 18:06 692672 ----a-w- c:\windows\system32\winload.efi
2015-10-15 08:35 . 2015-10-01 18:04 616360 ----a-w- c:\windows\system32\winresume.efi
2015-10-15 08:35 . 2015-10-01 18:00 59392 ----a-w- c:\windows\system32\appidapi.dll
2015-10-15 08:35 . 2015-10-01 18:00 32768 ----a-w- c:\windows\system32\appidsvc.dll
2015-10-15 08:35 . 2015-10-01 18:00 147456 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-10-15 08:35 . 2015-10-01 17:50 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2015-10-15 08:35 . 2015-10-01 18:00 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-10-15 08:35 . 2015-10-01 18:00 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2015-10-15 08:35 . 2015-10-01 17:00 61440 ----a-w- c:\windows\system32\drivers\appid.sys
2015-10-15 08:15 . 2015-10-15 08:21 -------- d--h--w- c:\programdata\CanonIJMIG
2015-10-15 08:15 . 2015-10-15 08:15 -------- d--h--w- c:\programdata\CanonIJScan
2015-10-11 15:01 . 2015-10-11 15:01 -------- d-----w- c:\users\Jirka\AppData\Roaming\CrashReport
2015-09-25 15:44 . 2012-09-21 07:33 321024 ----a-w- c:\windows\SysWow64\CNC_BKL.dll
2015-09-25 15:44 . 2012-05-25 07:21 103936 ----a-w- c:\windows\SysWow64\CNC_BKU.dll
2015-09-25 15:44 . 2008-08-25 16:02 15872 ----a-w- c:\windows\SysWow64\CNHMCA.dll
2015-09-25 15:44 . 2015-09-25 15:44 -------- d--h--w- c:\programdata\CanonIJFAX
2015-09-25 15:31 . 2012-09-20 03:00 30208 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPDBK.DLL
2015-09-25 15:31 . 2012-09-20 03:00 101888 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPPBK.DLL
2015-09-25 15:30 . 2012-09-20 03:00 390656 ----a-w- c:\windows\system32\CNMLMBK.DLL
2015-09-25 15:30 . 2012-09-21 03:00 303104 ----a-w- c:\windows\system32\CNCALBK.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-20 11:38 . 2015-08-20 19:29 831672 ----a-w- c:\windows\system32\drivers\klif.sys
2015-10-20 11:38 . 2015-07-03 00:20 190648 ----a-w- c:\windows\system32\drivers\kneps.sys
2015-10-19 08:17 . 2010-09-09 05:42 143481208 ----a-w- c:\windows\system32\MRT.exe
2015-09-29 02:58 . 2015-10-15 08:38 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-09-15 18:11 . 2015-10-15 08:38 342016 ----a-w- c:\windows\system32\schannel.dll
2015-09-15 17:36 . 2015-10-15 08:38 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-09-02 03:04 . 2015-09-09 08:34 41984 ----a-w- c:\windows\system32\lpk.dll
2015-09-02 03:04 . 2015-09-09 08:34 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-09-02 03:04 . 2015-09-09 08:34 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-09-02 03:04 . 2015-09-09 08:34 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-09-02 02:48 . 2015-09-09 08:34 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-09-02 02:48 . 2015-09-09 08:34 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-09-02 02:48 . 2015-09-09 08:34 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-09-02 02:47 . 2015-09-09 08:34 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-09-02 01:51 . 2015-09-09 08:34 3209216 ----a-w- c:\windows\system32\win32k.sys
2015-09-02 01:47 . 2015-09-09 08:34 372736 ----a-w- c:\windows\system32\atmfd.dll
2015-09-02 01:33 . 2015-09-09 08:34 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-08-27 18:18 . 2015-09-09 08:35 2004480 ----a-w- c:\windows\system32\msxml6.dll
2015-08-27 18:18 . 2015-09-09 08:35 1887232 ----a-w- c:\windows\system32\msxml3.dll
2015-08-27 18:13 . 2015-09-09 08:35 2048 ----a-w- c:\windows\system32\msxml6r.dll
2015-08-27 18:13 . 2015-09-09 08:35 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-08-27 17:58 . 2015-09-09 08:35 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
2015-08-27 17:58 . 2015-09-09 08:35 1241088 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-08-27 17:51 . 2015-09-09 08:35 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2015-08-27 17:51 . 2015-09-09 08:35 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-08-22 07:52 . 2015-08-22 07:52 7680 ----a-w- c:\windows\system32\Ry4CoInst.dll
2015-08-22 07:52 . 2015-08-22 07:52 36904 ----a-w- c:\windows\system32\drivers\Rockey4.sys
2015-08-22 07:52 . 2015-08-22 07:52 23592 ----a-w- c:\windows\system32\drivers\Rockey4USB.sys
2015-08-20 14:17 . 2015-08-20 13:44 170280 ----a-w- c:\windows\system32\drivers\ESETCleanersDriver.sys
2015-08-19 17:03 . 2014-06-03 16:34 778440 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-08-19 17:03 . 2014-06-03 16:34 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-08-05 17:56 . 2015-09-09 08:36 1110016 ----a-w- c:\windows\system32\schedsvc.dll
2015-08-05 17:56 . 2015-09-09 08:36 24576 ----a-w- c:\windows\system32\jnwmon.dll
2015-08-05 17:56 . 2015-09-09 08:36 275456 ----a-w- c:\windows\system32\InkEd.dll
2015-08-05 17:40 . 2015-09-09 08:36 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
2015-07-30 18:06 . 2015-08-20 17:35 1648128 ----a-w- c:\windows\system32\DWrite.dll
2015-07-30 18:06 . 2015-08-20 17:35 1180160 ----a-w- c:\windows\system32\FntCache.dll
2015-07-30 18:06 . 2015-08-20 17:35 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2015-07-30 17:57 . 2015-08-20 17:35 1251328 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-07-30 17:57 . 2015-08-20 17:35 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2015-07-30 13:13 . 2015-08-22 02:58 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-07-30 13:13 . 2015-08-22 02:58 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE" [2014-03-13 779776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-03 98304]
"332BigDog"="c:\program files (x86)\USB Camera2\VM332_STI.EXE" [2009-09-15 536576]
"MuteSync"="c:\progra~2\Lenovo\LENOVO~2\MuteSync.exe" [2009-12-28 336384]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"MDS_Menu"="c:\program files (x86)\Lenovo\MediaShow\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"Lenovo SlideNav2"="c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe" [2009-12-30 318400]
"UCam_Menu"="c:\program files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"YouCam Mirror Tray icon"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2010-02-03 167008]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2010-04-21 3122528]
"Lenovo SplitScreen"="c:\program files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe" [2010-01-26 779104]
"RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2014-09-03 443640]
"RIM PeerManager"="c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe" [2014-09-15 4836088]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-11-20 1021128]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2014-11-08 1298504]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2012-08-31 452272]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WLStart"="c:\program files (x86)\Windows Live\Installer\wlstart.exe" [2009-07-26 779600]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2010-1-12 1082656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 AVP15.0.2;Služba Kaspersky Anti-Virus 15.0.2;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe;c:\windows\SYSNATIVE\IgrsSvcs.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 blackberryncm;BlackBerryNCM Service;c:\windows\system32\DRIVERS\blackberryncm6_AMD64.sys;c:\windows\SYSNATIVE\DRIVERS\blackberryncm6_AMD64.sys [x]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys;c:\windows\SYSNATIVE\drivers\WDBridge.sys [x]
R3 ESETCleanersDriver;ESET Cleaner Service;c:\windows\system32\Drivers\ESETCleanersDriver.sys;c:\windows\SYSNATIVE\Drivers\ESETCleanersDriver.sys [x]
R3 GalaxyService;GalaxyService;c:\program files (x86)\GalaxyClient\GalaxyService.exe;c:\program files (x86)\GalaxyClient\GalaxyService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [x]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe;c:\program files\Lenovo\ReadyComm\AppSvc.exe [x]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe;c:\windows\SYSNATIVE\IgrsSvcs.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 usbrndis6;Adaptér USB RNDIS6;c:\windows\system32\DRIVERS\usb80236.sys;c:\windows\SYSNATIVE\DRIVERS\usb80236.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK);c:\windows\system32\DRIVERS\cm_km_w.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km_w.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S1 klhk;klhk;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 Klwtp;Klwtp;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x]
S2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [x]
S2 RIM MDNS;RIM MDNS;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [x]
S2 RIM Tunnel Service;BlackBerry Link Communication Manager;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe service;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe service [x]
S2 Slidebar Notifier Service;Slidebar Notifier Service;c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe;c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 BlackBerry Device Manager;BlackBerry Device Manager;c:\program files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe;c:\program files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 rimvndis;BlackBerry Virtual Private Network;c:\windows\system32\Drivers\rimvndis6_AMD64.sys;c:\windows\SYSNATIVE\Drivers\rimvndis6_AMD64.sys [x]
S3 vm332avs;Lenovo Camera2;c:\windows\system32\Drivers\vm332avs.sys;c:\windows\SYSNATIVE\Drivers\vm332avs.sys [x]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys;c:\windows\SYSNATIVE\DRIVERS\WDMirror.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
<NO NAME> REG_SZ
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-10-16 10:05 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\46.0.2490.71\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-08-20 12:16]
.
2015-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-08-20 12:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2010-04-21 10:39 1502720 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-01-29 10038304]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-01-29 877600]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2009-12-19 776608]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2010-03-11 4448704]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2010-03-11 7056832]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2014-05-19 3100440]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://lenovo.msn.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: {{5547CE1F-74E9-41E5-9CBF-5211ECC37341} - {BB7DC12B-C59D-4138-AD28-BBB65DE62A3B} - c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynBtnAsst - c:\program files (x86)\Synaptics\SynTP\SynBtnAsst.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2249021379-2990354348-808532824-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:b8,ea,35,67,ea,b9,2d,a8,b3,bc,cf,20,53,ed,04,65,19,25,50,d3,0f,f2,fe,
37,11,49,ff,53,fd,d5,93,16,f2,cc,d9,a8,ac,e2,f4,63,19,33,17,6d,e1,c8,70,e6,\
"??"=hex:ec,7f,62,96,57,2c,d6,08,cc,a5,1f,55,b4,c4,7c,48
.
[HKEY_USERS\S-1-5-21-2249021379-2990354348-808532824-1003\Software\SecuROM\License information*]
"datasecu"=hex:45,7d,8c,b6,8e,21,2e,3d,af,2d,10,8b,b1,0e,60,13,5a,b6,91,43,10,
17,4c,6e,93,5a,7c,e2,39,91,ca,57,ea,d2,01,d3,14,ca,eb,2f,84,62,fb,ca,14,87,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2015-10-21 19:20:11
ComboFix-quarantined-files.txt 2015-10-21 17:20
.
Před spuštěním: Volných bajtů: 310 332 375 040
Po spuštění: Volných bajtů: 311 833 382 912
.
- - End Of File - - E17DEEBFD0A103ED2E8B7BF58395EDB6
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: den bez antiviru + policie vás sleduje
Dočistíme. Přesuňte ComboFix na plochuOtevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte CF se spustí a vykoná příkazy ze skriptu.KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
Regnull::
[HKEY_USERS\S-1-5-21-2249021379-2990354348-808532824-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
[HKEY_USERS\S-1-5-21-2249021379-2990354348-808532824-1003\Software\SecuROM\License information*]
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: den bez antiviru + policie vás sleduje
ComboFix 15-10-21.01 - Jirka 21.10.2015 20:31:19.4.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4029.881 [GMT 2:00]
Spuštěný z: c:\users\Jirka\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jirka\Desktop\CFScript.txt
AV: Kaspersky Anti-Virus *Disabled/Updated* {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
SP: Kaspersky Anti-Virus *Disabled/Updated* {0F7D947C-13CC-4207-47BE-41AC12334EC6}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\SysWow64\out.txt . . . . nemohl být smazán
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-09-21 do 2015-10-21 )))))))))))))))))))))))))))))))
.
.
2015-10-21 18:44 . 2015-10-21 18:44 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-10-21 18:44 . 2015-10-21 18:44 -------- d-----w- c:\users\Jiří Hálek\AppData\Local\temp
2015-10-21 18:44 . 2015-10-21 18:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-10-21 16:04 . 2015-10-21 16:04 -------- d-----w- C:\rsit
2015-10-21 07:09 . 2015-10-21 07:09 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4B99C2AF-F35C-414D-8A8C-C1D31806F78F}\offreg.2492.dll
2015-10-21 06:58 . 2015-10-13 09:47 11140960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4B99C2AF-F35C-414D-8A8C-C1D31806F78F}\mpengine.dll
2015-10-15 11:38 . 2015-09-18 19:22 25432 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-10-15 11:38 . 2015-09-18 19:19 700416 ----a-w- c:\windows\system32\invagent.dll
2015-10-15 11:38 . 2015-09-18 19:19 766464 ----a-w- c:\windows\system32\generaltel.dll
2015-10-15 11:38 . 2015-09-18 19:19 503808 ----a-w- c:\windows\system32\devinv.dll
2015-10-15 11:38 . 2015-09-18 19:19 73216 ----a-w- c:\windows\system32\acmigration.dll
2015-10-15 11:38 . 2015-09-18 19:19 1291264 ----a-w- c:\windows\system32\appraiser.dll
2015-10-15 11:38 . 2015-09-18 19:09 1163776 ----a-w- c:\windows\system32\aeinv.dll
2015-10-15 10:05 . 2015-09-16 04:32 10949120 ----a-w- c:\program files\Internet Explorer\F12Resources.dll
2015-10-15 08:37 . 2015-09-29 03:11 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-10-15 08:35 . 2015-10-01 18:06 692672 ----a-w- c:\windows\system32\winload.efi
2015-10-15 08:35 . 2015-10-01 18:04 616360 ----a-w- c:\windows\system32\winresume.efi
2015-10-15 08:35 . 2015-10-01 18:00 59392 ----a-w- c:\windows\system32\appidapi.dll
2015-10-15 08:35 . 2015-10-01 18:00 32768 ----a-w- c:\windows\system32\appidsvc.dll
2015-10-15 08:35 . 2015-10-01 18:00 147456 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-10-15 08:35 . 2015-10-01 17:50 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2015-10-15 08:35 . 2015-10-01 18:00 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-10-15 08:35 . 2015-10-01 18:00 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2015-10-15 08:35 . 2015-10-01 17:00 61440 ----a-w- c:\windows\system32\drivers\appid.sys
2015-10-15 08:15 . 2015-10-15 08:21 -------- d--h--w- c:\programdata\CanonIJMIG
2015-10-15 08:15 . 2015-10-15 08:15 -------- d--h--w- c:\programdata\CanonIJScan
2015-10-11 15:01 . 2015-10-11 15:01 -------- d-----w- c:\users\Jirka\AppData\Roaming\CrashReport
2015-09-25 15:44 . 2012-09-21 07:33 321024 ----a-w- c:\windows\SysWow64\CNC_BKL.dll
2015-09-25 15:44 . 2012-05-25 07:21 103936 ----a-w- c:\windows\SysWow64\CNC_BKU.dll
2015-09-25 15:44 . 2008-08-25 16:02 15872 ----a-w- c:\windows\SysWow64\CNHMCA.dll
2015-09-25 15:44 . 2015-09-25 15:44 -------- d--h--w- c:\programdata\CanonIJFAX
2015-09-25 15:31 . 2012-09-20 03:00 30208 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPDBK.DLL
2015-09-25 15:31 . 2012-09-20 03:00 101888 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPPBK.DLL
2015-09-25 15:30 . 2012-09-20 03:00 390656 ----a-w- c:\windows\system32\CNMLMBK.DLL
2015-09-25 15:30 . 2012-09-21 03:00 303104 ----a-w- c:\windows\system32\CNCALBK.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-20 11:38 . 2015-08-20 19:29 831672 ----a-w- c:\windows\system32\drivers\klif.sys
2015-10-20 11:38 . 2015-07-03 00:20 190648 ----a-w- c:\windows\system32\drivers\kneps.sys
2015-10-19 08:17 . 2010-09-09 05:42 143481208 ----a-w- c:\windows\system32\MRT.exe
2015-09-29 02:58 . 2015-10-15 08:38 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-09-15 18:11 . 2015-10-15 08:38 342016 ----a-w- c:\windows\system32\schannel.dll
2015-09-15 17:36 . 2015-10-15 08:38 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-09-02 03:04 . 2015-09-09 08:34 41984 ----a-w- c:\windows\system32\lpk.dll
2015-09-02 03:04 . 2015-09-09 08:34 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-09-02 03:04 . 2015-09-09 08:34 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-09-02 03:04 . 2015-09-09 08:34 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-09-02 02:48 . 2015-09-09 08:34 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-09-02 02:48 . 2015-09-09 08:34 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-09-02 02:48 . 2015-09-09 08:34 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-09-02 02:47 . 2015-09-09 08:34 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-09-02 01:51 . 2015-09-09 08:34 3209216 ----a-w- c:\windows\system32\win32k.sys
2015-09-02 01:47 . 2015-09-09 08:34 372736 ----a-w- c:\windows\system32\atmfd.dll
2015-09-02 01:33 . 2015-09-09 08:34 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-08-27 18:18 . 2015-09-09 08:35 2004480 ----a-w- c:\windows\system32\msxml6.dll
2015-08-27 18:18 . 2015-09-09 08:35 1887232 ----a-w- c:\windows\system32\msxml3.dll
2015-08-27 18:13 . 2015-09-09 08:35 2048 ----a-w- c:\windows\system32\msxml6r.dll
2015-08-27 18:13 . 2015-09-09 08:35 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-08-27 17:58 . 2015-09-09 08:35 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
2015-08-27 17:58 . 2015-09-09 08:35 1241088 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-08-27 17:51 . 2015-09-09 08:35 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2015-08-27 17:51 . 2015-09-09 08:35 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-08-22 07:52 . 2015-08-22 07:52 7680 ----a-w- c:\windows\system32\Ry4CoInst.dll
2015-08-22 07:52 . 2015-08-22 07:52 36904 ----a-w- c:\windows\system32\drivers\Rockey4.sys
2015-08-22 07:52 . 2015-08-22 07:52 23592 ----a-w- c:\windows\system32\drivers\Rockey4USB.sys
2015-08-20 14:17 . 2015-08-20 13:44 170280 ----a-w- c:\windows\system32\drivers\ESETCleanersDriver.sys
2015-08-19 17:03 . 2014-06-03 16:34 778440 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-08-19 17:03 . 2014-06-03 16:34 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-08-05 17:56 . 2015-09-09 08:36 1110016 ----a-w- c:\windows\system32\schedsvc.dll
2015-08-05 17:56 . 2015-09-09 08:36 24576 ----a-w- c:\windows\system32\jnwmon.dll
2015-08-05 17:56 . 2015-09-09 08:36 275456 ----a-w- c:\windows\system32\InkEd.dll
2015-08-05 17:40 . 2015-09-09 08:36 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
2015-07-30 18:06 . 2015-08-20 17:35 1648128 ----a-w- c:\windows\system32\DWrite.dll
2015-07-30 18:06 . 2015-08-20 17:35 1180160 ----a-w- c:\windows\system32\FntCache.dll
2015-07-30 18:06 . 2015-08-20 17:35 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2015-07-30 17:57 . 2015-08-20 17:35 1251328 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-07-30 17:57 . 2015-08-20 17:35 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2015-07-30 13:13 . 2015-08-22 02:58 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-07-30 13:13 . 2015-08-22 02:58 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE" [2014-03-13 779776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-03 98304]
"332BigDog"="c:\program files (x86)\USB Camera2\VM332_STI.EXE" [2009-09-15 536576]
"MuteSync"="c:\progra~2\Lenovo\LENOVO~2\MuteSync.exe" [2009-12-28 336384]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"MDS_Menu"="c:\program files (x86)\Lenovo\MediaShow\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"Lenovo SlideNav2"="c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe" [2009-12-30 318400]
"UCam_Menu"="c:\program files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"YouCam Mirror Tray icon"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2010-02-03 167008]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2010-04-21 3122528]
"Lenovo SplitScreen"="c:\program files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe" [2010-01-26 779104]
"RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2014-09-03 443640]
"RIM PeerManager"="c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe" [2014-09-15 4836088]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-11-20 1021128]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2014-11-08 1298504]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2012-08-31 452272]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WLStart"="c:\program files (x86)\Windows Live\Installer\wlstart.exe" [2009-07-26 779600]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2010-1-12 1082656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe;c:\windows\SYSNATIVE\IgrsSvcs.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 blackberryncm;BlackBerryNCM Service;c:\windows\system32\DRIVERS\blackberryncm6_AMD64.sys;c:\windows\SYSNATIVE\DRIVERS\blackberryncm6_AMD64.sys [x]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys;c:\windows\SYSNATIVE\drivers\WDBridge.sys [x]
R3 ESETCleanersDriver;ESET Cleaner Service;c:\windows\system32\Drivers\ESETCleanersDriver.sys;c:\windows\SYSNATIVE\Drivers\ESETCleanersDriver.sys [x]
R3 GalaxyService;GalaxyService;c:\program files (x86)\GalaxyClient\GalaxyService.exe;c:\program files (x86)\GalaxyClient\GalaxyService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [x]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe;c:\program files\Lenovo\ReadyComm\AppSvc.exe [x]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe;c:\windows\SYSNATIVE\IgrsSvcs.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 usbrndis6;Adaptér USB RNDIS6;c:\windows\system32\DRIVERS\usb80236.sys;c:\windows\SYSNATIVE\DRIVERS\usb80236.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK);c:\windows\system32\DRIVERS\cm_km_w.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km_w.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S1 klhk;klhk;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 Klwtp;Klwtp;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AVP15.0.2;Služba Kaspersky Anti-Virus 15.0.2;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x]
S2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [x]
S2 RIM MDNS;RIM MDNS;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [x]
S2 RIM Tunnel Service;BlackBerry Link Communication Manager;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe service;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe service [x]
S2 Slidebar Notifier Service;Slidebar Notifier Service;c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe;c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 BlackBerry Device Manager;BlackBerry Device Manager;c:\program files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe;c:\program files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 rimvndis;BlackBerry Virtual Private Network;c:\windows\system32\Drivers\rimvndis6_AMD64.sys;c:\windows\SYSNATIVE\Drivers\rimvndis6_AMD64.sys [x]
S3 vm332avs;Lenovo Camera2;c:\windows\system32\Drivers\vm332avs.sys;c:\windows\SYSNATIVE\Drivers\vm332avs.sys [x]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys;c:\windows\SYSNATIVE\DRIVERS\WDMirror.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
<NO NAME> REG_SZ
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-10-16 10:05 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\46.0.2490.71\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2010-04-21 10:39 1502720 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-01-29 10038304]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-01-29 877600]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SynBtnAsst"="c:\program files (x86)\Synaptics\SynTP\SynBtnAsst.exe" [BU]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2009-12-19 776608]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2010-03-11 4448704]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2010-03-11 7056832]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2014-05-19 3100440]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://lenovo.msn.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: {{5547CE1F-74E9-41E5-9CBF-5211ECC37341} - {BB7DC12B-C59D-4138-AD28-BBB65DE62A3B} - c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
TCP: DhcpNameServer = 192.168.1.1
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avpui.exe
c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
.
**************************************************************************
.
Celkový čas: 2015-10-21 21:06:02 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-10-21 19:05
ComboFix2.txt 2015-10-21 17:20
.
Před spuštěním: Volných bajtů: 311 486 603 264
Po spuštění: Volných bajtů: 311 153 328 128
.
- - End Of File - - F3FA1111FE4DD886DBDF8618D80E5FF9
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4029.881 [GMT 2:00]
Spuštěný z: c:\users\Jirka\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jirka\Desktop\CFScript.txt
AV: Kaspersky Anti-Virus *Disabled/Updated* {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
SP: Kaspersky Anti-Virus *Disabled/Updated* {0F7D947C-13CC-4207-47BE-41AC12334EC6}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\SysWow64\out.txt . . . . nemohl být smazán
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-09-21 do 2015-10-21 )))))))))))))))))))))))))))))))
.
.
2015-10-21 18:44 . 2015-10-21 18:44 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-10-21 18:44 . 2015-10-21 18:44 -------- d-----w- c:\users\Jiří Hálek\AppData\Local\temp
2015-10-21 18:44 . 2015-10-21 18:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-10-21 16:04 . 2015-10-21 16:04 -------- d-----w- C:\rsit
2015-10-21 07:09 . 2015-10-21 07:09 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4B99C2AF-F35C-414D-8A8C-C1D31806F78F}\offreg.2492.dll
2015-10-21 06:58 . 2015-10-13 09:47 11140960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4B99C2AF-F35C-414D-8A8C-C1D31806F78F}\mpengine.dll
2015-10-15 11:38 . 2015-09-18 19:22 25432 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-10-15 11:38 . 2015-09-18 19:19 700416 ----a-w- c:\windows\system32\invagent.dll
2015-10-15 11:38 . 2015-09-18 19:19 766464 ----a-w- c:\windows\system32\generaltel.dll
2015-10-15 11:38 . 2015-09-18 19:19 503808 ----a-w- c:\windows\system32\devinv.dll
2015-10-15 11:38 . 2015-09-18 19:19 73216 ----a-w- c:\windows\system32\acmigration.dll
2015-10-15 11:38 . 2015-09-18 19:19 1291264 ----a-w- c:\windows\system32\appraiser.dll
2015-10-15 11:38 . 2015-09-18 19:09 1163776 ----a-w- c:\windows\system32\aeinv.dll
2015-10-15 10:05 . 2015-09-16 04:32 10949120 ----a-w- c:\program files\Internet Explorer\F12Resources.dll
2015-10-15 08:37 . 2015-09-29 03:11 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-10-15 08:35 . 2015-10-01 18:06 692672 ----a-w- c:\windows\system32\winload.efi
2015-10-15 08:35 . 2015-10-01 18:04 616360 ----a-w- c:\windows\system32\winresume.efi
2015-10-15 08:35 . 2015-10-01 18:00 59392 ----a-w- c:\windows\system32\appidapi.dll
2015-10-15 08:35 . 2015-10-01 18:00 32768 ----a-w- c:\windows\system32\appidsvc.dll
2015-10-15 08:35 . 2015-10-01 18:00 147456 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-10-15 08:35 . 2015-10-01 17:50 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2015-10-15 08:35 . 2015-10-01 18:00 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-10-15 08:35 . 2015-10-01 18:00 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2015-10-15 08:35 . 2015-10-01 17:00 61440 ----a-w- c:\windows\system32\drivers\appid.sys
2015-10-15 08:15 . 2015-10-15 08:21 -------- d--h--w- c:\programdata\CanonIJMIG
2015-10-15 08:15 . 2015-10-15 08:15 -------- d--h--w- c:\programdata\CanonIJScan
2015-10-11 15:01 . 2015-10-11 15:01 -------- d-----w- c:\users\Jirka\AppData\Roaming\CrashReport
2015-09-25 15:44 . 2012-09-21 07:33 321024 ----a-w- c:\windows\SysWow64\CNC_BKL.dll
2015-09-25 15:44 . 2012-05-25 07:21 103936 ----a-w- c:\windows\SysWow64\CNC_BKU.dll
2015-09-25 15:44 . 2008-08-25 16:02 15872 ----a-w- c:\windows\SysWow64\CNHMCA.dll
2015-09-25 15:44 . 2015-09-25 15:44 -------- d--h--w- c:\programdata\CanonIJFAX
2015-09-25 15:31 . 2012-09-20 03:00 30208 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPDBK.DLL
2015-09-25 15:31 . 2012-09-20 03:00 101888 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPPBK.DLL
2015-09-25 15:30 . 2012-09-20 03:00 390656 ----a-w- c:\windows\system32\CNMLMBK.DLL
2015-09-25 15:30 . 2012-09-21 03:00 303104 ----a-w- c:\windows\system32\CNCALBK.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-20 11:38 . 2015-08-20 19:29 831672 ----a-w- c:\windows\system32\drivers\klif.sys
2015-10-20 11:38 . 2015-07-03 00:20 190648 ----a-w- c:\windows\system32\drivers\kneps.sys
2015-10-19 08:17 . 2010-09-09 05:42 143481208 ----a-w- c:\windows\system32\MRT.exe
2015-09-29 02:58 . 2015-10-15 08:38 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-09-15 18:11 . 2015-10-15 08:38 342016 ----a-w- c:\windows\system32\schannel.dll
2015-09-15 17:36 . 2015-10-15 08:38 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-09-02 03:04 . 2015-09-09 08:34 41984 ----a-w- c:\windows\system32\lpk.dll
2015-09-02 03:04 . 2015-09-09 08:34 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-09-02 03:04 . 2015-09-09 08:34 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-09-02 03:04 . 2015-09-09 08:34 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-09-02 02:48 . 2015-09-09 08:34 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-09-02 02:48 . 2015-09-09 08:34 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-09-02 02:48 . 2015-09-09 08:34 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-09-02 02:47 . 2015-09-09 08:34 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-09-02 01:51 . 2015-09-09 08:34 3209216 ----a-w- c:\windows\system32\win32k.sys
2015-09-02 01:47 . 2015-09-09 08:34 372736 ----a-w- c:\windows\system32\atmfd.dll
2015-09-02 01:33 . 2015-09-09 08:34 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-08-27 18:18 . 2015-09-09 08:35 2004480 ----a-w- c:\windows\system32\msxml6.dll
2015-08-27 18:18 . 2015-09-09 08:35 1887232 ----a-w- c:\windows\system32\msxml3.dll
2015-08-27 18:13 . 2015-09-09 08:35 2048 ----a-w- c:\windows\system32\msxml6r.dll
2015-08-27 18:13 . 2015-09-09 08:35 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-08-27 17:58 . 2015-09-09 08:35 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
2015-08-27 17:58 . 2015-09-09 08:35 1241088 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-08-27 17:51 . 2015-09-09 08:35 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2015-08-27 17:51 . 2015-09-09 08:35 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-08-22 07:52 . 2015-08-22 07:52 7680 ----a-w- c:\windows\system32\Ry4CoInst.dll
2015-08-22 07:52 . 2015-08-22 07:52 36904 ----a-w- c:\windows\system32\drivers\Rockey4.sys
2015-08-22 07:52 . 2015-08-22 07:52 23592 ----a-w- c:\windows\system32\drivers\Rockey4USB.sys
2015-08-20 14:17 . 2015-08-20 13:44 170280 ----a-w- c:\windows\system32\drivers\ESETCleanersDriver.sys
2015-08-19 17:03 . 2014-06-03 16:34 778440 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-08-19 17:03 . 2014-06-03 16:34 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-08-05 17:56 . 2015-09-09 08:36 1110016 ----a-w- c:\windows\system32\schedsvc.dll
2015-08-05 17:56 . 2015-09-09 08:36 24576 ----a-w- c:\windows\system32\jnwmon.dll
2015-08-05 17:56 . 2015-09-09 08:36 275456 ----a-w- c:\windows\system32\InkEd.dll
2015-08-05 17:40 . 2015-09-09 08:36 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
2015-07-30 18:06 . 2015-08-20 17:35 1648128 ----a-w- c:\windows\system32\DWrite.dll
2015-07-30 18:06 . 2015-08-20 17:35 1180160 ----a-w- c:\windows\system32\FntCache.dll
2015-07-30 18:06 . 2015-08-20 17:35 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2015-07-30 17:57 . 2015-08-20 17:35 1251328 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-07-30 17:57 . 2015-08-20 17:35 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2015-07-30 13:13 . 2015-08-22 02:58 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-07-30 13:13 . 2015-08-22 02:58 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE" [2014-03-13 779776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-03 98304]
"332BigDog"="c:\program files (x86)\USB Camera2\VM332_STI.EXE" [2009-09-15 536576]
"MuteSync"="c:\progra~2\Lenovo\LENOVO~2\MuteSync.exe" [2009-12-28 336384]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"MDS_Menu"="c:\program files (x86)\Lenovo\MediaShow\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"Lenovo SlideNav2"="c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe" [2009-12-30 318400]
"UCam_Menu"="c:\program files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"YouCam Mirror Tray icon"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2010-02-03 167008]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2010-04-21 3122528]
"Lenovo SplitScreen"="c:\program files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe" [2010-01-26 779104]
"RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2014-09-03 443640]
"RIM PeerManager"="c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe" [2014-09-15 4836088]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-11-20 1021128]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2014-11-08 1298504]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2012-08-31 452272]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WLStart"="c:\program files (x86)\Windows Live\Installer\wlstart.exe" [2009-07-26 779600]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2010-1-12 1082656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe;c:\windows\SYSNATIVE\IgrsSvcs.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 blackberryncm;BlackBerryNCM Service;c:\windows\system32\DRIVERS\blackberryncm6_AMD64.sys;c:\windows\SYSNATIVE\DRIVERS\blackberryncm6_AMD64.sys [x]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys;c:\windows\SYSNATIVE\drivers\WDBridge.sys [x]
R3 ESETCleanersDriver;ESET Cleaner Service;c:\windows\system32\Drivers\ESETCleanersDriver.sys;c:\windows\SYSNATIVE\Drivers\ESETCleanersDriver.sys [x]
R3 GalaxyService;GalaxyService;c:\program files (x86)\GalaxyClient\GalaxyService.exe;c:\program files (x86)\GalaxyClient\GalaxyService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [x]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe;c:\program files\Lenovo\ReadyComm\AppSvc.exe [x]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe;c:\windows\SYSNATIVE\IgrsSvcs.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 usbrndis6;Adaptér USB RNDIS6;c:\windows\system32\DRIVERS\usb80236.sys;c:\windows\SYSNATIVE\DRIVERS\usb80236.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK);c:\windows\system32\DRIVERS\cm_km_w.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km_w.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S1 klhk;klhk;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 Klwtp;Klwtp;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AVP15.0.2;Služba Kaspersky Anti-Virus 15.0.2;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x]
S2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [x]
S2 RIM MDNS;RIM MDNS;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [x]
S2 RIM Tunnel Service;BlackBerry Link Communication Manager;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe service;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe service [x]
S2 Slidebar Notifier Service;Slidebar Notifier Service;c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe;c:\program files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 BlackBerry Device Manager;BlackBerry Device Manager;c:\program files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe;c:\program files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 rimvndis;BlackBerry Virtual Private Network;c:\windows\system32\Drivers\rimvndis6_AMD64.sys;c:\windows\SYSNATIVE\Drivers\rimvndis6_AMD64.sys [x]
S3 vm332avs;Lenovo Camera2;c:\windows\system32\Drivers\vm332avs.sys;c:\windows\SYSNATIVE\Drivers\vm332avs.sys [x]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys;c:\windows\SYSNATIVE\DRIVERS\WDMirror.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
<NO NAME> REG_SZ
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-10-16 10:05 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\46.0.2490.71\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2010-04-21 10:39 1502720 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-01-29 10038304]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-01-29 877600]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SynBtnAsst"="c:\program files (x86)\Synaptics\SynTP\SynBtnAsst.exe" [BU]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2009-12-19 776608]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2010-03-11 4448704]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2010-03-11 7056832]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2014-05-19 3100440]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://lenovo.msn.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: {{5547CE1F-74E9-41E5-9CBF-5211ECC37341} - {BB7DC12B-C59D-4138-AD28-BBB65DE62A3B} - c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
TCP: DhcpNameServer = 192.168.1.1
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avpui.exe
c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
.
**************************************************************************
.
Celkový čas: 2015-10-21 21:06:02 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-10-21 19:05
ComboFix2.txt 2015-10-21 17:20
.
Před spuštěním: Volných bajtů: 311 486 603 264
Po spuštění: Volných bajtů: 311 153 328 128
.
- - End Of File - - F3FA1111FE4DD886DBDF8618D80E5FF9
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: den bez antiviru + policie vás sleduje
Smazáno. CF přejmenujte na uninstal a spusťte. CF bude odinstalován. PC by měl být čistý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: den bez antiviru + policie vás sleduje
Děkuji mnohokrát za pomoc. Nejde mi to na rozum, co vše znáte:-). Díky!
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: den bez antiviru + policie vás sleduje
Celkem nic na tom není. Skeny nám prozradí, co všechno v systému běží. Pak je jen třeba vědět, co tam být nemá/nemusí a smazat to.mila_dka píše:Děkuji mnohokrát za pomoc. Nejde mi to na rozum, co vše znáte:-). Díky!
Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?