Zdravím, před pár dny jsem sháněl jednu aplikaci a následně jsem bohužel stáhnul jakýsi infikovaný exe soubor. Od té doby mám zpomalený PC, jak internet, tak i načítání WIN. Udělal jsem kompletní kontrolu a dezifinkaci Kasperskym, kterýho mám originál zaplacenýho, ten to vyčistil ale neuběhlo ani 12 hodin a znovu začaly vyskakovat infikované soubory, které se snaží Kaspersky zachytit. Jednalo se především o soubory ve složkách Local\Temp, APPData\Local, Windows\AppPatch64 a v Program Files.
Díky předem za rady , jak se toho šmejda zbavit!
Zde přidávám log z RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by POŘÍZKOVÁ Lenka at 2015-11-13 23:30:05
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 301 GB (75%) free of 400 GB
Total RAM: 7948 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:30:28, on 13.11.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Users\Adam\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Adam\AppData\Local\ACISER~1\Actransmit.exe
C:\Program Files\TrueCrypt\TrueCrypt.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Users\Jarmila Slepčíková\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\POŘÍZKOVÁ Lenka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~2.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2518339306-503188407-3631570880-1000\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show (User 'Adam')
O4 - HKUS\S-1-5-21-2518339306-503188407-3631570880-1000\..\Run: [uTorrent] "C:\Users\Adam\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED (User 'Adam')
O4 - HKUS\S-1-5-21-2518339306-503188407-3631570880-1000\..\Run: [Steam] "D:\Steam\steam.exe" -silent (User 'Adam')
O4 - HKUS\S-1-5-21-2518339306-503188407-3631570880-1000\..\Run: [Dropbox Update] "C:\Users\Adam\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c (User 'Adam')
O4 - HKUS\S-1-5-21-2518339306-503188407-3631570880-1000\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun (User 'Adam')
O4 - HKUS\S-1-5-21-2518339306-503188407-3631570880-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2518339306-503188407-3631570880-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2518339306-503188407-3631570880-1022\..\Run: [f.lux] "C:\Users\Jarmila Slepčíková\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow (User 'Jarmila Slepčíková')
O4 - S-1-5-21-2518339306-503188407-3631570880-1000 Startup: Dropbox.lnk = Adam\AppData\Roaming\Dropbox\bin\Dropbox.exe (User 'Adam')
O4 - S-1-5-21-2518339306-503188407-3631570880-1000 Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (User 'Adam')
O4 - S-1-5-21-2518339306-503188407-3631570880-1000 User Startup: Dropbox.lnk = Adam\AppData\Roaming\Dropbox\bin\Dropbox.exe (User 'Adam')
O4 - S-1-5-21-2518339306-503188407-3631570880-1000 User Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (User 'Adam')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Virtuální klávesnice - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Služba Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Intel® PROSet/Wireless WiMAX Red Bend Device Management Service (DMAgent) - Red Bend Ltd. - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
O23 - Service: Systém souborů EFS (Encrypting File System) (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: gfore - CodeWatch Tech - C:\Users\Adam\AppData\Local\WoozFo14\gfore.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: OpenVPN Service (OpenVPNService) - The OpenVPN Project - C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RunSwUSB - Unknown owner - C:\Windows\runSW.exe (file missing)
O23 - Service: Správce zabezpečení účtů (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Zachytávání pro službu SNMP (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: Zjišťování interaktivních služeb (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Virtuální disk (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: Stínová kopie svazku (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Intel® PROSet/Wireless WiMAX Service (WiMAXAppSrv) - Intel(R) Corporation - C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
O23 - Service: WMI Performance Adapter (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 17060 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe"
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 26988512
\??\C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
C:\Windows\system32\EscSvc64.exe
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Users\Adam\AppData\Local\WoozFo14\gfore.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\SysWOW64\srvany.exe
C:\Windows\KMService.exe
\??\C:\Windows\system32\conhost.exe
taskeng.exe {30223C31-05F1-484B-A1F1-E1BFC8C4B3F7}
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Software Informer\softinfo.exe" -service
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\snmptrap.exe
"C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\System32\vds.exe
C:\Windows\system32\svchost.exe -k wcssvc
"C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe"
"C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\alg.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe" -hidden /prefetch:1
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe" /tasktray /nosplash
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe"
"C:\Users\Adam\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /systemstart /autostart
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\Users\Adam\AppData\Local\ACISER~1\Actransmit.exe
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8e2b7b8b-7f4b-4935-9607-27e4b9b7e9a2 -SystemEventPortName:HostProcess-db716fb0-48ef-462d-914e-c91bb132c4da -IoCancelEventPortName:HostProcess-14a4018a-29f0-4bdb-bef0-0abb59e73f68 -NonStateChangingEventPortName:HostProcess-18578c96-9962-4cc9-9453-21dbb32e8558 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a3dc1451-ad7e-4874-b0c8-abc9dec612e4
"C:\Program Files\TrueCrypt\TrueCrypt.exe"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe" /tasktray /nosplash
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Users\Jarmila Slepčíková\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe" /starttips
"C:\Windows\system32\notepad.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe" -r
C:\Windows\servicing\TrustedInstaller.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session
taskhost.exe USER
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe" -hidden /prefetch:1
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe" /tasktray /nosplash
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "D:\OSTATNÍ\Písničky\Kabát - Suma sumárum - Best Of (25.let) (2CD+DVD)\DVD\Bruce Willis.mp3"
"C:\PROGRA~1\MICROS~2\Office14\OIS.EXE" /shellOpen "Y:\PRÁCE\BONUSY-UK\Lidi_Nastříhané_Fab\2.sekce\Květoslava Seitlová\Květoslava Seitlová_OP1.jpg"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\nvvsvc.exe -session
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
"taskhost.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe" -hidden /prefetch:1
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe" /tasktray /nosplash
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\PROGRA~1\MICROS~2\Office14\OIS.EXE" /shellOpen "Y:\PRÁCE\BONUSY-UK\Lidi_Nastříhané_Fab\2.sekce\Lenka Pořízková\Lenka Pořízková_OP1.jpg"
"C:\Program Files\Microsoft Office\Office14\EXCEL.EXE" /dde
"C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "D:\OSTATNÍ\Písničky\Hip_Hop\Ektor---Ve-dne,-v-noci-(OFFICIAL-VIDEO).mp3"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="12904.0.1215146489\103408187" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,45 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3308 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Conservative/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Enabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Disabled/*OmniboxBundledExperimentV1/NewSuggestType_A3_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="12904.9.991928543\1452805025" --font-cache-shared-handle=2264 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="12904.10.765739515\2081288527" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Conservative/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Enabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Disabled/*OmniboxBundledExperimentV1/NewSuggestType_A3_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="12904.13.1153711333\1044534329" --font-cache-shared-handle=3912 /prefetch:673131151
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Conservative/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Enabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Disabled/*OmniboxBundledExperimentV1/NewSuggestType_A3_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="12904.18.116397382\871407694" --font-cache-shared-handle=5616 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Conservative/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Enabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Disabled/*OmniboxBundledExperimentV1/NewSuggestType_A3_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="12904.20.1288792533\576946672" --font-cache-shared-handle=4932 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Conservative/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Enabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Disabled/*OmniboxBundledExperimentV1/NewSuggestType_A3_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="12904.21.1934163378\1362778260" --font-cache-shared-handle=1528 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Conservative/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Enabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Disabled/*OmniboxBundledExperimentV1/NewSuggestType_A3_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="12904.22.740182225\1855009267" --font-cache-shared-handle=5400 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Conservative/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Enabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Disabled/*OmniboxBundledExperimentV1/NewSuggestType_A3_Stable_R1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="12904.23.1793533206\1084513210" --font-cache-shared-handle=5896 /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe30_ Global\UsGthrCtrlFltPipeMssGthrPipe30 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\POŘÍZKOVÁ Lenka\Downloads\RSITx64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS\AutoKMS.exe /Application
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2518339306-503188407-3631570880-1000Core.job - C:\Users\Adam\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2518339306-503188407-3631570880-1000UA.job - C:\Users\Adam\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Go_Palikan.job - C:\Users\Adam\AppData\Local\{0A7E3~1\UNINST~1.EXE /Check
C:\Windows\tasks\HaltSto9.job - C:\Users\Adam\AppData\Local\AciServa832\Acrecord.exe
C:\Windows\tasks\ScaServa840.job - C:\Users\Adam\AppData\Local\ACISER~1\Actransmit.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-09-16 2471744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-08-22 800448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-16 1535784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31 471536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-08-22 550080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-08-22 996544]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-08-22 655040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-16 1265448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-08-22 455360]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Surfing Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~2.DLL [2014-10-17 669984]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-08-22 798912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31 471536]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtsFT"=C:\Windows\RTFTrack.exe [2013-07-19 6340312]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-07 36352]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-09-21 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-09-21 771056]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-09-21 769520]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-07-27 1028896]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2014-08-22 8071680]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2014-08-22 6193152]
"IntelWirelessWiMAX"=C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [2011-12-01 1626112]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2013-05-21 7830328]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-08-22 80880]
"AutoKMS"=C:\Windows\AutoKMS.exe [2014-08-22 615936]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-10-18 13657304]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-10-21 1360600]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-08-22 15813616]
"BLEServicesCtrl"=C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [2012-09-17 184112]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2013-04-11 292848]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-08-04 597552]
"MobileConnect"=C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent []
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-12-17 311616]
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2015-03-06 5768992]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-09-17 623104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\gfore]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=28
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-11-13 23:30:06 ----D---- C:\Program Files\trend micro
2015-11-13 23:30:05 ----D---- C:\rsit
2015-11-13 23:11:06 ----D---- C:\Users\POŘÍZKOVÁ Lenka\AppData\Roaming\vlc
2015-11-13 21:08:31 ----D---- C:\Users\POŘÍZKOVÁ Lenka\AppData\Roaming\Intel Corporation
2015-11-13 21:06:33 ----D---- C:\Users\POŘÍZKOVÁ Lenka\AppData\Roaming\Identities
2015-11-13 21:05:56 ----D---- C:\Users\POŘÍZKOVÁ Lenka\AppData\Roaming\Intel
2015-11-13 21:05:54 ----SD---- C:\Users\POŘÍZKOVÁ Lenka\AppData\Roaming\Microsoft
2015-11-13 21:05:54 ----D---- C:\Users\POŘÍZKOVÁ Lenka\AppData\Roaming\Media Center Programs
2015-11-13 21:05:54 ----D---- C:\Users\POŘÍZKOVÁ Lenka\AppData\Roaming\IObit
2015-11-13 02:54:34 ----A---- C:\Windows\system32\drivers\SPPD.sys
2015-11-12 12:21:44 ----D---- C:\Program Files (x86)\TeamViewer
2015-11-11 15:32:31 ----D---- C:\Windows\system32\drivers\Win64
2015-11-10 20:47:26 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-11-03 00:35:17 ----D---- C:\ProgramData\{E3AB0B68-B329-DAEE-02AF-AA6CD22D79E2}
2015-11-03 00:35:11 ----A---- C:\Windows\SYSWOW64\gforeOff.ini
2015-11-03 00:35:11 ----A---- C:\Windows\system32\gforeOff.ini
2015-11-03 00:34:59 ----A---- C:\Windows\system32\gfore64.dll
2015-11-03 00:34:57 ----A---- C:\Windows\SYSWOW64\gfore.dll
2015-10-30 18:12:59 ----D---- C:\ProgramData\Informer Technologies, Inc
2015-10-30 18:12:05 ----D---- C:\Program Files\Software Informer
2015-10-30 15:07:32 ----D---- C:\ProgramData\UDL
2015-10-30 15:07:30 ----D---- C:\ProgramData\Sony Corporation
2015-10-30 14:57:28 ----D---- C:\Program Files\Common Files\EPSON
2015-10-30 14:36:48 ----D---- C:\Program Files\EpsonNet
2015-10-30 14:33:59 ----D---- C:\Program Files (x86)\EPSON Software
2015-10-30 14:33:46 ----A---- C:\Windows\system32\esxw2ud.dll
2015-10-30 14:33:46 ----A---- C:\Windows\system32\escsvc64.exe
2015-10-30 14:33:44 ----D---- C:\Program Files (x86)\epson
2015-10-30 14:33:00 ----A---- C:\Windows\system32\E_GCINST.DLL
2015-10-30 14:32:59 ----A---- C:\Windows\system32\E_YLMBNEE.DLL
2015-10-30 14:32:58 ----A---- C:\Windows\system32\E_YD4BNEE.DLL
2015-10-30 14:29:12 ----D---- C:\ProgramData\Epson
2015-10-20 11:50:46 ----A---- C:\Windows\system32\drivers\iaStorF.sys
2015-10-20 11:50:46 ----A---- C:\Windows\system32\drivers\iaStorA.sys
2015-10-20 11:42:07 ----A---- C:\Windows\system32\drivers\TeeDriverx64.sys
2015-10-17 09:58:06 ----A---- C:\Windows\ntbtlog.txt
2015-10-15 10:56:57 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2015-10-15 10:56:57 ----A---- C:\Windows\system32\infocardapi.dll
2015-10-15 10:56:56 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2015-10-15 10:56:56 ----A---- C:\Windows\system32\icardagt.exe
2015-10-15 10:56:54 ----A---- C:\Windows\SYSWOW64\icardres.dll
2015-10-15 10:56:54 ----A---- C:\Windows\system32\icardres.dll
2015-10-15 10:56:32 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2015-10-15 10:56:32 ----A---- C:\Windows\system32\TsWpfWrp.exe
2015-10-14 15:25:44 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2015-10-14 15:25:44 ----A---- C:\Windows\system32\WMPhoto.dll
2015-10-14 14:31:53 ----A---- C:\Windows\system32\scavengeui.dll
2015-10-14 14:30:27 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2015-10-14 14:30:27 ----A---- C:\Windows\system32\poqexec.exe
======List of files/folders modified in the last 1 month======
2015-11-13 23:30:22 ----D---- C:\Windows\Temp
2015-11-13 23:30:06 ----RD---- C:\Program Files
2015-11-13 23:16:00 ----D---- C:\ProgramData\Kaspersky Lab
2015-11-13 23:10:56 ----D---- C:\Windows\Prefetch
2015-11-13 22:46:46 ----D---- C:\Windows
2015-11-13 21:07:30 ----SHD---- C:\System Volume Information
2015-11-13 21:06:31 ----SHD---- C:\$Recycle.Bin
2015-11-13 21:05:54 ----RD---- C:\Users
2015-11-13 20:06:01 ----D---- C:\Windows\tracing
2015-11-13 19:31:15 ----D---- C:\Windows\system32\config
2015-11-13 13:04:07 ----D---- C:\Windows\System32
2015-11-13 13:04:07 ----D---- C:\Windows\inf
2015-11-13 13:04:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-13 12:58:17 ----D---- C:\Windows\Tasks
2015-11-13 12:56:39 ----D---- C:\Windows\Registration
2015-11-13 02:54:34 ----D---- C:\Windows\system32\drivers
2015-11-13 01:39:20 ----D---- C:\Windows\system32\Tasks
2015-11-13 01:39:19 ----D---- C:\Windows\AppPatch
2015-11-13 01:39:18 ----D---- C:\Program Files (x86)\SearchProtect
2015-11-13 01:29:52 ----SHD---- C:\Windows\Installer
2015-11-12 22:23:25 ----D---- C:\Windows\pss
2015-11-12 22:06:22 ----D---- C:\Windows\SYSWOW64\RTCOM
2015-11-12 22:05:53 ----HD---- C:\Program Files (x86)\Temp
2015-11-12 22:05:52 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-11-12 22:05:50 ----D---- C:\Program Files (x86)\Realtek
2015-11-12 20:02:04 ----D---- C:\ProgramData\Skype
2015-11-12 12:21:54 ----RSD---- C:\Windows\Fonts
2015-11-12 12:21:44 ----RD---- C:\Program Files (x86)
2015-11-12 11:58:50 ----D---- C:\ProgramData\ProductData
2015-11-11 17:44:36 ----HD---- C:\ProgramData
2015-11-11 17:44:16 ----SD---- C:\ProgramData\Microsoft
2015-11-11 15:51:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-11-11 15:37:04 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-11 15:35:48 ----D---- C:\Windows\SysWOW64
2015-11-11 15:32:10 ----D---- C:\Windows\system32\DriverStore
2015-11-11 15:32:10 ----D---- C:\Windows\system32\catroot
2015-11-11 15:31:11 ----D---- C:\Windows\system32\catroot2
2015-11-11 15:30:59 ----D---- C:\Program Files (x86)\Intel
2015-11-11 15:28:34 ----D---- C:\drivers
2015-11-11 12:57:43 ----D---- C:\Program Files\Common Files\AV
2015-11-10 19:22:12 ----D---- C:\Program Files (x86)\Opera
2015-11-03 00:35:43 ----D---- C:\Windows\SYSWOW64\config
2015-11-03 00:34:42 ----HD---- C:\Windows\system32\GroupPolicy
2015-11-03 00:34:42 ----D---- C:\Windows\SYSWOW64\GroupPolicy
2015-10-30 14:57:28 ----D---- C:\Program Files\Common Files
2015-10-30 14:33:44 ----D---- C:\Windows\twain_32
2015-10-29 18:34:11 ----D---- C:\ProgramData\Energy Manager
2015-10-17 10:12:35 ----D---- C:\Windows\winsxs
2015-10-17 10:11:36 ----D---- C:\Windows\Minidump
2015-10-17 03:27:34 ----D---- C:\Windows\rescache
2015-10-16 22:50:24 ----D---- C:\Program Files (x86)\Steam
2015-10-16 17:29:59 ----D---- C:\Windows\Microsoft.NET
2015-10-16 17:29:58 ----RSD---- C:\Windows\assembly
2015-10-15 15:22:59 ----D---- C:\ProgramData\Microsoft Help
2015-10-15 15:22:58 ----A---- C:\Windows\win.ini
2015-10-15 14:20:33 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-10-15 10:59:25 ----D---- C:\Windows\system32\cs-CZ
2015-10-15 10:58:36 ----D---- C:\Windows\SYSWOW64\cs-CZ
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2015-10-20 1455552]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2015-10-20 31144]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-04-11 20464]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2014-08-22 458336]
R0 LHDmgr;LHDmgr; C:\Windows\System32\DRIVERS\LhdX64.sys [2014-08-22 39008]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-08-18 30496]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2011-08-11 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2011-08-11 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-09-19 283064]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2014-12-31 26528]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2014-08-22 625248]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2013-10-20 29792]
R1 klpd;klpd; C:\Windows\system32\DRIVERS\klpd.sys [2013-04-12 15456]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2013-05-14 55904]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2014-08-22 178272]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2015-09-23 231376]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2014-08-22 33560]
R3 bpenum;Intel(R) Centrino(R) WiMAX Enumerator; C:\Windows\system32\DRIVERS\bpenum.sys [2011-11-30 84480]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-08-11 80384]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2013-04-23 132920]
R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2013-04-23 1385272]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-10-13 110336]
R3 ibtusb;Aplikace Intel(R) Wireless Bluetooth(R) 4.0 a vysokorychlostní (HS) adaptér; C:\Windows\system32\DRIVERS\ibtusb.sys [2013-07-01 114632]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-09-17 4177920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-10-21 3691352]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-04-11 366576]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-04-11 785904]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2014-08-22 29280]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2013-10-20 29280]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2015-10-20 178976]
R3 NETwNs64;___ Ovladač adaptéru Intel(R) Wireless pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\Netwsw02.sys [2014-07-08 3442144]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-06-17 941272]
R3 rtsuvc;Lenovo EasyCamera; C:\Windows\system32\DRIVERS\rtsuvc.sys [2013-07-19 8247640]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-10-13 206080]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2014-01-22 206080]
R3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-08-11 552448]
S3 dmvsc;dmvsc; C:\Windows\system32\DRIVERS\dmvsc.sys [2011-08-11 71168]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\G:\__Instalace\EVEREST Ultimate Edition 5.50 2149\kerneld.amd64 []
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2009-07-23 132608]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-07-23 116992]
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys [2009-07-23 113792]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-09-17 449528]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2011-08-11 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2011-08-11 20992]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192cu.sys [2010-08-06 729704]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2011-08-11 6656]
S3 SPPD;SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [2015-11-13 22512]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2011-08-11 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2011-08-11 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\DRIVERS\terminpt.sys [2011-08-11 34816]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2011-08-11 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\DRIVERS\TsUsbGD.sys [2011-08-11 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2011-08-11 117248]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\DRIVERS\vmbus.sys [2011-08-11 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2011-08-11 21760]
S4 klflt;klflt; C:\Windows\system32\DRIVERS\klflt.sys [2014-08-22 115296]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-08-18 893216]
R2 AVP;Služba Kaspersky Anti-Virus; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [2013-10-20 214512]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-06-25 1132920]
R2 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2013-04-23 1366392]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-04-23 1153400]
R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2011-11-30 514048]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2012-05-17 144560]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-08-23 631024]
R2 gfore;gfore; C:\Users\Adam\AppData\Local\WoozFo14\gfore.exe [2015-08-20 1854200]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-07 15720]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2015-01-27 344864]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-11 733696]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-08-19 169432]
R2 KMService;KMService; C:\Windows\syswow64\srvany.exe [2014-08-22 8192]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-08-18 920864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-07-27 1889568]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-02-22 66872]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-08-23 154864]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2014-10-13 743688]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-09-11 5702416]
R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-09-18 9216]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-08-15 2909472]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-05-16 366552]
S2 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-08-23 284912]
S2 RunSwUSB;RunSwUSB; C:\Windows\runSW.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-09-21 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-11 822232]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-11-10 147624]
S3 OpenVPNService;OpenVPN Service; C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe [2014-10-29 37176]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-10-14 838224]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11 269000]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Infikovaný exe soubor - prosba o radu + log
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Infikovaný exe soubor - prosba o radu + log
Zdravím!
Jak je na tom váš oper. systém s legalitou?
Jak je na tom váš oper. systém s legalitou?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Infikovaný exe soubor - prosba o radu + log
Bohužel, mám cracknutou verzi a proto raději update nespouštím.
Re: Infikovaný exe soubor - prosba o radu + log
Jelikož mně dnes nefungovalo už ani připojení k síti, spuštění AV ani nic jiného, tak jsem v nouzovém režimu vyčistil PC programem Combofix.
Zde přikládám log, kdyby mi někdo pomohl s dočištěním, byl bych moc rád.
Děkuji.
LOG:
ComboFix 15-11-15.01 - Adam 15/11/2015 14:41:00.1.4 - x64 NETWORK
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.7948.6351 [GMT 0:00]
Spuštěný z: c:\users\Adam\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *Enabled/Updated* {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Kaspersky Anti-Virus *Enabled/Updated* {0F7D947C-13CC-4207-47BE-41AC12334EC6}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\SearchProtect
c:\program files (x86)\SearchProtect\EULA.txt
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1417535184831
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1418729096963
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1419945508941
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1420710513003
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1421674367597
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1423370364081
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1423580088667
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1424023716098
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1429042459278
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1434549182648
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1435132893698
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1439671661191
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1440451489766
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1442395076169
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1444125262683
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1447378749598
c:\program files (x86)\SearchProtect\Main\rep\cfi.bin
c:\program files (x86)\SearchProtect\Main\rep\edk.bin
c:\program files (x86)\SearchProtect\Main\rep\pni.bin
c:\program files (x86)\SearchProtect\Main\rep\SystemRepository.dat
c:\program files (x86)\SearchProtect\Main\rep\trn.bin
c:\program files (x86)\SearchProtect\UI\dialogs\Consent\consent.css
c:\program files (x86)\SearchProtect\UI\dialogs\Consent\consent.html
c:\program files (x86)\SearchProtect\UI\dialogs\Consent\consent.js
c:\program files (x86)\SearchProtect\UI\dialogs\Consent\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg-dia.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg-uninstall.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgSettingsDS.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\button-bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-def-grey.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\SP_DialogBG.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\text-field.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\v.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\x.png
c:\program files (x86)\SearchProtect\UI\dialogs\libs\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\DialogAPI.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\main.js
c:\program files (x86)\SearchProtect\UI\dialogs\protection\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.css
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.html
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.js
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js
c:\program files (x86)\SearchProtect\UI\dialogs\settings.html
c:\program files (x86)\SearchProtect\UI\dialogs\settings\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.css
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.html
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.js
c:\program files (x86)\SearchProtect\UI\dialogs\style.css
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js
c:\programdata\ntuser.pol
c:\programdata\Roaming
c:\windows\alevir.exe
c:\windows\brasil.exe
c:\windows\brasil.pif
c:\windows\instit.bat
c:\windows\marco!.scr
c:\windows\scrsvr.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_CltMngSvc
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-10-15 do 2015-11-15 )))))))))))))))))))))))))))))))
.
.
2015-11-15 14:54 . 2015-11-15 14:54 151552 ----a-w- c:\windows\KMSEmulator.exe
2015-11-15 00:00 . 2015-11-15 00:02 -------- d-----w- c:\users\Martin Polhoš\AppData\Roaming\BatteryBar
2015-11-14 22:17 . 2015-11-14 22:17 -------- d-----w- c:\users\SCHWÁBOVÁ Natálie
2015-11-14 19:27 . 2015-11-14 19:27 -------- d-----w- c:\users\Petr Bajza\AppData\Roaming\ProductData
2015-11-14 19:26 . 2015-11-14 19:28 -------- d-----w- c:\users\Petr Bajza\AppData\Roaming\BatteryBar
2015-11-13 23:30 . 2015-11-13 23:30 -------- d-----w- c:\program files\trend micro
2015-11-13 23:30 . 2015-11-13 23:30 -------- d-----w- C:\rsit
2015-11-13 21:05 . 2015-11-13 21:06 -------- d-----w- c:\users\POŘÍZKOVÁ Lenka
2015-11-13 20:49 . 2015-11-13 20:49 -------- d-----w- c:\users\SEITLOVÁ Květoslava
2015-11-13 02:54 . 2015-11-13 02:54 22512 ----a-w- c:\windows\system32\drivers\SPPD.sys
2015-11-13 01:39 . 2015-11-13 14:53 -------- d-----w- c:\users\Jarmila Slepčíková\AppData\Local\bvxvgxvyy
2015-11-13 01:31 . 2015-11-13 01:31 -------- d-----w- c:\users\Jarmila Slepčíková\AppData\Roaming\ProductData
2015-11-13 01:28 . 2015-11-13 01:32 -------- d-----w- c:\users\Jarmila Slepčíková\AppData\Roaming\BatteryBar
2015-11-12 22:03 . 2015-11-12 22:03 -------- d-----w- c:\users\Adam\AppData\Local\ElevatedDiagnostics
2015-11-12 16:00 . 2015-11-12 16:01 -------- d-----w- c:\users\POLHOŠ Zdeněk
2015-11-12 12:21 . 2015-11-12 12:22 -------- d-----w- c:\program files (x86)\TeamViewer
2015-11-11 15:32 . 2015-11-11 15:35 -------- d-----w- c:\windows\system32\drivers\Win64
2015-11-04 12:53 . 2015-11-04 12:53 -------- d-----w- c:\users\Martin Polhoš\AppData\Local\CrashDumps
2015-11-03 23:00 . 2015-11-11 12:37 -------- d-----w- c:\users\Adam\AppData\Local\CrashDumps
2015-11-03 14:00 . 2015-11-03 14:00 -------- d-----w- c:\users\Jarmila Slepčíková\AppData\Roaming\Sun
2015-11-03 14:00 . 2015-11-03 14:00 -------- d-----w- c:\users\Jarmila Slepčíková\.oracle_jre_usage
2015-11-03 00:35 . 2015-11-03 00:35 -------- d-----w- c:\users\Adam\AppData\Local\Setup45101230
2015-11-03 00:35 . 2015-11-03 00:35 -------- d-----w- c:\programdata\{E3AB0B68-B329-DAEE-02AF-AA6CD22D79E2}
2015-11-03 00:35 . 2015-11-03 00:35 -------- d-----w- c:\users\Adam\AppData\Local\45064742
2015-11-03 00:34 . 2015-08-20 15:57 358384 ----a-w- c:\windows\system32\gfore64.dll
2015-11-03 00:34 . 2015-08-20 15:57 306464 ----a-w- c:\windows\SysWow64\gfore.dll
2015-11-03 00:34 . 2015-11-03 00:34 -------- d-----w- c:\users\Adam\AppData\Local\WoozFo14
2015-11-03 00:34 . 2015-11-03 00:35 -------- d-----w- c:\users\Adam\AppData\Local\AciServa832
2015-11-03 00:34 . 2015-11-03 01:35 -------- d-----w- c:\users\Adam\AppData\Local\{0A7E3C22-2ED6-509A-434E-7572672689EA}
2015-11-03 00:34 . 2015-11-03 00:35 -------- d-----w- c:\users\Adam\AppData\Local\lire
2015-11-01 14:42 . 2015-11-01 14:42 -------- d-----w- c:\users\Adam\AppData\Roaming\EPSON
2015-10-30 18:12 . 2015-10-30 18:12 -------- d-----w- c:\programdata\Informer Technologies, Inc
2015-10-30 18:12 . 2015-10-30 18:13 -------- d-----w- c:\users\Adam\AppData\Roaming\Software Informer
2015-10-30 18:12 . 2015-10-30 18:12 -------- d-----w- c:\program files\Software Informer
2015-10-30 15:07 . 2015-10-30 15:07 -------- d-----w- c:\programdata\UDL
2015-10-30 15:07 . 2015-10-30 15:07 -------- d-----w- c:\programdata\Sony Corporation
2015-10-30 14:57 . 2015-10-30 14:57 -------- d-----w- c:\program files\Common Files\EPSON
2015-10-30 14:36 . 2015-10-30 14:36 -------- d-----w- c:\program files\EpsonNet
2015-10-30 14:33 . 2015-10-30 15:07 -------- d-----w- c:\program files (x86)\EPSON Software
2015-10-30 14:33 . 2014-02-25 00:00 466944 ----a-w- c:\windows\system32\esxw2ud.dll
2015-10-30 14:33 . 2012-05-17 00:00 144560 ----a-w- c:\windows\system32\escsvc64.exe
2015-10-30 14:33 . 2015-10-30 14:33 -------- d-----w- c:\program files (x86)\epson
2015-10-30 14:33 . 2007-04-10 01:06 10752 ----a-w- c:\windows\system32\E_GCINST.DLL
2015-10-30 14:32 . 2013-12-06 04:05 179712 ----a-w- c:\windows\system32\E_YLMBNEE.DLL
2015-10-30 14:32 . 2011-03-15 03:03 83968 ----a-w- c:\windows\system32\E_YD4BNEE.DLL
2015-10-30 14:29 . 2015-10-30 15:07 -------- d-----w- c:\programdata\Epson
2015-10-29 17:48 . 2015-10-29 17:49 -------- d-----w- c:\users\ČELOUD Milan
2015-10-29 14:16 . 2015-10-29 14:17 -------- d-----w- c:\users\JIRÁČEK Jaroslav
2015-10-29 14:02 . 2015-10-29 14:09 -------- d-----w- c:\users\KOUBEK Jan
2015-10-29 12:31 . 2015-10-29 12:31 -------- d-----w- c:\users\Adam\AppData\Local\Macromedia
2015-10-28 21:48 . 2015-10-28 21:48 -------- d-----w- c:\users\Martin Polhoš\AppData\Roaming\Sun
2015-10-28 21:48 . 2015-10-28 21:48 -------- d-----w- c:\users\Martin Polhoš\.oracle_jre_usage
2015-10-28 16:02 . 2015-10-28 16:09 -------- d-----w- c:\users\VYSKOČIL Rudolf
2015-10-28 15:46 . 2015-10-28 15:53 -------- d-----w- c:\users\HYPR Dušan
2015-10-25 22:44 . 2015-10-28 12:44 -------- d-----w- c:\users\OVESNÝ Tomáš
2015-10-24 16:55 . 2015-10-24 16:56 -------- d-----w- c:\users\HRDLIČKA Zdeněk
2015-10-24 16:39 . 2015-10-28 16:47 -------- d-----w- c:\users\SMEJKAL Vladimír
2015-10-24 16:28 . 2015-10-24 16:29 -------- d-----w- c:\users\BENEŠOVÁ Petra
2015-10-24 00:06 . 2015-10-24 00:07 -------- d-----w- c:\users\DOFEK
2015-10-23 23:55 . 2015-10-23 23:56 -------- d-----w- c:\users\KUBÍČEK
2015-10-23 01:13 . 2015-10-23 01:13 -------- d-----w- c:\users\Jarmila Slepčíková\AppData\Roaming\Opera Software
2015-10-23 01:13 . 2015-10-23 01:13 -------- d-----w- c:\users\Jarmila Slepčíková\AppData\Local\Opera Software
2015-10-23 01:12 . 2015-10-23 01:12 -------- d-----w- c:\users\Jarmila Slepčíková\AppData\Local\FluxSoftware
2015-10-22 15:33 . 2015-10-22 15:34 -------- d-----w- c:\users\DIRINGER
2015-10-21 13:54 . 2015-10-21 13:54 -------- d-----w- c:\users\Petr Bajza\.oracle_jre_usage
2015-10-21 13:20 . 2015-10-21 13:26 -------- d-----w- c:\users\BECKOVÁ
2015-10-21 12:20 . 2015-10-21 12:27 -------- d-----w- c:\users\SEDLO
2015-10-20 18:08 . 2015-10-20 18:08 -------- d-----w- c:\users\Zdeňka Tichá\AppData\Roaming\Sun
2015-10-20 18:08 . 2015-10-20 18:08 -------- d-----w- c:\users\Zdeňka Tichá\.oracle_jre_usage
2015-10-20 17:47 . 2015-10-20 17:53 -------- d-----w- c:\users\STUDENÁ
2015-10-20 14:43 . 2015-10-20 14:43 -------- d-----w- c:\users\ŠUDŘICH\.oracle_jre_usage
2015-10-20 14:20 . 2015-10-20 14:27 -------- d-----w- c:\users\KLEMENTOVÁ
2015-10-20 13:35 . 2015-10-20 13:53 -------- d-----w- c:\users\SEDLÁKOVÁ
2015-10-20 11:50 . 2015-10-20 11:50 31144 ----a-w- c:\windows\system32\drivers\iaStorF.sys
2015-10-20 11:50 . 2015-10-20 11:50 1455552 ----a-w- c:\windows\system32\drivers\iaStorA.sys
2015-10-20 11:42 . 2015-10-20 11:42 178976 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
2015-10-18 13:58 . 2015-10-18 22:41 -------- d-----w- c:\users\ADAM-WILLIAM
2015-10-18 00:54 . 2015-10-18 00:54 -------- d-----w- c:\users\SPURNÁ\AppData\Roaming\Opera Software
2015-10-18 00:54 . 2015-10-18 00:54 -------- d-----w- c:\users\SPURNÁ\AppData\Local\Opera Software
2015-10-18 00:52 . 2015-10-18 00:52 -------- d-----w- c:\users\SPURNÁ\AppData\Local\FluxSoftware
2015-10-17 14:00 . 2015-10-17 14:01 -------- d-----w- c:\users\OSLZLÝ
2015-10-17 01:49 . 2015-10-17 01:49 -------- d-----w- c:\users\ŠUDŘICH\AppData\Local\Opera Software
2015-10-17 01:49 . 2015-10-17 01:49 -------- d-----w- c:\users\ŠUDŘICH\AppData\Roaming\Opera Software
2015-10-17 01:46 . 2015-10-17 01:46 -------- d-----w- c:\users\ŠUDŘICH\AppData\Local\FluxSoftware
2015-10-16 22:08 . 2015-10-16 22:09 -------- d-----w- c:\users\ŠANTAVÝ
2015-10-16 19:57 . 2015-10-16 19:57 -------- d-----w- c:\users\Zdeněk Hudec\AppData\Roaming\ProductData
2015-10-16 15:10 . 2015-10-16 15:10 -------- d-----w- c:\users\ŠUDŘICH\AppData\Local\Macromedia
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-11-11 15:51 . 2014-08-22 08:06 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-11-11 15:51 . 2014-08-22 08:06 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-10-14 12:46 . 2015-10-09 09:25 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2015-10-13 12:40 . 2015-10-13 12:40 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2015-10-13 12:40 . 2015-10-13 12:40 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2015-10-09 09:25 . 2015-10-09 09:25 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2015-09-23 14:15 . 2015-09-23 14:15 231376 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2015-08-27 17:06 . 2014-09-19 16:11 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2013-04-11 89600]
"f.lux"="c:\users\Adam\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-23 1017224]
"uTorrent"="c:\users\Adam\AppData\Roaming\uTorrent\uTorrent.exe" [2015-11-02 1822048]
"Steam"="d:\steam\steam.exe" [2015-11-10 3011152]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-11 292848]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-08-04 597552]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2014-12-17 311616]
"IObit Malware Fighter"="c:\program files (x86)\IObit\IObit Malware Fighter\IMF.exe" [2015-03-06 5768992]
.
c:\users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Adam\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-5-5 39175960]
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2010-3-29 245120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"RequireSignedAppInit_DLLs"=0 (0x0)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R2 RunSwUSB;RunSwUSB;c:\windows\runSW.exe;c:\windows\runSW.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\DRIVERS\dmvsc.sys;c:\windows\SYSNATIVE\DRIVERS\dmvsc.sys [x]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;g:\__instalace\EVEREST Ultimate Edition 5.50 2149\kerneld.amd64;g:\__instalace\EVEREST Ultimate Edition 5.50 2149\kerneld.amd64 [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbfake.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192cu.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192cu.sys [x]
R3 SPPD;SPPD;c:\windows\system32\drivers\SPPD.sys;c:\windows\SYSNATIVE\drivers\SPPD.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssudserd.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\DRIVERS\terminpt.sys;c:\windows\SYSNATIVE\DRIVERS\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\DRIVERS\TsUsbGD.sys;c:\windows\SYSNATIVE\DRIVERS\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R4 klflt;klflt;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:\program files\Intel\WiMAX\Bin\DMAgent.exe;c:\program files\Intel\WiMAX\Bin\DMAgent.exe [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 gfore;gfore;c:\users\Adam\AppData\Local\WoozFo14\gfore.exe;c:\users\Adam\AppData\Local\WoozFo14\gfore.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvany.exe [x]
S2 ss_conn_service;SAMSUNG Mobile Connectivity Service;c:\program files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe;c:\program files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [x]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [x]
S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:\program files\Intel\WiMAX\Bin\AppSrv.exe;c:\program files\Intel\WiMAX\Bin\AppSrv.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 bpenum;Intel(R) Centrino(R) WiMAX Enumerator;c:\windows\system32\DRIVERS\bpenum.sys;c:\windows\SYSNATIVE\DRIVERS\bpenum.sys [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 ibtusb;Aplikace Intel(R) Wireless Bluetooth(R) 4.0 a vysokorychlostní (HS) adaptér;c:\windows\system32\DRIVERS\ibtusb.sys;c:\windows\SYSNATIVE\DRIVERS\ibtusb.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rtsuvc;Lenovo EasyCamera;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-11-11 00:56 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\46.0.2490.86\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-11-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-22 15:51]
.
2015-11-15 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2014-10-20 17:52]
.
2015-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-23 23:45]
.
2015-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-23 23:45]
.
2015-11-15 c:\windows\Tasks\HaltSto9.job
- c:\users\Adam\AppData\Local\AciServa832\Acrecord.exe [2015-11-03 00:34]
.
2015-11-15 c:\windows\Tasks\ScaServa840.job
- c:\users\Adam\AppData\Local\ACISER~1\Actransmit.exe [2015-11-03 00:34]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2014-09-16 20:56 2471744 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 226328 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 226328 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 226328 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 226328 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 226328 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 226328 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 226328 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 226328 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtsFT"="RTFTrack.exe" [2013-07-19 6340312]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-08-07 36352]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-09-21 391152]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-09-21 771056]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-09-21 769520]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-27 1028896]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2014-08-22 8071680]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2014-08-22 6193152]
"IntelWirelessWiMAX"="c:\program files\Intel\WiMAX\Bin\WiMAXCU.exe" [2011-12-01 1626112]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2013-05-21 7830328]
"Lenovo Utility"="c:\program files (x86)\Lenovo\Energy Manager\Utility.exe" [2014-08-22 80880]
"AutoKMS"="c:\windows\AutoKMS.exe" [2014-08-22 615936]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-10-18 13657304]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2013-10-21 1360600]
"Energy Manager"="c:\program files (x86)\Lenovo\Energy Manager\Energy Manager.exe" [2014-08-22 15813616]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-09-17 184112]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.palikan.com/?f=1&a=plk_ir_15_45&cd= ... 761207&ir=
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = 81.174.253.92:3128
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
FF - ProfilePath - c:\users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\c3nqxtd9.default-1440961217857\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - prefs.js: network.proxy.ftp - 185.28.193.95
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.http - 185.28.193.95
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 185.28.193.95
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 185.28.193.95
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EverestDriver]
"ImagePath"="\??\g:\__instalace\EVEREST Ultimate Edition 5.50 2149\kerneld.amd64"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_176_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_176_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_176_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_176_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\srvany.exe
c:\windows\KMService.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
.
**************************************************************************
.
Celkový čas: 2015-11-15 15:06:50 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-11-15 15:06
.
Před spuštěním: Volných bajtů: 317,508,952,064
Po spuštění: Volných bajtů: 316,770,918,400
.
- - End Of File - - D0B9F27587C39D114189D8CA5B21D299
A36C5E4F47E84449FF07ED3517B43A31
Zde přikládám log, kdyby mi někdo pomohl s dočištěním, byl bych moc rád.
Děkuji.
LOG:
ComboFix 15-11-15.01 - Adam 15/11/2015 14:41:00.1.4 - x64 NETWORK
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.7948.6351 [GMT 0:00]
Spuštěný z: c:\users\Adam\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *Enabled/Updated* {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Kaspersky Anti-Virus *Enabled/Updated* {0F7D947C-13CC-4207-47BE-41AC12334EC6}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\SearchProtect
c:\program files (x86)\SearchProtect\EULA.txt
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1417535184831
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1418729096963
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1419945508941
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1420710513003
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1421674367597
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1423370364081
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1423580088667
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1424023716098
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1429042459278
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1434549182648
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1435132893698
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1439671661191
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1440451489766
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1442395076169
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1444125262683
c:\program files (x86)\SearchProtect\Main\bin\sptool.dll_1447378749598
c:\program files (x86)\SearchProtect\Main\rep\cfi.bin
c:\program files (x86)\SearchProtect\Main\rep\edk.bin
c:\program files (x86)\SearchProtect\Main\rep\pni.bin
c:\program files (x86)\SearchProtect\Main\rep\SystemRepository.dat
c:\program files (x86)\SearchProtect\Main\rep\trn.bin
c:\program files (x86)\SearchProtect\UI\dialogs\Consent\consent.css
c:\program files (x86)\SearchProtect\UI\dialogs\Consent\consent.html
c:\program files (x86)\SearchProtect\UI\dialogs\Consent\consent.js
c:\program files (x86)\SearchProtect\UI\dialogs\Consent\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg-dia.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg-uninstall.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgSettingsDS.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\button-bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-def-grey.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\SP_DialogBG.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\text-field.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\v.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\x.png
c:\program files (x86)\SearchProtect\UI\dialogs\libs\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\DialogAPI.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\main.js
c:\program files (x86)\SearchProtect\UI\dialogs\protection\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.css
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.html
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.js
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js
c:\program files (x86)\SearchProtect\UI\dialogs\settings.html
c:\program files (x86)\SearchProtect\UI\dialogs\settings\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.css
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.html
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.js
c:\program files (x86)\SearchProtect\UI\dialogs\style.css
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js
c:\programdata\ntuser.pol
c:\programdata\Roaming
c:\windows\alevir.exe
c:\windows\brasil.exe
c:\windows\brasil.pif
c:\windows\instit.bat
c:\windows\marco!.scr
c:\windows\scrsvr.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_CltMngSvc
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-10-15 do 2015-11-15 )))))))))))))))))))))))))))))))
.
.
2015-11-15 14:54 . 2015-11-15 14:54 151552 ----a-w- c:\windows\KMSEmulator.exe
2015-11-15 00:00 . 2015-11-15 00:02 -------- d-----w- c:\users\Martin Polhoš\AppData\Roaming\BatteryBar
2015-11-14 22:17 . 2015-11-14 22:17 -------- d-----w- c:\users\SCHWÁBOVÁ Natálie
2015-11-14 19:27 . 2015-11-14 19:27 -------- d-----w- c:\users\Petr Bajza\AppData\Roaming\ProductData
2015-11-14 19:26 . 2015-11-14 19:28 -------- d-----w- c:\users\Petr Bajza\AppData\Roaming\BatteryBar
2015-11-13 23:30 . 2015-11-13 23:30 -------- d-----w- c:\program files\trend micro
2015-11-13 23:30 . 2015-11-13 23:30 -------- d-----w- C:\rsit
2015-11-13 21:05 . 2015-11-13 21:06 -------- d-----w- c:\users\POŘÍZKOVÁ Lenka
2015-11-13 20:49 . 2015-11-13 20:49 -------- d-----w- c:\users\SEITLOVÁ Květoslava
2015-11-13 02:54 . 2015-11-13 02:54 22512 ----a-w- c:\windows\system32\drivers\SPPD.sys
2015-11-13 01:39 . 2015-11-13 14:53 -------- d-----w- c:\users\Jarmila Slepčíková\AppData\Local\bvxvgxvyy
2015-11-13 01:31 . 2015-11-13 01:31 -------- d-----w- c:\users\Jarmila Slepčíková\AppData\Roaming\ProductData
2015-11-13 01:28 . 2015-11-13 01:32 -------- d-----w- c:\users\Jarmila Slepčíková\AppData\Roaming\BatteryBar
2015-11-12 22:03 . 2015-11-12 22:03 -------- d-----w- c:\users\Adam\AppData\Local\ElevatedDiagnostics
2015-11-12 16:00 . 2015-11-12 16:01 -------- d-----w- c:\users\POLHOŠ Zdeněk
2015-11-12 12:21 . 2015-11-12 12:22 -------- d-----w- c:\program files (x86)\TeamViewer
2015-11-11 15:32 . 2015-11-11 15:35 -------- d-----w- c:\windows\system32\drivers\Win64
2015-11-04 12:53 . 2015-11-04 12:53 -------- d-----w- c:\users\Martin Polhoš\AppData\Local\CrashDumps
2015-11-03 23:00 . 2015-11-11 12:37 -------- d-----w- c:\users\Adam\AppData\Local\CrashDumps
2015-11-03 14:00 . 2015-11-03 14:00 -------- d-----w- c:\users\Jarmila Slepčíková\AppData\Roaming\Sun
2015-11-03 14:00 . 2015-11-03 14:00 -------- d-----w- c:\users\Jarmila Slepčíková\.oracle_jre_usage
2015-11-03 00:35 . 2015-11-03 00:35 -------- d-----w- c:\users\Adam\AppData\Local\Setup45101230
2015-11-03 00:35 . 2015-11-03 00:35 -------- d-----w- c:\programdata\{E3AB0B68-B329-DAEE-02AF-AA6CD22D79E2}
2015-11-03 00:35 . 2015-11-03 00:35 -------- d-----w- c:\users\Adam\AppData\Local\45064742
2015-11-03 00:34 . 2015-08-20 15:57 358384 ----a-w- c:\windows\system32\gfore64.dll
2015-11-03 00:34 . 2015-08-20 15:57 306464 ----a-w- c:\windows\SysWow64\gfore.dll
2015-11-03 00:34 . 2015-11-03 00:34 -------- d-----w- c:\users\Adam\AppData\Local\WoozFo14
2015-11-03 00:34 . 2015-11-03 00:35 -------- d-----w- c:\users\Adam\AppData\Local\AciServa832
2015-11-03 00:34 . 2015-11-03 01:35 -------- d-----w- c:\users\Adam\AppData\Local\{0A7E3C22-2ED6-509A-434E-7572672689EA}
2015-11-03 00:34 . 2015-11-03 00:35 -------- d-----w- c:\users\Adam\AppData\Local\lire
2015-11-01 14:42 . 2015-11-01 14:42 -------- d-----w- c:\users\Adam\AppData\Roaming\EPSON
2015-10-30 18:12 . 2015-10-30 18:12 -------- d-----w- c:\programdata\Informer Technologies, Inc
2015-10-30 18:12 . 2015-10-30 18:13 -------- d-----w- c:\users\Adam\AppData\Roaming\Software Informer
2015-10-30 18:12 . 2015-10-30 18:12 -------- d-----w- c:\program files\Software Informer
2015-10-30 15:07 . 2015-10-30 15:07 -------- d-----w- c:\programdata\UDL
2015-10-30 15:07 . 2015-10-30 15:07 -------- d-----w- c:\programdata\Sony Corporation
2015-10-30 14:57 . 2015-10-30 14:57 -------- d-----w- c:\program files\Common Files\EPSON
2015-10-30 14:36 . 2015-10-30 14:36 -------- d-----w- c:\program files\EpsonNet
2015-10-30 14:33 . 2015-10-30 15:07 -------- d-----w- c:\program files (x86)\EPSON Software
2015-10-30 14:33 . 2014-02-25 00:00 466944 ----a-w- c:\windows\system32\esxw2ud.dll
2015-10-30 14:33 . 2012-05-17 00:00 144560 ----a-w- c:\windows\system32\escsvc64.exe
2015-10-30 14:33 . 2015-10-30 14:33 -------- d-----w- c:\program files (x86)\epson
2015-10-30 14:33 . 2007-04-10 01:06 10752 ----a-w- c:\windows\system32\E_GCINST.DLL
2015-10-30 14:32 . 2013-12-06 04:05 179712 ----a-w- c:\windows\system32\E_YLMBNEE.DLL
2015-10-30 14:32 . 2011-03-15 03:03 83968 ----a-w- c:\windows\system32\E_YD4BNEE.DLL
2015-10-30 14:29 . 2015-10-30 15:07 -------- d-----w- c:\programdata\Epson
2015-10-29 17:48 . 2015-10-29 17:49 -------- d-----w- c:\users\ČELOUD Milan
2015-10-29 14:16 . 2015-10-29 14:17 -------- d-----w- c:\users\JIRÁČEK Jaroslav
2015-10-29 14:02 . 2015-10-29 14:09 -------- d-----w- c:\users\KOUBEK Jan
2015-10-29 12:31 . 2015-10-29 12:31 -------- d-----w- c:\users\Adam\AppData\Local\Macromedia
2015-10-28 21:48 . 2015-10-28 21:48 -------- d-----w- c:\users\Martin Polhoš\AppData\Roaming\Sun
2015-10-28 21:48 . 2015-10-28 21:48 -------- d-----w- c:\users\Martin Polhoš\.oracle_jre_usage
2015-10-28 16:02 . 2015-10-28 16:09 -------- d-----w- c:\users\VYSKOČIL Rudolf
2015-10-28 15:46 . 2015-10-28 15:53 -------- d-----w- c:\users\HYPR Dušan
2015-10-25 22:44 . 2015-10-28 12:44 -------- d-----w- c:\users\OVESNÝ Tomáš
2015-10-24 16:55 . 2015-10-24 16:56 -------- d-----w- c:\users\HRDLIČKA Zdeněk
2015-10-24 16:39 . 2015-10-28 16:47 -------- d-----w- c:\users\SMEJKAL Vladimír
2015-10-24 16:28 . 2015-10-24 16:29 -------- d-----w- c:\users\BENEŠOVÁ Petra
2015-10-24 00:06 . 2015-10-24 00:07 -------- d-----w- c:\users\DOFEK
2015-10-23 23:55 . 2015-10-23 23:56 -------- d-----w- c:\users\KUBÍČEK
2015-10-23 01:13 . 2015-10-23 01:13 -------- d-----w- c:\users\Jarmila Slepčíková\AppData\Roaming\Opera Software
2015-10-23 01:13 . 2015-10-23 01:13 -------- d-----w- c:\users\Jarmila Slepčíková\AppData\Local\Opera Software
2015-10-23 01:12 . 2015-10-23 01:12 -------- d-----w- c:\users\Jarmila Slepčíková\AppData\Local\FluxSoftware
2015-10-22 15:33 . 2015-10-22 15:34 -------- d-----w- c:\users\DIRINGER
2015-10-21 13:54 . 2015-10-21 13:54 -------- d-----w- c:\users\Petr Bajza\.oracle_jre_usage
2015-10-21 13:20 . 2015-10-21 13:26 -------- d-----w- c:\users\BECKOVÁ
2015-10-21 12:20 . 2015-10-21 12:27 -------- d-----w- c:\users\SEDLO
2015-10-20 18:08 . 2015-10-20 18:08 -------- d-----w- c:\users\Zdeňka Tichá\AppData\Roaming\Sun
2015-10-20 18:08 . 2015-10-20 18:08 -------- d-----w- c:\users\Zdeňka Tichá\.oracle_jre_usage
2015-10-20 17:47 . 2015-10-20 17:53 -------- d-----w- c:\users\STUDENÁ
2015-10-20 14:43 . 2015-10-20 14:43 -------- d-----w- c:\users\ŠUDŘICH\.oracle_jre_usage
2015-10-20 14:20 . 2015-10-20 14:27 -------- d-----w- c:\users\KLEMENTOVÁ
2015-10-20 13:35 . 2015-10-20 13:53 -------- d-----w- c:\users\SEDLÁKOVÁ
2015-10-20 11:50 . 2015-10-20 11:50 31144 ----a-w- c:\windows\system32\drivers\iaStorF.sys
2015-10-20 11:50 . 2015-10-20 11:50 1455552 ----a-w- c:\windows\system32\drivers\iaStorA.sys
2015-10-20 11:42 . 2015-10-20 11:42 178976 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
2015-10-18 13:58 . 2015-10-18 22:41 -------- d-----w- c:\users\ADAM-WILLIAM
2015-10-18 00:54 . 2015-10-18 00:54 -------- d-----w- c:\users\SPURNÁ\AppData\Roaming\Opera Software
2015-10-18 00:54 . 2015-10-18 00:54 -------- d-----w- c:\users\SPURNÁ\AppData\Local\Opera Software
2015-10-18 00:52 . 2015-10-18 00:52 -------- d-----w- c:\users\SPURNÁ\AppData\Local\FluxSoftware
2015-10-17 14:00 . 2015-10-17 14:01 -------- d-----w- c:\users\OSLZLÝ
2015-10-17 01:49 . 2015-10-17 01:49 -------- d-----w- c:\users\ŠUDŘICH\AppData\Local\Opera Software
2015-10-17 01:49 . 2015-10-17 01:49 -------- d-----w- c:\users\ŠUDŘICH\AppData\Roaming\Opera Software
2015-10-17 01:46 . 2015-10-17 01:46 -------- d-----w- c:\users\ŠUDŘICH\AppData\Local\FluxSoftware
2015-10-16 22:08 . 2015-10-16 22:09 -------- d-----w- c:\users\ŠANTAVÝ
2015-10-16 19:57 . 2015-10-16 19:57 -------- d-----w- c:\users\Zdeněk Hudec\AppData\Roaming\ProductData
2015-10-16 15:10 . 2015-10-16 15:10 -------- d-----w- c:\users\ŠUDŘICH\AppData\Local\Macromedia
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-11-11 15:51 . 2014-08-22 08:06 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-11-11 15:51 . 2014-08-22 08:06 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-10-14 12:46 . 2015-10-09 09:25 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2015-10-13 12:40 . 2015-10-13 12:40 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2015-10-13 12:40 . 2015-10-13 12:40 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2015-10-09 09:25 . 2015-10-09 09:25 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2015-09-23 14:15 . 2015-09-23 14:15 231376 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2015-08-27 17:06 . 2014-09-19 16:11 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 189464 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2013-04-11 89600]
"f.lux"="c:\users\Adam\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-23 1017224]
"uTorrent"="c:\users\Adam\AppData\Roaming\uTorrent\uTorrent.exe" [2015-11-02 1822048]
"Steam"="d:\steam\steam.exe" [2015-11-10 3011152]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-11 292848]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-08-04 597552]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2014-12-17 311616]
"IObit Malware Fighter"="c:\program files (x86)\IObit\IObit Malware Fighter\IMF.exe" [2015-03-06 5768992]
.
c:\users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Adam\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-5-5 39175960]
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2010-3-29 245120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"RequireSignedAppInit_DLLs"=0 (0x0)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R2 RunSwUSB;RunSwUSB;c:\windows\runSW.exe;c:\windows\runSW.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\DRIVERS\dmvsc.sys;c:\windows\SYSNATIVE\DRIVERS\dmvsc.sys [x]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;g:\__instalace\EVEREST Ultimate Edition 5.50 2149\kerneld.amd64;g:\__instalace\EVEREST Ultimate Edition 5.50 2149\kerneld.amd64 [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbfake.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192cu.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192cu.sys [x]
R3 SPPD;SPPD;c:\windows\system32\drivers\SPPD.sys;c:\windows\SYSNATIVE\drivers\SPPD.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssudserd.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\DRIVERS\terminpt.sys;c:\windows\SYSNATIVE\DRIVERS\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\DRIVERS\TsUsbGD.sys;c:\windows\SYSNATIVE\DRIVERS\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R4 klflt;klflt;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:\program files\Intel\WiMAX\Bin\DMAgent.exe;c:\program files\Intel\WiMAX\Bin\DMAgent.exe [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 gfore;gfore;c:\users\Adam\AppData\Local\WoozFo14\gfore.exe;c:\users\Adam\AppData\Local\WoozFo14\gfore.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvany.exe [x]
S2 ss_conn_service;SAMSUNG Mobile Connectivity Service;c:\program files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe;c:\program files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [x]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [x]
S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:\program files\Intel\WiMAX\Bin\AppSrv.exe;c:\program files\Intel\WiMAX\Bin\AppSrv.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 bpenum;Intel(R) Centrino(R) WiMAX Enumerator;c:\windows\system32\DRIVERS\bpenum.sys;c:\windows\SYSNATIVE\DRIVERS\bpenum.sys [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 ibtusb;Aplikace Intel(R) Wireless Bluetooth(R) 4.0 a vysokorychlostní (HS) adaptér;c:\windows\system32\DRIVERS\ibtusb.sys;c:\windows\SYSNATIVE\DRIVERS\ibtusb.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rtsuvc;Lenovo EasyCamera;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-11-11 00:56 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\46.0.2490.86\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-11-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-22 15:51]
.
2015-11-15 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2014-10-20 17:52]
.
2015-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-23 23:45]
.
2015-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-23 23:45]
.
2015-11-15 c:\windows\Tasks\HaltSto9.job
- c:\users\Adam\AppData\Local\AciServa832\Acrecord.exe [2015-11-03 00:34]
.
2015-11-15 c:\windows\Tasks\ScaServa840.job
- c:\users\Adam\AppData\Local\ACISER~1\Actransmit.exe [2015-11-03 00:34]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2014-09-16 20:56 2471744 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 226328 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 226328 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 226328 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 226328 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 226328 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 226328 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 226328 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-08-14 08:16 226328 ----a-w- c:\users\Adam\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtsFT"="RTFTrack.exe" [2013-07-19 6340312]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-08-07 36352]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-09-21 391152]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-09-21 771056]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-09-21 769520]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-27 1028896]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2014-08-22 8071680]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2014-08-22 6193152]
"IntelWirelessWiMAX"="c:\program files\Intel\WiMAX\Bin\WiMAXCU.exe" [2011-12-01 1626112]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2013-05-21 7830328]
"Lenovo Utility"="c:\program files (x86)\Lenovo\Energy Manager\Utility.exe" [2014-08-22 80880]
"AutoKMS"="c:\windows\AutoKMS.exe" [2014-08-22 615936]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-10-18 13657304]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2013-10-21 1360600]
"Energy Manager"="c:\program files (x86)\Lenovo\Energy Manager\Energy Manager.exe" [2014-08-22 15813616]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-09-17 184112]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.palikan.com/?f=1&a=plk_ir_15_45&cd= ... 761207&ir=
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = 81.174.253.92:3128
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
FF - ProfilePath - c:\users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\c3nqxtd9.default-1440961217857\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - prefs.js: network.proxy.ftp - 185.28.193.95
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.http - 185.28.193.95
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 185.28.193.95
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 185.28.193.95
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EverestDriver]
"ImagePath"="\??\g:\__instalace\EVEREST Ultimate Edition 5.50 2149\kerneld.amd64"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_176_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_176_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_176_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_176_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\srvany.exe
c:\windows\KMService.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
.
**************************************************************************
.
Celkový čas: 2015-11-15 15:06:50 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-11-15 15:06
.
Před spuštěním: Volných bajtů: 317,508,952,064
Po spuštění: Volných bajtů: 316,770,918,400
.
- - End Of File - - D0B9F27587C39D114189D8CA5B21D299
A36C5E4F47E84449FF07ED3517B43A31
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Infikovaný exe soubor - prosba o radu + log
Zdravím!
Jak je to tedy s legalitou vašeho oper. systému?
Jak je to tedy s legalitou vašeho oper. systému?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Infikovaný exe soubor - prosba o radu + log
Zdravím též. Jak jsem již řekl, nebudu lhát. Mám cracknutou verzi OS, s klíčem a WIN se tedy pouze chová jako legální.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Infikovaný exe soubor - prosba o radu + log
V tom případě lituji, ale podle pravidel vám pomoci nemohu: http://forum.viry.cz/viewtopic.php?f=12&t=115512 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Infikovaný exe soubor - prosba o radu + log
Dobře, ale i tak děkuji.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Infikovaný exe soubor - prosba o radu + log
Není zač.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?