Zdravim, prosim o kontrolu. Najednou nejdou psat nektera pismena na klavesnici. Klavesnice vypada opticky vpohodě. Notas nespadnul ani se do něj nic nevylilo atd... Tlacitka jdou normalně mačkat ale při stisku některých se nic nestane...
Prosím o radu. Děkuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by Martina at 2015-11-30 18:02:48
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 179 GB (29%) free of 610 GB
Total RAM: 4094 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:02:58, on 30.11.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18098)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Martina.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8962 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"taskhost.exe"
taskeng.exe {329C776C-05AB-4752-A0A0-9973423BA9FD}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe" --autorun
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\PLFSetI.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 1510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN49K1P5X605YR;CONNECTION=USB;MONITOR=1;
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2392.0.88266218\214619425" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,45 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x9553 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.970.100.1100 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Conservative/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StandardR5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledCWNDBootstrap/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="2392.1.2007114713\1494222412" --font-cache-shared-handle=1864 /prefetch:673131151
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Conservative/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StandardR5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledCWNDBootstrap/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="2392.3.1753023045\1358096785" --font-cache-shared-handle=4080 /prefetch:673131151
taskeng.exe {61613906-9741-48B2-B47A-08C383B528E4}
"C:\Users\Martina\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS.exe
C:\Windows\tasks\AutoKMSDaily.job - C:\Windows\AutoKMS.exe
C:\Windows\tasks\DriverToolkit Autorun.job - C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe --autorun
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf6c5a6cbafb7c.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d092084a97f084.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0c2b954867c6.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0e32b8f82dc0f.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8bd275699a85.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d092084be0f015.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0c2b968f9291.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0e32b91c5f6ba.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8uxp2nhd.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8uxp2nhd.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-06-22 10920552]
"PLFSetI"=C:\Windows\PLFSetI.exe [2008-07-29 200704]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-10-01 5595336]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-09-16 8461224]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Martina\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Martina\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [2009-03-28 3325952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Martina\AppData\Roaming\uTorrent\uTorrent.exe [2015-09-26 1821536]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-08-27 1194504]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk - C:\Windows\system32\RunDll32.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-11-30 17:30:38 ----D---- C:\ProgramData\ESET
2015-11-30 17:30:37 ----D---- C:\Program Files\ESET
2015-11-30 16:42:17 ----D---- C:\Program Files\trend micro
2015-11-30 16:42:16 ----D---- C:\rsit
2015-11-28 19:42:30 ----D---- C:\Program Files (x86)\DriverToolkit
2015-11-28 19:30:07 ----D---- C:\Users\Martina\AppData\Roaming\driveridentifier
2015-11-28 19:30:03 ----D---- C:\Program Files (x86)\Driver Identifier
2015-11-20 11:25:14 ----A---- C:\Windows\system32\pretty-pink-tulips-wallpapers-hd-free-hd-wallpaper-pretty-pink-flower-wide-desktop-background-wallpapers-for-mobile-android-laptop-windows-mac-iphone-nature-pretty-flower-wallpapers-1683608058.jpg.lnk
2015-11-12 09:01:49 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-11-12 09:01:49 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-11-12 09:01:49 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-11-12 09:01:49 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-11-12 09:01:49 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wuwebv.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wups2.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wups.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wudriver.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wucltux.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wuaueng.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wuauclt.exe
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wuapp.exe
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wuapi.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-11-12 09:00:44 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-11-12 09:00:44 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-11-12 09:00:44 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-11-12 09:00:44 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-11-12 09:00:44 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-11-12 09:00:43 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-11-12 09:00:43 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-11-12 09:00:43 ----A---- C:\Windows\SYSWOW64\occache.dll
2015-11-12 09:00:43 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-11-12 09:00:43 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-11-12 09:00:43 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-11-12 09:00:43 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-11-12 09:00:43 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-12 09:00:43 ----A---- C:\Windows\system32\iernonce.dll
2015-11-12 09:00:43 ----A---- C:\Windows\system32\ie4uinit.exe
2015-11-12 09:00:42 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-11-12 09:00:41 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-11-12 09:00:41 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-11-12 09:00:40 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-11-12 09:00:40 ----A---- C:\Windows\system32\urlmon.dll
2015-11-12 09:00:40 ----A---- C:\Windows\system32\occache.dll
2015-11-12 09:00:40 ----A---- C:\Windows\system32\iedkcs32.dll
2015-11-12 09:00:39 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-11-12 09:00:39 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-11-12 09:00:39 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-11-12 09:00:39 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-11-12 09:00:39 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-11-12 09:00:39 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-11-12 09:00:39 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-12 09:00:39 ----A---- C:\Windows\system32\msfeeds.dll
2015-11-12 09:00:39 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-11-12 09:00:39 ----A---- C:\Windows\system32\dxtrans.dll
2015-11-12 09:00:38 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-11-12 09:00:38 ----A---- C:\Windows\system32\iesetup.dll
2015-11-12 09:00:37 ----A---- C:\Windows\system32\ieapfltr.dll
2015-11-12 09:00:36 ----A---- C:\Windows\system32\iertutil.dll
2015-11-12 09:00:35 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-11-12 09:00:35 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-11-12 09:00:35 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-11-12 09:00:35 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-11-12 09:00:35 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-11-12 09:00:35 ----A---- C:\Windows\system32\vbscript.dll
2015-11-12 09:00:35 ----A---- C:\Windows\system32\jsproxy.dll
2015-11-12 09:00:34 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-11-12 09:00:34 ----A---- C:\Windows\system32\ieui.dll
2015-11-12 09:00:34 ----A---- C:\Windows\system32\dxtmsft.dll
2015-11-12 09:00:33 ----A---- C:\Windows\system32\mshtmled.dll
2015-11-12 09:00:33 ----A---- C:\Windows\system32\ieframe.dll
2015-11-12 09:00:32 ----A---- C:\Windows\system32\webcheck.dll
2015-11-12 09:00:32 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-11-12 09:00:32 ----A---- C:\Windows\system32\jscript9diag.dll
2015-11-12 09:00:32 ----A---- C:\Windows\system32\jscript.dll
2015-11-12 09:00:32 ----A---- C:\Windows\system32\ieUnatt.exe
2015-11-12 09:00:31 ----A---- C:\Windows\system32\wininet.dll
2015-11-12 09:00:31 ----A---- C:\Windows\system32\jscript9.dll
2015-11-12 09:00:30 ----A---- C:\Windows\system32\msrating.dll
2015-11-12 09:00:30 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-11-12 09:00:29 ----A---- C:\Windows\system32\mshtml.dll
2015-11-12 09:00:15 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-11-12 09:00:14 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-11-12 09:00:14 ----A---- C:\Windows\system32\schannel.dll
2015-11-12 09:00:14 ----A---- C:\Windows\system32\kerberos.dll
2015-11-12 09:00:13 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-11-12 09:00:13 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-11-12 09:00:13 ----A---- C:\Windows\system32\ncrypt.dll
2015-11-12 09:00:13 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-11-12 09:00:13 ----A---- C:\Windows\system32\drivers\cng.sys
2015-11-12 09:00:12 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-11-12 09:00:12 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-11-12 09:00:11 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2015-11-12 09:00:11 ----A---- C:\Windows\system32\kernel32.dll
2015-11-12 09:00:11 ----A---- C:\Windows\system32\bcryptprimitives.dll
2015-11-12 09:00:10 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-11-12 09:00:10 ----A---- C:\Windows\system32\lsasrv.dll
2015-11-12 09:00:09 ----A---- C:\Windows\system32\wow64.dll
2015-11-12 09:00:09 ----A---- C:\Windows\system32\ntdll.dll
2015-11-12 09:00:09 ----A---- C:\Windows\system32\KernelBase.dll
2015-11-12 09:00:09 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-11-12 09:00:08 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-11-12 09:00:08 ----A---- C:\Windows\system32\winsrv.dll
2015-11-12 09:00:08 ----A---- C:\Windows\system32\wdigest.dll
2015-11-12 09:00:08 ----A---- C:\Windows\system32\TSpkg.dll
2015-11-12 09:00:08 ----A---- C:\Windows\system32\srcore.dll
2015-11-12 09:00:08 ----A---- C:\Windows\system32\rstrui.exe
2015-11-12 09:00:08 ----A---- C:\Windows\system32\rpcrt4.dll
2015-11-12 09:00:08 ----A---- C:\Windows\system32\msv1_0.dll
2015-11-12 09:00:08 ----A---- C:\Windows\system32\conhost.exe
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-11-12 09:00:07 ----A---- C:\Windows\system32\wow64win.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\wow64cpu.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\sspisrv.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\sspicli.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\srclient.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\smss.exe
2015-11-12 09:00:07 ----A---- C:\Windows\system32\secur32.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\ntvdm64.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\lsass.exe
2015-11-12 09:00:07 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-11-12 09:00:07 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-11-12 09:00:07 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-11-12 09:00:07 ----A---- C:\Windows\system32\csrsrv.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\cryptbase.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\credssp.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\auditpol.exe
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-12 09:00:06 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-11-12 09:00:06 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-11-12 09:00:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-12 09:00:05 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-12 09:00:05 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-12 09:00:05 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-12 09:00:05 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-12 09:00:04 ----A---- C:\Windows\SYSWOW64\user.exe
2015-11-12 09:00:04 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-11-12 09:00:04 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-11-12 09:00:04 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-11-12 09:00:04 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-11-12 09:00:04 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-11-12 09:00:04 ----A---- C:\Windows\system32\msobjs.dll
2015-11-12 09:00:04 ----A---- C:\Windows\system32\msaudite.dll
2015-11-12 09:00:04 ----A---- C:\Windows\system32\apisetschema.dll
2015-11-12 09:00:04 ----A---- C:\Windows\system32\adtschema.dll
2015-11-12 08:58:35 ----A---- C:\Windows\system32\drivers\tdx.sys
2015-11-12 08:58:35 ----A---- C:\Windows\system32\drivers\afd.sys
2015-11-12 08:58:27 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2015-11-12 08:58:27 ----A---- C:\Windows\system32\apphelp.dll
2015-11-12 08:58:27 ----A---- C:\Windows\system32\aelupsvc.dll
2015-11-12 08:58:26 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2015-11-12 08:58:26 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2015-11-12 08:58:26 ----A---- C:\Windows\system32\shimeng.dll
2015-11-12 08:58:26 ----A---- C:\Windows\system32\sdbinst.exe
2015-11-12 08:58:22 ----A---- C:\Windows\system32\win32k.sys
2015-11-12 08:58:16 ----A---- C:\Windows\system32\drivers\ndis.sys
2015-11-12 08:58:10 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-11-12 08:58:10 ----A---- C:\Windows\system32\InkEd.dll
2015-11-12 08:58:09 ----A---- C:\Windows\system32\jnwmon.dll
2015-11-01 12:20:48 ----D---- C:\Windows\Minidump
======List of files/folders modified in the last 1 month======
2015-11-30 18:02:55 ----D---- C:\Windows\Temp
2015-11-30 17:41:10 ----D---- C:\Windows\System32
2015-11-30 17:41:10 ----D---- C:\Windows\inf
2015-11-30 17:41:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-30 17:37:05 ----D---- C:\Windows\Tasks
2015-11-30 17:36:59 ----D---- C:\Windows
2015-11-30 17:36:59 ----A---- C:\Windows\KMSEmulator.exe
2015-11-30 17:34:37 ----D---- C:\Windows\system32\config
2015-11-30 17:33:45 ----SHD---- C:\Windows\Installer
2015-11-30 17:33:30 ----HD---- C:\Config.Msi
2015-11-30 17:33:09 ----D---- C:\Windows\system32\drivers
2015-11-30 17:33:08 ----D---- C:\Windows\system32\DriverStore
2015-11-30 17:30:38 ----HD---- C:\ProgramData
2015-11-30 17:30:37 ----RD---- C:\Program Files
2015-11-30 17:26:42 ----SHD---- C:\System Volume Information
2015-11-30 17:16:19 ----D---- C:\Windows\SoftwareDistribution
2015-11-30 17:16:18 ----D---- C:\Users\Martina\AppData\Roaming\uTorrent
2015-11-30 17:16:05 ----D---- C:\Windows\debug
2015-11-30 17:14:00 ----D---- C:\Windows\system32\Tasks
2015-11-30 16:35:51 ----D---- C:\Windows\Prefetch
2015-11-28 19:42:30 ----RD---- C:\Program Files (x86)
2015-11-14 17:43:15 ----D---- C:\Windows\rescache
2015-11-14 14:34:03 ----D---- C:\Program Files\The KMPlayer
2015-11-14 12:25:42 ----D---- C:\Windows\Microsoft.NET
2015-11-14 12:18:06 ----RSD---- C:\Windows\assembly
2015-11-14 08:30:25 ----D---- C:\Windows\winsxs
2015-11-13 22:29:59 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-11-13 22:29:59 ----D---- C:\Windows\SysWOW64
2015-11-13 22:29:58 ----D---- C:\Windows\system32\cs-CZ
2015-11-13 22:29:57 ----D---- C:\Program Files\Internet Explorer
2015-11-13 22:29:56 ----D---- C:\Windows\SYSWOW64\en-US
2015-11-13 22:29:54 ----D---- C:\Windows\system32\en-US
2015-11-13 22:29:53 ----D---- C:\Program Files (x86)\Internet Explorer
2015-11-13 22:29:34 ----D---- C:\Windows\AppPatch
2015-11-13 22:29:26 ----D---- C:\Windows\system32\migration
2015-11-13 22:29:24 ----D---- C:\Program Files\Windows Journal
2015-11-13 22:28:42 ----D---- C:\Windows\system32\catroot2
2015-11-13 21:58:46 ----D---- C:\Windows\system32\MRT
2015-11-13 21:58:38 ----A---- C:\Windows\system32\MRT.exe
2015-11-13 21:55:24 ----D---- C:\ProgramData\Microsoft Help
2015-11-13 21:38:38 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2014-10-10 158968]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-30 359936]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-06-22 2399848]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2014-02-09 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2014-02-09 98344]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2014-02-09 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2014-02-09 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2014-02-09 21160]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-06-04 216064]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2010-01-27 231328]
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-30 238080]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-04-29 361984]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-17 864032]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-10-01 1349576]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-10-31 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-04 114288]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-02-04 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prentivka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: prentivka
Zdravím, není to můj noťas, ale windows by měl být legální. Zespodu noťasu je i vylepenej štítek. Nebo co myslíte? Ale odinstaluju to... Je nevím co.
Re: prentivka
odinstaovano
Logfile of random's system information tool 1.10 (written by random/random)
Run by Martina at 2015-11-30 19:21:25
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 187 GB (31%) free of 610 GB
Total RAM: 4094 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:21:28, on 30.11.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18098)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Martina.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8025 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {1E923665-A157-4BBF-8F19-B8921043738E}
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
taskeng.exe {C4137CA3-C212-41E3-8A32-62D56F584898}
"C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe" --autorun
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\PLFSetI.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 1510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN49K1P5X605YR;CONNECTION=USB;MONITOR=1;
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2260.0.1147020951\1411377953" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,45 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x9553 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.970.100.1100 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Conservative/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StandardR5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="2260.2.1773654088\1520272367" --font-cache-shared-handle=3116 /prefetch:673131151
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Conservative/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StandardR5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="2260.4.651321502\377669132" --font-cache-shared-handle=1732 /prefetch:673131151
"C:\Users\Martina\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS.exe
C:\Windows\tasks\AutoKMSDaily.job - C:\Windows\AutoKMS.exe
C:\Windows\tasks\DriverToolkit Autorun.job - C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe --autorun
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf6c5a6cbafb7c.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d092084a97f084.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0c2b954867c6.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0e32b8f82dc0f.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8bd275699a85.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d092084be0f015.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0c2b968f9291.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0e32b91c5f6ba.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8uxp2nhd.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8uxp2nhd.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-06-22 10920552]
"PLFSetI"=C:\Windows\PLFSetI.exe [2008-07-29 200704]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-10-01 5595336]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-09-16 8461224]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Martina\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Martina\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [2009-03-28 3325952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Martina\AppData\Roaming\uTorrent\uTorrent.exe [2015-09-26 1821536]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-08-27 1194504]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk - C:\Windows\system32\RunDll32.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-11-30 17:30:38 ----D---- C:\ProgramData\ESET
2015-11-30 17:30:37 ----D---- C:\Program Files\ESET
2015-11-30 16:42:17 ----D---- C:\Program Files\trend micro
2015-11-30 16:42:16 ----D---- C:\rsit
2015-11-28 19:42:30 ----D---- C:\Program Files (x86)\DriverToolkit
2015-11-28 19:30:07 ----D---- C:\Users\Martina\AppData\Roaming\driveridentifier
2015-11-28 19:30:03 ----D---- C:\Program Files (x86)\Driver Identifier
2015-11-20 11:25:14 ----A---- C:\Windows\system32\pretty-pink-tulips-wallpapers-hd-free-hd-wallpaper-pretty-pink-flower-wide-desktop-background-wallpapers-for-mobile-android-laptop-windows-mac-iphone-nature-pretty-flower-wallpapers-1683608058.jpg.lnk
2015-11-12 09:01:49 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-11-12 09:01:49 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-11-12 09:01:49 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-11-12 09:01:49 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-11-12 09:01:49 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wuwebv.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wups2.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wups.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wudriver.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wucltux.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wuaueng.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wuauclt.exe
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wuapp.exe
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wuapi.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-11-12 09:00:44 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-11-12 09:00:44 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-11-12 09:00:44 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-11-12 09:00:44 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-11-12 09:00:44 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-11-12 09:00:43 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-11-12 09:00:43 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-11-12 09:00:43 ----A---- C:\Windows\SYSWOW64\occache.dll
2015-11-12 09:00:43 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-11-12 09:00:43 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-11-12 09:00:43 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-11-12 09:00:43 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-11-12 09:00:43 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-12 09:00:43 ----A---- C:\Windows\system32\iernonce.dll
2015-11-12 09:00:43 ----A---- C:\Windows\system32\ie4uinit.exe
2015-11-12 09:00:42 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-11-12 09:00:41 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-11-12 09:00:41 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-11-12 09:00:40 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-11-12 09:00:40 ----A---- C:\Windows\system32\urlmon.dll
2015-11-12 09:00:40 ----A---- C:\Windows\system32\occache.dll
2015-11-12 09:00:40 ----A---- C:\Windows\system32\iedkcs32.dll
2015-11-12 09:00:39 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-11-12 09:00:39 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-11-12 09:00:39 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-11-12 09:00:39 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-11-12 09:00:39 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-11-12 09:00:39 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-11-12 09:00:39 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-12 09:00:39 ----A---- C:\Windows\system32\msfeeds.dll
2015-11-12 09:00:39 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-11-12 09:00:39 ----A---- C:\Windows\system32\dxtrans.dll
2015-11-12 09:00:38 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-11-12 09:00:38 ----A---- C:\Windows\system32\iesetup.dll
2015-11-12 09:00:37 ----A---- C:\Windows\system32\ieapfltr.dll
2015-11-12 09:00:36 ----A---- C:\Windows\system32\iertutil.dll
2015-11-12 09:00:35 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-11-12 09:00:35 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-11-12 09:00:35 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-11-12 09:00:35 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-11-12 09:00:35 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-11-12 09:00:35 ----A---- C:\Windows\system32\vbscript.dll
2015-11-12 09:00:35 ----A---- C:\Windows\system32\jsproxy.dll
2015-11-12 09:00:34 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-11-12 09:00:34 ----A---- C:\Windows\system32\ieui.dll
2015-11-12 09:00:34 ----A---- C:\Windows\system32\dxtmsft.dll
2015-11-12 09:00:33 ----A---- C:\Windows\system32\mshtmled.dll
2015-11-12 09:00:33 ----A---- C:\Windows\system32\ieframe.dll
2015-11-12 09:00:32 ----A---- C:\Windows\system32\webcheck.dll
2015-11-12 09:00:32 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-11-12 09:00:32 ----A---- C:\Windows\system32\jscript9diag.dll
2015-11-12 09:00:32 ----A---- C:\Windows\system32\jscript.dll
2015-11-12 09:00:32 ----A---- C:\Windows\system32\ieUnatt.exe
2015-11-12 09:00:31 ----A---- C:\Windows\system32\wininet.dll
2015-11-12 09:00:31 ----A---- C:\Windows\system32\jscript9.dll
2015-11-12 09:00:30 ----A---- C:\Windows\system32\msrating.dll
2015-11-12 09:00:30 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-11-12 09:00:29 ----A---- C:\Windows\system32\mshtml.dll
2015-11-12 09:00:15 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-11-12 09:00:14 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-11-12 09:00:14 ----A---- C:\Windows\system32\schannel.dll
2015-11-12 09:00:14 ----A---- C:\Windows\system32\kerberos.dll
2015-11-12 09:00:13 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-11-12 09:00:13 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-11-12 09:00:13 ----A---- C:\Windows\system32\ncrypt.dll
2015-11-12 09:00:13 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-11-12 09:00:13 ----A---- C:\Windows\system32\drivers\cng.sys
2015-11-12 09:00:12 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-11-12 09:00:12 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-11-12 09:00:11 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2015-11-12 09:00:11 ----A---- C:\Windows\system32\kernel32.dll
2015-11-12 09:00:11 ----A---- C:\Windows\system32\bcryptprimitives.dll
2015-11-12 09:00:10 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-11-12 09:00:10 ----A---- C:\Windows\system32\lsasrv.dll
2015-11-12 09:00:09 ----A---- C:\Windows\system32\wow64.dll
2015-11-12 09:00:09 ----A---- C:\Windows\system32\ntdll.dll
2015-11-12 09:00:09 ----A---- C:\Windows\system32\KernelBase.dll
2015-11-12 09:00:09 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-11-12 09:00:08 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-11-12 09:00:08 ----A---- C:\Windows\system32\winsrv.dll
2015-11-12 09:00:08 ----A---- C:\Windows\system32\wdigest.dll
2015-11-12 09:00:08 ----A---- C:\Windows\system32\TSpkg.dll
2015-11-12 09:00:08 ----A---- C:\Windows\system32\srcore.dll
2015-11-12 09:00:08 ----A---- C:\Windows\system32\rstrui.exe
2015-11-12 09:00:08 ----A---- C:\Windows\system32\rpcrt4.dll
2015-11-12 09:00:08 ----A---- C:\Windows\system32\msv1_0.dll
2015-11-12 09:00:08 ----A---- C:\Windows\system32\conhost.exe
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-11-12 09:00:07 ----A---- C:\Windows\system32\wow64win.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\wow64cpu.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\sspisrv.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\sspicli.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\srclient.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\smss.exe
2015-11-12 09:00:07 ----A---- C:\Windows\system32\secur32.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\ntvdm64.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\lsass.exe
2015-11-12 09:00:07 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-11-12 09:00:07 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-11-12 09:00:07 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-11-12 09:00:07 ----A---- C:\Windows\system32\csrsrv.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\cryptbase.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\credssp.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\auditpol.exe
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-12 09:00:06 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-11-12 09:00:06 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-11-12 09:00:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-12 09:00:05 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-12 09:00:05 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-12 09:00:05 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-12 09:00:05 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-12 09:00:04 ----A---- C:\Windows\SYSWOW64\user.exe
2015-11-12 09:00:04 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-11-12 09:00:04 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-11-12 09:00:04 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-11-12 09:00:04 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-11-12 09:00:04 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-11-12 09:00:04 ----A---- C:\Windows\system32\msobjs.dll
2015-11-12 09:00:04 ----A---- C:\Windows\system32\msaudite.dll
2015-11-12 09:00:04 ----A---- C:\Windows\system32\apisetschema.dll
2015-11-12 09:00:04 ----A---- C:\Windows\system32\adtschema.dll
2015-11-12 08:58:35 ----A---- C:\Windows\system32\drivers\tdx.sys
2015-11-12 08:58:35 ----A---- C:\Windows\system32\drivers\afd.sys
2015-11-12 08:58:27 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2015-11-12 08:58:27 ----A---- C:\Windows\system32\apphelp.dll
2015-11-12 08:58:27 ----A---- C:\Windows\system32\aelupsvc.dll
2015-11-12 08:58:26 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2015-11-12 08:58:26 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2015-11-12 08:58:26 ----A---- C:\Windows\system32\shimeng.dll
2015-11-12 08:58:26 ----A---- C:\Windows\system32\sdbinst.exe
2015-11-12 08:58:22 ----A---- C:\Windows\system32\win32k.sys
2015-11-12 08:58:16 ----A---- C:\Windows\system32\drivers\ndis.sys
2015-11-12 08:58:10 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-11-12 08:58:10 ----A---- C:\Windows\system32\InkEd.dll
2015-11-12 08:58:09 ----A---- C:\Windows\system32\jnwmon.dll
2015-11-01 12:20:48 ----D---- C:\Windows\Minidump
======List of files/folders modified in the last 1 month======
2015-11-30 19:21:26 ----D---- C:\Windows\Temp
2015-11-30 19:21:18 ----D---- C:\Windows\System32
2015-11-30 19:21:18 ----D---- C:\Windows\inf
2015-11-30 19:21:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-30 19:20:01 ----D---- C:\Windows\system32\config
2015-11-30 19:15:22 ----HD---- C:\Config.Msi
2015-11-30 19:15:22 ----D---- C:\Windows
2015-11-30 19:13:39 ----SHD---- C:\Windows\Installer
2015-11-30 19:13:24 ----D---- C:\Windows\Microsoft.NET
2015-11-30 19:13:08 ----D---- C:\ProgramData\Microsoft Help
2015-11-30 19:13:06 ----RSD---- C:\Windows\assembly
2015-11-30 19:10:40 ----RD---- C:\Program Files
2015-11-30 19:10:40 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-11-30 19:10:40 ----D---- C:\Program Files (x86)\Microsoft.NET
2015-11-30 19:10:39 ----SD---- C:\ProgramData\Microsoft
2015-11-30 19:10:28 ----RSD---- C:\Windows\Fonts
2015-11-30 19:10:26 ----RD---- C:\Program Files (x86)
2015-11-30 19:10:26 ----D---- C:\Program Files\Microsoft Analysis Services
2015-11-30 19:09:59 ----D---- C:\Program Files\Common Files
2015-11-30 19:05:22 ----D---- C:\Windows\ShellNew
2015-11-30 19:00:12 ----SHD---- C:\System Volume Information
2015-11-30 17:37:05 ----D---- C:\Windows\Tasks
2015-11-30 17:36:59 ----A---- C:\Windows\KMSEmulator.exe
2015-11-30 17:33:09 ----D---- C:\Windows\system32\drivers
2015-11-30 17:33:08 ----D---- C:\Windows\system32\DriverStore
2015-11-30 17:30:38 ----HD---- C:\ProgramData
2015-11-30 17:16:19 ----D---- C:\Windows\SoftwareDistribution
2015-11-30 17:16:18 ----D---- C:\Users\Martina\AppData\Roaming\uTorrent
2015-11-30 17:16:05 ----D---- C:\Windows\debug
2015-11-30 17:14:00 ----D---- C:\Windows\system32\Tasks
2015-11-30 16:35:51 ----D---- C:\Windows\Prefetch
2015-11-14 17:43:15 ----D---- C:\Windows\rescache
2015-11-14 14:34:03 ----D---- C:\Program Files\The KMPlayer
2015-11-14 08:30:25 ----D---- C:\Windows\winsxs
2015-11-13 22:29:59 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-11-13 22:29:59 ----D---- C:\Windows\SysWOW64
2015-11-13 22:29:58 ----D---- C:\Windows\system32\cs-CZ
2015-11-13 22:29:57 ----D---- C:\Program Files\Internet Explorer
2015-11-13 22:29:56 ----D---- C:\Windows\SYSWOW64\en-US
2015-11-13 22:29:54 ----D---- C:\Windows\system32\en-US
2015-11-13 22:29:53 ----D---- C:\Program Files (x86)\Internet Explorer
2015-11-13 22:29:34 ----D---- C:\Windows\AppPatch
2015-11-13 22:29:26 ----D---- C:\Windows\system32\migration
2015-11-13 22:29:24 ----D---- C:\Program Files\Windows Journal
2015-11-13 22:28:42 ----D---- C:\Windows\system32\catroot2
2015-11-13 21:58:46 ----D---- C:\Windows\system32\MRT
2015-11-13 21:58:38 ----A---- C:\Windows\system32\MRT.exe
2015-11-13 21:38:38 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2014-10-10 158968]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-30 359936]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-06-22 2399848]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2014-02-09 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2014-02-09 98344]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2014-02-09 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2014-02-09 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2014-02-09 21160]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-06-04 216064]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2010-01-27 231328]
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-30 238080]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-04-29 361984]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-17 864032]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-10-01 1349576]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-10-31 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-04 114288]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-02-04 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Martina at 2015-11-30 19:21:25
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 187 GB (31%) free of 610 GB
Total RAM: 4094 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:21:28, on 30.11.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18098)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Martina.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8025 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {1E923665-A157-4BBF-8F19-B8921043738E}
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
taskeng.exe {C4137CA3-C212-41E3-8A32-62D56F584898}
"C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe" --autorun
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\PLFSetI.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 1510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN49K1P5X605YR;CONNECTION=USB;MONITOR=1;
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2260.0.1147020951\1411377953" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,45 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x9553 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.970.100.1100 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Conservative/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StandardR5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="2260.2.1773654088\1520272367" --font-cache-shared-handle=3116 /prefetch:673131151
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Conservative/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StandardR5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="2260.4.651321502\377669132" --font-cache-shared-handle=1732 /prefetch:673131151
"C:\Users\Martina\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS.exe
C:\Windows\tasks\AutoKMSDaily.job - C:\Windows\AutoKMS.exe
C:\Windows\tasks\DriverToolkit Autorun.job - C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe --autorun
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf6c5a6cbafb7c.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d092084a97f084.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0c2b954867c6.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0e32b8f82dc0f.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8bd275699a85.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d092084be0f015.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0c2b968f9291.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0e32b91c5f6ba.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8uxp2nhd.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8uxp2nhd.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-06-22 10920552]
"PLFSetI"=C:\Windows\PLFSetI.exe [2008-07-29 200704]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-10-01 5595336]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-09-16 8461224]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Martina\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Martina\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [2009-03-28 3325952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Martina\AppData\Roaming\uTorrent\uTorrent.exe [2015-09-26 1821536]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-08-27 1194504]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk - C:\Windows\system32\RunDll32.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-11-30 17:30:38 ----D---- C:\ProgramData\ESET
2015-11-30 17:30:37 ----D---- C:\Program Files\ESET
2015-11-30 16:42:17 ----D---- C:\Program Files\trend micro
2015-11-30 16:42:16 ----D---- C:\rsit
2015-11-28 19:42:30 ----D---- C:\Program Files (x86)\DriverToolkit
2015-11-28 19:30:07 ----D---- C:\Users\Martina\AppData\Roaming\driveridentifier
2015-11-28 19:30:03 ----D---- C:\Program Files (x86)\Driver Identifier
2015-11-20 11:25:14 ----A---- C:\Windows\system32\pretty-pink-tulips-wallpapers-hd-free-hd-wallpaper-pretty-pink-flower-wide-desktop-background-wallpapers-for-mobile-android-laptop-windows-mac-iphone-nature-pretty-flower-wallpapers-1683608058.jpg.lnk
2015-11-12 09:01:49 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-11-12 09:01:49 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-11-12 09:01:49 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-11-12 09:01:49 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-11-12 09:01:49 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wuwebv.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wups2.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wups.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wudriver.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wucltux.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wuaueng.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wuauclt.exe
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wuapp.exe
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wuapi.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-11-12 09:01:49 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-11-12 09:00:44 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-11-12 09:00:44 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-11-12 09:00:44 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-11-12 09:00:44 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-11-12 09:00:44 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-11-12 09:00:43 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-11-12 09:00:43 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-11-12 09:00:43 ----A---- C:\Windows\SYSWOW64\occache.dll
2015-11-12 09:00:43 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-11-12 09:00:43 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-11-12 09:00:43 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-11-12 09:00:43 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-11-12 09:00:43 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-12 09:00:43 ----A---- C:\Windows\system32\iernonce.dll
2015-11-12 09:00:43 ----A---- C:\Windows\system32\ie4uinit.exe
2015-11-12 09:00:42 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-11-12 09:00:41 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-11-12 09:00:41 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-11-12 09:00:40 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-11-12 09:00:40 ----A---- C:\Windows\system32\urlmon.dll
2015-11-12 09:00:40 ----A---- C:\Windows\system32\occache.dll
2015-11-12 09:00:40 ----A---- C:\Windows\system32\iedkcs32.dll
2015-11-12 09:00:39 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-11-12 09:00:39 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-11-12 09:00:39 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-11-12 09:00:39 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-11-12 09:00:39 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-11-12 09:00:39 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-11-12 09:00:39 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-12 09:00:39 ----A---- C:\Windows\system32\msfeeds.dll
2015-11-12 09:00:39 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-11-12 09:00:39 ----A---- C:\Windows\system32\dxtrans.dll
2015-11-12 09:00:38 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-11-12 09:00:38 ----A---- C:\Windows\system32\iesetup.dll
2015-11-12 09:00:37 ----A---- C:\Windows\system32\ieapfltr.dll
2015-11-12 09:00:36 ----A---- C:\Windows\system32\iertutil.dll
2015-11-12 09:00:35 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-11-12 09:00:35 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-11-12 09:00:35 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-11-12 09:00:35 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-11-12 09:00:35 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-11-12 09:00:35 ----A---- C:\Windows\system32\vbscript.dll
2015-11-12 09:00:35 ----A---- C:\Windows\system32\jsproxy.dll
2015-11-12 09:00:34 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-11-12 09:00:34 ----A---- C:\Windows\system32\ieui.dll
2015-11-12 09:00:34 ----A---- C:\Windows\system32\dxtmsft.dll
2015-11-12 09:00:33 ----A---- C:\Windows\system32\mshtmled.dll
2015-11-12 09:00:33 ----A---- C:\Windows\system32\ieframe.dll
2015-11-12 09:00:32 ----A---- C:\Windows\system32\webcheck.dll
2015-11-12 09:00:32 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-11-12 09:00:32 ----A---- C:\Windows\system32\jscript9diag.dll
2015-11-12 09:00:32 ----A---- C:\Windows\system32\jscript.dll
2015-11-12 09:00:32 ----A---- C:\Windows\system32\ieUnatt.exe
2015-11-12 09:00:31 ----A---- C:\Windows\system32\wininet.dll
2015-11-12 09:00:31 ----A---- C:\Windows\system32\jscript9.dll
2015-11-12 09:00:30 ----A---- C:\Windows\system32\msrating.dll
2015-11-12 09:00:30 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-11-12 09:00:29 ----A---- C:\Windows\system32\mshtml.dll
2015-11-12 09:00:15 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-11-12 09:00:14 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-11-12 09:00:14 ----A---- C:\Windows\system32\schannel.dll
2015-11-12 09:00:14 ----A---- C:\Windows\system32\kerberos.dll
2015-11-12 09:00:13 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-11-12 09:00:13 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-11-12 09:00:13 ----A---- C:\Windows\system32\ncrypt.dll
2015-11-12 09:00:13 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-11-12 09:00:13 ----A---- C:\Windows\system32\drivers\cng.sys
2015-11-12 09:00:12 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-11-12 09:00:12 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-11-12 09:00:11 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2015-11-12 09:00:11 ----A---- C:\Windows\system32\kernel32.dll
2015-11-12 09:00:11 ----A---- C:\Windows\system32\bcryptprimitives.dll
2015-11-12 09:00:10 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-11-12 09:00:10 ----A---- C:\Windows\system32\lsasrv.dll
2015-11-12 09:00:09 ----A---- C:\Windows\system32\wow64.dll
2015-11-12 09:00:09 ----A---- C:\Windows\system32\ntdll.dll
2015-11-12 09:00:09 ----A---- C:\Windows\system32\KernelBase.dll
2015-11-12 09:00:09 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-11-12 09:00:08 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-11-12 09:00:08 ----A---- C:\Windows\system32\winsrv.dll
2015-11-12 09:00:08 ----A---- C:\Windows\system32\wdigest.dll
2015-11-12 09:00:08 ----A---- C:\Windows\system32\TSpkg.dll
2015-11-12 09:00:08 ----A---- C:\Windows\system32\srcore.dll
2015-11-12 09:00:08 ----A---- C:\Windows\system32\rstrui.exe
2015-11-12 09:00:08 ----A---- C:\Windows\system32\rpcrt4.dll
2015-11-12 09:00:08 ----A---- C:\Windows\system32\msv1_0.dll
2015-11-12 09:00:08 ----A---- C:\Windows\system32\conhost.exe
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-11-12 09:00:07 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-11-12 09:00:07 ----A---- C:\Windows\system32\wow64win.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\wow64cpu.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\sspisrv.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\sspicli.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\srclient.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\smss.exe
2015-11-12 09:00:07 ----A---- C:\Windows\system32\secur32.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\ntvdm64.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\lsass.exe
2015-11-12 09:00:07 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-11-12 09:00:07 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-11-12 09:00:07 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-11-12 09:00:07 ----A---- C:\Windows\system32\csrsrv.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\cryptbase.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\credssp.dll
2015-11-12 09:00:07 ----A---- C:\Windows\system32\auditpol.exe
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-12 09:00:06 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-12 09:00:06 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-11-12 09:00:06 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-11-12 09:00:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-12 09:00:05 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-12 09:00:05 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-12 09:00:05 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-12 09:00:05 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-12 09:00:04 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-12 09:00:04 ----A---- C:\Windows\SYSWOW64\user.exe
2015-11-12 09:00:04 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-11-12 09:00:04 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-11-12 09:00:04 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-11-12 09:00:04 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-11-12 09:00:04 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-11-12 09:00:04 ----A---- C:\Windows\system32\msobjs.dll
2015-11-12 09:00:04 ----A---- C:\Windows\system32\msaudite.dll
2015-11-12 09:00:04 ----A---- C:\Windows\system32\apisetschema.dll
2015-11-12 09:00:04 ----A---- C:\Windows\system32\adtschema.dll
2015-11-12 08:58:35 ----A---- C:\Windows\system32\drivers\tdx.sys
2015-11-12 08:58:35 ----A---- C:\Windows\system32\drivers\afd.sys
2015-11-12 08:58:27 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2015-11-12 08:58:27 ----A---- C:\Windows\system32\apphelp.dll
2015-11-12 08:58:27 ----A---- C:\Windows\system32\aelupsvc.dll
2015-11-12 08:58:26 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2015-11-12 08:58:26 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2015-11-12 08:58:26 ----A---- C:\Windows\system32\shimeng.dll
2015-11-12 08:58:26 ----A---- C:\Windows\system32\sdbinst.exe
2015-11-12 08:58:22 ----A---- C:\Windows\system32\win32k.sys
2015-11-12 08:58:16 ----A---- C:\Windows\system32\drivers\ndis.sys
2015-11-12 08:58:10 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-11-12 08:58:10 ----A---- C:\Windows\system32\InkEd.dll
2015-11-12 08:58:09 ----A---- C:\Windows\system32\jnwmon.dll
2015-11-01 12:20:48 ----D---- C:\Windows\Minidump
======List of files/folders modified in the last 1 month======
2015-11-30 19:21:26 ----D---- C:\Windows\Temp
2015-11-30 19:21:18 ----D---- C:\Windows\System32
2015-11-30 19:21:18 ----D---- C:\Windows\inf
2015-11-30 19:21:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-30 19:20:01 ----D---- C:\Windows\system32\config
2015-11-30 19:15:22 ----HD---- C:\Config.Msi
2015-11-30 19:15:22 ----D---- C:\Windows
2015-11-30 19:13:39 ----SHD---- C:\Windows\Installer
2015-11-30 19:13:24 ----D---- C:\Windows\Microsoft.NET
2015-11-30 19:13:08 ----D---- C:\ProgramData\Microsoft Help
2015-11-30 19:13:06 ----RSD---- C:\Windows\assembly
2015-11-30 19:10:40 ----RD---- C:\Program Files
2015-11-30 19:10:40 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-11-30 19:10:40 ----D---- C:\Program Files (x86)\Microsoft.NET
2015-11-30 19:10:39 ----SD---- C:\ProgramData\Microsoft
2015-11-30 19:10:28 ----RSD---- C:\Windows\Fonts
2015-11-30 19:10:26 ----RD---- C:\Program Files (x86)
2015-11-30 19:10:26 ----D---- C:\Program Files\Microsoft Analysis Services
2015-11-30 19:09:59 ----D---- C:\Program Files\Common Files
2015-11-30 19:05:22 ----D---- C:\Windows\ShellNew
2015-11-30 19:00:12 ----SHD---- C:\System Volume Information
2015-11-30 17:37:05 ----D---- C:\Windows\Tasks
2015-11-30 17:36:59 ----A---- C:\Windows\KMSEmulator.exe
2015-11-30 17:33:09 ----D---- C:\Windows\system32\drivers
2015-11-30 17:33:08 ----D---- C:\Windows\system32\DriverStore
2015-11-30 17:30:38 ----HD---- C:\ProgramData
2015-11-30 17:16:19 ----D---- C:\Windows\SoftwareDistribution
2015-11-30 17:16:18 ----D---- C:\Users\Martina\AppData\Roaming\uTorrent
2015-11-30 17:16:05 ----D---- C:\Windows\debug
2015-11-30 17:14:00 ----D---- C:\Windows\system32\Tasks
2015-11-30 16:35:51 ----D---- C:\Windows\Prefetch
2015-11-14 17:43:15 ----D---- C:\Windows\rescache
2015-11-14 14:34:03 ----D---- C:\Program Files\The KMPlayer
2015-11-14 08:30:25 ----D---- C:\Windows\winsxs
2015-11-13 22:29:59 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-11-13 22:29:59 ----D---- C:\Windows\SysWOW64
2015-11-13 22:29:58 ----D---- C:\Windows\system32\cs-CZ
2015-11-13 22:29:57 ----D---- C:\Program Files\Internet Explorer
2015-11-13 22:29:56 ----D---- C:\Windows\SYSWOW64\en-US
2015-11-13 22:29:54 ----D---- C:\Windows\system32\en-US
2015-11-13 22:29:53 ----D---- C:\Program Files (x86)\Internet Explorer
2015-11-13 22:29:34 ----D---- C:\Windows\AppPatch
2015-11-13 22:29:26 ----D---- C:\Windows\system32\migration
2015-11-13 22:29:24 ----D---- C:\Program Files\Windows Journal
2015-11-13 22:28:42 ----D---- C:\Windows\system32\catroot2
2015-11-13 21:58:46 ----D---- C:\Windows\system32\MRT
2015-11-13 21:58:38 ----A---- C:\Windows\system32\MRT.exe
2015-11-13 21:38:38 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2014-10-10 158968]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-30 359936]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-06-22 2399848]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2014-02-09 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2014-02-09 98344]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2014-02-09 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2014-02-09 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2014-02-09 21160]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-06-04 216064]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2010-01-27 231328]
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-30 238080]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-04-29 361984]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-17 864032]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-10-01 1349576]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-10-31 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-04 114288]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-02-04 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Re: prentivka
Smaž nepotřebné soubory
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Přes Start >> Všechny programy >> Příslušenství >> Spustit >> napiš - services.msc >> Enter. Najdi službu :
Služba Google Update (gupdate)
Služba Google Update (gupdatem)
Skype Updater (SkypeUpdate)
dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.
Stáhni a spusť OTMoveIt
do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:
klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,
pokud aplikace bude požadovat restart, klikni na YES
v tom případě sem zkopíruj obsah logu uloženého na C:\_OTMoveIt\MovedFiles\
V Knihovně Plánovače úloh zakaž Google Update bude to tam vícekrát a Driver Toolkit
Stáhni a ulož na plochu AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po dokončení skenu klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zkopíruj Report.
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Přes Start >> Všechny programy >> Příslušenství >> Spustit >> napiš - services.msc >> Enter. Najdi službu :
Služba Google Update (gupdate)
Služba Google Update (gupdatem)
Skype Updater (SkypeUpdate)
dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.
Stáhni a spusť OTMoveIt
do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:
Kód: Vybrat vše
:processes
explorer.exe
:files
C:\Windows\tasks\AutoKMS.job
C:\Windows\AutoKMS.exe
C:\Windows\tasks\AutoKMSDaily.job
C:\Windows\AutoKMS.exe
C:\Windows\KMSEmulator.exe
:commands
[purity]
[emptytemp]
[start explorer]pokud aplikace bude požadovat restart, klikni na YES
v tom případě sem zkopíruj obsah logu uloženého na C:\_OTMoveIt\MovedFiles\
V Knihovně Plánovače úloh zakaž Google Update bude to tam vícekrát a Driver Toolkit
Stáhni a ulož na plochu AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po dokončení skenu klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zkopíruj Report.
Re: prentivka
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
C:\Windows\tasks\AutoKMS.job moved successfully.
C:\Windows\AutoKMS.exe moved successfully.
C:\Windows\tasks\AutoKMSDaily.job moved successfully.
File/Folder C:\Windows\AutoKMS.exe not found.
C:\Windows\KMSEmulator.exe moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Martina
->Temp folder emptied: 8691782 bytes
->Temporary Internet Files folder emptied: 5382 bytes
->FireFox cache emptied: 7140255 bytes
->Google Chrome cache emptied: 10906273 bytes
->Flash cache emptied: 456 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4234 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 26,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 12012015_182820
Files moved on Reboot...
C:\Users\Martina\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
Registry entries deleted on Reboot...
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
C:\Windows\tasks\AutoKMS.job moved successfully.
C:\Windows\AutoKMS.exe moved successfully.
C:\Windows\tasks\AutoKMSDaily.job moved successfully.
File/Folder C:\Windows\AutoKMS.exe not found.
C:\Windows\KMSEmulator.exe moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Martina
->Temp folder emptied: 8691782 bytes
->Temporary Internet Files folder emptied: 5382 bytes
->FireFox cache emptied: 7140255 bytes
->Google Chrome cache emptied: 10906273 bytes
->Flash cache emptied: 456 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4234 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 26,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 12012015_182820
Files moved on Reboot...
C:\Users\Martina\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
Registry entries deleted on Reboot...
Re: prentivka
# AdwCleaner v5.023 - Logfile created 01/12/2015 at 18:43:15
# Updated 30/11/2015 by Xplode
# Database : 2015-11-30.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Martina - MARTINA-PC
# Running from : C:\Users\Martina\Desktop\adwcleaner_5.023.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\DriverToolkit
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
[-] Folder Deleted : C:\Users\Martina\AppData\Local\DriverToolkit
[-] Folder Deleted : C:\Users\Martina\AppData\Roaming\RPEng
[-] Folder Deleted : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8uxp2nhd.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Folder Deleted : C:\Users\Martina\Documents\Mobogenie
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\DriverToolkit
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1334 bytes] ##########
Vše hotovo. Omlouvám se, že mě to docela trvá, ale používat klavesku, kde nefungují tlačítka je voprus...
# Updated 30/11/2015 by Xplode
# Database : 2015-11-30.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Martina - MARTINA-PC
# Running from : C:\Users\Martina\Desktop\adwcleaner_5.023.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\DriverToolkit
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
[-] Folder Deleted : C:\Users\Martina\AppData\Local\DriverToolkit
[-] Folder Deleted : C:\Users\Martina\AppData\Roaming\RPEng
[-] Folder Deleted : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8uxp2nhd.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Folder Deleted : C:\Users\Martina\Documents\Mobogenie
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\DriverToolkit
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1334 bytes] ##########
Vše hotovo. Omlouvám se, že mě to docela trvá, ale používat klavesku, kde nefungují tlačítka je voprus...
Re: prentivka
Není třeba se omlouvat, času dostskalda88 píše:Omlouvám se, že mě to docela trvá, ale používat klavesku, kde nefungují tlačítka je voprus...
Znovu spusť OTMoveIt a nahoře v aplikaci klini na CleanUP!
tímto po sobě uklidí.
Stáhni a ulož na plochu ComboFix,
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
Re: prentivka
ComboFix 15-11-30.01 - Martina 01.12.2015 19:20:16.1.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4094.1814 [GMT 1:00]
Spuštěný z: c:\users\Martina\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET NOD32 Antivirus 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\security\Database\tmp.edb
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-11-01 do 2015-12-01 )))))))))))))))))))))))))))))))
.
.
2015-12-01 18:27 . 2015-12-01 18:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-12-01 18:25 . 2015-12-01 18:25 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DD256DBB-7A75-4B23-B957-2D1F73304C2A}\offreg.2948.dll
2015-12-01 17:41 . 2015-12-01 17:43 -------- d-----w- C:\AdwCleaner
2015-12-01 09:30 . 2015-10-29 09:28 11138400 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DD256DBB-7A75-4B23-B957-2D1F73304C2A}\mpengine.dll
2015-11-30 16:30 . 2015-11-30 16:30 -------- d-----w- c:\program files\ESET
2015-11-30 15:42 . 2015-11-30 18:21 -------- d-----w- c:\program files\trend micro
2015-11-28 18:30 . 2015-11-28 18:30 -------- d-----w- c:\users\Martina\AppData\Roaming\driveridentifier
2015-11-28 18:30 . 2015-11-28 18:37 -------- d-----w- c:\program files (x86)\Driver Identifier
2015-11-12 08:00 . 2015-10-30 23:33 50176 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub_is.dll
2015-11-12 07:58 . 2015-10-13 16:41 497664 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-11-13 20:58 . 2014-02-04 19:43 145617392 ----a-w- c:\windows\system32\MRT.exe
2015-10-29 17:50 . 2015-11-12 07:58 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50 . 2015-11-12 07:58 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50 . 2015-11-12 07:58 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50 . 2015-11-12 07:58 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:49 . 2015-11-12 07:58 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
2015-10-29 17:49 . 2015-11-12 07:58 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-10-29 17:49 . 2015-11-12 07:58 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-10-29 17:49 . 2015-11-12 07:58 211968 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2015-10-29 17:39 . 2015-11-12 07:58 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-10-20 01:05 . 2015-11-12 08:00 344064 ----a-w- c:\windows\system32\schannel.dll
2015-10-20 00:45 . 2015-11-12 08:00 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2015-10-20 00:45 . 2015-11-12 08:00 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-10-13 00:29 . 2015-10-13 00:29 875720 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2015-10-13 00:22 . 2015-10-13 00:22 869568 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-10-01 18:06 . 2015-10-14 17:12 692672 ----a-w- c:\windows\system32\winload.efi
2015-10-01 18:04 . 2015-10-14 17:12 616360 ----a-w- c:\windows\system32\winresume.efi
2015-10-01 18:00 . 2015-10-14 17:12 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-10-01 18:00 . 2015-10-14 17:12 59392 ----a-w- c:\windows\system32\appidapi.dll
2015-10-01 18:00 . 2015-10-14 17:12 32768 ----a-w- c:\windows\system32\appidsvc.dll
2015-10-01 18:00 . 2015-10-14 17:12 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2015-10-01 18:00 . 2015-10-14 17:12 147456 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-10-01 17:50 . 2015-10-14 17:12 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2015-10-01 17:00 . 2015-10-14 17:12 61440 ----a-w- c:\windows\system32\drivers\appid.sys
2015-09-18 19:22 . 2015-10-16 06:13 25432 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-09-18 19:19 . 2015-10-16 06:13 700416 ----a-w- c:\windows\system32\invagent.dll
2015-09-18 19:19 . 2015-10-16 06:13 766464 ----a-w- c:\windows\system32\generaltel.dll
2015-09-18 19:19 . 2015-10-16 06:13 503808 ----a-w- c:\windows\system32\devinv.dll
2015-09-18 19:19 . 2015-10-16 06:13 73216 ----a-w- c:\windows\system32\acmigration.dll
2015-09-18 19:19 . 2015-10-16 06:13 1291264 ----a-w- c:\windows\system32\appraiser.dll
2015-09-18 19:09 . 2015-10-16 06:13 1163776 ----a-w- c:\windows\system32\aeinv.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-09-16 8461224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-08-27 1194504]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-04-29 642304]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056]
.
c:\users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Deskjet 1510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN49K1P5X605YR;CONNECTION=USB;MONITOR=1; [2009-7-14 45568]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-17 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-11-13 20:54 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\46.0.2490.86\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf6c5a6cbafb7c.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d092084a97f084.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0c2b954867c6.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0e32b8f82dc0f.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8bd275699a85.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA1d092084be0f015.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0c2b968f9291.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0e32b91c5f6ba.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2014-10-01 5595336]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8uxp2nhd.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-12-01 19:31:29
ComboFix-quarantined-files.txt 2015-12-01 18:31
.
Před spuštěním: Volných bajtů: 194 823 057 408
Po spuštění: Volných bajtů: 194 410 610 688
.
- - End Of File - - 998F1720B79708FB1D5D3598070E4200
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4094.1814 [GMT 1:00]
Spuštěný z: c:\users\Martina\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET NOD32 Antivirus 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\security\Database\tmp.edb
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-11-01 do 2015-12-01 )))))))))))))))))))))))))))))))
.
.
2015-12-01 18:27 . 2015-12-01 18:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-12-01 18:25 . 2015-12-01 18:25 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DD256DBB-7A75-4B23-B957-2D1F73304C2A}\offreg.2948.dll
2015-12-01 17:41 . 2015-12-01 17:43 -------- d-----w- C:\AdwCleaner
2015-12-01 09:30 . 2015-10-29 09:28 11138400 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DD256DBB-7A75-4B23-B957-2D1F73304C2A}\mpengine.dll
2015-11-30 16:30 . 2015-11-30 16:30 -------- d-----w- c:\program files\ESET
2015-11-30 15:42 . 2015-11-30 18:21 -------- d-----w- c:\program files\trend micro
2015-11-28 18:30 . 2015-11-28 18:30 -------- d-----w- c:\users\Martina\AppData\Roaming\driveridentifier
2015-11-28 18:30 . 2015-11-28 18:37 -------- d-----w- c:\program files (x86)\Driver Identifier
2015-11-12 08:00 . 2015-10-30 23:33 50176 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub_is.dll
2015-11-12 07:58 . 2015-10-13 16:41 497664 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-11-13 20:58 . 2014-02-04 19:43 145617392 ----a-w- c:\windows\system32\MRT.exe
2015-10-29 17:50 . 2015-11-12 07:58 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50 . 2015-11-12 07:58 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50 . 2015-11-12 07:58 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50 . 2015-11-12 07:58 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:49 . 2015-11-12 07:58 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
2015-10-29 17:49 . 2015-11-12 07:58 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-10-29 17:49 . 2015-11-12 07:58 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-10-29 17:49 . 2015-11-12 07:58 211968 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2015-10-29 17:39 . 2015-11-12 07:58 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-10-20 01:05 . 2015-11-12 08:00 344064 ----a-w- c:\windows\system32\schannel.dll
2015-10-20 00:45 . 2015-11-12 08:00 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2015-10-20 00:45 . 2015-11-12 08:00 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-10-13 00:29 . 2015-10-13 00:29 875720 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2015-10-13 00:22 . 2015-10-13 00:22 869568 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-10-01 18:06 . 2015-10-14 17:12 692672 ----a-w- c:\windows\system32\winload.efi
2015-10-01 18:04 . 2015-10-14 17:12 616360 ----a-w- c:\windows\system32\winresume.efi
2015-10-01 18:00 . 2015-10-14 17:12 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-10-01 18:00 . 2015-10-14 17:12 59392 ----a-w- c:\windows\system32\appidapi.dll
2015-10-01 18:00 . 2015-10-14 17:12 32768 ----a-w- c:\windows\system32\appidsvc.dll
2015-10-01 18:00 . 2015-10-14 17:12 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2015-10-01 18:00 . 2015-10-14 17:12 147456 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-10-01 17:50 . 2015-10-14 17:12 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2015-10-01 17:00 . 2015-10-14 17:12 61440 ----a-w- c:\windows\system32\drivers\appid.sys
2015-09-18 19:22 . 2015-10-16 06:13 25432 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-09-18 19:19 . 2015-10-16 06:13 700416 ----a-w- c:\windows\system32\invagent.dll
2015-09-18 19:19 . 2015-10-16 06:13 766464 ----a-w- c:\windows\system32\generaltel.dll
2015-09-18 19:19 . 2015-10-16 06:13 503808 ----a-w- c:\windows\system32\devinv.dll
2015-09-18 19:19 . 2015-10-16 06:13 73216 ----a-w- c:\windows\system32\acmigration.dll
2015-09-18 19:19 . 2015-10-16 06:13 1291264 ----a-w- c:\windows\system32\appraiser.dll
2015-09-18 19:09 . 2015-10-16 06:13 1163776 ----a-w- c:\windows\system32\aeinv.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-09-16 8461224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-08-27 1194504]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-04-29 642304]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056]
.
c:\users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Deskjet 1510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN49K1P5X605YR;CONNECTION=USB;MONITOR=1; [2009-7-14 45568]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-17 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-11-13 20:54 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\46.0.2490.86\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf6c5a6cbafb7c.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d092084a97f084.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0c2b954867c6.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0e32b8f82dc0f.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8bd275699a85.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA1d092084be0f015.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0c2b968f9291.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0e32b91c5f6ba.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2014-10-01 5595336]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8uxp2nhd.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-12-01 19:31:29
ComboFix-quarantined-files.txt 2015-12-01 18:31
.
Před spuštěním: Volných bajtů: 194 823 057 408
Po spuštění: Volných bajtů: 194 410 610 688
.
- - End Of File - - 998F1720B79708FB1D5D3598070E4200
A36C5E4F47E84449FF07ED3517B43A31
Re: prentivka
Pokud jsi tak ještě neučinil, přesuň Combofix na plochu
otevři si Poznámkový blok
do něj zkopíruj skript z následujícího okna:
ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,
po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:
Po aplikaci na Tebe vypadne další log, zkopíruj ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,
v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci
otevři si Poznámkový blok
do něj zkopíruj skript z následujícího okna:
Kód: Vybrat vše
RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:
Po aplikaci na Tebe vypadne další log, zkopíruj ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,
v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci
Re: prentivka
ComboFix 15-11-30.01 - Martina 02.12.2015 17:39:19.2.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4094.1605 [GMT 1:00]
Spuštěný z: c:\users\Martina\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Martina\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET NOD32 Antivirus 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-11-02 do 2015-12-02 )))))))))))))))))))))))))))))))
.
.
2015-12-02 16:46 . 2015-12-02 16:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-12-01 17:41 . 2015-12-01 17:43 -------- d-----w- C:\AdwCleaner
2015-12-01 09:30 . 2015-10-29 09:28 11138400 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DD256DBB-7A75-4B23-B957-2D1F73304C2A}\mpengine.dll
2015-11-30 16:30 . 2015-11-30 16:30 -------- d-----w- c:\program files\ESET
2015-11-30 15:42 . 2015-11-30 18:21 -------- d-----w- c:\program files\trend micro
2015-11-28 18:30 . 2015-11-28 18:30 -------- d-----w- c:\users\Martina\AppData\Roaming\driveridentifier
2015-11-28 18:30 . 2015-11-28 18:37 -------- d-----w- c:\program files (x86)\Driver Identifier
2015-11-12 08:00 . 2015-10-30 23:33 50176 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub_is.dll
2015-11-12 07:58 . 2015-10-13 16:41 497664 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-11-13 20:58 . 2014-02-04 19:43 145617392 ----a-w- c:\windows\system32\MRT.exe
2015-10-29 17:50 . 2015-11-12 07:58 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50 . 2015-11-12 07:58 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50 . 2015-11-12 07:58 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50 . 2015-11-12 07:58 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:49 . 2015-11-12 07:58 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
2015-10-29 17:49 . 2015-11-12 07:58 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-10-29 17:49 . 2015-11-12 07:58 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-10-29 17:49 . 2015-11-12 07:58 211968 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2015-10-29 17:39 . 2015-11-12 07:58 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-10-20 01:05 . 2015-11-12 08:00 344064 ----a-w- c:\windows\system32\schannel.dll
2015-10-20 00:45 . 2015-11-12 08:00 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2015-10-20 00:45 . 2015-11-12 08:00 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-10-13 00:29 . 2015-10-13 00:29 875720 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2015-10-13 00:22 . 2015-10-13 00:22 869568 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-10-01 18:06 . 2015-10-14 17:12 692672 ----a-w- c:\windows\system32\winload.efi
2015-10-01 18:04 . 2015-10-14 17:12 616360 ----a-w- c:\windows\system32\winresume.efi
2015-10-01 18:00 . 2015-10-14 17:12 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-10-01 18:00 . 2015-10-14 17:12 59392 ----a-w- c:\windows\system32\appidapi.dll
2015-10-01 18:00 . 2015-10-14 17:12 32768 ----a-w- c:\windows\system32\appidsvc.dll
2015-10-01 18:00 . 2015-10-14 17:12 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2015-10-01 18:00 . 2015-10-14 17:12 147456 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-10-01 17:50 . 2015-10-14 17:12 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2015-10-01 17:00 . 2015-10-14 17:12 61440 ----a-w- c:\windows\system32\drivers\appid.sys
2015-09-18 19:22 . 2015-10-16 06:13 25432 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-09-18 19:19 . 2015-10-16 06:13 700416 ----a-w- c:\windows\system32\invagent.dll
2015-09-18 19:19 . 2015-10-16 06:13 766464 ----a-w- c:\windows\system32\generaltel.dll
2015-09-18 19:19 . 2015-10-16 06:13 503808 ----a-w- c:\windows\system32\devinv.dll
2015-09-18 19:19 . 2015-10-16 06:13 73216 ----a-w- c:\windows\system32\acmigration.dll
2015-09-18 19:19 . 2015-10-16 06:13 1291264 ----a-w- c:\windows\system32\appraiser.dll
2015-09-18 19:09 . 2015-10-16 06:13 1163776 ----a-w- c:\windows\system32\aeinv.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-09-16 8461224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-08-27 1194504]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-04-29 642304]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056]
.
c:\users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Deskjet 1510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN49K1P5X605YR;CONNECTION=USB;MONITOR=1; [2009-7-14 45568]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-17 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-11-13 20:54 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\46.0.2490.86\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf6c5a6cbafb7c.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d092084a97f084.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0c2b954867c6.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0e32b8f82dc0f.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8bd275699a85.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA1d092084be0f015.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0c2b968f9291.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0e32b91c5f6ba.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2014-10-01 5595336]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8uxp2nhd.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2015-12-02 17:49:16
ComboFix-quarantined-files.txt 2015-12-02 16:49
ComboFix2.txt 2015-12-01 18:31
.
Před spuštěním: Volných bajtů: 194 499 297 280
Po spuštění: Volných bajtů: 194 188 382 208
.
- - End Of File - - FC7420F320F61EAE1551C281C9BDAEF5
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4094.1605 [GMT 1:00]
Spuštěný z: c:\users\Martina\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Martina\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET NOD32 Antivirus 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-11-02 do 2015-12-02 )))))))))))))))))))))))))))))))
.
.
2015-12-02 16:46 . 2015-12-02 16:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-12-01 17:41 . 2015-12-01 17:43 -------- d-----w- C:\AdwCleaner
2015-12-01 09:30 . 2015-10-29 09:28 11138400 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DD256DBB-7A75-4B23-B957-2D1F73304C2A}\mpengine.dll
2015-11-30 16:30 . 2015-11-30 16:30 -------- d-----w- c:\program files\ESET
2015-11-30 15:42 . 2015-11-30 18:21 -------- d-----w- c:\program files\trend micro
2015-11-28 18:30 . 2015-11-28 18:30 -------- d-----w- c:\users\Martina\AppData\Roaming\driveridentifier
2015-11-28 18:30 . 2015-11-28 18:37 -------- d-----w- c:\program files (x86)\Driver Identifier
2015-11-12 08:00 . 2015-10-30 23:33 50176 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub_is.dll
2015-11-12 07:58 . 2015-10-13 16:41 497664 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-11-13 20:58 . 2014-02-04 19:43 145617392 ----a-w- c:\windows\system32\MRT.exe
2015-10-29 17:50 . 2015-11-12 07:58 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50 . 2015-11-12 07:58 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50 . 2015-11-12 07:58 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50 . 2015-11-12 07:58 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:49 . 2015-11-12 07:58 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
2015-10-29 17:49 . 2015-11-12 07:58 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-10-29 17:49 . 2015-11-12 07:58 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-10-29 17:49 . 2015-11-12 07:58 211968 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2015-10-29 17:39 . 2015-11-12 07:58 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-10-20 01:05 . 2015-11-12 08:00 344064 ----a-w- c:\windows\system32\schannel.dll
2015-10-20 00:45 . 2015-11-12 08:00 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2015-10-20 00:45 . 2015-11-12 08:00 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-10-13 00:29 . 2015-10-13 00:29 875720 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2015-10-13 00:22 . 2015-10-13 00:22 869568 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-10-01 18:06 . 2015-10-14 17:12 692672 ----a-w- c:\windows\system32\winload.efi
2015-10-01 18:04 . 2015-10-14 17:12 616360 ----a-w- c:\windows\system32\winresume.efi
2015-10-01 18:00 . 2015-10-14 17:12 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-10-01 18:00 . 2015-10-14 17:12 59392 ----a-w- c:\windows\system32\appidapi.dll
2015-10-01 18:00 . 2015-10-14 17:12 32768 ----a-w- c:\windows\system32\appidsvc.dll
2015-10-01 18:00 . 2015-10-14 17:12 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2015-10-01 18:00 . 2015-10-14 17:12 147456 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-10-01 17:50 . 2015-10-14 17:12 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2015-10-01 17:00 . 2015-10-14 17:12 61440 ----a-w- c:\windows\system32\drivers\appid.sys
2015-09-18 19:22 . 2015-10-16 06:13 25432 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-09-18 19:19 . 2015-10-16 06:13 700416 ----a-w- c:\windows\system32\invagent.dll
2015-09-18 19:19 . 2015-10-16 06:13 766464 ----a-w- c:\windows\system32\generaltel.dll
2015-09-18 19:19 . 2015-10-16 06:13 503808 ----a-w- c:\windows\system32\devinv.dll
2015-09-18 19:19 . 2015-10-16 06:13 73216 ----a-w- c:\windows\system32\acmigration.dll
2015-09-18 19:19 . 2015-10-16 06:13 1291264 ----a-w- c:\windows\system32\appraiser.dll
2015-09-18 19:09 . 2015-10-16 06:13 1163776 ----a-w- c:\windows\system32\aeinv.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-09-16 8461224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-08-27 1194504]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-04-29 642304]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056]
.
c:\users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Deskjet 1510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN49K1P5X605YR;CONNECTION=USB;MONITOR=1; [2009-7-14 45568]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-17 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-11-13 20:54 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\46.0.2490.86\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf6c5a6cbafb7c.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d092084a97f084.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0c2b954867c6.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0e32b8f82dc0f.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8bd275699a85.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA1d092084be0f015.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0c2b968f9291.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
2015-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0e32b91c5f6ba.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-09 13:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2014-10-01 5595336]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8uxp2nhd.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2015-12-02 17:49:16
ComboFix-quarantined-files.txt 2015-12-02 16:49
ComboFix2.txt 2015-12-01 18:31
.
Před spuštěním: Volných bajtů: 194 499 297 280
Po spuštění: Volných bajtů: 194 188 382 208
.
- - End Of File - - FC7420F320F61EAE1551C281C9BDAEF5
A36C5E4F47E84449FF07ED3517B43A31
Re: prentivka
Přes Start >> Spustit zkopíruj do okna:
ComboFix /Uninstall
a stiskni Enter
To odinstaluje ComboFix a smaže s ním související soubory a složky.
Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.
Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.
Ještě jednou stáhni a spusť OTMoveIt
do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:
klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,
pokud aplikace bude požadovat restart, klikni na YES
v tom případě sem zkopíruj obsah logu uloženého na C:\_OTMoveIt\MovedFiles\
Pak mi písni jak se PC chová.
ComboFix /Uninstall
a stiskni Enter
To odinstaluje ComboFix a smaže s ním související soubory a složky.
Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.
Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.
Ještě jednou stáhni a spusť OTMoveIt
do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:
Kód: Vybrat vše
:processes
explorer.exe
:files
c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf6c5a6cbafb7c.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore1d092084a97f084.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0c2b954867c6.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0e32b8f82dc0f.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8bd275699a85.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA1d092084be0f015.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0c2b968f9291.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0e32b91c5f6ba.job
:commands
[purity]
[emptytemp]
[start explorer]pokud aplikace bude požadovat restart, klikni na YES
v tom případě sem zkopíruj obsah logu uloženého na C:\_OTMoveIt\MovedFiles\
Pak mi písni jak se PC chová.
Re: prentivka
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf6c5a6cbafb7c.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore1d092084a97f084.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0c2b954867c6.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0e32b8f82dc0f.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8bd275699a85.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA1d092084be0f015.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0c2b968f9291.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0e32b91c5f6ba.job moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Martina
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 2613053 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 14140037 bytes
->Flash cache emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 16,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 12022015_194834
Files moved on Reboot...
C:\Users\Martina\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
Registry entries deleted on Reboot...
Vše uděláno. Bohužel klavesnice je pořád nefunkční.... Mohu alespoň vědět co v noťasu bylo za havěť? A jak se tam dostala?
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf6c5a6cbafb7c.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore1d092084a97f084.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0c2b954867c6.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0e32b8f82dc0f.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8bd275699a85.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA1d092084be0f015.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0c2b968f9291.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0e32b91c5f6ba.job moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Martina
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 2613053 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 14140037 bytes
->Flash cache emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 16,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 12022015_194834
Files moved on Reboot...
C:\Users\Martina\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
Registry entries deleted on Reboot...
Vše uděláno. Bohužel klavesnice je pořád nefunkční.... Mohu alespoň vědět co v noťasu bylo za havěť? A jak se tam dostala?
Re: prentivka
Znovu spusť OTMoveIt a nahoře v aplikaci klini na CleanUP!
tímto po sobě uklidí.
tímto po sobě uklidí.
Zkus přeinstalovat ovladač přes Správce zařízení, zkusit připojit externí zda se to také projeví a stlačeným vzduchem vyfoukat.skalda88 píše:Vše uděláno. Bohužel klavesnice je pořád nefunkční....
Samé menší breberky, ale pokud je jich více je to otravné a zpomalující PC respektive internet. No jak se tam dostala, pár jich bylo z těch "slušnějších" co se ptají při instalaci, zbytek pochytáno po netu.skalda88 píše:Mohu alespoň vědět co v noťasu bylo za havěť? A jak se tam dostala?
Přispějete na provoz fóra?