Prosim o kontrolu logu, občas na mě vyskočí pornostranka
Logfile of random's system information tool 1.14 (written by random/random)
Run by Rene Anicka Sabrinka at 2016-11-20 10:33:22
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 45 GB (23%) free of 194 GB
Total RAM: 2047 MB (55% free)
X86
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:33:39, on 20.11.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18124)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Alcohol Soft\Alcohol 120\Alcohol.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Rene Anicka Sabrinka\Downloads\RSIT.exe
C:\Program Files\trend micro\Rene Anicka Sabrinka_RSIT.exe
C:\Windows\system32\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.alawarhry.cz/?pid=19363
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://none-stops.net/wpad.dat?3f09bee0 ... bb20293153
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - (no file)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [EPSON SX430 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE /FU "C:\Users\RENEAN~1\AppData\Local\Temp\E_SD671.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [EPSON042280 (Epson Stylus SX430)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE /FU "C:\Users\RENEAN~1\AppData\Local\Temp\E_SD864.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: SimilarWeb - {5D06ED6E-DA78-4486-A246-B131A2C39807} - (no file)
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Unknown owner - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (file missing)
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShow Gold\ScsiAccess.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
--
End of file - 9913 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DriverToolkit Autorun.job - C:\Program Files\DriverToolkit\DriverToolkit.exe --autorun
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\avast! Emergency Update - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1992398608-3809082940-2848717576-1001 - C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe /bgrecordaliveevent
C:\Windows\system32\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1992398608-3809082940-2848717576-1001 - C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe /logoncheck
C:\Windows\system32\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1992398608-3809082940-2848717576-1001 - C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe /scheduledcheck
C:\Windows\system32\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1992398608-3809082940-2848717576-1001 - C:\Program Files\Real\RealUpgrade\RealUpgrade.exe /logoncheck
C:\Windows\system32\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1992398608-3809082940-2848717576-1001 - C:\Program Files\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck
C:\Windows\system32\tasks\SafeZone scheduled Autoupdate 1460986745 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\{0DFE3D62-D73B-4CAC-919F-10515B818287} - C:\Windows\system32\pcalua.exe -a G:\netsetup.exe -d G:\
C:\Windows\system32\tasks\{32C4A2EE-C141-4E57-9374-E94002D1A2B5} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
C:\Windows\system32\tasks\{F7B56C0E-5910-4E2F-AA8F-561D42241CC2} - C:\Windows\system32\pcalua.exe -a "C:\Users\Rene Anicka Sabrinka\Downloads\cestiny_131_XIIISKv101.exe" -d "C:\Users\Rene Anicka Sabrinka\Downloads"
C:\Windows\system32\tasks\{FEF6182F-EB6C-452E-8951-D96DF2961569} - C:\Program Files\Remedy\Max Payne 2\MaxPayne2_cracked.exe
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime - %windir%\system32\GWX\GWXUXWorker.exe /ScheduleUpgradeReminderTime
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime - %windir%\system32\GWX\GWXUXWorker.exe /ScheduleUpgradeTime
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess - %windir%\system32\GWX\GWX.exe /tasklaunch
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfigAndContent
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent - %windir%\system32\GWX\GWXConfigManager.exe /RefreshContent
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Lenovo\Lenovo Customer Feedback Program 35 - "%ProgramFiles%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
=========Mozilla firefox=========
ProfilePath - C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default
prefs.js - "browser.startup.homepage" - "http://www.centrum.cz/"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@photodex.com/PhotodexPresenter]
"Description"=Photodex Presenter Plugin
"Path"=C:\Program Files\Photodex Presenter\npPxPlay.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Peppe rFlash Video Shim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51]
"Description"=RealPlayer Download Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@realnetworks.com/npdlplugin;version=1]
"Description"=RealDownloader Plugin
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
Seznam lištička - extension - {ea614400-e918-4741-9a97-7a972ff7c30b}
Greasemonkey - extension - {e4a8a97b-f2ed-450b-b12d-ee082ba24781}
Flash Game Maximizer - extension - {258735dc-6743-4805-95fc-f95941fffdad}
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions.json
RealDownloader - extension - {DF153AFF-6948-45d7-AC98-4FC4AF8A08E2} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
Flash Game Maximizer - extension - {258735dc-6743-4805-95fc-f95941fffdad} - C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions\{258735dc-6743-4805-95fc-f95941fffdad}.xpi
Greasemonkey - extension - {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Seznam lištička - extension - {ea614400-e918-4741-9a97-7a972ff7c30b} - C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Avast Online Security - extension - wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
Avast SafePrice - extension - sp@avast.com - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\pluginreg.dat
Plugin - Adobe Acrobat - 11.0.18.21 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll
Plugin - Adobe Acrobat - 11.0.18.21 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
Plugin - VLC Web Plugin - 2.1.3.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll
Plugin - RealDownloader Plugin - 1.3.3.66 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
Plugin - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) - 1.3.3.66 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
Plugin - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) - 1.3.3.66 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
Plugin - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) - 1.3.3.66 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
Plugin - RealPlayer Download Plugin - 16.0.3.51 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
Plugin - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) - 16.0.3.51 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
Plugin - Photodex Presenter Plugin - 6.0.0.3397 - C:\Program Files\Photodex Presenter\npPxPlay.dll
Plugin - Microsoft Office 2010 - 14.0.4730.1010 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
Plugin - Microsoft Office 2010 - 14.0.4761.1000 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
Plugin - Silverlight Plug-In - 5.1.30214.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
Plugin - Java(TM) Platform SE 8 U45 - 11.45.2.14 - C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
Plugin - Java Deployment Toolkit 8.0.450.14 - 11.45.2.14 - C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npdeployJava1.dll
Plugin - Shockwave Flash - 23.0.0.207 - C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll
Plugin - Unity Player - 2.6.1.31223 - C:\Users\Rene Anicka Sabrinka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
=========Google Chrome=========
C:\Users\Rene Anicka Sabrinka\AppData\Local\Google\Chrome\User Data\Default\Preferences
Extension pchfckkccldkbclgdepkaonamkignanh
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji]
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-18 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24 664848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30 266240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-18 172968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [2010-05-24 1683360]
"P17RunE"=RunDll32 P17RunE.dll,RunDLLEntry []
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"EEventManager"=C:\Program Files\Epson Software\Event Manager\EEventManager.exe [2010-10-12 979328]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-15 9080768]
"Family Tree Builder Update"=C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2016-07-14 14517936]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2010-08-20 33120]
"EPSON SX430 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE [2011-01-21 212480]
"HydraVisionDesktopManager"=C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [2012-04-05 393216]
"EPSON042280 (Epson Stylus SX430)"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE [2011-01-21 212480]
"cz.seznam.software.autoupdate"=C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-11-20 10:33:22 ----D---- C:\rsit
2016-11-19 09:22:02 ----D---- C:\FOTKY
2016-11-19 09:14:25 ----D---- C:\20061215 vilijovka
2016-11-19 08:48:42 ----D---- C:\SJEZDOVKY
2016-11-19 08:48:37 ----D---- C:\Sabrinka Skolka
2016-11-19 08:48:35 ----D---- C:\Sabrinka skola
2016-11-19 08:47:46 ----D---- C:\MAMKA telefon
2016-11-19 08:47:46 ----D---- C:\Kempaland
2016-11-19 08:47:28 ----D---- C:\Fotky sabrinka u babičky a dědečka
2016-11-19 08:47:22 ----D---- C:\Fotky Praha 3.1.2015
2016-11-19 08:47:13 ----D---- C:\fotky 2015
2016-11-19 08:46:55 ----D---- C:\Danove přiznani 2014
2016-11-18 17:25:13 ----D---- C:\ProgramData\FFinder LTD
2016-11-18 15:13:52 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Netscape
2016-11-18 15:13:52 ----D---- C:\Program Files\Photodex Presenter
2016-11-18 15:12:47 ----D---- C:\Program Files\Photodex
2016-11-18 15:12:16 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Photodex
2016-11-18 15:12:11 ----D---- C:\ProgramData\Photodex
2016-11-17 13:02:25 ----D---- C:\Mamka mobil
2016-11-17 12:33:03 ----A---- C:\Windows\system32\FlashPlayerInstaller.exe
2016-11-15 17:21:03 ----D---- C:\Program Files\Common Files\Skype
2016-11-15 17:15:28 ----A---- C:\Windows\system32\aswBoot.exe
======List of files/folders modified in the last 1 month======
2016-11-20 10:33:35 ----D---- C:\Windows\Prefetch
2016-11-20 10:33:26 ----D---- C:\Program Files\trend micro
2016-11-20 09:42:59 ----D---- C:\Zaloha
2016-11-19 18:31:00 ----D---- C:\Windows\Temp
2016-11-19 18:30:24 ----D---- C:\Windows\system32\drivers
2016-11-19 10:50:07 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\vlc
2016-11-19 09:02:24 ----D---- C:\Rodokmen
2016-11-18 17:50:21 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz
2016-11-18 17:44:29 ----D---- C:\Windows\system32\Tasks
2016-11-18 17:43:25 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-11-18 17:43:25 ----D---- C:\Program Files\Mozilla Firefox
2016-11-18 17:25:13 ----HD---- C:\ProgramData
2016-11-18 17:25:13 ----D---- C:\Program Files
2016-11-18 15:20:58 ----D---- C:\Windows\System32
2016-11-18 15:20:57 ----D---- C:\Windows\inf
2016-11-18 15:20:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-11-18 15:13:52 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla
2016-11-18 15:01:45 ----D---- C:\Windows\system32\config
2016-11-18 14:59:55 ----SHD---- C:\System Volume Information
2016-11-17 12:33:07 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-11-17 12:33:04 ----D---- C:\Windows\system32\Macromed
2016-11-17 11:28:14 ----D---- C:\Program Files\TeamViewer
2016-11-15 17:21:44 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Skype
2016-11-15 17:21:14 ----SHD---- C:\Windows\Installer
2016-11-15 17:21:14 ----D---- C:\ProgramData\Skype
2016-11-15 17:21:13 ----SHD---- C:\Config.Msi
2016-11-15 17:21:03 ----RD---- C:\Program Files\Skype
2016-11-15 17:21:03 ----D---- C:\Program Files\Common Files
2016-11-15 17:14:57 ----D---- C:\Windows
2016-11-15 17:11:53 ----D---- C:\Windows\winsxs
2016-11-14 12:56:59 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\uTorrent
2016-11-08 14:40:41 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\VDownloader
2016-11-08 14:34:52 ----D---- C:\Program Files\VDownloader
2016-11-08 12:42:29 ----D---- C:\Windows\system32\DriverStore
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-10-05 60424]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-10-13 224752]
R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2010-04-08 215656]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 pwdrvio;pwdrvio; C:\Windows\system32\pwdrvio.sys [2013-09-30 15688]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-06-09 436792]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-10-05 35096]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-10-05 91232]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-10-05 735488]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-10-05 433768]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2012-04-09 48256]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-10-05 92256]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-10-05 118664]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-01-27 50704]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 9647104]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 442368]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-11-06 84992]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 13216]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-08-12 298216]
R3 P17;SB Live! 24-bit; C:\Windows\system32\drivers\P17.sys [2009-04-21 1147392]
S2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys []
S2 WF23880;WinFast TV2000/DV2000 WDM Video Capture.; C:\Windows\system32\drivers\wf88vcap.sys [2005-03-03 208851]
S2 WF88XBAR;WinFast TV2000/DV2000 WDM Crossbar.; C:\Windows\system32\drivers\WF88XBAR.sys [2005-03-03 10324]
S2 WFTUNE;WinFast TV2000/DV2000 WDM Tuner.; C:\Windows\system32\drivers\WF88TUNE.sys [2005-03-03 34789]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-10-05 34008]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\DRIVERS\ctsfm2k.sys [2003-09-22 130192]
S3 libusb0;libusb-win32 - Kernel Driver, Version 1.2.2.0; C:\Windows\system32\drivers\libusb0.sys [2010-10-02 35392]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
S3 ossrv;Creative OS Services Driver; C:\Windows\system32\DRIVERS\ctoss2k.sys [2003-09-22 178672]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 10320]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 usbser;USB Serial emulation modem driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 28160]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2010-05-15 1150880]
S3 vjoy;vJoy Device; C:\Windows\system32\DRIVERS\vjoy.sys [2014-03-06 41712]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\drivers\WSDScan.sys [2009-07-14 20480]
S3 xb1usb;Microsoft Xbox One Controller Driver; C:\Windows\system32\DRIVERS\xb1usb.sys [2014-05-26 29408]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 219136]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 291840]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-10-05 197128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\cscsvc.dll
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2008-11-18 307200]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE [2011-01-12 156160]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [2011-01-12 125440]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]
R2 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShow Gold\ScsiAccess.exe [2016-11-18 186760]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-01-08 754784]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 TeamViewer;TeamViewer 11; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2015-11-30 6887696]
R3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll"=%SystemRoot%\System32\appmgmts.dll
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-17 270016]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe []
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-06-09 79360]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-11-10 102912]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-11-18 172488]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll"=%SystemRoot%\system32\peerdistsvc.dll
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\system32\storsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\umrdp.dll
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119395
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o kontrolu logu
# AdwCleaner v6.030 - Log soubor vytvořen 20/11/2016 na 11:45:21
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-19.2 [Server]
# Operační systém : Windows 7 Professional Service Pack 1 (X86)
# Uživatelské jméno : Rene Anicka Sabrinka - RENEANICKASABRI
# Beží od : C:\Users\Rene Anicka Sabrinka\Downloads\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Adresáře ] *****
[-] Adresář smazán:C:\ProgramData\FFinder LTD
[#] Adresář nelze smazat:C:\ProgramData\Application Data\FFinder LTD
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
[-] Úlohy smazány:DRIVERTOOLKIT AUTORUN
***** [ Registry ] *****
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Applications\iLividSetup-r400-n-bf.exe
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
[-] Klíč smazán:HKU\S-1-5-21-1992398608-3809082940-2848717576-1001\Software\dobreprogramy
[-] Klíč smazán:HKU\S-1-5-21-1992398608-3809082940-2848717576-1001\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I
[-] Klíč smazán:HKU\S-1-5-21-1992398608-3809082940-2848717576-1001\Software\GreenTree Applications
[-] Klíč smazán:HKU\S-1-5-21-1992398608-3809082940-2848717576-1001\Software\AppDataLow\Software\adawarebp
[#] Klíč smazán po restartování:HKCU\Software\dobreprogramy
[#] Klíč smazán po restartování:HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I
[#] Klíč smazán po restartování:HKCU\Software\GreenTree Applications
[#] Klíč smazán po restartování:HKCU\Software\AppDataLow\Software\adawarebp
[-] Klíč smazán:HKLM\SOFTWARE\FFinder LTD
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1961 Bajtů] - [20/11/2016 11:45:21]
C:\AdwCleaner\AdwCleaner[S0].txt - [2289 Bajtů] - [20/11/2016 11:44:50]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2109 Bajtů] ##########
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-19.2 [Server]
# Operační systém : Windows 7 Professional Service Pack 1 (X86)
# Uživatelské jméno : Rene Anicka Sabrinka - RENEANICKASABRI
# Beží od : C:\Users\Rene Anicka Sabrinka\Downloads\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Adresáře ] *****
[-] Adresář smazán:C:\ProgramData\FFinder LTD
[#] Adresář nelze smazat:C:\ProgramData\Application Data\FFinder LTD
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
[-] Úlohy smazány:DRIVERTOOLKIT AUTORUN
***** [ Registry ] *****
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Applications\iLividSetup-r400-n-bf.exe
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
[-] Klíč smazán:HKU\S-1-5-21-1992398608-3809082940-2848717576-1001\Software\dobreprogramy
[-] Klíč smazán:HKU\S-1-5-21-1992398608-3809082940-2848717576-1001\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I
[-] Klíč smazán:HKU\S-1-5-21-1992398608-3809082940-2848717576-1001\Software\GreenTree Applications
[-] Klíč smazán:HKU\S-1-5-21-1992398608-3809082940-2848717576-1001\Software\AppDataLow\Software\adawarebp
[#] Klíč smazán po restartování:HKCU\Software\dobreprogramy
[#] Klíč smazán po restartování:HKCU\Software\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I
[#] Klíč smazán po restartování:HKCU\Software\GreenTree Applications
[#] Klíč smazán po restartování:HKCU\Software\AppDataLow\Software\adawarebp
[-] Klíč smazán:HKLM\SOFTWARE\FFinder LTD
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1961 Bajtů] - [20/11/2016 11:45:21]
C:\AdwCleaner\AdwCleaner[S0].txt - [2289 Bajtů] - [20/11/2016 11:44:50]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2109 Bajtů] ##########
-
Rudy
- Site Admin
- Příspěvky: 119395
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o kontrolu logu
Logfile of random's system information tool 1.14 (written by random/random)
Run by Rene Anicka Sabrinka at 2016-11-20 12:55:41
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 45 GB (23%) free of 194 GB
Total RAM: 2047 MB (49% free)
X86
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:55:52, on 20.11.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18124)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FARNHAE.EXE
C:\Users\Rene Anicka Sabrinka\Downloads\RSIT.exe
C:\Program Files\trend micro\Rene Anicka Sabrinka_RSIT.exe
C:\Windows\system32\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.alawarhry.cz/?pid=19363
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://none-stops.net/wpad.dat?3f09bee0 ... bb20293153
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - (no file)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [EPSON SX430 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE /FU "C:\Users\RENEAN~1\AppData\Local\Temp\E_SD671.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [EPSON042280 (Epson Stylus SX430)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE /FU "C:\Users\RENEAN~1\AppData\Local\Temp\E_SD864.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: SimilarWeb - {5D06ED6E-DA78-4486-A246-B131A2C39807} - (no file)
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Unknown owner - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (file missing)
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShow Gold\ScsiAccess.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
--
End of file - 9900 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\avast! Emergency Update - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1992398608-3809082940-2848717576-1001 - C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe /bgrecordaliveevent
C:\Windows\system32\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1992398608-3809082940-2848717576-1001 - C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe /logoncheck
C:\Windows\system32\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1992398608-3809082940-2848717576-1001 - C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe /scheduledcheck
C:\Windows\system32\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1992398608-3809082940-2848717576-1001 - C:\Program Files\Real\RealUpgrade\RealUpgrade.exe /logoncheck
C:\Windows\system32\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1992398608-3809082940-2848717576-1001 - C:\Program Files\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck
C:\Windows\system32\tasks\SafeZone scheduled Autoupdate 1460986745 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\{0DFE3D62-D73B-4CAC-919F-10515B818287} - C:\Windows\system32\pcalua.exe -a G:\netsetup.exe -d G:\
C:\Windows\system32\tasks\{32C4A2EE-C141-4E57-9374-E94002D1A2B5} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
C:\Windows\system32\tasks\{F7B56C0E-5910-4E2F-AA8F-561D42241CC2} - C:\Windows\system32\pcalua.exe -a "C:\Users\Rene Anicka Sabrinka\Downloads\cestiny_131_XIIISKv101.exe" -d "C:\Users\Rene Anicka Sabrinka\Downloads"
C:\Windows\system32\tasks\{FEF6182F-EB6C-452E-8951-D96DF2961569} - C:\Program Files\Remedy\Max Payne 2\MaxPayne2_cracked.exe
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime - %windir%\system32\GWX\GWXUXWorker.exe /ScheduleUpgradeReminderTime
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime - %windir%\system32\GWX\GWXUXWorker.exe /ScheduleUpgradeTime
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess - %windir%\system32\GWX\GWX.exe /tasklaunch
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfigAndContent
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent - %windir%\system32\GWX\GWXConfigManager.exe /RefreshContent
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Lenovo\Lenovo Customer Feedback Program 35 - "%ProgramFiles%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
=========Mozilla firefox=========
ProfilePath - C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default
prefs.js - "browser.startup.homepage" - "http://www.centrum.cz/"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@photodex.com/PhotodexPresenter]
"Description"=Photodex Presenter Plugin
"Path"=C:\Program Files\Photodex Presenter\npPxPlay.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Peppe rFlash Video Shim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51]
"Description"=RealPlayer Download Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@realnetworks.com/npdlplugin;version=1]
"Description"=RealDownloader Plugin
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
Seznam lištička - extension - {ea614400-e918-4741-9a97-7a972ff7c30b}
Greasemonkey - extension - {e4a8a97b-f2ed-450b-b12d-ee082ba24781}
Flash Game Maximizer - extension - {258735dc-6743-4805-95fc-f95941fffdad}
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions.json
RealDownloader - extension - {DF153AFF-6948-45d7-AC98-4FC4AF8A08E2} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
Flash Game Maximizer - extension - {258735dc-6743-4805-95fc-f95941fffdad} - C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions\{258735dc-6743-4805-95fc-f95941fffdad}.xpi
Greasemonkey - extension - {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Seznam lištička - extension - {ea614400-e918-4741-9a97-7a972ff7c30b} - C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Avast Online Security - extension - wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
Avast SafePrice - extension - sp@avast.com - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\pluginreg.dat
Plugin - Adobe Acrobat - 11.0.18.21 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll
Plugin - Adobe Acrobat - 11.0.18.21 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
Plugin - VLC Web Plugin - 2.1.3.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll
Plugin - RealDownloader Plugin - 1.3.3.66 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
Plugin - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) - 1.3.3.66 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
Plugin - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) - 1.3.3.66 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
Plugin - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) - 1.3.3.66 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
Plugin - RealPlayer Download Plugin - 16.0.3.51 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
Plugin - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) - 16.0.3.51 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
Plugin - Photodex Presenter Plugin - 6.0.0.3397 - C:\Program Files\Photodex Presenter\npPxPlay.dll
Plugin - Microsoft Office 2010 - 14.0.4730.1010 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
Plugin - Microsoft Office 2010 - 14.0.4761.1000 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
Plugin - Silverlight Plug-In - 5.1.30214.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
Plugin - Java(TM) Platform SE 8 U45 - 11.45.2.14 - C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
Plugin - Java Deployment Toolkit 8.0.450.14 - 11.45.2.14 - C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npdeployJava1.dll
Plugin - Shockwave Flash - 23.0.0.207 - C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll
Plugin - Unity Player - 2.6.1.31223 - C:\Users\Rene Anicka Sabrinka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
=========Google Chrome=========
C:\Users\Rene Anicka Sabrinka\AppData\Local\Google\Chrome\User Data\Default\Preferences
Extension pchfckkccldkbclgdepkaonamkignanh
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji]
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-18 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24 664848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30 266240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-18 172968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [2010-05-24 1683360]
"P17RunE"=RunDll32 P17RunE.dll,RunDLLEntry []
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"EEventManager"=C:\Program Files\Epson Software\Event Manager\EEventManager.exe [2010-10-12 979328]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-15 9080768]
"Family Tree Builder Update"=C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2016-07-14 14517936]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2010-08-20 33120]
"EPSON SX430 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE [2011-01-21 212480]
"HydraVisionDesktopManager"=C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [2012-04-05 393216]
"EPSON042280 (Epson Stylus SX430)"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE [2011-01-21 212480]
"cz.seznam.software.autoupdate"=C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-11-20 11:43:04 ----D---- C:\AdwCleaner
2016-11-20 10:33:22 ----D---- C:\rsit
2016-11-19 09:22:02 ----D---- C:\FOTKY
2016-11-19 09:14:25 ----D---- C:\20061215 vilijovka
2016-11-19 08:48:42 ----D---- C:\SJEZDOVKY
2016-11-19 08:48:37 ----D---- C:\Sabrinka Skolka
2016-11-19 08:48:35 ----D---- C:\Sabrinka skola
2016-11-19 08:47:46 ----D---- C:\MAMKA telefon
2016-11-19 08:47:46 ----D---- C:\Kempaland
2016-11-19 08:47:28 ----D---- C:\Fotky sabrinka u babičky a dědečka
2016-11-19 08:47:22 ----D---- C:\Fotky Praha 3.1.2015
2016-11-19 08:47:13 ----D---- C:\fotky 2015
2016-11-19 08:46:55 ----D---- C:\Danove přiznani 2014
2016-11-18 15:13:52 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Netscape
2016-11-18 15:13:52 ----D---- C:\Program Files\Photodex Presenter
2016-11-18 15:12:47 ----D---- C:\Program Files\Photodex
2016-11-18 15:12:16 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Photodex
2016-11-18 15:12:11 ----D---- C:\ProgramData\Photodex
2016-11-17 13:02:25 ----D---- C:\Mamka mobil
2016-11-17 12:33:03 ----A---- C:\Windows\system32\FlashPlayerInstaller.exe
2016-11-15 17:21:03 ----D---- C:\Program Files\Common Files\Skype
2016-11-15 17:15:28 ----A---- C:\Windows\system32\aswBoot.exe
======List of files/folders modified in the last 1 month======
2016-11-20 12:55:46 ----D---- C:\Program Files\trend micro
2016-11-20 12:55:25 ----D---- C:\Windows\Prefetch
2016-11-20 12:55:03 ----D---- C:\Windows\Temp
2016-11-20 12:48:06 ----D---- C:\Windows\System32
2016-11-20 12:48:06 ----D---- C:\Windows\inf
2016-11-20 12:48:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-11-20 11:54:34 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz
2016-11-20 11:48:27 ----D---- C:\Windows\system32\Tasks
2016-11-20 11:45:11 ----D---- C:\Windows\Tasks
2016-11-20 11:45:10 ----HD---- C:\ProgramData
2016-11-20 09:42:59 ----D---- C:\Zaloha
2016-11-19 18:30:24 ----D---- C:\Windows\system32\drivers
2016-11-19 10:50:07 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\vlc
2016-11-19 09:02:24 ----D---- C:\Rodokmen
2016-11-18 17:43:25 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-11-18 17:43:25 ----D---- C:\Program Files\Mozilla Firefox
2016-11-18 17:25:13 ----D---- C:\Program Files
2016-11-18 15:13:52 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla
2016-11-18 15:01:45 ----D---- C:\Windows\system32\config
2016-11-18 14:59:55 ----SHD---- C:\System Volume Information
2016-11-17 12:33:07 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-11-17 12:33:04 ----D---- C:\Windows\system32\Macromed
2016-11-17 11:28:14 ----D---- C:\Program Files\TeamViewer
2016-11-15 17:21:44 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Skype
2016-11-15 17:21:14 ----SHD---- C:\Windows\Installer
2016-11-15 17:21:14 ----D---- C:\ProgramData\Skype
2016-11-15 17:21:13 ----SHD---- C:\Config.Msi
2016-11-15 17:21:03 ----RD---- C:\Program Files\Skype
2016-11-15 17:21:03 ----D---- C:\Program Files\Common Files
2016-11-15 17:14:57 ----D---- C:\Windows
2016-11-15 17:11:53 ----D---- C:\Windows\winsxs
2016-11-14 12:56:59 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\uTorrent
2016-11-08 14:40:41 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\VDownloader
2016-11-08 14:34:52 ----D---- C:\Program Files\VDownloader
2016-11-08 12:42:29 ----D---- C:\Windows\system32\DriverStore
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-10-05 60424]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-10-13 224752]
R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2010-04-08 215656]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 pwdrvio;pwdrvio; C:\Windows\system32\pwdrvio.sys [2013-09-30 15688]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-06-09 436792]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-10-05 35096]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-10-05 91232]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-10-05 735488]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-10-05 433768]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2012-04-09 48256]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-10-05 92256]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-10-05 118664]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-01-27 50704]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 9647104]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 442368]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-11-06 84992]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 13216]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-08-12 298216]
R3 P17;SB Live! 24-bit; C:\Windows\system32\drivers\P17.sys [2009-04-21 1147392]
S2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys []
S2 WF23880;WinFast TV2000/DV2000 WDM Video Capture.; C:\Windows\system32\drivers\wf88vcap.sys [2005-03-03 208851]
S2 WF88XBAR;WinFast TV2000/DV2000 WDM Crossbar.; C:\Windows\system32\drivers\WF88XBAR.sys [2005-03-03 10324]
S2 WFTUNE;WinFast TV2000/DV2000 WDM Tuner.; C:\Windows\system32\drivers\WF88TUNE.sys [2005-03-03 34789]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-10-05 34008]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\DRIVERS\ctsfm2k.sys [2003-09-22 130192]
S3 libusb0;libusb-win32 - Kernel Driver, Version 1.2.2.0; C:\Windows\system32\drivers\libusb0.sys [2010-10-02 35392]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
S3 ossrv;Creative OS Services Driver; C:\Windows\system32\DRIVERS\ctoss2k.sys [2003-09-22 178672]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 10320]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 usbser;USB Serial emulation modem driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 28160]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2010-05-15 1150880]
S3 vjoy;vJoy Device; C:\Windows\system32\DRIVERS\vjoy.sys [2014-03-06 41712]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\drivers\WSDScan.sys [2009-07-14 20480]
S3 xb1usb;Microsoft Xbox One Controller Driver; C:\Windows\system32\DRIVERS\xb1usb.sys [2014-05-26 29408]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 219136]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 291840]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-10-05 197128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\cscsvc.dll
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2008-11-18 307200]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE [2011-01-12 156160]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [2011-01-12 125440]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]
R2 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShow Gold\ScsiAccess.exe [2016-11-18 186760]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-01-08 754784]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 TeamViewer;TeamViewer 11; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2015-11-30 6887696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-17 270016]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll"=%SystemRoot%\System32\appmgmts.dll
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe []
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-06-09 79360]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-11-10 102912]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-11-18 172488]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll"=%SystemRoot%\system32\peerdistsvc.dll
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\system32\storsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\umrdp.dll
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Run by Rene Anicka Sabrinka at 2016-11-20 12:55:41
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 45 GB (23%) free of 194 GB
Total RAM: 2047 MB (49% free)
X86
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:55:52, on 20.11.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18124)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FARNHAE.EXE
C:\Users\Rene Anicka Sabrinka\Downloads\RSIT.exe
C:\Program Files\trend micro\Rene Anicka Sabrinka_RSIT.exe
C:\Windows\system32\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.alawarhry.cz/?pid=19363
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://none-stops.net/wpad.dat?3f09bee0 ... bb20293153
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - (no file)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [EPSON SX430 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE /FU "C:\Users\RENEAN~1\AppData\Local\Temp\E_SD671.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [EPSON042280 (Epson Stylus SX430)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE /FU "C:\Users\RENEAN~1\AppData\Local\Temp\E_SD864.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: SimilarWeb - {5D06ED6E-DA78-4486-A246-B131A2C39807} - (no file)
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Unknown owner - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (file missing)
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShow Gold\ScsiAccess.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
--
End of file - 9900 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\avast! Emergency Update - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1992398608-3809082940-2848717576-1001 - C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe /bgrecordaliveevent
C:\Windows\system32\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1992398608-3809082940-2848717576-1001 - C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe /logoncheck
C:\Windows\system32\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1992398608-3809082940-2848717576-1001 - C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe /scheduledcheck
C:\Windows\system32\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1992398608-3809082940-2848717576-1001 - C:\Program Files\Real\RealUpgrade\RealUpgrade.exe /logoncheck
C:\Windows\system32\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1992398608-3809082940-2848717576-1001 - C:\Program Files\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck
C:\Windows\system32\tasks\SafeZone scheduled Autoupdate 1460986745 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\{0DFE3D62-D73B-4CAC-919F-10515B818287} - C:\Windows\system32\pcalua.exe -a G:\netsetup.exe -d G:\
C:\Windows\system32\tasks\{32C4A2EE-C141-4E57-9374-E94002D1A2B5} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
C:\Windows\system32\tasks\{F7B56C0E-5910-4E2F-AA8F-561D42241CC2} - C:\Windows\system32\pcalua.exe -a "C:\Users\Rene Anicka Sabrinka\Downloads\cestiny_131_XIIISKv101.exe" -d "C:\Users\Rene Anicka Sabrinka\Downloads"
C:\Windows\system32\tasks\{FEF6182F-EB6C-452E-8951-D96DF2961569} - C:\Program Files\Remedy\Max Payne 2\MaxPayne2_cracked.exe
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime - %windir%\system32\GWX\GWXUXWorker.exe /ScheduleUpgradeReminderTime
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime - %windir%\system32\GWX\GWXUXWorker.exe /ScheduleUpgradeTime
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess - %windir%\system32\GWX\GWX.exe /tasklaunch
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfigAndContent
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent - %windir%\system32\GWX\GWXConfigManager.exe /RefreshContent
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Lenovo\Lenovo Customer Feedback Program 35 - "%ProgramFiles%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
=========Mozilla firefox=========
ProfilePath - C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default
prefs.js - "browser.startup.homepage" - "http://www.centrum.cz/"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@photodex.com/PhotodexPresenter]
"Description"=Photodex Presenter Plugin
"Path"=C:\Program Files\Photodex Presenter\npPxPlay.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Peppe rFlash Video Shim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51]
"Description"=RealPlayer Download Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@realnetworks.com/npdlplugin;version=1]
"Description"=RealDownloader Plugin
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
Seznam lištička - extension - {ea614400-e918-4741-9a97-7a972ff7c30b}
Greasemonkey - extension - {e4a8a97b-f2ed-450b-b12d-ee082ba24781}
Flash Game Maximizer - extension - {258735dc-6743-4805-95fc-f95941fffdad}
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions.json
RealDownloader - extension - {DF153AFF-6948-45d7-AC98-4FC4AF8A08E2} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
Flash Game Maximizer - extension - {258735dc-6743-4805-95fc-f95941fffdad} - C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions\{258735dc-6743-4805-95fc-f95941fffdad}.xpi
Greasemonkey - extension - {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Seznam lištička - extension - {ea614400-e918-4741-9a97-7a972ff7c30b} - C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Avast Online Security - extension - wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
Avast SafePrice - extension - sp@avast.com - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\pluginreg.dat
Plugin - Adobe Acrobat - 11.0.18.21 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll
Plugin - Adobe Acrobat - 11.0.18.21 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
Plugin - VLC Web Plugin - 2.1.3.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll
Plugin - RealDownloader Plugin - 1.3.3.66 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
Plugin - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) - 1.3.3.66 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
Plugin - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) - 1.3.3.66 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
Plugin - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) - 1.3.3.66 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
Plugin - RealPlayer Download Plugin - 16.0.3.51 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
Plugin - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) - 16.0.3.51 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
Plugin - Photodex Presenter Plugin - 6.0.0.3397 - C:\Program Files\Photodex Presenter\npPxPlay.dll
Plugin - Microsoft Office 2010 - 14.0.4730.1010 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
Plugin - Microsoft Office 2010 - 14.0.4761.1000 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
Plugin - Silverlight Plug-In - 5.1.30214.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
Plugin - Java(TM) Platform SE 8 U45 - 11.45.2.14 - C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
Plugin - Java Deployment Toolkit 8.0.450.14 - 11.45.2.14 - C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npdeployJava1.dll
Plugin - Shockwave Flash - 23.0.0.207 - C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll
Plugin - Unity Player - 2.6.1.31223 - C:\Users\Rene Anicka Sabrinka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
=========Google Chrome=========
C:\Users\Rene Anicka Sabrinka\AppData\Local\Google\Chrome\User Data\Default\Preferences
Extension pchfckkccldkbclgdepkaonamkignanh
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji]
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-18 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24 664848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30 266240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-18 172968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [2010-05-24 1683360]
"P17RunE"=RunDll32 P17RunE.dll,RunDLLEntry []
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"EEventManager"=C:\Program Files\Epson Software\Event Manager\EEventManager.exe [2010-10-12 979328]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-15 9080768]
"Family Tree Builder Update"=C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2016-07-14 14517936]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2010-08-20 33120]
"EPSON SX430 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE [2011-01-21 212480]
"HydraVisionDesktopManager"=C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [2012-04-05 393216]
"EPSON042280 (Epson Stylus SX430)"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE [2011-01-21 212480]
"cz.seznam.software.autoupdate"=C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-11-20 11:43:04 ----D---- C:\AdwCleaner
2016-11-20 10:33:22 ----D---- C:\rsit
2016-11-19 09:22:02 ----D---- C:\FOTKY
2016-11-19 09:14:25 ----D---- C:\20061215 vilijovka
2016-11-19 08:48:42 ----D---- C:\SJEZDOVKY
2016-11-19 08:48:37 ----D---- C:\Sabrinka Skolka
2016-11-19 08:48:35 ----D---- C:\Sabrinka skola
2016-11-19 08:47:46 ----D---- C:\MAMKA telefon
2016-11-19 08:47:46 ----D---- C:\Kempaland
2016-11-19 08:47:28 ----D---- C:\Fotky sabrinka u babičky a dědečka
2016-11-19 08:47:22 ----D---- C:\Fotky Praha 3.1.2015
2016-11-19 08:47:13 ----D---- C:\fotky 2015
2016-11-19 08:46:55 ----D---- C:\Danove přiznani 2014
2016-11-18 15:13:52 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Netscape
2016-11-18 15:13:52 ----D---- C:\Program Files\Photodex Presenter
2016-11-18 15:12:47 ----D---- C:\Program Files\Photodex
2016-11-18 15:12:16 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Photodex
2016-11-18 15:12:11 ----D---- C:\ProgramData\Photodex
2016-11-17 13:02:25 ----D---- C:\Mamka mobil
2016-11-17 12:33:03 ----A---- C:\Windows\system32\FlashPlayerInstaller.exe
2016-11-15 17:21:03 ----D---- C:\Program Files\Common Files\Skype
2016-11-15 17:15:28 ----A---- C:\Windows\system32\aswBoot.exe
======List of files/folders modified in the last 1 month======
2016-11-20 12:55:46 ----D---- C:\Program Files\trend micro
2016-11-20 12:55:25 ----D---- C:\Windows\Prefetch
2016-11-20 12:55:03 ----D---- C:\Windows\Temp
2016-11-20 12:48:06 ----D---- C:\Windows\System32
2016-11-20 12:48:06 ----D---- C:\Windows\inf
2016-11-20 12:48:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-11-20 11:54:34 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz
2016-11-20 11:48:27 ----D---- C:\Windows\system32\Tasks
2016-11-20 11:45:11 ----D---- C:\Windows\Tasks
2016-11-20 11:45:10 ----HD---- C:\ProgramData
2016-11-20 09:42:59 ----D---- C:\Zaloha
2016-11-19 18:30:24 ----D---- C:\Windows\system32\drivers
2016-11-19 10:50:07 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\vlc
2016-11-19 09:02:24 ----D---- C:\Rodokmen
2016-11-18 17:43:25 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-11-18 17:43:25 ----D---- C:\Program Files\Mozilla Firefox
2016-11-18 17:25:13 ----D---- C:\Program Files
2016-11-18 15:13:52 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla
2016-11-18 15:01:45 ----D---- C:\Windows\system32\config
2016-11-18 14:59:55 ----SHD---- C:\System Volume Information
2016-11-17 12:33:07 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-11-17 12:33:04 ----D---- C:\Windows\system32\Macromed
2016-11-17 11:28:14 ----D---- C:\Program Files\TeamViewer
2016-11-15 17:21:44 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Skype
2016-11-15 17:21:14 ----SHD---- C:\Windows\Installer
2016-11-15 17:21:14 ----D---- C:\ProgramData\Skype
2016-11-15 17:21:13 ----SHD---- C:\Config.Msi
2016-11-15 17:21:03 ----RD---- C:\Program Files\Skype
2016-11-15 17:21:03 ----D---- C:\Program Files\Common Files
2016-11-15 17:14:57 ----D---- C:\Windows
2016-11-15 17:11:53 ----D---- C:\Windows\winsxs
2016-11-14 12:56:59 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\uTorrent
2016-11-08 14:40:41 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\VDownloader
2016-11-08 14:34:52 ----D---- C:\Program Files\VDownloader
2016-11-08 12:42:29 ----D---- C:\Windows\system32\DriverStore
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-10-05 60424]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-10-13 224752]
R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2010-04-08 215656]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 pwdrvio;pwdrvio; C:\Windows\system32\pwdrvio.sys [2013-09-30 15688]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-06-09 436792]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-10-05 35096]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-10-05 91232]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-10-05 735488]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-10-05 433768]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2012-04-09 48256]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-10-05 92256]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-10-05 118664]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-01-27 50704]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 9647104]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 442368]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-11-06 84992]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 13216]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-08-12 298216]
R3 P17;SB Live! 24-bit; C:\Windows\system32\drivers\P17.sys [2009-04-21 1147392]
S2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys []
S2 WF23880;WinFast TV2000/DV2000 WDM Video Capture.; C:\Windows\system32\drivers\wf88vcap.sys [2005-03-03 208851]
S2 WF88XBAR;WinFast TV2000/DV2000 WDM Crossbar.; C:\Windows\system32\drivers\WF88XBAR.sys [2005-03-03 10324]
S2 WFTUNE;WinFast TV2000/DV2000 WDM Tuner.; C:\Windows\system32\drivers\WF88TUNE.sys [2005-03-03 34789]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-10-05 34008]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\DRIVERS\ctsfm2k.sys [2003-09-22 130192]
S3 libusb0;libusb-win32 - Kernel Driver, Version 1.2.2.0; C:\Windows\system32\drivers\libusb0.sys [2010-10-02 35392]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
S3 ossrv;Creative OS Services Driver; C:\Windows\system32\DRIVERS\ctoss2k.sys [2003-09-22 178672]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 10320]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 usbser;USB Serial emulation modem driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 28160]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2010-05-15 1150880]
S3 vjoy;vJoy Device; C:\Windows\system32\DRIVERS\vjoy.sys [2014-03-06 41712]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\drivers\WSDScan.sys [2009-07-14 20480]
S3 xb1usb;Microsoft Xbox One Controller Driver; C:\Windows\system32\DRIVERS\xb1usb.sys [2014-05-26 29408]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 219136]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 291840]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-10-05 197128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\cscsvc.dll
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2008-11-18 307200]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE [2011-01-12 156160]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [2011-01-12 125440]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]
R2 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShow Gold\ScsiAccess.exe [2016-11-18 186760]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-01-08 754784]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 TeamViewer;TeamViewer 11; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2015-11-30 6887696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-17 270016]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll"=%SystemRoot%\System32\appmgmts.dll
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe []
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-06-09 79360]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-11-10 102912]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-11-18 172488]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll"=%SystemRoot%\system32\peerdistsvc.dll
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\system32\storsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\umrdp.dll
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119395
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=-
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o kontrolu logu
Logfile of random's system information tool 1.14 (written by random/random)
Run by Rene Anicka Sabrinka at 2016-11-22 06:03:16
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 49 GB (25%) free of 194 GB
Total RAM: 2047 MB (46% free)
X86
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:03:26, on 22.11.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18124)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\totalcmd\TOTALCMD.EXE
C:\Users\Rene Anicka Sabrinka\Downloads\RSIT.exe
C:\Program Files\trend micro\Rene Anicka Sabrinka_RSIT.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.alawarhry.cz/?pid=19363
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://none-stops.net/wpad.dat?3f09bee0 ... bb20293153
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - (no file)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [EPSON SX430 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE /FU "C:\Users\RENEAN~1\AppData\Local\Temp\E_SD671.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [EPSON042280 (Epson Stylus SX430)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE /FU "C:\Users\RENEAN~1\AppData\Local\Temp\E_SD864.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: SimilarWeb - {5D06ED6E-DA78-4486-A246-B131A2C39807} - (no file)
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Unknown owner - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (file missing)
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShow Gold\ScsiAccess.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
--
End of file - 9855 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\avast! Emergency Update - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1992398608-3809082940-2848717576-1001 - C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe /bgrecordaliveevent
C:\Windows\system32\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1992398608-3809082940-2848717576-1001 - C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe /logoncheck
C:\Windows\system32\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1992398608-3809082940-2848717576-1001 - C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe /scheduledcheck
C:\Windows\system32\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1992398608-3809082940-2848717576-1001 - C:\Program Files\Real\RealUpgrade\RealUpgrade.exe /logoncheck
C:\Windows\system32\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1992398608-3809082940-2848717576-1001 - C:\Program Files\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck
C:\Windows\system32\tasks\SafeZone scheduled Autoupdate 1460986745 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\{0DFE3D62-D73B-4CAC-919F-10515B818287} - C:\Windows\system32\pcalua.exe -a G:\netsetup.exe -d G:\
C:\Windows\system32\tasks\{32C4A2EE-C141-4E57-9374-E94002D1A2B5} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
C:\Windows\system32\tasks\{F7B56C0E-5910-4E2F-AA8F-561D42241CC2} - C:\Windows\system32\pcalua.exe -a "C:\Users\Rene Anicka Sabrinka\Downloads\cestiny_131_XIIISKv101.exe" -d "C:\Users\Rene Anicka Sabrinka\Downloads"
C:\Windows\system32\tasks\{FEF6182F-EB6C-452E-8951-D96DF2961569} - C:\Program Files\Remedy\Max Payne 2\MaxPayne2_cracked.exe
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime - %windir%\system32\GWX\GWXUXWorker.exe /ScheduleUpgradeReminderTime
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime - %windir%\system32\GWX\GWXUXWorker.exe /ScheduleUpgradeTime
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess - %windir%\system32\GWX\GWX.exe /tasklaunch
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfigAndContent
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent - %windir%\system32\GWX\GWXConfigManager.exe /RefreshContent
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Lenovo\Lenovo Customer Feedback Program 35 - "%ProgramFiles%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
=========Mozilla firefox=========
ProfilePath - C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default
prefs.js - "browser.startup.homepage" - "http://www.centrum.cz/"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@photodex.com/PhotodexPresenter]
"Description"=Photodex Presenter Plugin
"Path"=C:\Program Files\Photodex Presenter\npPxPlay.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Peppe rFlash Video Shim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51]
"Description"=RealPlayer Download Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@realnetworks.com/npdlplugin;version=1]
"Description"=RealDownloader Plugin
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
Seznam lištička - extension - {ea614400-e918-4741-9a97-7a972ff7c30b}
Greasemonkey - extension - {e4a8a97b-f2ed-450b-b12d-ee082ba24781}
Flash Game Maximizer - extension - {258735dc-6743-4805-95fc-f95941fffdad}
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions.json
RealDownloader - extension - {DF153AFF-6948-45d7-AC98-4FC4AF8A08E2} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
Flash Game Maximizer - extension - {258735dc-6743-4805-95fc-f95941fffdad} - C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions\{258735dc-6743-4805-95fc-f95941fffdad}.xpi
Greasemonkey - extension - {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Seznam lištička - extension - {ea614400-e918-4741-9a97-7a972ff7c30b} - C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Avast Online Security - extension - wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
Avast SafePrice - extension - sp@avast.com - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\pluginreg.dat
Plugin - Adobe Acrobat - 11.0.18.21 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll
Plugin - Adobe Acrobat - 11.0.18.21 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
Plugin - VLC Web Plugin - 2.1.3.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll
Plugin - RealDownloader Plugin - 1.3.3.66 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
Plugin - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) - 1.3.3.66 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
Plugin - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) - 1.3.3.66 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
Plugin - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) - 1.3.3.66 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
Plugin - RealPlayer Download Plugin - 16.0.3.51 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
Plugin - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) - 16.0.3.51 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
Plugin - Photodex Presenter Plugin - 6.0.0.3397 - C:\Program Files\Photodex Presenter\npPxPlay.dll
Plugin - Microsoft Office 2010 - 14.0.4730.1010 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
Plugin - Microsoft Office 2010 - 14.0.4761.1000 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
Plugin - Silverlight Plug-In - 5.1.30214.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
Plugin - Java(TM) Platform SE 8 U45 - 11.45.2.14 - C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
Plugin - Java Deployment Toolkit 8.0.450.14 - 11.45.2.14 - C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npdeployJava1.dll
Plugin - Shockwave Flash - 23.0.0.207 - C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll
Plugin - Unity Player - 2.6.1.31223 - C:\Users\Rene Anicka Sabrinka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
=========Google Chrome=========
C:\Users\Rene Anicka Sabrinka\AppData\Local\Google\Chrome\User Data\Default\Preferences
Extension pchfckkccldkbclgdepkaonamkignanh
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji]
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-18 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24 664848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30 266240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-18 172968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [2010-05-24 1683360]
"P17RunE"=RunDll32 P17RunE.dll,RunDLLEntry []
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"EEventManager"=C:\Program Files\Epson Software\Event Manager\EEventManager.exe [2010-10-12 979328]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-15 9080768]
"Family Tree Builder Update"=C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2016-07-14 14517936]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2010-08-20 33120]
"EPSON SX430 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE [2011-01-21 212480]
"HydraVisionDesktopManager"=C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [2012-04-05 393216]
"EPSON042280 (Epson Stylus SX430)"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE [2011-01-21 212480]
"cz.seznam.software.autoupdate"=C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-11-22 05:57:43 ----D---- C:\_OTM
2016-11-20 11:43:04 ----D---- C:\AdwCleaner
2016-11-20 10:33:22 ----D---- C:\rsit
2016-11-19 09:22:02 ----D---- C:\FOTKY
2016-11-19 09:14:25 ----D---- C:\20061215 vilijovka
2016-11-19 08:48:42 ----D---- C:\SJEZDOVKY
2016-11-19 08:48:37 ----D---- C:\Sabrinka Skolka
2016-11-19 08:48:35 ----D---- C:\Sabrinka skola
2016-11-19 08:47:46 ----D---- C:\MAMKA telefon
2016-11-19 08:47:46 ----D---- C:\Kempaland
2016-11-19 08:47:28 ----D---- C:\Fotky sabrinka u babičky a dědečka
2016-11-19 08:46:55 ----D---- C:\Danove přiznani 2014
2016-11-18 15:13:52 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Netscape
2016-11-18 15:13:52 ----D---- C:\Program Files\Photodex Presenter
2016-11-18 15:12:47 ----D---- C:\Program Files\Photodex
2016-11-18 15:12:16 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Photodex
2016-11-18 15:12:11 ----D---- C:\ProgramData\Photodex
2016-11-17 13:02:25 ----D---- C:\Mamka mobil
2016-11-17 12:33:03 ----A---- C:\Windows\system32\FlashPlayerInstaller.exe
2016-11-15 17:21:03 ----D---- C:\Program Files\Common Files\Skype
2016-11-15 17:15:28 ----A---- C:\Windows\system32\aswBoot.exe
======List of files/folders modified in the last 1 month======
2016-11-22 06:03:23 ----D---- C:\Program Files\trend micro
2016-11-22 06:02:53 ----D---- C:\Windows\Temp
2016-11-22 06:01:22 ----D---- C:\Windows\system32\Tasks
2016-11-22 05:57:27 ----D---- C:\Windows\Prefetch
2016-11-21 18:05:13 ----D---- C:\Windows\system32\drivers
2016-11-20 12:48:06 ----D---- C:\Windows\System32
2016-11-20 12:48:06 ----D---- C:\Windows\inf
2016-11-20 12:48:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-11-20 11:54:34 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz
2016-11-20 11:45:11 ----D---- C:\Windows\Tasks
2016-11-20 11:45:10 ----HD---- C:\ProgramData
2016-11-20 09:42:59 ----D---- C:\Zaloha
2016-11-19 10:50:07 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\vlc
2016-11-19 09:02:24 ----D---- C:\Rodokmen
2016-11-18 17:43:25 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-11-18 17:43:25 ----D---- C:\Program Files\Mozilla Firefox
2016-11-18 17:25:13 ----D---- C:\Program Files
2016-11-18 15:13:52 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla
2016-11-18 15:01:45 ----D---- C:\Windows\system32\config
2016-11-18 14:59:55 ----SHD---- C:\System Volume Information
2016-11-17 12:33:07 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-11-17 12:33:04 ----D---- C:\Windows\system32\Macromed
2016-11-17 11:28:14 ----D---- C:\Program Files\TeamViewer
2016-11-15 17:21:44 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Skype
2016-11-15 17:21:14 ----SHD---- C:\Windows\Installer
2016-11-15 17:21:14 ----D---- C:\ProgramData\Skype
2016-11-15 17:21:13 ----SHD---- C:\Config.Msi
2016-11-15 17:21:03 ----RD---- C:\Program Files\Skype
2016-11-15 17:21:03 ----D---- C:\Program Files\Common Files
2016-11-15 17:14:57 ----D---- C:\Windows
2016-11-15 17:11:53 ----D---- C:\Windows\winsxs
2016-11-14 12:56:59 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\uTorrent
2016-11-08 14:40:41 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\VDownloader
2016-11-08 14:34:52 ----D---- C:\Program Files\VDownloader
2016-11-08 12:42:29 ----D---- C:\Windows\system32\DriverStore
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-10-05 60424]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-10-13 224752]
R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2010-04-08 215656]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 pwdrvio;pwdrvio; C:\Windows\system32\pwdrvio.sys [2013-09-30 15688]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-06-09 436792]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-10-05 35096]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-10-05 91232]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-10-05 735488]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-10-05 433768]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2012-04-09 48256]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-10-05 92256]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-10-05 118664]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-01-27 50704]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 9647104]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 442368]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-11-06 84992]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 13216]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-08-12 298216]
R3 P17;SB Live! 24-bit; C:\Windows\system32\drivers\P17.sys [2009-04-21 1147392]
S2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys []
S2 WF23880;WinFast TV2000/DV2000 WDM Video Capture.; C:\Windows\system32\drivers\wf88vcap.sys [2005-03-03 208851]
S2 WF88XBAR;WinFast TV2000/DV2000 WDM Crossbar.; C:\Windows\system32\drivers\WF88XBAR.sys [2005-03-03 10324]
S2 WFTUNE;WinFast TV2000/DV2000 WDM Tuner.; C:\Windows\system32\drivers\WF88TUNE.sys [2005-03-03 34789]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-10-05 34008]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\DRIVERS\ctsfm2k.sys [2003-09-22 130192]
S3 libusb0;libusb-win32 - Kernel Driver, Version 1.2.2.0; C:\Windows\system32\drivers\libusb0.sys [2010-10-02 35392]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
S3 ossrv;Creative OS Services Driver; C:\Windows\system32\DRIVERS\ctoss2k.sys [2003-09-22 178672]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 10320]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 usbser;USB Serial emulation modem driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 28160]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2010-05-15 1150880]
S3 vjoy;vJoy Device; C:\Windows\system32\DRIVERS\vjoy.sys [2014-03-06 41712]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\drivers\WSDScan.sys [2009-07-14 20480]
S3 xb1usb;Microsoft Xbox One Controller Driver; C:\Windows\system32\DRIVERS\xb1usb.sys [2014-05-26 29408]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 219136]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 291840]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-10-05 197128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\cscsvc.dll
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2008-11-18 307200]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE [2011-01-12 156160]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [2011-01-12 125440]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]
R2 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShow Gold\ScsiAccess.exe [2016-11-18 186760]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-01-08 754784]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 TeamViewer;TeamViewer 11; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2015-11-30 6887696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-17 270016]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll"=%SystemRoot%\System32\appmgmts.dll
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe []
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-06-09 79360]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-11-10 102912]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-11-18 172488]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll"=%SystemRoot%\system32\peerdistsvc.dll
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\system32\storsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\umrdp.dll
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Run by Rene Anicka Sabrinka at 2016-11-22 06:03:16
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 49 GB (25%) free of 194 GB
Total RAM: 2047 MB (46% free)
X86
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:03:26, on 22.11.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18124)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\totalcmd\TOTALCMD.EXE
C:\Users\Rene Anicka Sabrinka\Downloads\RSIT.exe
C:\Program Files\trend micro\Rene Anicka Sabrinka_RSIT.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.alawarhry.cz/?pid=19363
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://none-stops.net/wpad.dat?3f09bee0 ... bb20293153
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - (no file)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [EPSON SX430 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE /FU "C:\Users\RENEAN~1\AppData\Local\Temp\E_SD671.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [EPSON042280 (Epson Stylus SX430)] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE /FU "C:\Users\RENEAN~1\AppData\Local\Temp\E_SD864.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: SimilarWeb - {5D06ED6E-DA78-4486-A246-B131A2C39807} - (no file)
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Unknown owner - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (file missing)
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShow Gold\ScsiAccess.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
--
End of file - 9855 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\avast! Emergency Update - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1992398608-3809082940-2848717576-1001 - C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe /bgrecordaliveevent
C:\Windows\system32\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1992398608-3809082940-2848717576-1001 - C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe /logoncheck
C:\Windows\system32\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1992398608-3809082940-2848717576-1001 - C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe /scheduledcheck
C:\Windows\system32\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1992398608-3809082940-2848717576-1001 - C:\Program Files\Real\RealUpgrade\RealUpgrade.exe /logoncheck
C:\Windows\system32\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1992398608-3809082940-2848717576-1001 - C:\Program Files\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck
C:\Windows\system32\tasks\SafeZone scheduled Autoupdate 1460986745 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\{0DFE3D62-D73B-4CAC-919F-10515B818287} - C:\Windows\system32\pcalua.exe -a G:\netsetup.exe -d G:\
C:\Windows\system32\tasks\{32C4A2EE-C141-4E57-9374-E94002D1A2B5} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
C:\Windows\system32\tasks\{F7B56C0E-5910-4E2F-AA8F-561D42241CC2} - C:\Windows\system32\pcalua.exe -a "C:\Users\Rene Anicka Sabrinka\Downloads\cestiny_131_XIIISKv101.exe" -d "C:\Users\Rene Anicka Sabrinka\Downloads"
C:\Windows\system32\tasks\{FEF6182F-EB6C-452E-8951-D96DF2961569} - C:\Program Files\Remedy\Max Payne 2\MaxPayne2_cracked.exe
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime - %windir%\system32\GWX\GWXUXWorker.exe /ScheduleUpgradeReminderTime
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime - %windir%\system32\GWX\GWXUXWorker.exe /ScheduleUpgradeTime
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess - %windir%\system32\GWX\GWX.exe /tasklaunch
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfigAndContent
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent - %windir%\system32\GWX\GWXConfigManager.exe /RefreshContent
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Lenovo\Lenovo Customer Feedback Program 35 - "%ProgramFiles%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
=========Mozilla firefox=========
ProfilePath - C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default
prefs.js - "browser.startup.homepage" - "http://www.centrum.cz/"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@photodex.com/PhotodexPresenter]
"Description"=Photodex Presenter Plugin
"Path"=C:\Program Files\Photodex Presenter\npPxPlay.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3]
"Description"=RealNetworks(tm) RealDownloader Peppe rFlash Video Shim Plug-In
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51]
"Description"=RealPlayer Download Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@realnetworks.com/npdlplugin;version=1]
"Description"=RealDownloader Plugin
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
Seznam lištička - extension - {ea614400-e918-4741-9a97-7a972ff7c30b}
Greasemonkey - extension - {e4a8a97b-f2ed-450b-b12d-ee082ba24781}
Flash Game Maximizer - extension - {258735dc-6743-4805-95fc-f95941fffdad}
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions.json
RealDownloader - extension - {DF153AFF-6948-45d7-AC98-4FC4AF8A08E2} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
Flash Game Maximizer - extension - {258735dc-6743-4805-95fc-f95941fffdad} - C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions\{258735dc-6743-4805-95fc-f95941fffdad}.xpi
Greasemonkey - extension - {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Seznam lištička - extension - {ea614400-e918-4741-9a97-7a972ff7c30b} - C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Avast Online Security - extension - wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
Avast SafePrice - extension - sp@avast.com - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\pluginreg.dat
Plugin - Adobe Acrobat - 11.0.18.21 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll
Plugin - Adobe Acrobat - 11.0.18.21 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
Plugin - VLC Web Plugin - 2.1.3.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll
Plugin - RealDownloader Plugin - 1.3.3.66 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
Plugin - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) - 1.3.3.66 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
Plugin - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) - 1.3.3.66 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
Plugin - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) - 1.3.3.66 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
Plugin - RealPlayer Download Plugin - 16.0.3.51 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll
Plugin - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) - 16.0.3.51 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
Plugin - Photodex Presenter Plugin - 6.0.0.3397 - C:\Program Files\Photodex Presenter\npPxPlay.dll
Plugin - Microsoft Office 2010 - 14.0.4730.1010 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
Plugin - Microsoft Office 2010 - 14.0.4761.1000 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
Plugin - Silverlight Plug-In - 5.1.30214.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
Plugin - Java(TM) Platform SE 8 U45 - 11.45.2.14 - C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
Plugin - Java Deployment Toolkit 8.0.450.14 - 11.45.2.14 - C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npdeployJava1.dll
Plugin - Shockwave Flash - 23.0.0.207 - C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll
Plugin - Unity Player - 2.6.1.31223 - C:\Users\Rene Anicka Sabrinka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
=========Google Chrome=========
C:\Users\Rene Anicka Sabrinka\AppData\Local\Google\Chrome\User Data\Default\Preferences
Extension pchfckkccldkbclgdepkaonamkignanh
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji]
"Path"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-18 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24 664848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30 266240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-18 172968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [2010-05-24 1683360]
"P17RunE"=RunDll32 P17RunE.dll,RunDLLEntry []
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"EEventManager"=C:\Program Files\Epson Software\Event Manager\EEventManager.exe [2010-10-12 979328]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-12-19 642808]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-15 9080768]
"Family Tree Builder Update"=C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2016-07-14 14517936]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2010-08-20 33120]
"EPSON SX430 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE [2011-01-21 212480]
"HydraVisionDesktopManager"=C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [2012-04-05 393216]
"EPSON042280 (Epson Stylus SX430)"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE [2011-01-21 212480]
"cz.seznam.software.autoupdate"=C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-11-22 05:57:43 ----D---- C:\_OTM
2016-11-20 11:43:04 ----D---- C:\AdwCleaner
2016-11-20 10:33:22 ----D---- C:\rsit
2016-11-19 09:22:02 ----D---- C:\FOTKY
2016-11-19 09:14:25 ----D---- C:\20061215 vilijovka
2016-11-19 08:48:42 ----D---- C:\SJEZDOVKY
2016-11-19 08:48:37 ----D---- C:\Sabrinka Skolka
2016-11-19 08:48:35 ----D---- C:\Sabrinka skola
2016-11-19 08:47:46 ----D---- C:\MAMKA telefon
2016-11-19 08:47:46 ----D---- C:\Kempaland
2016-11-19 08:47:28 ----D---- C:\Fotky sabrinka u babičky a dědečka
2016-11-19 08:46:55 ----D---- C:\Danove přiznani 2014
2016-11-18 15:13:52 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Netscape
2016-11-18 15:13:52 ----D---- C:\Program Files\Photodex Presenter
2016-11-18 15:12:47 ----D---- C:\Program Files\Photodex
2016-11-18 15:12:16 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Photodex
2016-11-18 15:12:11 ----D---- C:\ProgramData\Photodex
2016-11-17 13:02:25 ----D---- C:\Mamka mobil
2016-11-17 12:33:03 ----A---- C:\Windows\system32\FlashPlayerInstaller.exe
2016-11-15 17:21:03 ----D---- C:\Program Files\Common Files\Skype
2016-11-15 17:15:28 ----A---- C:\Windows\system32\aswBoot.exe
======List of files/folders modified in the last 1 month======
2016-11-22 06:03:23 ----D---- C:\Program Files\trend micro
2016-11-22 06:02:53 ----D---- C:\Windows\Temp
2016-11-22 06:01:22 ----D---- C:\Windows\system32\Tasks
2016-11-22 05:57:27 ----D---- C:\Windows\Prefetch
2016-11-21 18:05:13 ----D---- C:\Windows\system32\drivers
2016-11-20 12:48:06 ----D---- C:\Windows\System32
2016-11-20 12:48:06 ----D---- C:\Windows\inf
2016-11-20 12:48:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-11-20 11:54:34 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Seznam.cz
2016-11-20 11:45:11 ----D---- C:\Windows\Tasks
2016-11-20 11:45:10 ----HD---- C:\ProgramData
2016-11-20 09:42:59 ----D---- C:\Zaloha
2016-11-19 10:50:07 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\vlc
2016-11-19 09:02:24 ----D---- C:\Rodokmen
2016-11-18 17:43:25 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-11-18 17:43:25 ----D---- C:\Program Files\Mozilla Firefox
2016-11-18 17:25:13 ----D---- C:\Program Files
2016-11-18 15:13:52 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla
2016-11-18 15:01:45 ----D---- C:\Windows\system32\config
2016-11-18 14:59:55 ----SHD---- C:\System Volume Information
2016-11-17 12:33:07 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-11-17 12:33:04 ----D---- C:\Windows\system32\Macromed
2016-11-17 11:28:14 ----D---- C:\Program Files\TeamViewer
2016-11-15 17:21:44 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Skype
2016-11-15 17:21:14 ----SHD---- C:\Windows\Installer
2016-11-15 17:21:14 ----D---- C:\ProgramData\Skype
2016-11-15 17:21:13 ----SHD---- C:\Config.Msi
2016-11-15 17:21:03 ----RD---- C:\Program Files\Skype
2016-11-15 17:21:03 ----D---- C:\Program Files\Common Files
2016-11-15 17:14:57 ----D---- C:\Windows
2016-11-15 17:11:53 ----D---- C:\Windows\winsxs
2016-11-14 12:56:59 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\uTorrent
2016-11-08 14:40:41 ----D---- C:\Users\Rene Anicka Sabrinka\AppData\Roaming\VDownloader
2016-11-08 14:34:52 ----D---- C:\Program Files\VDownloader
2016-11-08 12:42:29 ----D---- C:\Windows\system32\DriverStore
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-10-05 60424]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-10-13 224752]
R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2010-04-08 215656]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 pwdrvio;pwdrvio; C:\Windows\system32\pwdrvio.sys [2013-09-30 15688]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-06-09 436792]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-10-05 35096]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-10-05 91232]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-10-05 735488]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-10-05 433768]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2012-04-09 48256]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-10-05 92256]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-10-05 118664]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-01-27 50704]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-19 9647104]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-19 442368]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-11-06 84992]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 13216]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-08-12 298216]
R3 P17;SB Live! 24-bit; C:\Windows\system32\drivers\P17.sys [2009-04-21 1147392]
S2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys []
S2 WF23880;WinFast TV2000/DV2000 WDM Video Capture.; C:\Windows\system32\drivers\wf88vcap.sys [2005-03-03 208851]
S2 WF88XBAR;WinFast TV2000/DV2000 WDM Crossbar.; C:\Windows\system32\drivers\WF88XBAR.sys [2005-03-03 10324]
S2 WFTUNE;WinFast TV2000/DV2000 WDM Tuner.; C:\Windows\system32\drivers\WF88TUNE.sys [2005-03-03 34789]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-10-05 34008]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\DRIVERS\ctsfm2k.sys [2003-09-22 130192]
S3 libusb0;libusb-win32 - Kernel Driver, Version 1.2.2.0; C:\Windows\system32\drivers\libusb0.sys [2010-10-02 35392]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
S3 ossrv;Creative OS Services Driver; C:\Windows\system32\DRIVERS\ctoss2k.sys [2003-09-22 178672]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 10320]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 usbser;USB Serial emulation modem driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 28160]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2010-05-15 1150880]
S3 vjoy;vJoy Device; C:\Windows\system32\DRIVERS\vjoy.sys [2014-03-06 41712]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
S3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\drivers\WSDScan.sys [2009-07-14 20480]
S3 xb1usb;Microsoft Xbox One Controller Driver; C:\Windows\system32\DRIVERS\xb1usb.sys [2014-05-26 29408]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-19 219136]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 291840]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-10-05 197128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\cscsvc.dll
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2008-11-18 307200]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE [2011-01-12 156160]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [2011-01-12 125440]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]
R2 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShow Gold\ScsiAccess.exe [2016-11-18 186760]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-01-08 754784]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 TeamViewer;TeamViewer 11; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2015-11-30 6887696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-17 270016]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll"=%SystemRoot%\System32\appmgmts.dll
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe []
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-06-09 79360]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-11-10 102912]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-11-18 172488]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll"=%SystemRoot%\system32\peerdistsvc.dll
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\system32\storsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\umrdp.dll
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119395
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o kontrolu logu
Stále to blbne. Třeba se mi dnes stalo na strance viry.cz kdyz jsem chtel kliknout na odkaz forum tak misto ruky kdyz jsem najel na odkaz tam byla porad sipka a kdyz jsem kliknul otevrel se novy panel a hned zmizel. podruhe na jine strance po kliknuti na me vyjela pornostranka.
-
Rudy
- Site Admin
- Příspěvky: 119395
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu
Udělejte tyto skeny:
1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o kontrolu logu
Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by Rene Anicka Sabrinka on Łt 22.11.2016 at 20:34:44,20.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Rene Anicka Sabrinka\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
22.11.2016 20:35:36 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\Program Files\Lenovo deleted successfully
C:\PROGRA~2\NVIDIA deleted successfully
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\The Complete Genealogy Reporter - FTB deleted successfully
C:\Users\Rene Anicka Sabrinka\AppData\Local\Application Data deleted successfully
C:\Users\Rene Anicka Sabrinka\AppData\Local\GHISLER deleted successfully
C:\Users\Rene Anicka Sabrinka\AppData\Local\Lenovo deleted successfully
C:\Users\Rene Anicka Sabrinka\AppData\Local\Samsung deleted successfully
C:\Users\Rene Anicka Sabrinka\AppData\Local\Skype deleted successfully
C:\Users\Rene Anicka Sabrinka\AppData\Local\Unity deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{74198672-5F7D-4FE9-A611-4AC1D5A66A15} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-1992398608-3809082940-2848717576-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{74198672-5F7D-4FE9-A611-4AC1D5A66A15} deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{74198672-5F7D-4FE9-A611-4AC1D5A66A15} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\RENEAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.centrum.cz/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.selectedEngine", "Google");
Added to C:\Users\RENEAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Deleting Files \ Folders ======================
C:\Program Files\Lenovo not found
C:\Users\Rene Anicka Sabrinka\AppData\Local\Lenovo not found
C:\Users\Rene Anicka Sabrinka\.android deleted
C:\Program Files\VDownloader deleted
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\VDownloader deleted
C:\PROGRA~2\AlawarWrapper deleted
C:\PROGRA~2\spds90.txt deleted
C:\PROGRA~2\InstallMate deleted
C:\Users\Rene Anicka Sabrinka\AppData\Local\Installer deleted
C:\Users\Rene Anicka Sabrinka\AppData\Local\CrashRpt deleted
C:\Users\Rene Anicka Sabrinka\AppData\LocalLow\Unity deleted
C:\Windows\wininit.ini deleted
C:\Windows\System32\AI_RecycleBin deleted
C:\Users\Public\Documents\AlawarWrapper deleted
C:\Users\Rene Anicka Sabrinka\Documents\Add-in Express deleted
C:\Users\RENEAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\jetpack deleted
C:\Users\Public\Desktop\VDownloader.lnk deleted
"C:\PROGRA~2\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}\{D3742F82-1C1A-4DCC-ABBD-0E831C0185CC}.msi" not deleted
"C:\PROGRA~2\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" not deleted
==== Orphaned Tasks deleted from Registry ======================
avast Emergency Update deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\RENEAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [15.11.2016 17:15]
==== Firefox Extensions ======================
ProfilePath: C:\Users\RENEAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- Flash Game Maximizer - %ProfilePath%\extensions\{258735dc-6743-4805-95fc-f95941fffdad}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
AppDir: C:\Program Files\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default
F827C9D0940AF8FA40CAF38AC5482834 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
903606D5C4C0BD934FAECCB0D96A99AF - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
0CA4180B21C6B728578F3B0433BB740E - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
F8CB60A5ACA5D73807ECBD9942A8BCB7 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin
96B3689320E9B16EDF38B7A5001C35F0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit)
EAC427FEF96A13058C1ACD17C38966CF - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit)
BE126CB7049E89ED6F3038016668B502 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit)
0FCEAA7D12B7B0BA825E5C770B1DCA48 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin
3A9E1940B4459CC97FDCBB24FCB69004 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
537EA917725B957B6D3DC0413C3A67A7 - C:\Program Files\Photodex Presenter\npPxPlay.dll - Photodex Presenter Plugin
01D93217A9EE48DD37072B671378CC9C - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll - Silverlight Plug-In
D31C4608FDCD9CEB756F45E91DCF64F8 - C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U45
66F9ADD8A2335EF9870AFDA4F35F492B - C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.450.14
83FCFA3C1E0D7523C21CCFBF336D2687 - C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll - Shockwave Flash
28986F0A2342A033345EF9E70D395E4F - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll - Microsoft® Silverlight
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14.08.2013 15:24]
SimilarWeb - Rene Anicka Sabrinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/?clid=12454"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/?clid=12454"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02
HKCU\SearchScopes\{12084D93-497E-41BD-AF42-B0D958E20B00} - http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
HKCU\SearchScopes\{1D1D1164-9DD3-469C-9205-37B1B347D9FD} - http://www.firmy.cz/?q={searchTerms}&so ... arch_12454
HKCU\SearchScopes\{4BFE27C4-4C36-4E4E-AC6D-8481DE965CD8} - http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
HKCU\SearchScopes\{A1D8CDAE-981F-4471-AC4C-1DDB5276E88F} - http://encyklopedie.seznam.cz/search?q= ... arch_12454
HKCU\SearchScopes\{B0A3BF1F-D78B-45E5-AAB2-63809AA44A1C} - http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
HKCU\SearchScopes\{D4CF7434-6D5D-431B-8F1D-5C732E1970B9} - http://search.seznam.cz/?q={searchTerms ... arch_12454
HKCU\SearchScopes\{E6F290D6-14DD-455F-9B9F-E2ACF1D218A4} - http://www.mapy.cz/?query={searchTerms} ... arch_12454
HKCU\SearchScopes\{EBE30363-449E-45A8-9122-5450A22C47F2} - http://www.novinky.cz/hledej?w={searchT ... arch_12454
HKCU\SearchScopes\{FBDA1182-54C1-4B8C-9802-0979A64AFEC7} - http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
==== Reset Google Chrome ======================
C:\Users\Rene Anicka Sabrinka\AppData\Local\Chromium\User Data\Default\Preferences was reset successfully
C:\Users\Rene Anicka Sabrinka\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Rene Anicka Sabrinka\AppData\Local\Chromium\User Data\Default\Web Data was reset successfully
C:\Users\Rene Anicka Sabrinka\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3052016F-D1AE-481C-80FF-196021C9892B} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\F6102503EA1DC18408FF9106129C98B2 deleted successfully
==== Empty IE Cache ======================
C:\Users\Rene Anicka Sabrinka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Rene Anicka Sabrinka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Rene Anicka Sabrinka\AppData\Local\Mozilla\Firefox\Profiles\2pod1ity.default\cache2 emptied successfully
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\storage\default\https+++www.pinterest.com\cache emptied successfully
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\storage\default\https+++www.svetandroida.cz\cache emptied successfully
==== Empty Chrome Cache ======================
No Chrome Cache found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=752 folders=173 151725336 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Rene Anicka Sabrinka\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\RENEAN~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\PROGRA~2\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}\{D3742F82-1C1A-4DCC-ABBD-0E831C0185CC}.msi" not found
"C:\PROGRA~2\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" not found
==== EOF on Łt 22.11.2016 at 20:53:09,45 ======================
Tool run by Rene Anicka Sabrinka on Łt 22.11.2016 at 20:34:44,20.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Rene Anicka Sabrinka\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
22.11.2016 20:35:36 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\Program Files\Lenovo deleted successfully
C:\PROGRA~2\NVIDIA deleted successfully
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\The Complete Genealogy Reporter - FTB deleted successfully
C:\Users\Rene Anicka Sabrinka\AppData\Local\Application Data deleted successfully
C:\Users\Rene Anicka Sabrinka\AppData\Local\GHISLER deleted successfully
C:\Users\Rene Anicka Sabrinka\AppData\Local\Lenovo deleted successfully
C:\Users\Rene Anicka Sabrinka\AppData\Local\Samsung deleted successfully
C:\Users\Rene Anicka Sabrinka\AppData\Local\Skype deleted successfully
C:\Users\Rene Anicka Sabrinka\AppData\Local\Unity deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{74198672-5F7D-4FE9-A611-4AC1D5A66A15} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-1992398608-3809082940-2848717576-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{74198672-5F7D-4FE9-A611-4AC1D5A66A15} deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{74198672-5F7D-4FE9-A611-4AC1D5A66A15} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\RENEAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.centrum.cz/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.selectedEngine", "Google");
Added to C:\Users\RENEAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Deleting Files \ Folders ======================
C:\Program Files\Lenovo not found
C:\Users\Rene Anicka Sabrinka\AppData\Local\Lenovo not found
C:\Users\Rene Anicka Sabrinka\.android deleted
C:\Program Files\VDownloader deleted
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\VDownloader deleted
C:\PROGRA~2\AlawarWrapper deleted
C:\PROGRA~2\spds90.txt deleted
C:\PROGRA~2\InstallMate deleted
C:\Users\Rene Anicka Sabrinka\AppData\Local\Installer deleted
C:\Users\Rene Anicka Sabrinka\AppData\Local\CrashRpt deleted
C:\Users\Rene Anicka Sabrinka\AppData\LocalLow\Unity deleted
C:\Windows\wininit.ini deleted
C:\Windows\System32\AI_RecycleBin deleted
C:\Users\Public\Documents\AlawarWrapper deleted
C:\Users\Rene Anicka Sabrinka\Documents\Add-in Express deleted
C:\Users\RENEAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\jetpack deleted
C:\Users\Public\Desktop\VDownloader.lnk deleted
"C:\PROGRA~2\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}\{D3742F82-1C1A-4DCC-ABBD-0E831C0185CC}.msi" not deleted
"C:\PROGRA~2\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" not deleted
==== Orphaned Tasks deleted from Registry ======================
avast Emergency Update deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\RENEAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [15.11.2016 17:15]
==== Firefox Extensions ======================
ProfilePath: C:\Users\RENEAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- Flash Game Maximizer - %ProfilePath%\extensions\{258735dc-6743-4805-95fc-f95941fffdad}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
AppDir: C:\Program Files\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default
F827C9D0940AF8FA40CAF38AC5482834 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
903606D5C4C0BD934FAECCB0D96A99AF - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
0CA4180B21C6B728578F3B0433BB740E - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
F8CB60A5ACA5D73807ECBD9942A8BCB7 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin
96B3689320E9B16EDF38B7A5001C35F0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit)
EAC427FEF96A13058C1ACD17C38966CF - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit)
BE126CB7049E89ED6F3038016668B502 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit)
0FCEAA7D12B7B0BA825E5C770B1DCA48 - C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin
3A9E1940B4459CC97FDCBB24FCB69004 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
537EA917725B957B6D3DC0413C3A67A7 - C:\Program Files\Photodex Presenter\npPxPlay.dll - Photodex Presenter Plugin
01D93217A9EE48DD37072B671378CC9C - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll - Silverlight Plug-In
D31C4608FDCD9CEB756F45E91DCF64F8 - C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U45
66F9ADD8A2335EF9870AFDA4F35F492B - C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.450.14
83FCFA3C1E0D7523C21CCFBF336D2687 - C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll - Shockwave Flash
28986F0A2342A033345EF9E70D395E4F - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll - Microsoft® Silverlight
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14.08.2013 15:24]
SimilarWeb - Rene Anicka Sabrinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/?clid=12454"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/?clid=12454"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02
HKCU\SearchScopes\{12084D93-497E-41BD-AF42-B0D958E20B00} - http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
HKCU\SearchScopes\{1D1D1164-9DD3-469C-9205-37B1B347D9FD} - http://www.firmy.cz/?q={searchTerms}&so ... arch_12454
HKCU\SearchScopes\{4BFE27C4-4C36-4E4E-AC6D-8481DE965CD8} - http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
HKCU\SearchScopes\{A1D8CDAE-981F-4471-AC4C-1DDB5276E88F} - http://encyklopedie.seznam.cz/search?q= ... arch_12454
HKCU\SearchScopes\{B0A3BF1F-D78B-45E5-AAB2-63809AA44A1C} - http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
HKCU\SearchScopes\{D4CF7434-6D5D-431B-8F1D-5C732E1970B9} - http://search.seznam.cz/?q={searchTerms ... arch_12454
HKCU\SearchScopes\{E6F290D6-14DD-455F-9B9F-E2ACF1D218A4} - http://www.mapy.cz/?query={searchTerms} ... arch_12454
HKCU\SearchScopes\{EBE30363-449E-45A8-9122-5450A22C47F2} - http://www.novinky.cz/hledej?w={searchT ... arch_12454
HKCU\SearchScopes\{FBDA1182-54C1-4B8C-9802-0979A64AFEC7} - http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
==== Reset Google Chrome ======================
C:\Users\Rene Anicka Sabrinka\AppData\Local\Chromium\User Data\Default\Preferences was reset successfully
C:\Users\Rene Anicka Sabrinka\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Rene Anicka Sabrinka\AppData\Local\Chromium\User Data\Default\Web Data was reset successfully
C:\Users\Rene Anicka Sabrinka\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3052016F-D1AE-481C-80FF-196021C9892B} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\F6102503EA1DC18408FF9106129C98B2 deleted successfully
==== Empty IE Cache ======================
C:\Users\Rene Anicka Sabrinka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Rene Anicka Sabrinka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Rene Anicka Sabrinka\AppData\Local\Mozilla\Firefox\Profiles\2pod1ity.default\cache2 emptied successfully
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\storage\default\https+++www.pinterest.com\cache emptied successfully
C:\Users\Rene Anicka Sabrinka\AppData\Roaming\Mozilla\Firefox\Profiles\2pod1ity.default\storage\default\https+++www.svetandroida.cz\cache emptied successfully
==== Empty Chrome Cache ======================
No Chrome Cache found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=752 folders=173 151725336 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Rene Anicka Sabrinka\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\RENEAN~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\PROGRA~2\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}\{D3742F82-1C1A-4DCC-ABBD-0E831C0185CC}.msi" not found
"C:\PROGRA~2\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" not found
==== EOF on Łt 22.11.2016 at 20:53:09,45 ======================
Re: Prosim o kontrolu logu
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 7 Professional x86
Ran by Rene Anicka Sabrinka (Administrator) on Łt 22.11.2016 at 20:56:08,06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 10
Failed to delete: C:\Users\Rene Anicka Sabrinka\AppData\Local\alawarwrapper (Folder)
Successfully deleted: C:\Users\Rene Anicka Sabrinka\AppData\Roaming\torrentstream (Folder)
Successfully deleted: C:\Users\Rene Anicka Sabrinka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9YGRSMGL (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Rene Anicka Sabrinka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DXX38MOL (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Rene Anicka Sabrinka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H9WTIRZ4 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Rene Anicka Sabrinka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VT20J7N8 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9YGRSMGL (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DXX38MOL (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H9WTIRZ4 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VT20J7N8 (Temporary Internet Files Folder)
Registry: 2
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D4CF7434-6D5D-431B-8F1D-5C732E1970B9} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 22.11.2016 at 20:59:15,01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 7 Professional x86
Ran by Rene Anicka Sabrinka (Administrator) on Łt 22.11.2016 at 20:56:08,06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 10
Failed to delete: C:\Users\Rene Anicka Sabrinka\AppData\Local\alawarwrapper (Folder)
Successfully deleted: C:\Users\Rene Anicka Sabrinka\AppData\Roaming\torrentstream (Folder)
Successfully deleted: C:\Users\Rene Anicka Sabrinka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9YGRSMGL (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Rene Anicka Sabrinka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DXX38MOL (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Rene Anicka Sabrinka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H9WTIRZ4 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Rene Anicka Sabrinka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VT20J7N8 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9YGRSMGL (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DXX38MOL (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H9WTIRZ4 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VT20J7N8 (Temporary Internet Files Folder)
Registry: 2
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D4CF7434-6D5D-431B-8F1D-5C732E1970B9} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 22.11.2016 at 20:59:15,01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
Rudy
- Site Admin
- Příspěvky: 119395
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu
Změnilo se něco nyní?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o kontrolu logu
zadna porno stranka zatim na mě nevyskocila , ale ta šipka když chci něco rozkliknout se občas děla. kliknu na odkaz otevře se novy panel hned zmizí a na odkaz musim kliknout znovu aby se otevřel
-
Rudy
- Site Admin
- Příspěvky: 119395
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu
V kterém prohlížeči?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?