VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o preventivku

https://forum.viry.cz:443/viewtopic.php?t=142441

Stránka 2 z 2

Re: Prosím o preventivku

Napsal: 27 led 2015 11:44
od Jackie
Info:

info.txt logfile of random's system information tool 1.10 2015-01-27 11:36:35

======MBR======

0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A1D7FBDAE000080202100075E38260008000000600900005E392607FEFFFF0068090000586A5400FEFFFF07FEFFFF00C073540090A00200FEFFFF0CFEFFFF0050145700D83F0055AA

======Uninstall list======

Adobe Flash Player 16 ActiveX-->C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_296_ActiveX.exe -maintain activex
Adobe Flash Player 16 NPAPI-->C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_296_Plugin.exe -maintain plugin
Adobe Reader XI (11.0.10) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AB0000000001}
Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001802114130}
Alcor Micro Smart Card Reader Driver-->C:\Program Files (x86)\InstallShield Installation Information\{F24F876B-7D71-4BD6-88E9-614D3BB84239}\setup.exe -runfromtemp -removeonly
Alcor Micro Smart Card Reader Driver-->MsiExec.exe /X{F24F876B-7D71-4BD6-88E9-614D3BB84239}
Aplikace Intel® PROSet/Wireless-->"C:\ProgramData\Package Cache\{105fa5c4-72e1-41f2-a82c-884d8aa4b381}\Setup.exe" /uninstall
Apple Application Support-->MsiExec.exe /I{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}
Apple Mobile Device Support-->MsiExec.exe /I{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
ArcSoft Webcam Sharing Manager-->MsiExec.exe /X{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}
aTube Catcher verze 3.8-->"C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\unins000.exe"
aTube Catcher-->C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\uninstall.exe
Audacity 2.0.3-->"C:\Program Files (x86)\Audacity\unins000.exe"
Bonjour-->MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
Broadcom Bluetooth Software-->MsiExec.exe /X{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Corel WinDVD-->MsiExec.exe /X{5C1F18D2-F6B7-4242-B803-B5A78648185D}
Definition Update for Microsoft Office 2010 (KB2910899) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{C8358E8D-6C89-41B3-8439-FEFBC0353D81}" "1029" "0"
Defraggler-->"C:\Program Files\Defraggler\uninst.exe"
Device Access Manager for HP ProtectTools-->MsiExec.exe /X{55B52830-024A-443E-AF61-61E1E71AFA1B}
DirectX 9 Runtime-->MsiExec.exe /I{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}
doPDF 7.3 printer-->"C:\Program Files\Softland\doPDF 7\unins000.exe"
Drive Encryption For HP ProtectTools-->MsiExec.exe /X{27F1E086-5691-4EB8-8BA1-5CBA87D67EB5}
Embedded Security for HP ProtectTools-->MsiExec.exe /X{F75C607F-9341-47B3-83FC-CC66B9C519E8}
Energy Star Digital Logo-->MsiExec.exe /I{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}
Face Recognition for HP ProtectTools-->msiexec.exe /i {D3A775F2-2674-4452-8D80-1FC1446052EE} /qf
Face Recognition for HP ProtectTools-->MsiExec.exe /X{D3A775F2-2674-4452-8D80-1FC1446052EE}
ffdshow x64 v1.3.4531 [2014-06-28]-->"C:\Program Files\ffdshow\unins000.exe"
Freemake Video Converter verze 4.1.4-->"C:\Program Files (x86)\Freemake\Freemake Video Converter\Uninstall\unins000.exe"
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Toolbar for Internet Explorer-->"C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_8CA8B41417E66DEB.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hewlett-Packard ACLM.NET v1.2.1.1-->MsiExec.exe /I{6F340107-F9AA-47C6-B54C-C3A19F11553F}
HF Designer 5.2-->"C:\Program Files (x86)\HF Designer\unins000.exe"
HighSky Trader 5-->C:\Program Files\HighSky Trader 5\uninstall.exe
HP 3D DriveGuard-->MsiExec.exe /X{EE6D6D5E-539C-44B6-BEF0-AA7C20DE170B}
HP Auto-->MsiExec.exe /I{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}
HP Backlit Keyboard Controls-->MsiExec.exe /X{CD4F3229-4A37-463F-98A3-3DEEEEE8492C}
HP Connection Manager-->MsiExec.exe /X{C0ED9561-8312-457C-BB1B-BDC7EE034CED}
HP Customer Experience Enhancements-->MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544}
HP Documentation-->MsiExec.exe /X{11B945E6-B81D-4265-9F33-21D72682E1C9}
HP ESU for Microsoft Windows 7-->MsiExec.exe /X{240B2BF7-E7E6-425C-A2A4-A3149189BF7F}
HP File Sanitizer-->MsiExec.exe /I{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}
HP HD Webcam Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe" -runfromtemp -l0x0409 -removeonly
HP Hotkey Support-->MsiExec.exe /X{57FA60DA-585F-456A-B80E-17D1CDD22A30}
HP Postscript Converter-->MsiExec.exe /I{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}
HP Power Assistant-->MsiExec.exe /X{84642787-58C0-44AE-8B26-E2F544E380A1}
HP ProtectTools Security Manager-->C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\setup.exe
HP ProtectTools Security Manager-->MsiExec.exe /X{3DF89DED-B76F-4561-AED7-6E38154E10E8}
HP Setup-->MsiExec.exe /I{438363A8-F486-4C37-834C-4955773CB3D3}
HP SoftPaq Download Manager-->MsiExec.exe /I{FE465061-894A-4023-8580-56FCDD4F23F9}
HP Software Framework-->MsiExec.exe /X{03619AEC-00EE-43CB-9F4F-25BE4C8C90D2}
HP Software Setup-->MsiExec.exe /X{658A8756-7B1E-44FD-A434-D777DD906232}
HP Support Assistant-->"C:\Program Files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe" -runfromtemp -l0x0409 -removeonly
HP System Default Settings-->MsiExec.exe /X{3A61A282-4F08-4D43-920C-DC30ECE528E8}
HP Wallpaper-->MsiExec.exe /I{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}
HP Web Camera-->MsiExec.exe /I{C7AE4EC3-9C13-4213-8457-74D16B353F91}
HP Webcam-->C:\ProgramData\Uninstall\{1D61E881-43CD-447B-9E6B-D2C6138B2862}\setup.exe /x {1D61E881-43CD-447B-9E6B-D2C6138B2862}
ICQ6.5-->"C:\Program Files (x86)\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
IDT Audio-->"C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\Setup.exe" -remove -removeonly
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Network Connections 18.0.1.0-->MsiExec.exe /i{C791C00B-639F-4D7C-9196-8A02CBCFC1FA} ARPREMOVE=1
Intel(R) Network Connections 18.0.1.0-->MsiExec.exe /i{C791C00B-639F-4D7C-9196-8A02CBCFC1FA} ARPREMOVE=1
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed-->MsiExec.exe /X{6F280399-F8BD-4F2E-BCA4-207BEBCDE33A}
Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
Intel(R) USB 3.0 eXtensible Host Controller Driver-->C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Uninstall\setup.exe -uninstall
Intel® PROSet/Wireless WiFi Software-->MsiExec.exe /I{3181229B-05DA-46F9-B8D4-4966BDA99A74}
Intel® Trusted Connect Service Client-->MsiExec.exe /I{FA00A3CC-7440-4938-A271-F186F50DD40D}
iTunes-->MsiExec.exe /I{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}
Java 7 Update 60-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F03217060FF}
JMicron 1394 Filter Driver-->"C:\Program Files (x86)\JMicron\JOHCI_DIR\setup.exe" delpkg
JMicron Flash Media Controller Driver-->"C:\Program Files (x86)\JMicron\JMCR_DIR\setup.exe" delpkg
Media Player Codec Pack 4.3.5-->C:\windows\SysWOW64\C2MP\Uninst.exe
Mendeley Desktop 1.10.1-->C:\Program Files (x86)\Mendeley Desktop\Uninstaller.exe
Microsoft .NET Framework 4.5.1-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\\Setup.exe /repair /x86 /x64
Microsoft .NET Framework 4.5.1-->MsiExec.exe /X{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}
Microsoft Office 2010 pro podnikatele-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall SINGLEIMAGE /dll OSETUP.DLL
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2010-->MsiExec.exe /X{90140000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook Connector-->MsiExec.exe /X{95140000-007A-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2010-->MsiExec.exe /X{90140000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-0000-0000000FF1CE}
Microsoft Office Single Image 2010-->MsiExec.exe /X{90140000-003D-0000-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-0000-0000000FF1CE}
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit-->MsiExec.exe /X{95140000-007D-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053-->MsiExec.exe /X{B6E3757B-5E77-3915-866A-CCFC4B8D194C}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Morphyre-->"C:\Program Files (x86)\Morphyre\uninstall.exe"
Mozilla Firefox 30.0 (x86 cs)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 12-->MsiExec.exe /I{560FC78C-A4B2-461D-9B47-820C1EEF87B8}
Nero Audio Pack 1-->MsiExec.exe /X{A7A0BF2E-31CC-49E3-9913-52C503EB969D}
Nero BackItUp Help (CHM)-->MsiExec.exe /X{EF0D1292-8FC1-41BE-9740-DBC134F66415}
Nero Blu-ray Player Help (CHM)-->MsiExec.exe /X{5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}
Nero Blu-ray Player-->MsiExec.exe /X{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}
Nero Burning ROM Help (CHM)-->MsiExec.exe /X{2890E324-6F3B-4975-8B95-E7D6D80E0226}
Nero Burning ROM-->MsiExec.exe /X{5963F4B4-D138-47CD-ADEF-470E87E185BD}
Nero ControlCenter Help (CHM)-->MsiExec.exe /X{C994C746-C6D0-4EBA-B09E-DF7B18381B69}
Nero ControlCenter-->MsiExec.exe /X{ABC88553-8770-4B97-B43E-5A90647A5B63}
Nero Core Components-->MsiExec.exe /X{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}
Nero Disc Menus Basic-->MsiExec.exe /X{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}
Nero Effects Basic-->MsiExec.exe /X{29F67D84-3A70-456E-806A-52301B02070B}
Nero Express Help (CHM)-->MsiExec.exe /X{0708FF30-78C0-47B0-81F0-C84604DC769C}
Nero Express-->MsiExec.exe /X{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}
Nero Kwik Media Help (CHM)-->MsiExec.exe /X{1F16820E-D0E7-4636-939E-45CBFEFB06E1}
Nero Kwik Themes Basic-->MsiExec.exe /X{1B6F5E51-575E-4693-BCA2-7543570D076D}
Nero PiP Effects Basic-->MsiExec.exe /X{ACE49D50-19CD-44A6-B192-46F985283B26}
Nero Recode Help (CHM)-->MsiExec.exe /X{86847081-B387-4F49-AED1-C9B0A090D66C}
Nero RescueAgent Help (CHM)-->MsiExec.exe /X{0B311221-05A5-4766-8D03-7A6446794156}
Nero SharedVideoCodecs-->MsiExec.exe /X{2432E589-6256-4513-B0BF-EFA8E325D5F0}
Nero Video Help (CHM)-->MsiExec.exe /X{B128179D-A5E1-43AC-9422-12A109ECD2A0}
Norton Security Scan-->C:\Program Files (x86)\Norton Security Scan\Engine\4.1.0.28\InstWrap.exe
NVIDIA nView 136.53-->"C:\windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{1307B1FD-FFDF-4C09-B924-1FE283144B54}\NVI2.DLL",UninstallPackage Display.NView
NVIDIA Ovladač HD audia 1.3.18.0-->"C:\windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{1307B1FD-FFDF-4C09-B924-1FE283144B54}\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA Ovladače grafiky 310.90-->"C:\windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{1307B1FD-FFDF-4C09-B924-1FE283144B54}\NVI2.DLL",UninstallPackage Display.Driver
opensource-->MsiExec.exe /I{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}
PDF24 Creator 5.1.0-->"C:\Program Files (x86)\PDF24\unins000.exe"
Privacy Manager for HP ProtectTools-->MsiExec.exe /I{29AB47F0-C5A3-401F-8A84-3324F2DC8E46}
RBVirtualFolder64Inst-->MsiExec.exe /I{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}
Roxio Activation Module-->MsiExec.exe /I{A121EEDE-C68F-461D-91AA-D48BA226AF1C}
Roxio CinePlayer Decoder Pack-->MsiExec.exe /I{9A00EC4E-27E1-42C4-98DD-662F32AC8870}
Roxio Express Labeler 3-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD Business 2010-->C:\ProgramData\Uninstall\{9CB4FBA9-45C0-41AA-97CC-283B42E1A21E}\setup.exe /x {9CB4FBA9-45C0-41AA-97CC-283B42E1A21E}
Roxio MyDVD Business 2010-->MsiExec.exe /I{BACE8BFA-8F39-421D-BEF1-6E78632BDC90}
Roxio Secure Burn-->C:\ProgramData\Uninstall\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}\setup.exe /x {B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}
Roxio Secure Burn-->MsiExec.exe /I{8FE60B86-0B99-426D-8DBE-BEC526FDED71}
SDK-->"C:\Program Files (x86)\InstallShield Installation Information\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}\setup.exe" -runfromtemp -l0x0409
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {F7CBA1C7-E5B5-39E9-9631-459E1FE08C45}
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {BD0F9F7E-62B2-3971-9E2E-B87B832CE89D}
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {513BC47F-0560-33C2-A029-C5387642233A}
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {599EC629-2679-30CE-B28B-7432EF5FC126}
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {59923C0F-51CB-3F2C-8465-E69019472533}
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {47FA5DCB-D13C-331E-BC32-65E53BDD949C}
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {8B856ECB-ED10-3F9E-880D-03A278EF3FB6}
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {48006B2D-366F-3386-92C7-785D3A523042}
Security Update for Microsoft Excel 2010 (KB2910902) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{6A1E6C95-CDE5-4E8C-A712-79C0985DAFE6}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2553154) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{D0D69BA5-4BD9-439E-804F-07DC80CF5408}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-0000-0000000FF1CE}" "{0665F3BA-FCE2-4CB1-ACDD-19544B0E4C14}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{4D6FE7B6-559F-4DAC-92CF-A01C24046AEB}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-0000-0000000FF1CE}" "{A5B39813-17B0-4481-B19E-9C57C0BF1EE0}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{1EE5FA17-F624-438C-B7AC-7C5A41E90FA2}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{7AC3F78E-ECA0-45F4-A9CC-3E885DA23662}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{5EE42B42-1159-435C-898A-2A3298453B20}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{0BC570F0-7352-4A3A-B2A2-CA56ADA7375F}" "1029" "0"
Security Update for Microsoft Word 2010 (KB2899519) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{3D0C726C-AA67-4078-9046-24F95B738B6A}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-0405-0000-0000000FF1CE}" "{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0405-0000-0000000FF1CE}" "{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0405-0000-0000000FF1CE}" "{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-0405-0000-0000000FF1CE}" "{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-0000-0000000FF1CE}" "{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0405-0000-0000000FF1CE}" "{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-0000-0000000FF1CE}" "{A71E3AD4-5545-4D59-9F11-75F363563C6A}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-0000-0000000FF1CE}" "{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{09A9DF49-DA06-4093-A2FD-F339211E39EA}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-041B-0000-0000000FF1CE}" "{0C337AF5-E6A7-4B6B-8F8E-08F9C6F956B4}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{E4D76E88-C65F-4003-9C71-EC4306679D17}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0405-1000-0000000FF1CE}" "{7F5CE17A-23B9-4EED-B017-A7EF4547476C}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-0405-0000-0000000FF1CE}" "{EA82267F-4AAB-46BA-AD6A-9EBB544D0EF7}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-0000-0000000FF1CE}" "{2C911571-C8B6-400B-B323-417C1806E866}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0405-0000-0000000FF1CE}" "{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}" "1029" "0"
Skype Click to Call-->MsiExec.exe /X{6D1221A9-17BF-4EC0-81F2-27D30EC30701}
Skype™ 6.18-->MsiExec.exe /X{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}
STATISTICA 12.0.1133.6 64-bit-->MsiExec.exe /X{94DE357D-709E-5728-1BDF-CA333A08AB10}
STATNOVAPDF (novaPDF 7.7 printer)-->"C:\Program Files\Common Files\StatSoft\Nova\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
System Requirements Lab for Intel-->MsiExec.exe /I{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}
The KMPlayer (remove only)-->"C:\Program Files (x86)\The KMPlayer\uninstall.exe"
Theft Recovery for HP ProtectTools-->"C:\Program Files (x86)\InstallShield Installation Information\{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}\setup.exe" -runfromtemp -l0x0409 -removeonly
Theft Recovery for HP ProtectTools-->MsiExec.exe /X{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}
Total Commander 64-bit (Remove or Repair)-->c:\totalcmd\tcunin64.exe
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}" "1029" "0"
Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0405-0000-0000000FF1CE}" "{24C87C37-90DB-4DEB-AE8B-7F533CF0D7D9}" "1029" "0"
Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0405-0000-0000000FF1CE}" "{24C87C37-90DB-4DEB-AE8B-7F533CF0D7D9}" "1029" "0"
Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0405-0000-0000000FF1CE}" "{24C87C37-90DB-4DEB-AE8B-7F533CF0D7D9}" "1029" "0"
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{302A8FE3-EBF5-486C-A431-16A1CD914443}" "1029" "0"
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{302A8FE3-EBF5-486C-A431-16A1CD914443}" "1029" "0"
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}" "1029" "0"
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{8BEEA2FC-D416-428A-B52A-A3ED45921151}" "1029" "0"
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-0000-0000000FF1CE}" "{8BEEA2FC-D416-428A-B52A-A3ED45921151}" "1029" "0"
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}" "1029" "0"
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}" "1029" "0"
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}" "1029" "0"
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{287A1E92-9E41-4BC1-8920-B3D0E9220800}" "1029" "0"
Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{A4F91D60-654C-4892-BFD3-0D41ADA649B6}" "1029" "0"
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{9D69691D-823D-4C3E-9B12-563A3F520366}" "1029" "0"
Update for Microsoft Office 2010 (KB2597089) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-0000-0000000FF1CE}" "{B0D1579E-E814-4779-A1EE-CFF95D68E265}" "1029" "0"
Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{0B7744D2-1FDD-4843-9987-7CE11B79F370}" "1029" "0"
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{35698CB7-AAA2-4577-B505-DBFF504AEF23}" "1029" "0"
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{5AA578BB-759C-40FD-9661-A737C0884541}" "1029" "0"
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}" "1029" "0"
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}" "1029" "0"
Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{8158D96B-083A-4FE4-8587-B5D0F49FE4B8}" "1029" "0"
Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{8158D96B-083A-4FE4-8587-B5D0F49FE4B8}" "1029" "0"
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{B0D672F7-883E-4279-8E75-D97A5445AB46}" "1029" "0"
Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{D1C4AD0B-CC79-41D2-8D6A-571E7B30658C}" "1029" "0"
Update for Microsoft Office 2010 (KB2889818) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{CFB80344-FCBA-4C03-AD77-D49E82F14C3E}" "1029" "0"
Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-0000-0000000FF1CE}" "{60C9499F-B532-4206-AB19-F88C3A7684D5}" "1029" "0"
Update for Microsoft Office 2010 (KB2910896) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{E762A933-274B-4860-B066-A39FAB0838FD}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2597088) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{A87EDEA3-4861-4D99-9B36-F442740F1287}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2597088) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{A87EDEA3-4861-4D99-9B36-F442740F1287}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2597088) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0405-0000-0000000FF1CE}" "{A6CAC541-0269-4BCB-B759-31D7FBB02227}" "1029" "0"
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-0000-0000000FF1CE}" "{D02AE7ED-5B00-4251-B7D5-F9590899EEEA}" "1029" "0"
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{2AB483F1-C86E-427A-83B4-23889B03512D}" "1029" "0"
Update for Microsoft PowerPoint 2010 (KB2880517) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0405-0000-0000000FF1CE}" "{EFF9CBEC-AC1C-4F64-BF8B-FAF088911BAF}" "1029" "0"
Update for Microsoft PowerPoint 2010 (KB2880517) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{6C727BC2-B2B9-4B03-BD7E-682EA6FA1C04}" "1029" "0"
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{F9F5A080-AF38-4966-9A6B-C43DCA465035}" "1029" "0"
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{7B29D8B8-6A87-496C-A65E-B935E740448A}" "1029" "0"
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{38CF30E4-3348-4BD1-A859-B630C355A56F}" "1029" "0"
Validity Fingerprint Sensor Driver-->MsiExec.exe /X{AA51ED2E-DCE7-415F-9C32-CB9B561D216D}
VC_CRT_x64-->MsiExec.exe /I{54F2237F-018C-483B-8884-9FC0D88840C3}
VIP Access SDK (1.1.0.7) -->C:\Program Files\Symantec\VIP Access SDK\uninstall.exe
VLC media player 1.0.1-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
VSFilter 2.41.322 (0c3a1ea) Nightly (64-bit)-->"C:\Program Files\DirectVobSub\unins000.exe"
Welcome App (Start-up experience)-->MsiExec.exe /X{828175FA-7307-4DBF-95AD-9CEE086B6F45}
Windows 7 Codec Pack 4.1.0-->C:\windows\SysWOW64\C2MP\Uninst.exe
WinZip Driver Updater-->"C:\Program Files (x86)\WinZip Driver Updater\unins000.exe" /silent
XnView 2.25-->"C:\Program Files (x86)\XnView\unins000.exe"

======System event log======

Computer Name: Lenny-HP
Event Code: 7036
Message: Stav služby Úložná technologie Intel® Rapid byl změněn na: Spuštěno
Record Number: 164811
Source Name: Service Control Manager
Time Written: 20140601092702.884294-000
Event Type: Informace
User:

Computer Name: Lenny-HP
Event Code: 7036
Message: Stav služby HP Support Assistant Service byl změněn na: Spuštěno
Record Number: 164810
Source Name: Service Control Manager
Time Written: 20140601092654.865880-000
Event Type: Informace
User:

Computer Name: Lenny-HP
Event Code: 7036
Message: Stav služby Služba Zasílání zpráv o chybách systému Windows byl změněn na: Zastaveno
Record Number: 164809
Source Name: Service Control Manager
Time Written: 20140601092654.429079-000
Event Type: Informace
User:

Computer Name: Lenny-HP
Event Code: 5060
Message:
Record Number: 164808
Source Name: NETwNs64
Time Written: 20140601092654.210678-000
Event Type: Informace
User:

Computer Name: Lenny-HP
Event Code: 7036
Message: Stav služby HP Power Assistant Service byl změněn na: Spuštěno
Record Number: 164807
Source Name: Service Control Manager
Time Written: 20140601092653.571077-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: Lenny-HP
Event Code: 1000
Message: Čítače výkonu pro službu WmiApRpl (WmiApRpl) byly úspěšně načteny. Data záznamu v datové části obsahují nové indexové hodnoty přiřazené této službě.
Record Number: 103956
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20140519151330.166728-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: Lenny-HP
Event Code: 1001
Message: Čítače výkonu pro službu WmiApRpl (WmiApRpl) byly úspěšně odstraněny. Data záznamu obsahují nové hodnoty položek Last Counter a Last Help systémového registru.
Record Number: 103955
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20140519151329.874711-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: Lenny-HP
Event Code: 1
Message: Služba Centrum zabezpečení systému Windows byla spuštěna.
Record Number: 103954
Source Name: SecurityCenter
Time Written: 20140519151115.000000-000
Event Type: Informace
User:

Computer Name: Lenny-HP
Event Code: 902
Message: Služba Ochrana softwaru byla spuštěna.
6.1.7601.17514
Record Number: 103953
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20140519151109.000000-000
Event Type: Informace
User:

Computer Name: Lenny-HP
Event Code: 1003
Message: Služba Ochrana softwaru dokončila kontrolu stavu licencování.
ID aplikace=55c92734-d682-4d71-983e-d6ec3f16059f
Stav licencování=
1: 4de78642-0f7f-4b61-9392-8add86d70ae8, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
2: 50e329f7-a5fa-46b2-85fd-f224e5da7764, 1, 1 [(0 [0x00000000, 1, 0], [(?)(?)( 1 0x00000000 0 0 msft:rm/algorithm/bios/4.0 0x00000000 0)(?)(?)(?)])(1 )(2 )]
3: 5a79ecd8-d33f-406c-a619-7785899b5d59, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
4: 770bc271-8dc1-467d-b574-73cbacbeccd1, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
5: 90a61a0d-0b76-4bf1-a8b8-89061855a4c9, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
6: 92f9d22a-65f5-49a7-90fe-06491b4fc379, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
7: 9abf5984-9c16-46f2-ad1e-7fe15931a8dd, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
8: 9ccffaf9-86a2-414e-b031-b2f777720e90, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
9: b92e9980-b9d5-4821-9c94-140f632f6312, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
10: c1027486-8ae8-4633-9cf9-9658ed80504d, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
11: c1e88de3-96c4-4563-ad7d-775f65b1e670, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
12: c33001fc-5e9c-4f27-8c05-e0154adb0db4, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
13: cf3c5b35-35ff-4c95-9bbd-a188e47ad14c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
14: cff07cac-7534-4cc3-b3f3-99e1a0aa3c20, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
15: d188820a-cb63-4bad-a9a2-40b843ee23b7, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
16: d8e04254-f9a5-4729-ae86-886de6aa907c, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
17: da22eadd-46dc-4056-a287-f5041c852470, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
18: e120e868-3df2-464a-95a0-b52fa5ada4bf, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
19: e838d943-63ed-4a0b-9fb1-47152908acc9, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
20: 4a8149bb-7d61-49f4-8822-82c7bf88d64b, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]
21: afd5f68f-b70f-4000-a21d-28dbc8be8b07, 1, 0 [(0 [0xC004F014, 0, 0], [(?)(?)(?)(?)(?)(?)])(1 )(2 )]


Record Number: 103952
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20140519151109.000000-000
Event Type: Informace
User:

Re: Prosím o preventivku

Napsal: 27 led 2015 11:55
od Márty84
:!: Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.) :!:

:!: Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

:arrow: Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

:!: Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
:!: Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Re: Prosím o preventivku

Napsal: 27 led 2015 13:31
od Jackie
Vše proběhlo bez problému, zde je log:

ComboFix 15-01-27.01 - Lenny 27.01.2015 12:41:50.1.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8125.4887 [GMT 1:00]
Spuštěný z: c:\users\Lenny\Desktop\ComboFix.exe
AV: ESET Smart Security 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\WinZip Driver Updater
c:\program files (x86)\WinZip Driver Updater\Danish_rcp.ini
c:\program files (x86)\WinZip Driver Updater\difxapi.dll
c:\program files (x86)\WinZip Driver Updater\difxapi64.dll
c:\program files (x86)\WinZip Driver Updater\Dutch_rcp.ini
c:\program files (x86)\WinZip Driver Updater\eng_rcp.ini
c:\program files (x86)\WinZip Driver Updater\Finnish_rcp_fi.ini
c:\program files (x86)\WinZip Driver Updater\French_rcp.ini
c:\program files (x86)\WinZip Driver Updater\German_rcp.ini
c:\program files (x86)\WinZip Driver Updater\Chinese_rcp.ini
c:\program files (x86)\WinZip Driver Updater\install_left.bmp
c:\program files (x86)\WinZip Driver Updater\isxdl.dll
c:\program files (x86)\WinZip Driver Updater\Italian_rcp.ini
c:\program files (x86)\WinZip Driver Updater\Japanese_rcp.ini
c:\program files (x86)\WinZip Driver Updater\Norwegian_rcp.ini
c:\program files (x86)\WinZip Driver Updater\Portuguese_rcp.ini
c:\program files (x86)\WinZip Driver Updater\russian_rcp_ru.ini
c:\program files (x86)\WinZip Driver Updater\Spanish_rcp.ini
c:\program files (x86)\WinZip Driver Updater\Swedish_rcp.ini
c:\program files (x86)\WinZip Driver Updater\unins000.dat
c:\program files (x86)\WinZip Driver Updater\unins000.exe
c:\program files (x86)\WinZip Driver Updater\unins000.msg
c:\program files (x86)\WinZip Driver Updater\unrar.dll
c:\program files (x86)\WinZip Driver Updater\updater\amd64Helper\difxapi.dll
c:\program files (x86)\WinZip Driver Updater\updater\amd64Helper\DriverUpdateHelper64.exe
c:\program files (x86)\WinZip Driver Updater\updater\amd64Helper\DriverUpdateHelper64.manifest
c:\program files (x86)\WinZip Driver Updater\updater\extract\7z.dll
c:\program files (x86)\WinZip Driver Updater\updater\extract\7z.exe
c:\program files (x86)\WinZip Driver Updater\updater\extract\copying.txt
c:\program files (x86)\WinZip Driver Updater\updater\extract\History.txt
c:\program files (x86)\WinZip Driver Updater\updater\extract\license.txt
c:\program files (x86)\WinZip Driver Updater\updater\extract\readme.txt
c:\programdata\Roaming
c:\users\Lenny\AppData\Local\MSGBOX.EXE
c:\windows\iun6002.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-12-27 do 2015-01-27 )))))))))))))))))))))))))))))))
.
.
2015-01-27 11:57 . 2015-01-27 11:57 -------- d-----w- c:\users\Lenka Nosková\AppData\Local\temp
2015-01-27 11:57 . 2015-01-27 11:57 -------- d-----w- c:\users\Guest\AppData\Local\temp
2015-01-27 11:57 . 2015-01-27 11:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-27 10:35 . 2015-01-27 10:40 -------- d-----w- c:\program files\trend micro
2015-01-27 10:35 . 2015-01-27 10:36 -------- d-----w- C:\rsit
2015-01-18 13:06 . 2015-01-18 13:15 -------- d-----w- c:\program files\Defraggler
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-26 23:11 . 2012-06-19 19:19 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-26 23:11 . 2012-06-19 19:19 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-15 11:31 . 2013-11-03 21:26 113365784 ----a-w- c:\windows\system32\MRT.exe
2014-12-21 05:55 . 2014-12-21 05:55 47096 ----a-w- c:\windows\SysWow64\DiscHandler.exe
2014-12-13 05:09 . 2014-12-18 10:48 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-13 03:33 . 2014-12-18 10:48 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-05 11:50 . 2014-12-05 11:50 4013056 ----a-w- c:\windows\system32\ffmpeg.dll
2014-12-05 11:49 . 2014-12-05 11:49 127488 ----a-w- c:\windows\system32\ff_vfw.dll
2014-12-05 11:49 . 2014-12-05 11:49 4374016 ----a-w- c:\windows\system32\ffdshow.ax
2014-12-05 11:49 . 2014-12-05 11:49 474624 ----a-w- c:\windows\system32\ff_kernelDeint.dll
2014-12-05 11:48 . 2014-12-05 11:48 114688 ----a-w- c:\windows\system32\ff_wmv9.dll
2014-12-05 11:47 . 2014-12-05 11:47 631296 ----a-w- c:\windows\system32\TomsMoComp_ff.dll
2014-12-05 11:47 . 2014-12-05 11:47 156672 ----a-w- c:\windows\system32\ff_libmad.dll
2014-12-05 11:47 . 2014-12-05 11:47 116224 ----a-w- c:\windows\system32\ff_liba52.dll
2014-12-05 11:47 . 2014-12-05 11:47 222720 ----a-w- c:\windows\system32\ff_libdts.dll
2014-12-05 11:47 . 2014-12-05 11:47 1532928 ----a-w- c:\windows\system32\ff_samplerate.dll
2014-12-05 11:47 . 2014-12-05 11:47 183296 ----a-w- c:\windows\system32\ff_unrar.dll
2014-12-05 11:47 . 2014-12-05 11:47 190464 ----a-w- c:\windows\system32\libmpeg2_ff.dll
2014-12-05 11:42 . 2014-12-05 11:42 4015616 ----a-w- c:\windows\SysWow64\ffmpeg.dll
2014-12-05 11:40 . 2014-12-05 11:40 112640 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2014-12-05 11:40 . 2014-12-05 11:40 3502080 ----a-w- c:\windows\SysWow64\ffdshow.ax
2014-12-05 11:39 . 2014-12-05 11:39 99840 ----a-w- c:\windows\SysWow64\ff_wmv9.dll
2014-12-05 11:39 . 2014-12-05 11:39 271360 ----a-w- c:\windows\SysWow64\TomsMoComp_ff.dll
2014-12-05 11:39 . 2014-12-05 11:39 147456 ----a-w- c:\windows\SysWow64\ff_libmad.dll
2014-12-05 11:39 . 2014-12-05 11:39 157184 ----a-w- c:\windows\SysWow64\ff_unrar.dll
2014-12-05 11:39 . 2014-12-05 11:39 1525760 ----a-w- c:\windows\SysWow64\ff_samplerate.dll
2014-12-05 11:39 . 2014-12-05 11:39 211968 ----a-w- c:\windows\SysWow64\ff_libdts.dll
2014-12-05 11:39 . 2014-12-05 11:39 114688 ----a-w- c:\windows\SysWow64\ff_liba52.dll
2014-12-05 11:38 . 2014-12-05 11:38 136704 ----a-w- c:\windows\SysWow64\libmpeg2_ff.dll
2014-12-04 02:50 . 2014-12-11 17:15 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-04 02:50 . 2014-12-11 17:15 741376 ----a-w- c:\windows\system32\invagent.dll
2014-12-04 02:50 . 2014-12-11 17:15 396800 ----a-w- c:\windows\system32\devinv.dll
2014-12-04 02:50 . 2014-12-11 17:15 830976 ----a-w- c:\windows\system32\appraiser.dll
2014-12-04 02:50 . 2014-12-11 17:15 192000 ----a-w- c:\windows\system32\aepic.dll
2014-12-04 02:50 . 2014-12-11 17:15 227328 ----a-w- c:\windows\system32\aepdu.dll
2014-12-04 02:44 . 2014-12-11 17:15 1083392 ----a-w- c:\windows\system32\aeinv.dll
2014-12-01 23:28 . 2014-12-11 17:15 1232040 ----a-w- c:\windows\system32\aitstatic.exe
2014-11-27 01:43 . 2014-12-11 17:14 389296 ----a-w- c:\windows\system32\iedkcs32.dll
2014-11-22 03:13 . 2014-12-11 17:14 25059840 ----a-w- c:\windows\system32\mshtml.dll
2014-11-22 03:06 . 2014-12-11 17:14 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-22 03:06 . 2014-12-11 17:14 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:50 . 2014-12-11 17:14 66560 ----a-w- c:\windows\system32\iesetup.dll
2014-11-22 02:50 . 2014-12-11 17:14 580096 ----a-w- c:\windows\system32\vbscript.dll
2014-11-22 02:49 . 2014-12-11 17:14 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:49 . 2014-12-11 17:14 2885120 ----a-w- c:\windows\system32\iertutil.dll
2014-11-22 02:48 . 2014-12-11 17:14 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-22 02:41 . 2014-12-11 17:14 54784 ----a-w- c:\windows\system32\jsproxy.dll
2014-11-22 02:40 . 2014-12-11 17:14 34304 ----a-w- c:\windows\system32\iernonce.dll
2014-11-22 02:37 . 2014-12-11 17:14 633856 ----a-w- c:\windows\system32\ieui.dll
2014-11-22 02:35 . 2014-12-11 17:14 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-22 02:34 . 2014-12-11 17:14 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-22 02:34 . 2014-12-11 17:14 6039552 ----a-w- c:\windows\system32\jscript9.dll
2014-11-22 02:26 . 2014-12-11 17:14 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 02:22 . 2014-12-11 17:14 490496 ----a-w- c:\windows\system32\dxtmsft.dll
2014-11-22 02:20 . 2014-12-11 17:14 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-11-22 02:14 . 2014-12-11 17:14 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 02:09 . 2014-12-11 17:14 199680 ----a-w- c:\windows\system32\msrating.dll
2014-11-22 02:08 . 2014-12-11 17:14 92160 ----a-w- c:\windows\system32\mshtmled.dll
2014-11-22 02:07 . 2014-12-11 17:14 501248 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-11-22 02:07 . 2014-12-11 17:14 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-11-22 02:06 . 2014-12-11 17:14 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-11 17:14 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-11-22 02:05 . 2014-12-11 17:14 316928 ----a-w- c:\windows\system32\dxtrans.dll
2014-11-22 01:54 . 2014-12-11 17:14 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-11-22 01:49 . 2014-12-11 17:14 718848 ----a-w- c:\windows\system32\ie4uinit.exe
2014-11-22 01:49 . 2014-12-11 17:14 800768 ----a-w- c:\windows\system32\msfeeds.dll
2014-11-22 01:47 . 2014-12-11 17:14 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:46 . 2014-12-11 17:14 2125312 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-22 01:43 . 2014-12-11 17:14 14412800 ----a-w- c:\windows\system32\ieframe.dll
2014-11-22 01:40 . 2014-12-11 17:14 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-11 17:14 4299264 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-11-22 01:28 . 2014-12-11 17:14 2358272 ----a-w- c:\windows\system32\wininet.dll
2014-11-22 01:22 . 2014-12-11 17:14 2052096 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-11-22 01:21 . 2014-12-11 17:14 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:15 . 2014-12-11 17:14 1548288 ----a-w- c:\windows\system32\urlmon.dll
2014-11-22 01:03 . 2014-12-11 17:14 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2014-11-22 01:00 . 2014-12-11 17:14 1888256 ----a-w- c:\windows\SysWow64\wininet.dll
2014-11-19 03:31 . 2014-11-19 03:31 1217192 ----a-w- c:\windows\SysWow64\FM20.DLL
2014-11-16 12:15 . 2014-11-16 12:15 3525120 ----a-w- c:\windows\SysWow64\x264vfw.dll
2014-11-11 03:09 . 2014-12-11 17:14 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-11-11 03:08 . 2014-11-19 11:40 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 11:40 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-12-11 17:14 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44 . 2014-11-19 11:40 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-19 11:40 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-11 01:46 . 2014-12-11 17:14 119296 ----a-w- c:\windows\system32\drivers\tdx.sys
2014-11-08 03:16 . 2014-12-11 17:13 2048 ----a-w- c:\windows\system32\tzres.dll
2014-11-08 02:45 . 2014-12-11 17:13 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-11-04 13:30 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-11-02 04:20 . 2014-11-18 13:46 11632448 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C1A8BAD0-76B3-4253-9B6B-16501543A7D9}\mpengine.dll
2014-10-30 02:03 . 2014-12-11 17:09 165888 ----a-w- c:\windows\system32\charmap.exe
2014-10-30 01:45 . 2014-12-11 17:09 155136 ----a-w- c:\windows\SysWow64\charmap.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-10-23 6501656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-09-12 56128]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2013-11-07 134616]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-08-16 292088]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2012-08-07 12313720]
"IFXSPMGT"="c:\program files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" [2012-04-23 1128312]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2012-11-29 162408]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-07-03 43816]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2014-04-09 185144]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-07-08 152392]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2014-05-16 336672]
"Codec Settings UAC Manager"="c:\windows\system32\C2MP\CodecUACManager.exe" [2014-12-21 60344]
.
c:\users\Lenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2014-3-6 1396440]
CodecPackTrayMenu.lnk - c:\windows\SysWOW64\C2MP\TrayMenu.exe [2014-12-21 208415]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2012-01-31 22:19 75648 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
R2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AMPPALP;Protokol Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys;c:\windows\SYSNATIVE\DRIVERS\btwdpan.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [x]
R3 SmbDrvAMDASF;SmbDrvAMDASF;c:\windows\system32\drivers\Smb_driver_AMDASF.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_AMDASF.sys [x]
R3 SmbDrvIntel;SmbDrvIntel;c:\windows\system32\drivers\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_Intel.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 MfeEpeOpal;MfeEpeOpal; [x]
S0 MfeEpePc;MfeEpePc; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\System32\drivers\psd.sys;c:\windows\SYSNATIVE\drivers\psd.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel® Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]
S2 RoxioBurnLauncher;Roxio Burn Launcher;c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe;c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [x]
S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Virtuální adaptér Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 johci;JMicron 1394 Filter Driver;c:\windows\system32\DRIVERS\johci.sys;c:\windows\SYSNATIVE\DRIVERS\johci.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-27 09:10 1086280 ----a-w- c:\program files (x86)\Google\Chrome\Application\40.0.2214.93\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-01-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-19 23:11]
.
2015-01-25 c:\windows\Tasks\HPCeeScheduleForLenny.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43]
.
2015-01-21 c:\windows\Tasks\Norton Security Scan for Lenny.job
- c:\progra~2\NORTON~2\Engine\410~1.28\Nss.exe [2014-07-27 06:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2012-03-14 15232]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-12-29 2041192]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-09-13 1664000]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5618456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-12-16 21720]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 160.217.1.10 160.217.161.1
FF - ProfilePath - c:\users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\665mq0mc.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM_Wow6432Node-ActiveSetup-{438363A8-F486-4C37-834C-4955773CB3D3} - msiexec
Toolbar-10 - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{9854A5C4-5BE5-46E2-A989-352DD8B37E20}_is1 - c:\program files (x86)\WinZip Driver Updater\unins000.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
AddRemove-SeznamInstall - c:\users\Lenny\AppData\Roaming\Seznam.cz\szninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_296_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_296_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_296_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_296_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-01-27 13:20:13
ComboFix-quarantined-files.txt 2015-01-27 12:20
.
Před spuštěním: Volných bajtů: 235 608 403 968
Po spuštění: Volných bajtů: 235 195 052 032
.
- - End Of File - - 4A8E890923E131EBAE5C01A0A6D4BBB1

Re: Prosím o preventivku

Napsal: 28 led 2015 07:13
od Márty84
:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

File::
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\HPCeeScheduleForLenny.job
c:\windows\Tasks\Norton Security Scan for Lenny.job

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=-

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Driver::
SkypeUpdate

Reboot::
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

:!: Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
:!: Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Re: Prosím o preventivku

Napsal: 28 led 2015 16:09
od Jackie
Nový log:

ComboFix 15-01-27.01 - Lenny 28.01.2015 13:03:56.2.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8125.4671 [GMT 1:00]
Spuštěný z: c:\users\Lenny\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Lenny\Desktop\CFScript.txt
AV: ESET Smart Security 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\HPCeeScheduleForLenny.job"
"c:\windows\Tasks\Norton Security Scan for Lenny.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\HPCeeScheduleForLenny.job
c:\windows\Tasks\Norton Security Scan for Lenny.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-12-28 do 2015-01-28 )))))))))))))))))))))))))))))))
.
.
2015-01-28 12:16 . 2015-01-28 12:16 -------- d-----w- c:\users\Lenka Nosková\AppData\Local\temp
2015-01-28 12:16 . 2015-01-28 12:16 -------- d-----w- c:\users\Guest\AppData\Local\temp
2015-01-28 12:16 . 2015-01-28 12:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-27 10:35 . 2015-01-27 10:40 -------- d-----w- c:\program files\trend micro
2015-01-27 10:35 . 2015-01-27 10:36 -------- d-----w- C:\rsit
2015-01-18 13:06 . 2015-01-18 13:15 -------- d-----w- c:\program files\Defraggler
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-26 23:11 . 2012-06-19 19:19 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-26 23:11 . 2012-06-19 19:19 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-15 11:31 . 2013-11-03 21:26 113365784 ----a-w- c:\windows\system32\MRT.exe
2014-12-21 05:55 . 2014-12-21 05:55 47096 ----a-w- c:\windows\SysWow64\DiscHandler.exe
2014-12-13 05:09 . 2014-12-18 10:48 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-13 03:33 . 2014-12-18 10:48 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-05 11:50 . 2014-12-05 11:50 4013056 ----a-w- c:\windows\system32\ffmpeg.dll
2014-12-05 11:49 . 2014-12-05 11:49 127488 ----a-w- c:\windows\system32\ff_vfw.dll
2014-12-05 11:49 . 2014-12-05 11:49 4374016 ----a-w- c:\windows\system32\ffdshow.ax
2014-12-05 11:49 . 2014-12-05 11:49 474624 ----a-w- c:\windows\system32\ff_kernelDeint.dll
2014-12-05 11:48 . 2014-12-05 11:48 114688 ----a-w- c:\windows\system32\ff_wmv9.dll
2014-12-05 11:47 . 2014-12-05 11:47 631296 ----a-w- c:\windows\system32\TomsMoComp_ff.dll
2014-12-05 11:47 . 2014-12-05 11:47 156672 ----a-w- c:\windows\system32\ff_libmad.dll
2014-12-05 11:47 . 2014-12-05 11:47 116224 ----a-w- c:\windows\system32\ff_liba52.dll
2014-12-05 11:47 . 2014-12-05 11:47 222720 ----a-w- c:\windows\system32\ff_libdts.dll
2014-12-05 11:47 . 2014-12-05 11:47 1532928 ----a-w- c:\windows\system32\ff_samplerate.dll
2014-12-05 11:47 . 2014-12-05 11:47 183296 ----a-w- c:\windows\system32\ff_unrar.dll
2014-12-05 11:47 . 2014-12-05 11:47 190464 ----a-w- c:\windows\system32\libmpeg2_ff.dll
2014-12-05 11:42 . 2014-12-05 11:42 4015616 ----a-w- c:\windows\SysWow64\ffmpeg.dll
2014-12-05 11:40 . 2014-12-05 11:40 112640 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2014-12-05 11:40 . 2014-12-05 11:40 3502080 ----a-w- c:\windows\SysWow64\ffdshow.ax
2014-12-05 11:39 . 2014-12-05 11:39 99840 ----a-w- c:\windows\SysWow64\ff_wmv9.dll
2014-12-05 11:39 . 2014-12-05 11:39 271360 ----a-w- c:\windows\SysWow64\TomsMoComp_ff.dll
2014-12-05 11:39 . 2014-12-05 11:39 147456 ----a-w- c:\windows\SysWow64\ff_libmad.dll
2014-12-05 11:39 . 2014-12-05 11:39 157184 ----a-w- c:\windows\SysWow64\ff_unrar.dll
2014-12-05 11:39 . 2014-12-05 11:39 1525760 ----a-w- c:\windows\SysWow64\ff_samplerate.dll
2014-12-05 11:39 . 2014-12-05 11:39 211968 ----a-w- c:\windows\SysWow64\ff_libdts.dll
2014-12-05 11:39 . 2014-12-05 11:39 114688 ----a-w- c:\windows\SysWow64\ff_liba52.dll
2014-12-05 11:38 . 2014-12-05 11:38 136704 ----a-w- c:\windows\SysWow64\libmpeg2_ff.dll
2014-12-04 02:50 . 2014-12-11 17:15 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-04 02:50 . 2014-12-11 17:15 741376 ----a-w- c:\windows\system32\invagent.dll
2014-12-04 02:50 . 2014-12-11 17:15 396800 ----a-w- c:\windows\system32\devinv.dll
2014-12-04 02:50 . 2014-12-11 17:15 830976 ----a-w- c:\windows\system32\appraiser.dll
2014-12-04 02:50 . 2014-12-11 17:15 192000 ----a-w- c:\windows\system32\aepic.dll
2014-12-04 02:50 . 2014-12-11 17:15 227328 ----a-w- c:\windows\system32\aepdu.dll
2014-12-04 02:44 . 2014-12-11 17:15 1083392 ----a-w- c:\windows\system32\aeinv.dll
2014-12-01 23:28 . 2014-12-11 17:15 1232040 ----a-w- c:\windows\system32\aitstatic.exe
2014-11-27 01:43 . 2014-12-11 17:14 389296 ----a-w- c:\windows\system32\iedkcs32.dll
2014-11-22 03:13 . 2014-12-11 17:14 25059840 ----a-w- c:\windows\system32\mshtml.dll
2014-11-22 03:06 . 2014-12-11 17:14 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-22 03:06 . 2014-12-11 17:14 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:50 . 2014-12-11 17:14 66560 ----a-w- c:\windows\system32\iesetup.dll
2014-11-22 02:50 . 2014-12-11 17:14 580096 ----a-w- c:\windows\system32\vbscript.dll
2014-11-22 02:49 . 2014-12-11 17:14 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:49 . 2014-12-11 17:14 2885120 ----a-w- c:\windows\system32\iertutil.dll
2014-11-22 02:48 . 2014-12-11 17:14 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-22 02:41 . 2014-12-11 17:14 54784 ----a-w- c:\windows\system32\jsproxy.dll
2014-11-22 02:40 . 2014-12-11 17:14 34304 ----a-w- c:\windows\system32\iernonce.dll
2014-11-22 02:37 . 2014-12-11 17:14 633856 ----a-w- c:\windows\system32\ieui.dll
2014-11-22 02:35 . 2014-12-11 17:14 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-22 02:34 . 2014-12-11 17:14 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-22 02:34 . 2014-12-11 17:14 6039552 ----a-w- c:\windows\system32\jscript9.dll
2014-11-22 02:26 . 2014-12-11 17:14 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 02:22 . 2014-12-11 17:14 490496 ----a-w- c:\windows\system32\dxtmsft.dll
2014-11-22 02:20 . 2014-12-11 17:14 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-11-22 02:14 . 2014-12-11 17:14 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 02:09 . 2014-12-11 17:14 199680 ----a-w- c:\windows\system32\msrating.dll
2014-11-22 02:08 . 2014-12-11 17:14 92160 ----a-w- c:\windows\system32\mshtmled.dll
2014-11-22 02:07 . 2014-12-11 17:14 501248 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-11-22 02:07 . 2014-12-11 17:14 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-11-22 02:06 . 2014-12-11 17:14 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-11 17:14 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-11-22 02:05 . 2014-12-11 17:14 316928 ----a-w- c:\windows\system32\dxtrans.dll
2014-11-22 01:54 . 2014-12-11 17:14 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-11-22 01:49 . 2014-12-11 17:14 718848 ----a-w- c:\windows\system32\ie4uinit.exe
2014-11-22 01:49 . 2014-12-11 17:14 800768 ----a-w- c:\windows\system32\msfeeds.dll
2014-11-22 01:47 . 2014-12-11 17:14 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:46 . 2014-12-11 17:14 2125312 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-22 01:43 . 2014-12-11 17:14 14412800 ----a-w- c:\windows\system32\ieframe.dll
2014-11-22 01:40 . 2014-12-11 17:14 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-11 17:14 4299264 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-11-22 01:28 . 2014-12-11 17:14 2358272 ----a-w- c:\windows\system32\wininet.dll
2014-11-22 01:22 . 2014-12-11 17:14 2052096 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-11-22 01:21 . 2014-12-11 17:14 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:15 . 2014-12-11 17:14 1548288 ----a-w- c:\windows\system32\urlmon.dll
2014-11-22 01:03 . 2014-12-11 17:14 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2014-11-22 01:00 . 2014-12-11 17:14 1888256 ----a-w- c:\windows\SysWow64\wininet.dll
2014-11-19 03:31 . 2014-11-19 03:31 1217192 ----a-w- c:\windows\SysWow64\FM20.DLL
2014-11-16 12:15 . 2014-11-16 12:15 3525120 ----a-w- c:\windows\SysWow64\x264vfw.dll
2014-11-11 03:09 . 2014-12-11 17:14 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-11-11 03:08 . 2014-11-19 11:40 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 11:40 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-12-11 17:14 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44 . 2014-11-19 11:40 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-19 11:40 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-11 01:46 . 2014-12-11 17:14 119296 ----a-w- c:\windows\system32\drivers\tdx.sys
2014-11-08 03:16 . 2014-12-11 17:13 2048 ----a-w- c:\windows\system32\tzres.dll
2014-11-08 02:45 . 2014-12-11 17:13 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-11-04 13:30 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-11-02 04:20 . 2014-11-18 13:46 11632448 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C1A8BAD0-76B3-4253-9B6B-16501543A7D9}\mpengine.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-09-12 56128]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2013-11-07 134616]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-08-16 292088]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2012-08-07 12313720]
"IFXSPMGT"="c:\program files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" [2012-04-23 1128312]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2012-11-29 162408]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-07-03 43816]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2014-04-09 185144]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-07-08 152392]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2014-05-16 336672]
"Codec Settings UAC Manager"="c:\windows\system32\C2MP\CodecUACManager.exe" [2014-12-21 60344]
.
c:\users\Lenny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2014-3-6 1396440]
CodecPackTrayMenu.lnk - c:\windows\SysWOW64\C2MP\TrayMenu.exe [2014-12-21 208415]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2012-01-31 22:19 75648 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AMPPALP;Protokol Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys;c:\windows\SYSNATIVE\DRIVERS\btwdpan.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [x]
R3 SmbDrvAMDASF;SmbDrvAMDASF;c:\windows\system32\drivers\Smb_driver_AMDASF.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_AMDASF.sys [x]
R3 SmbDrvIntel;SmbDrvIntel;c:\windows\system32\drivers\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_Intel.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 MfeEpeOpal;MfeEpeOpal; [x]
S0 MfeEpePc;MfeEpePc; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\System32\drivers\psd.sys;c:\windows\SYSNATIVE\drivers\psd.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel® Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]
S2 RoxioBurnLauncher;Roxio Burn Launcher;c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe;c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [x]
S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Virtuální adaptér Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 johci;JMicron 1394 Filter Driver;c:\windows\system32\DRIVERS\johci.sys;c:\windows\SYSNATIVE\DRIVERS\johci.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-27 09:10 1086280 ----a-w- c:\program files (x86)\Google\Chrome\Application\40.0.2214.93\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2012-03-14 15232]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-12-29 2041192]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-09-13 1664000]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5618456]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-12-16 21720]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 160.217.1.10 160.217.161.1
FF - ProfilePath - c:\users\Lenny\AppData\Roaming\Mozilla\Firefox\Profiles\665mq0mc.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_296_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_296_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
c:\program files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
c:\program files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
c:\windows\SysWOW64\RunDll32.exe
c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\program files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
.
**************************************************************************
.
Celkový čas: 2015-01-28 14:37:57 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-01-28 13:37
ComboFix2.txt 2015-01-27 12:20
.
Před spuštěním: Volných bajtů: 233 841 471 488
Po spuštění: Volných bajtů: 232 877 146 112
.
- - End Of File - - 2250B8CBE497934BD602DEBC0D507D47

Re: Prosím o preventivku

Napsal: 28 led 2015 18:42
od Márty84
:arrow: Prejmenujte ComboFix na Uninstall a spustte ho jako spravce. CF by se mel odinstalovat.

:???: Nastala nejaka zmena?



15.2. pro neaktivitu :lock: http://forum.viry.cz/viewtopic.php?f=12&t=123975
Všechny časy jsou v UTC+01:00
Stránka 2 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz