Windows se za necelou minutu vypne

Zpráva

scrapydoo · #1 Příspěvek od **scrapydoo** » 25 úno 2014 01:05

Dobrý den,
Mám takový problém do počítače se mi dostal vir. nejdříve se začali otevírat všelijaká okna ani nevím jaká raději jsem hned vypnul notebook a když jsem ho opět zapnul po uvítací obrazovce začínají nabíhat programy po spuštění a spolu s nimi i okno "Sytém Windows se za necelou minutu vypne. Použil jsem shutdown /a takže alespoň jsem projel počítač AVGfee které ale nic nenašlo to samé platí malwate a spyware scaning programy. Zkoušel jsem spustit AVG rescue,ale nešel mi nahrát (mount) disk C registruje to pouze fleshku ze které progran bootuji.
Prosím o pomoc mám na počítači všecho a nerad bych ho přeinstalovával.

PS: přikládám FRST log snad je to to co potřebujete.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-02-2014 01
Ran by Kika (administrator) on KIKADELL on 24-02-2014 23:53:03
Running from C:\Users\Kika\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(arvato digital services llc) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros Communications) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dell Products, LP.) c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Ghisler Software GmbH) C:\Program Files (x86)\Totalcmd\TOTALCMD.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2890000 2012-03-16] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-03-13] (IDT, Inc.)
HKLM\...\Run: [QuickSet] - c:\Program Files\Dell\QuickSet\QuickSet.exe [3732848 2012-02-24] (Dell Inc.)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [1021056 2012-03-09] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe [800896 2012-03-09] (Atheros Commnucations)
HKLM\...\Run: [Stage Remote] - C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2034752 2011-08-08] ()
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [DellStage] - C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] ()
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [577024 2012-03-06] (Creative Technology Ltd)
HKLM-x32\...\Run: [Dell DataSafe Online] - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-26] (Dell, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NeroLauncher] - C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [66872 2012-03-10] ()
HKLM-x32\...\Run: [AccuWeatherWidget] - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1686528 2012-03-27] (Wondershare)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [MSStp] - C:\Windows\SysWOW64\msstp.vbe [1419 2014-01-19] ()
HKLM-x32\...\Run: [mncucnftSrv] - C:\Windows\inf\mncucnft.vbe [1342 2014-01-19] ()
HKLM-x32\...\Run: [VRRRRC] - C:\Windows\SysWOW64\shutdown.exe [30720 2009-07-14] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-795934127-2903576177-1760335905-1000\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-795934127-2903576177-1760335905-1000\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-795934127-2903576177-1760335905-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-795934127-2903576177-1760335905-1000\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-21-795934127-2903576177-1760335905-1000\...\Policies\Explorer: []

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.mojebanka.cz/InternetBanking/?L=CS
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/defau ... l=cs&s=bsd
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {28998AA1-8CDF-46DB-8453-396DE9D2F8A6} URL =
SearchScopes: HKCU - {28998AA1-8CDF-46DB-8453-396DE9D2F8A6} URL =
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 172.17.8.1

FireFox:
========
FF ProfilePath: C:\Users\Kika\AppData\Roaming\Mozilla\Firefox\Profiles\zbla8e5i.default
FF Homepage: hxxp://www.seznam.cz/
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Super Hide IP - C:\Users\Kika\AppData\Roaming\Mozilla\Firefox\Profiles\zbla8e5i.default\Extensions\support@super-hide-ip.com.xpi [2014-01-02]

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143088 2013-05-07] (SUPERAntiSpyware.com)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193536 2012-03-28] (Intel Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [159360 2012-03-09] (Atheros)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-03-28] (Atheros)

==================== Drivers (Whitelisted) ====================

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [240920 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [194872 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
S3 BthMtpEnum; C:\Windows\System32\DRIVERS\BthMtpEnum.sys [64512 2009-07-14] (Microsoft Corporation)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-06] (Disc Soft Ltd)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2012-03-28] (Intel Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [21264 2012-03-16] (Synaptics Incorporated)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-02-06] (Duplex Secure Ltd.)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-02-24 23:53 - 2014-02-24 23:53 - 00016566 _____ () C:\Users\Kika\Desktop\FRST.txt
2014-02-24 23:47 - 2014-02-24 23:47 - 00047155 _____ () C:\Users\Kika\Desktop\FRST3.txt
2014-02-24 23:46 - 2014-02-24 23:48 - 00045176 _____ () C:\Users\Kika\Desktop\Addition.txt
2014-02-24 23:45 - 2014-02-24 23:53 - 00000000 ____D () C:\FRST
2014-02-24 23:44 - 2014-02-24 23:44 - 00112640 _____ () C:\Users\Kika\Desktop\FRSTLauncher.exe
2014-02-24 23:44 - 2014-02-24 23:43 - 02156032 _____ (Farbar) C:\Users\Kika\Desktop\FRST64.exe
2014-02-24 23:43 - 2014-02-24 23:44 - 00112640 _____ () C:\Users\Kika\Downloads\FRSTLauncher.exe
2014-02-24 23:42 - 2014-02-24 23:43 - 02156032 _____ (Farbar) C:\Users\Kika\Downloads\FRST64.exe
2014-02-24 22:10 - 2014-02-24 22:11 - 00000000 ____D () C:\Users\Kika\Downloads\avg_arl_ffi_all_120_140203a7055
2014-02-24 22:02 - 2014-02-24 22:10 - 145678712 _____ () C:\Users\Kika\Downloads\avg_arl_ffi_all_120_140203a7055.zip
2014-02-24 21:48 - 2014-02-24 23:09 - 00000348 _____ () C:\Users\Kika\rgmnr
2014-02-24 20:56 - 2014-01-19 19:57 - 00001419 ____S () C:\Windows\SysWOW64\msstp.vbe
2014-02-23 13:06 - 2014-02-24 12:20 - 00000000 ____D () C:\Users\Kika\Downloads\Lost.Girl.S02
2014-02-22 19:06 - 2014-02-22 19:06 - 00000000 ____D () C:\Users\Kika\AppData\Roaming\Reallusion
2014-02-20 15:24 - 2014-02-20 15:41 - 00187544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xliveinstall.dll
2014-02-20 15:05 - 2014-02-20 15:05 - 00235944 _____ (Valve Corporation) C:\Windows\SysWOW64\vstdlib_s.dll
2014-02-20 15:05 - 2014-02-20 15:05 - 00228600 _____ (Valve Corporation) C:\Windows\SysWOW64\tier0_s.dll
2014-02-20 14:56 - 2014-02-22 14:56 - 00000290 _____ () C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job
2014-02-20 14:56 - 2014-02-21 08:37 - 00000274 _____ () C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2014-02-20 14:56 - 2014-02-20 14:56 - 00003028 _____ () C:\Windows\System32\Tasks\DLL-Files.Com Fixer_Updates
2014-02-20 14:56 - 2014-02-20 14:56 - 00003014 _____ () C:\Windows\System32\Tasks\DLL-Files.Com Fixer_MONTHLY
2014-02-20 14:56 - 2014-02-20 14:56 - 00000000 ____D () C:\Users\Kika\AppData\Roaming\dll-files.com
2014-02-20 14:55 - 2014-02-20 14:56 - 00000000 ____D () C:\Program Files (x86)\Dll-Files.com Fixer
2014-02-20 14:55 - 2014-02-20 14:55 - 00001050 _____ () C:\Users\Public\Desktop\Dll-Files Fixer.lnk
2014-02-20 14:46 - 2014-02-24 20:42 - 02335480 _____ (Valve Corporation) C:\Windows\SysWOW64\steamclient.dll
2014-02-20 14:46 - 2013-11-25 14:44 - 00019392 _____ (Dll-Files.com) C:\Windows\system32\roboot64.exe
2014-02-17 22:32 - 2014-02-19 13:51 - 00000000 ____D () C:\Users\Kika\Downloads\The Croods
2014-02-14 09:19 - 2014-02-14 09:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 03:02 - 2013-12-21 09:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 03:02 - 2013-12-21 08:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-14 03:01 - 2014-02-06 12:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 03:01 - 2014-02-06 11:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 03:01 - 2014-02-06 11:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-14 03:01 - 2014-02-06 11:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 03:01 - 2014-02-06 11:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-14 03:01 - 2014-02-06 11:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-14 03:01 - 2014-02-06 10:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 03:01 - 2014-02-06 10:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-14 03:01 - 2014-02-06 10:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-14 03:01 - 2014-02-06 10:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-14 03:01 - 2014-02-06 10:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-14 03:01 - 2014-02-06 10:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-14 03:01 - 2014-02-06 10:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-14 03:01 - 2014-02-06 10:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-14 03:01 - 2014-02-06 10:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-14 03:01 - 2014-02-06 10:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-14 03:01 - 2014-02-06 10:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 03:01 - 2014-02-06 10:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-14 03:01 - 2014-02-06 10:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-14 03:01 - 2014-02-06 09:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-14 03:01 - 2014-02-06 09:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 03:01 - 2014-02-06 09:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-14 03:01 - 2014-02-06 09:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-14 03:01 - 2014-02-06 09:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-14 03:01 - 2014-02-06 09:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-14 03:01 - 2014-02-06 09:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-14 03:01 - 2014-02-06 09:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-14 03:01 - 2014-02-06 09:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-14 03:01 - 2014-02-06 09:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-14 03:01 - 2014-02-06 09:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 03:01 - 2014-02-06 09:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 03:01 - 2014-02-06 09:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-14 03:01 - 2014-02-06 09:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-14 03:01 - 2014-02-06 09:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-14 03:01 - 2014-02-06 08:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 03:01 - 2014-02-06 08:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-14 03:01 - 2014-02-06 08:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-14 03:01 - 2014-02-06 08:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-14 03:01 - 2014-02-06 08:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 22:04 - 2013-12-31 23:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 22:04 - 2013-12-31 23:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 22:04 - 2013-12-06 02:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 22:04 - 2013-12-06 02:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 22:04 - 2013-12-06 02:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 22:04 - 2013-12-06 02:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 22:04 - 2013-12-04 02:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 22:04 - 2013-12-04 02:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 22:04 - 2013-12-04 02:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 22:04 - 2013-12-04 02:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 22:04 - 2013-12-04 01:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 22:04 - 2013-12-04 01:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 22:04 - 2013-12-04 01:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 22:04 - 2013-12-04 01:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 22:03 - 2013-12-24 23:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 22:03 - 2013-12-24 22:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 22:03 - 2013-12-04 02:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 22:03 - 2013-12-04 02:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 22:03 - 2013-12-04 02:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 22:03 - 2013-12-04 02:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 22:03 - 2013-12-04 02:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 22:03 - 2013-12-04 02:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 22:03 - 2013-12-04 02:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 22:03 - 2013-12-04 02:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 22:03 - 2013-12-04 02:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 22:03 - 2013-12-04 02:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 22:03 - 2013-11-26 08:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 22:03 - 2013-11-22 22:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-06 09:51 - 2014-02-06 09:51 - 00001912 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-02-06 09:50 - 2014-02-06 09:50 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-02-06 09:49 - 2014-02-06 09:50 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-02-04 00:27 - 2014-02-24 23:08 - 00001120 _____ () C:\Windows\setupact.log
2014-02-04 00:27 - 2014-02-04 00:27 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-02 12:45 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-02-02 12:45 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2014-02-02 12:45 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2014-02-02 12:45 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2014-02-02 12:45 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-02-02 12:36 - 2014-02-02 12:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2014-01-27 14:18 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-27 14:17 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-27 14:17 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-27 14:17 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-27 14:16 - 2014-01-27 14:17 - 00005175 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-27 14:12 - 2014-01-27 14:12 - 00003230 _____ () C:\Windows\System32\Tasks\SidebarExecute
2014-01-27 14:12 - 2014-01-27 14:12 - 00000939 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-01-27 14:12 - 2014-01-27 14:12 - 00000000 ____D () C:\Users\Kika\AppData\Roaming\TuneUp Software
2014-01-27 14:12 - 2014-01-27 14:12 - 00000000 ____D () C:\Users\Kika\AppData\Roaming\AVG2014
2014-01-27 14:11 - 2014-01-27 23:06 - 00000000 ____D () C:\ProgramData\AVG2014
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 ___HD () C:\$AVG
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-01-27 14:05 - 2014-02-24 18:35 - 00000000 ____D () C:\ProgramData\MFAData
2014-01-27 14:05 - 2014-01-27 14:14 - 00000000 ____D () C:\Users\Kika\AppData\Local\Avg2014
2014-01-27 14:05 - 2014-01-27 14:05 - 00000000 ____D () C:\Users\Kika\AppData\Local\MFAData
2014-01-25 21:01 - 2014-01-25 21:01 - 00001745 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-01-25 21:00 - 2014-01-25 21:01 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-25 21:00 - 2014-01-25 21:01 - 00000000 ____D () C:\Program Files\iTunes
2014-01-25 21:00 - 2014-01-25 21:01 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-25 21:00 - 2014-01-25 21:00 - 00000000 ____D () C:\Program Files\iPod

==================== One Month Modified Files and Folders =======

2014-02-24 23:53 - 2014-02-24 23:53 - 00016566 _____ () C:\Users\Kika\Desktop\FRST.txt
2014-02-24 23:53 - 2014-02-24 23:45 - 00000000 ____D () C:\FRST
2014-02-24 23:48 - 2014-02-24 23:46 - 00045176 _____ () C:\Users\Kika\Desktop\Addition.txt
2014-02-24 23:47 - 2014-02-24 23:47 - 00047155 _____ () C:\Users\Kika\Desktop\FRST3.txt
2014-02-24 23:44 - 2014-02-24 23:44 - 00112640 _____ () C:\Users\Kika\Desktop\FRSTLauncher.exe
2014-02-24 23:44 - 2014-02-24 23:43 - 00112640 _____ () C:\Users\Kika\Downloads\FRSTLauncher.exe
2014-02-24 23:43 - 2014-02-24 23:44 - 02156032 _____ (Farbar) C:\Users\Kika\Desktop\FRST64.exe
2014-02-24 23:43 - 2014-02-24 23:42 - 02156032 _____ (Farbar) C:\Users\Kika\Downloads\FRST64.exe
2014-02-24 23:19 - 2012-09-22 06:04 - 01922475 _____ () C:\Windows\WindowsUpdate.log
2014-02-24 23:15 - 2010-11-21 09:27 - 12172928 _____ () C:\Windows\system32\perfh005.dat
2014-02-24 23:15 - 2010-11-21 09:27 - 04204708 _____ () C:\Windows\system32\perfc005.dat
2014-02-24 23:15 - 2009-07-14 05:13 - 00006252 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-24 23:15 - 2009-07-14 04:45 - 00035040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-24 23:15 - 2009-07-14 04:45 - 00035040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-24 23:11 - 2012-10-11 17:30 - 00000000 ____D () C:\Users\Kika\AppData\Local\CrashDumps
2014-02-24 23:09 - 2014-02-24 21:48 - 00000348 _____ () C:\Users\Kika\rgmnr
2014-02-24 23:08 - 2014-02-04 00:27 - 00001120 _____ () C:\Windows\setupact.log
2014-02-24 23:08 - 2013-12-02 11:29 - 00000198 _____ () C:\Windows\Tasks\AutoKMS.job
2014-02-24 23:08 - 2012-09-22 13:44 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-02-24 23:08 - 2012-09-22 13:44 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-02-24 23:08 - 2012-09-22 13:37 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-02-24 23:08 - 2012-09-22 13:31 - 00003284 _____ () C:\Windows\System32\Tasks\Intel® Rapid Start Technology Manager
2014-02-24 23:08 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-24 22:11 - 2014-02-24 22:10 - 00000000 ____D () C:\Users\Kika\Downloads\avg_arl_ffi_all_120_140203a7055
2014-02-24 22:10 - 2014-02-24 22:02 - 145678712 _____ () C:\Users\Kika\Downloads\avg_arl_ffi_all_120_140203a7055.zip
2014-02-24 22:04 - 2012-09-22 13:10 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-24 21:48 - 2012-10-11 16:58 - 00000000 ____D () C:\Users\Kika
2014-02-24 21:32 - 2012-10-12 07:35 - 00000000 ____D () C:\Users\Kika\Documents\Soubory aplikace Outlook
2014-02-24 20:42 - 2014-02-20 14:46 - 02335480 _____ (Valve Corporation) C:\Windows\SysWOW64\steamclient.dll
2014-02-24 20:12 - 2013-10-21 09:13 - 00000000 ____D () C:\Users\Kika\AppData\Local\54D082D7-9EC3-4E3E-A35D-894044BE011E.aplzod
2014-02-24 18:35 - 2014-01-27 14:05 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-24 17:21 - 2012-10-11 17:28 - 00000000 ____D () C:\Users\Kika\AppData\Roaming\DAEMON Tools Lite
2014-02-24 13:08 - 2012-10-14 08:02 - 00000000 ____D () C:\Users\Kika\AppData\Roaming\Skype
2014-02-24 12:26 - 2012-10-11 18:25 - 00000000 ____D () C:\Users\Kika\AppData\Roaming\uTorrent
2014-02-24 12:25 - 2013-12-02 11:08 - 00000226 _____ () C:\Windows\Tasks\AutoRearmDaily.job
2014-02-24 12:20 - 2014-02-23 13:06 - 00000000 ____D () C:\Users\Kika\Downloads\Lost.Girl.S02
2014-02-23 12:26 - 2013-06-06 15:16 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-02-23 12:26 - 2013-06-06 15:15 - 00000000 ____D () C:\Program Files\My Dell
2014-02-23 12:26 - 2012-10-12 12:00 - 00000000 ____D () C:\ProgramData\PCDr
2014-02-23 08:11 - 2013-05-11 14:27 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-02-22 19:06 - 2014-02-22 19:06 - 00000000 ____D () C:\Users\Kika\AppData\Roaming\Reallusion
2014-02-22 19:06 - 2014-01-11 20:06 - 00000000 ____D () C:\ProgramData\Creative
2014-02-22 14:56 - 2014-02-20 14:56 - 00000290 _____ () C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job
2014-02-21 19:07 - 2013-11-21 14:36 - 00000000 ___RD () C:\Users\Kika\Dropbox
2014-02-21 13:05 - 2012-09-22 13:10 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 13:05 - 2012-09-22 13:10 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-21 13:05 - 2012-09-22 13:10 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-21 10:03 - 2013-11-21 14:20 - 00000000 ____D () C:\Users\Kika\AppData\Roaming\Dropbox
2014-02-21 09:09 - 2012-10-23 04:41 - 00000000 ____D () C:\Users\Kika\Documents\Škola
2014-02-21 08:41 - 2012-10-12 07:36 - 00000000 ____D () C:\Users\Kika\AppData\Local\Deployment
2014-02-21 08:37 - 2014-02-20 14:56 - 00000274 _____ () C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2014-02-21 08:37 - 2009-07-14 05:08 - 00032588 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-20 15:41 - 2014-02-20 15:24 - 00187544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xliveinstall.dll
2014-02-20 15:40 - 2007-04-17 15:34 - 15453832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xlive.dll
2014-02-20 15:05 - 2014-02-20 15:05 - 00235944 _____ (Valve Corporation) C:\Windows\SysWOW64\vstdlib_s.dll
2014-02-20 15:05 - 2014-02-20 15:05 - 00228600 _____ (Valve Corporation) C:\Windows\SysWOW64\tier0_s.dll
2014-02-20 14:56 - 2014-02-20 14:56 - 00003028 _____ () C:\Windows\System32\Tasks\DLL-Files.Com Fixer_Updates
2014-02-20 14:56 - 2014-02-20 14:56 - 00003014 _____ () C:\Windows\System32\Tasks\DLL-Files.Com Fixer_MONTHLY
2014-02-20 14:56 - 2014-02-20 14:56 - 00000000 ____D () C:\Users\Kika\AppData\Roaming\dll-files.com
2014-02-20 14:56 - 2014-02-20 14:55 - 00000000 ____D () C:\Program Files (x86)\Dll-Files.com Fixer
2014-02-20 14:55 - 2014-02-20 14:55 - 00001050 _____ () C:\Users\Public\Desktop\Dll-Files Fixer.lnk
2014-02-19 13:51 - 2014-02-17 22:32 - 00000000 ____D () C:\Users\Kika\Downloads\The Croods
2014-02-19 12:37 - 2012-10-12 12:18 - 00000000 ____D () C:\Users\Kika\Documents\Práce
2014-02-18 21:54 - 2013-07-17 01:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-18 21:53 - 2012-10-14 08:36 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-17 15:24 - 2012-11-02 20:57 - 00000000 ____D () C:\Users\Kika\TvShows
2014-02-17 14:38 - 2012-10-11 17:57 - 00000000 ____D () C:\Users\Kika\AppData\Local\Microsoft Help
2014-02-16 18:18 - 2012-10-11 17:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-14 09:19 - 2014-02-14 09:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 03:15 - 2012-10-11 17:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-14 03:03 - 2009-07-14 02:34 - 00000510 _____ () C:\Windows\win.ini
2014-02-08 20:32 - 2013-11-21 14:36 - 00000978 _____ () C:\Users\Kika\Desktop\Dropbox.lnk
2014-02-08 20:32 - 2013-11-21 14:34 - 00000000 ____D () C:\Users\Kika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-02-06 15:12 - 2010-11-21 03:47 - 00060136 _____ () C:\Windows\PFRO.log
2014-02-06 12:16 - 2014-02-14 03:01 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 11:30 - 2014-02-14 03:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 11:30 - 2014-02-14 03:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 11:12 - 2014-02-14 03:01 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 11:07 - 2014-02-14 03:01 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 11:06 - 2014-02-14 03:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-14 03:01 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 10:56 - 2014-02-14 03:01 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 10:52 - 2014-02-14 03:01 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 10:49 - 2014-02-14 03:01 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 10:48 - 2014-02-14 03:01 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 10:48 - 2014-02-14 03:01 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 10:38 - 2014-02-14 03:01 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 10:32 - 2014-02-14 03:01 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 10:20 - 2014-02-14 03:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 10:17 - 2014-02-14 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 10:11 - 2014-02-14 03:01 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 10:01 - 2014-02-14 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 10:00 - 2014-02-14 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 09:57 - 2014-02-14 03:01 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 09:57 - 2014-02-14 03:01 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 09:52 - 2014-02-14 03:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 09:52 - 2014-02-14 03:01 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 09:51 - 2014-02-06 09:51 - 00001912 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-02-06 09:50 - 2014-02-14 03:01 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 09:50 - 2014-02-06 09:50 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-02-06 09:50 - 2014-02-06 09:49 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-02-06 09:49 - 2014-02-14 03:01 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 09:47 - 2014-02-14 03:01 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 09:46 - 2014-02-14 03:01 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 09:25 - 2014-02-14 03:01 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 09:25 - 2014-02-14 03:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 09:24 - 2014-02-14 03:01 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 09:22 - 2014-02-14 03:01 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 09:13 - 2014-02-14 03:01 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 09:09 - 2014-02-14 03:01 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 09:03 - 2014-02-14 03:01 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 08:55 - 2014-02-14 03:01 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 08:41 - 2014-02-14 03:01 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 08:40 - 2014-02-14 03:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 08:36 - 2014-02-14 03:01 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 08:34 - 2014-02-14 03:01 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-04 00:27 - 2014-02-04 00:27 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-02 12:52 - 2014-02-02 12:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2014-02-02 12:35 - 2012-10-13 09:35 - 00000000 ____D () C:\Windows\Minidump
2014-01-27 23:06 - 2014-01-27 14:11 - 00000000 ____D () C:\ProgramData\AVG2014
2014-01-27 14:18 - 2013-12-19 20:59 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-27 14:17 - 2014-01-27 14:16 - 00005175 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-27 14:17 - 2013-06-22 06:29 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-27 14:14 - 2014-01-27 14:05 - 00000000 ____D () C:\Users\Kika\AppData\Local\Avg2014
2014-01-27 14:12 - 2014-01-27 14:12 - 00003230 _____ () C:\Windows\System32\Tasks\SidebarExecute
2014-01-27 14:12 - 2014-01-27 14:12 - 00000939 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-01-27 14:12 - 2014-01-27 14:12 - 00000000 ____D () C:\Users\Kika\AppData\Roaming\TuneUp Software
2014-01-27 14:12 - 2014-01-27 14:12 - 00000000 ____D () C:\Users\Kika\AppData\Roaming\AVG2014
2014-01-27 14:11 - 2014-01-27 14:11 - 00000000 ___HD () C:\$AVG
2014-01-27 14:08 - 2014-01-27 14:08 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-01-27 14:05 - 2014-01-27 14:05 - 00000000 ____D () C:\Users\Kika\AppData\Local\MFAData
2014-01-26 19:14 - 2012-09-22 13:43 - 00000000 ____D () C:\Program Files (x86)\Creative
2014-01-25 21:01 - 2014-01-25 21:01 - 00001745 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-01-25 21:01 - 2014-01-25 21:00 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-25 21:01 - 2014-01-25 21:00 - 00000000 ____D () C:\Program Files\iTunes
2014-01-25 21:01 - 2014-01-25 21:00 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-25 21:00 - 2014-01-25 21:00 - 00000000 ____D () C:\Program Files\iPod
2014-01-25 20:54 - 2012-11-02 19:54 - 00000000 ____D () C:\ProgramData\Apple

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-02-10 13:08

==================== End Of Log ============================

#2 Příspěvek od **JaRon** » 25 úno 2014 07:44

ahoj,
pocas tej minuty co mas ZMAZ subor C:\Windows\SysWOW64\msstp.vbe
ked sa to podari, restart kompletna kontrola s MBAM

scrapydoo · #3 Příspěvek od **scrapydoo** » 25 úno 2014 10:37

Bohužel žádný takový soubor tam není a 100% hledám správně, jediné co tam je s příponou začínající na v je slmgr.vbs a winrm.vbs.

Jinak by se to v pohodě stihlo za tu minutu smazat.
Děkuju

#4 Příspěvek od **JaRon** » 25 úno 2014 10:50

vypina sa Win aj v nudzovom rezime

ak nie urob rychlu kontrolu MBAM

scrapydoo · #5 Příspěvek od **scrapydoo** » 25 úno 2014 11:52

V nouzovém režimu se nevypíná, ale rychlá kontrola nic nenašla a ani běžná kontrola nic. Ale objevil se další problém nejde spustit správce úloh a to ani v nouzuvém režimu hlásí to "správce tohoto systému zakázal správce úloh".
Moc děkuji za pomoc

#6 Příspěvek od **JaRon** » 25 úno 2014 12:24

v nudzovom rezime teda vykonaj:
stiahni a uloz na plochu ComboFix

potom spust pod uctom s administratorskym opravnenim

akcia trva cca. 5-10 minut, niekedy i dlhsie -, Pocas scanu nespustaj ziadne ine aplikacie

Nie je dovod na paniku ak stroj bude restartovany
upozornenie: ak pouzivas antispyware s rezidentnim stitem, ten pred scanom vypni.

po restarte aplikacie vytvori log, ulozeny na C:\Combofix.txt (jeho obsah vloz sem)

scrapydoo · #7 Příspěvek od **scrapydoo** » 25 úno 2014 13:56

ComboFix log:
ComboFix 14-02-24.02 - Kika 25.02.2014 12:33:48.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3972.1869 [GMT 0:00]
Spuštěný z: c:\users\Kika\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6426\AddOnDownloaded\236515c7-c29a-41e6-873d-b9e2673e11c3.dll
c:\programdata\PCDr\6426\AddOnDownloaded\46f8f9b8-a6d9-4ac9-a82f-2c79e2a75546.dll
c:\programdata\PCDr\6426\AddOnDownloaded\4f436db1-def5-4137-a084-15125ef65010.dll
c:\programdata\PCDr\6426\AddOnDownloaded\5dc25d30-0116-4ea0-9e12-f329c60c603b.dll
c:\programdata\PCDr\6426\AddOnDownloaded\667e2f17-0031-40e7-a376-b390959abbb8.dll
c:\programdata\PCDr\6426\AddOnDownloaded\6ff7e11c-29c5-4891-bc9e-fae289e9c9fe.dll
c:\programdata\PCDr\6426\AddOnDownloaded\7bc69e73-3dda-484f-af68-bb19598a4b32.dll
c:\programdata\PCDr\6426\AddOnDownloaded\9a23b885-84bf-4844-bc8c-e1f4c568d95a.dll
c:\programdata\PCDr\6426\AddOnDownloaded\9c39bb99-9a2d-442b-9a53-fc7bd3d32368.dll
c:\programdata\PCDr\6426\AddOnDownloaded\9c91892f-68c1-49f2-9c84-27a2e4701c64.dll
c:\programdata\PCDr\6426\AddOnDownloaded\a5fe6876-4636-4d79-8440-3ce56e4f4416.dll
c:\programdata\PCDr\6426\AddOnDownloaded\a9d9bdb2-283c-48d2-b6ea-df9f6bc83b04.dll
c:\programdata\PCDr\6426\AddOnDownloaded\ade7fb72-009e-483b-8dbb-a94667c9efee.dll
c:\programdata\PCDr\6426\AddOnDownloaded\b1cd2350-1a70-4fd2-9b75-98208aace99a.dll
c:\programdata\PCDr\6426\AddOnDownloaded\b7527ad4-1a04-4fbc-82f1-59c1cfcafceb.dll
c:\programdata\PCDr\6426\AddOnDownloaded\cdf86821-bbfe-4586-8cae-bf998bb8d498.dll
c:\programdata\PCDr\6426\AddOnDownloaded\e6166583-b575-4093-a3ca-d9c4587d4bb7.dll
c:\programdata\PCDr\6426\AddOnDownloaded\fdae1379-f1f4-49e3-a1cc-0a3d1c8ae2a5.dll
c:\programdata\PCDr\6426\AddOnDownloaded\ffa288d5-37d2-4036-812e-1b7722ec86ed.dll
c:\users\Kika\AppData\Local\assembly\tmp
c:\users\Kika\AppData\Roaming\inst.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-01-25 do 2014-02-25 )))))))))))))))))))))))))))))))
.
.
2014-02-25 12:49 . 2014-02-25 12:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-25 11:50 . 2014-02-25 12:29 -------- d-----w- c:\program files\Max Spyware Detector
2014-02-25 11:50 . 2014-02-25 11:50 -------- d-----w- c:\programdata\Max Secure
2014-02-25 11:33 . 2014-02-25 11:33 -------- d-----w- c:\users\Kika\AppData\Local\Max Secure Software
2014-02-25 11:27 . 2014-02-25 11:39 -------- d-----w- c:\users\Kika\AppData\Roaming\GetRightToGo
2014-02-25 09:35 . 2014-02-25 09:35 -------- d-----w- c:\windows\Migration
2014-02-24 23:45 . 2014-02-24 23:57 -------- d-----w- C:\FRST
2014-02-22 19:06 . 2014-02-22 19:06 -------- d-----w- c:\users\Kika\AppData\Roaming\Reallusion
2014-02-20 15:24 . 2014-02-20 15:41 187544 ----a-w- c:\windows\SysWow64\xliveinstall.dll
2014-02-20 15:05 . 2014-02-20 15:05 228600 ----a-w- c:\windows\SysWow64\tier0_s.dll
2014-02-20 15:05 . 2014-02-20 15:05 235944 ----a-w- c:\windows\SysWow64\vstdlib_s.dll
2014-02-20 14:56 . 2014-02-20 14:56 -------- d-----w- c:\users\Kika\AppData\Roaming\dll-files.com
2014-02-20 14:55 . 2014-02-20 14:56 -------- d-----w- c:\program files (x86)\Dll-Files.com Fixer
2014-02-20 14:46 . 2014-02-24 20:42 2335480 ----a-w- c:\windows\SysWow64\steamclient.dll
2014-02-20 14:46 . 2014-02-20 14:46 -------- d-----w- c:\programdata\Logs
2014-02-20 14:46 . 2013-11-25 14:44 19392 ----a-w- c:\windows\system32\roboot64.exe
2014-02-14 03:02 . 2013-12-21 09:53 548864 ----a-w- c:\windows\system32\vbscript.dll
2014-02-14 03:02 . 2013-12-21 08:56 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-02-12 22:04 . 2013-12-06 02:30 1882112 ----a-w- c:\windows\system32\msxml3.dll
2014-02-12 22:04 . 2013-12-06 02:02 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
2014-02-12 22:04 . 2013-12-06 02:30 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-02-12 22:04 . 2013-12-06 02:02 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2014-02-12 22:04 . 2013-12-04 02:16 658432 ----a-w- c:\windows\system32\RMActivate_isv.exe
2014-02-12 22:04 . 2013-12-04 02:16 626176 ----a-w- c:\windows\system32\RMActivate.exe
2014-02-12 22:04 . 2013-12-04 01:54 594944 ----a-w- c:\windows\SysWow64\RMActivate_isv.exe
2014-02-12 22:04 . 2013-12-04 02:16 552960 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2014-02-12 22:04 . 2013-12-04 02:16 553984 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2014-02-12 22:04 . 2013-12-04 01:54 510976 ----a-w- c:\windows\SysWow64\RMActivate_ssp.exe
2014-02-12 22:04 . 2013-12-04 01:54 572416 ----a-w- c:\windows\SysWow64\RMActivate.exe
2014-02-12 22:04 . 2013-12-04 01:54 508928 ----a-w- c:\windows\SysWow64\RMActivate_ssp_isv.exe
2014-02-11 15:16 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5542F040-BB42-43BB-9106-5594E9C627FD}\mpengine.dll
2014-02-06 09:50 . 2014-02-06 09:50 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-02-06 09:49 . 2014-02-06 09:50 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2014-02-02 12:45 . 2010-05-26 11:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
2014-02-02 12:45 . 2010-02-04 10:01 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_4.dll
2014-02-02 12:45 . 2010-02-04 10:01 528216 ----a-w- c:\windows\SysWow64\XAudio2_6.dll
2014-02-02 12:45 . 2010-02-04 10:01 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_7.dll
2014-02-02 12:45 . 2007-04-04 18:53 81768 ----a-w- c:\windows\SysWow64\xinput1_3.dll
2014-02-02 12:36 . 2014-02-02 12:52 -------- d-----w- c:\program files (x86)\Microsoft Games
2014-01-27 14:17 . 2013-12-18 21:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-27 14:12 . 2014-01-27 14:12 -------- d-----w- c:\users\Kika\AppData\Roaming\AVG2014
2014-01-27 14:12 . 2014-01-27 14:12 -------- d-----w- c:\users\Kika\AppData\Roaming\TuneUp Software
2014-01-27 14:11 . 2014-01-27 23:06 -------- d-----w- c:\programdata\AVG2014
2014-01-27 14:11 . 2014-01-27 14:11 -------- d-----w- C:\$AVG
2014-01-27 14:08 . 2014-01-27 14:08 -------- d-----w- c:\program files (x86)\AVG
2014-01-27 14:05 . 2014-02-25 09:36 -------- d-----w- c:\programdata\MFAData
2014-01-27 14:05 . 2014-01-27 14:14 -------- d-----w- c:\users\Kika\AppData\Local\Avg2014
2014-01-27 14:05 . 2014-01-27 14:05 -------- d--h--w- c:\programdata\Common Files
2014-01-27 14:05 . 2014-01-27 14:05 -------- d-----w- c:\users\Kika\AppData\Local\MFAData
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-21 13:05 . 2012-09-22 13:10 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-21 13:05 . 2012-09-22 13:10 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-20 15:40 . 2007-04-17 15:34 15453832 ----a-w- c:\windows\SysWow64\xlive.dll
2014-02-18 21:53 . 2012-10-14 08:36 88567024 ----a-w- c:\windows\system32\MRT.exe
2013-12-30 11:33 . 2013-06-22 16:51 82816 ----a-w- c:\users\Kika\AppData\Roaming\pcouffin.sys
2013-12-18 05:13 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2013-12-04 12:25 . 2013-12-04 12:25 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-04 12:25 . 2013-12-04 12:25 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-04 12:25 . 2013-12-04 12:25 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-04 12:25 . 2013-12-04 12:25 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-04 12:25 . 2013-12-04 12:25 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-04 12:25 . 2013-12-04 12:25 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-04 12:25 . 2013-12-04 12:25 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-12-04 12:25 . 2013-12-04 12:25 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-04 12:25 . 2013-12-04 12:25 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-12-04 12:25 . 2013-12-04 12:25 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-12-04 12:24 . 2013-12-04 12:24 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-12-04 12:24 . 2013-12-04 12:24 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-12-04 12:24 . 2013-12-04 12:24 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-12-04 12:24 . 2013-12-04 12:24 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-12-04 12:24 . 2013-12-04 12:24 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-12-04 12:24 . 2013-12-04 12:24 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-12-04 12:24 . 2013-12-04 12:24 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-12-04 12:24 . 2013-12-04 12:24 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-04 12:24 . 2013-12-04 12:24 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-12-04 12:24 . 2013-12-04 12:24 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-12-04 12:24 . 2013-12-04 12:24 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-12-04 12:24 . 2013-12-04 12:24 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-12-04 12:24 . 2013-12-04 12:24 247808 ----a-w- c:\windows\system32\msls31.dll
2013-12-04 12:24 . 2013-12-04 12:24 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-12-04 12:24 . 2013-12-04 12:24 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-12-04 12:24 . 2013-12-04 12:24 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-12-04 12:24 . 2013-12-04 12:24 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-12-04 12:24 . 2013-12-04 12:24 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-12-04 12:24 . 2013-12-04 12:24 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-12-04 12:24 . 2013-12-04 12:24 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-12-04 12:24 . 2013-12-04 12:24 413696 ----a-w- c:\windows\system32\html.iec
2013-12-04 12:24 . 2013-12-04 12:24 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-04 12:24 . 2013-12-04 12:24 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-12-04 12:24 . 2013-12-04 12:24 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-12-04 12:24 . 2013-12-04 12:24 81408 ----a-w- c:\windows\system32\icardie.dll
2013-12-04 12:24 . 2013-12-04 12:24 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-12-04 12:24 . 2013-12-04 12:24 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-12-04 12:24 . 2013-12-04 12:24 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-12-04 12:24 . 2013-12-04 12:24 235520 ----a-w- c:\windows\system32\url.dll
2013-12-04 12:24 . 2013-12-04 12:24 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-12-04 12:24 . 2013-12-04 12:24 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-12-04 12:24 . 2013-12-04 12:24 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-12-04 12:24 . 2013-12-04 12:24 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-12-04 12:24 . 2013-12-04 12:24 143872 ----a-w- c:\windows\system32\wextract.exe
2013-12-04 12:24 . 2013-12-04 12:24 101376 ----a-w- c:\windows\system32\inseng.dll
2013-12-04 12:24 . 2013-12-04 12:24 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-12-04 12:24 . 2013-12-04 12:24 147968 ----a-w- c:\windows\system32\occache.dll
2013-12-04 12:24 . 2013-12-04 12:24 13824 ----a-w- c:\windows\system32\mshta.exe
2013-12-04 12:24 . 2013-12-04 12:24 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-04 12:24 . 2013-12-04 12:24 774144 ----a-w- c:\windows\system32\jscript.dll
2013-12-04 12:24 . 2013-12-04 12:24 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-12-04 12:24 . 2013-12-04 12:24 135680 ----a-w- c:\windows\system32\iepeers.dll
2009-12-06 09:18 26624 --sh--w- c:\windows\bfcs2.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Kika\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Kika\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Kika\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-11-20 59720]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-11-20 59720]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-02-29 56088]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-27 291608]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2012-03-06 577024]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2013-12-18 40312]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"NeroLauncher"="c:\program files (x86)\Nero\SyncUP\NeroLauncher.exe" [2012-03-10 66872]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2012-02-01 968048]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-01-20 43848]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Wondershare Helper Compact.exe"="c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2012-03-27 1686528]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-01-20 152392]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2013-11-07 4956176]
"mncucnftSrv"="c:\windows\inf\mncucnft.vbe" [2014-01-19 1342]
"VRRRRC"="c:\windows\System32\shutdown.exe" [2009-07-14 30720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 BthMtpEnum;Modul pro výčet zařízení Bluetooth MTP;c:\windows\system32\DRIVERS\BthMtpEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthMtpEnum.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 irstrtsv;Intel(R) Rapid Start Technology Service;c:\windows\SysWOW64\irstrtsv.exe;c:\windows\SysWOW64\irstrtsv.exe [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 irstrtdv;Intel(R) Rapid Start Technology Driver;c:\windows\system32\DRIVERS\irstrtdv.sys;c:\windows\SYSNATIVE\DRIVERS\irstrtdv.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-02-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-22 13:05]
.
2014-02-21 c:\windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-02-20 08:26]
.
2014-02-22 c:\windows\Tasks\DLL-Files.Com Fixer_Updates.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-02-20 08:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Kika\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Kika\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Kika\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Kika\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-03-13 1425408]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-08 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-08 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-08 439576]
"AtherosBtStack"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" [2012-03-09 1021056]
"AthBtTray"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe" [2012-03-09 800896]
"Stage Remote"="c:\program files (x86)\Dell\Stage Remote\StageRemote.exe" [2011-08-08 2034752]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2012-02-01 2195824]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.mojebanka.cz/InternetBanking/?L=CS
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 172.17.8.1
FF - ProfilePath - c:\users\Kika\AppData\Roaming\Mozilla\Firefox\Profiles\zbla8e5i.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-02-25 12:54:43
ComboFix-quarantined-files.txt 2014-02-25 12:54
.
Před spuštěním: Volných bajtů: 22 205 988 864
Po spuštění: Volných bajtů: 22 298 476 544
.
- - End Of File - - 3B79F69815C8BC27A0D7A98710F0475A

#8 Příspěvek od **JaRon** » 25 úno 2014 14:21

pokracujeme

Presun ComboFix
na plochu (ak tam este nie je)

otvor si Poznamkovy blok - notepad

do neho zkopiruj skript z nasledujiceho okna:

Kód: Vybrat vše

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
""mncucnftSrv"=-
"VRRRRC"=-

uloz vytvoreny textovy soubor ako CFScript.txt na plochu

po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:

Obrázek

po aplikacii by mal vzniknut dalsi log, ten vloz sem

scrapydoo · #9 Příspěvek od **scrapydoo** » 25 úno 2014 14:39

Combo Fix log2
ComboFix 14-02-24.02 - Kika 25.02.2014 13:29:53.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3972.2141 [GMT 0:00]
Spuštěný z: c:\users\Kika\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Kika\Desktop\CFScript.txt
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-01-25 do 2014-02-25 )))))))))))))))))))))))))))))))
.
.
2014-02-25 13:34 . 2014-02-25 13:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-25 11:50 . 2014-02-25 12:29 -------- d-----w- c:\program files\Max Spyware Detector
2014-02-25 11:50 . 2014-02-25 11:50 -------- d-----w- c:\programdata\Max Secure
2014-02-25 11:33 . 2014-02-25 11:33 -------- d-----w- c:\users\Kika\AppData\Local\Max Secure Software
2014-02-25 11:27 . 2014-02-25 11:39 -------- d-----w- c:\users\Kika\AppData\Roaming\GetRightToGo
2014-02-25 09:35 . 2014-02-25 09:35 -------- d-----w- c:\windows\Migration
2014-02-24 23:45 . 2014-02-24 23:57 -------- d-----w- C:\FRST
2014-02-22 19:06 . 2014-02-22 19:06 -------- d-----w- c:\users\Kika\AppData\Roaming\Reallusion
2014-02-20 15:24 . 2014-02-20 15:41 187544 ----a-w- c:\windows\SysWow64\xliveinstall.dll
2014-02-20 15:05 . 2014-02-20 15:05 228600 ----a-w- c:\windows\SysWow64\tier0_s.dll
2014-02-20 15:05 . 2014-02-20 15:05 235944 ----a-w- c:\windows\SysWow64\vstdlib_s.dll
2014-02-20 14:56 . 2014-02-20 14:56 -------- d-----w- c:\users\Kika\AppData\Roaming\dll-files.com
2014-02-20 14:55 . 2014-02-20 14:56 -------- d-----w- c:\program files (x86)\Dll-Files.com Fixer
2014-02-20 14:46 . 2014-02-24 20:42 2335480 ----a-w- c:\windows\SysWow64\steamclient.dll
2014-02-20 14:46 . 2014-02-20 14:46 -------- d-----w- c:\programdata\Logs
2014-02-20 14:46 . 2013-11-25 14:44 19392 ----a-w- c:\windows\system32\roboot64.exe
2014-02-14 03:02 . 2013-12-21 09:53 548864 ----a-w- c:\windows\system32\vbscript.dll
2014-02-14 03:02 . 2013-12-21 08:56 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-02-12 22:04 . 2013-12-06 02:30 1882112 ----a-w- c:\windows\system32\msxml3.dll
2014-02-12 22:04 . 2013-12-06 02:02 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
2014-02-12 22:04 . 2013-12-06 02:30 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-02-12 22:04 . 2013-12-06 02:02 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2014-02-12 22:04 . 2013-12-04 02:16 658432 ----a-w- c:\windows\system32\RMActivate_isv.exe
2014-02-12 22:04 . 2013-12-04 02:16 626176 ----a-w- c:\windows\system32\RMActivate.exe
2014-02-12 22:04 . 2013-12-04 01:54 594944 ----a-w- c:\windows\SysWow64\RMActivate_isv.exe
2014-02-12 22:04 . 2013-12-04 02:16 552960 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2014-02-12 22:04 . 2013-12-04 02:16 553984 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2014-02-12 22:04 . 2013-12-04 01:54 510976 ----a-w- c:\windows\SysWow64\RMActivate_ssp.exe
2014-02-12 22:04 . 2013-12-04 01:54 572416 ----a-w- c:\windows\SysWow64\RMActivate.exe
2014-02-12 22:04 . 2013-12-04 01:54 508928 ----a-w- c:\windows\SysWow64\RMActivate_ssp_isv.exe
2014-02-11 15:16 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5542F040-BB42-43BB-9106-5594E9C627FD}\mpengine.dll
2014-02-06 09:50 . 2014-02-06 09:50 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-02-06 09:49 . 2014-02-06 09:50 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2014-02-02 12:45 . 2010-05-26 11:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
2014-02-02 12:45 . 2010-02-04 10:01 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_4.dll
2014-02-02 12:45 . 2010-02-04 10:01 528216 ----a-w- c:\windows\SysWow64\XAudio2_6.dll
2014-02-02 12:45 . 2010-02-04 10:01 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_7.dll
2014-02-02 12:45 . 2007-04-04 18:53 81768 ----a-w- c:\windows\SysWow64\xinput1_3.dll
2014-02-02 12:36 . 2014-02-02 12:52 -------- d-----w- c:\program files (x86)\Microsoft Games
2014-01-27 14:17 . 2013-12-18 21:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-27 14:12 . 2014-01-27 14:12 -------- d-----w- c:\users\Kika\AppData\Roaming\AVG2014
2014-01-27 14:12 . 2014-01-27 14:12 -------- d-----w- c:\users\Kika\AppData\Roaming\TuneUp Software
2014-01-27 14:11 . 2014-01-27 23:06 -------- d-----w- c:\programdata\AVG2014
2014-01-27 14:11 . 2014-01-27 14:11 -------- d-----w- C:\$AVG
2014-01-27 14:08 . 2014-01-27 14:08 -------- d-----w- c:\program files (x86)\AVG
2014-01-27 14:05 . 2014-02-25 09:36 -------- d-----w- c:\programdata\MFAData
2014-01-27 14:05 . 2014-01-27 14:14 -------- d-----w- c:\users\Kika\AppData\Local\Avg2014
2014-01-27 14:05 . 2014-01-27 14:05 -------- d--h--w- c:\programdata\Common Files
2014-01-27 14:05 . 2014-01-27 14:05 -------- d-----w- c:\users\Kika\AppData\Local\MFAData
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-21 13:05 . 2012-09-22 13:10 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-21 13:05 . 2012-09-22 13:10 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-20 15:40 . 2007-04-17 15:34 15453832 ----a-w- c:\windows\SysWow64\xlive.dll
2014-02-18 21:53 . 2012-10-14 08:36 88567024 ----a-w- c:\windows\system32\MRT.exe
2013-12-30 11:33 . 2013-06-22 16:51 82816 ----a-w- c:\users\Kika\AppData\Roaming\pcouffin.sys
2013-12-18 05:13 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2013-12-04 12:25 . 2013-12-04 12:25 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-04 12:25 . 2013-12-04 12:25 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-04 12:25 . 2013-12-04 12:25 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-04 12:25 . 2013-12-04 12:25 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-04 12:25 . 2013-12-04 12:25 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-04 12:25 . 2013-12-04 12:25 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-04 12:25 . 2013-12-04 12:25 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-12-04 12:25 . 2013-12-04 12:25 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-04 12:25 . 2013-12-04 12:25 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-12-04 12:25 . 2013-12-04 12:25 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-12-04 12:24 . 2013-12-04 12:24 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-12-04 12:24 . 2013-12-04 12:24 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-12-04 12:24 . 2013-12-04 12:24 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-12-04 12:24 . 2013-12-04 12:24 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-12-04 12:24 . 2013-12-04 12:24 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-12-04 12:24 . 2013-12-04 12:24 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-12-04 12:24 . 2013-12-04 12:24 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-12-04 12:24 . 2013-12-04 12:24 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-04 12:24 . 2013-12-04 12:24 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-12-04 12:24 . 2013-12-04 12:24 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-12-04 12:24 . 2013-12-04 12:24 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-12-04 12:24 . 2013-12-04 12:24 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-12-04 12:24 . 2013-12-04 12:24 247808 ----a-w- c:\windows\system32\msls31.dll
2013-12-04 12:24 . 2013-12-04 12:24 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-12-04 12:24 . 2013-12-04 12:24 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-12-04 12:24 . 2013-12-04 12:24 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-12-04 12:24 . 2013-12-04 12:24 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-12-04 12:24 . 2013-12-04 12:24 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-12-04 12:24 . 2013-12-04 12:24 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-12-04 12:24 . 2013-12-04 12:24 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-12-04 12:24 . 2013-12-04 12:24 413696 ----a-w- c:\windows\system32\html.iec
2013-12-04 12:24 . 2013-12-04 12:24 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-04 12:24 . 2013-12-04 12:24 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-12-04 12:24 . 2013-12-04 12:24 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-12-04 12:24 . 2013-12-04 12:24 81408 ----a-w- c:\windows\system32\icardie.dll
2013-12-04 12:24 . 2013-12-04 12:24 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-12-04 12:24 . 2013-12-04 12:24 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-12-04 12:24 . 2013-12-04 12:24 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-12-04 12:24 . 2013-12-04 12:24 235520 ----a-w- c:\windows\system32\url.dll
2013-12-04 12:24 . 2013-12-04 12:24 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-12-04 12:24 . 2013-12-04 12:24 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-12-04 12:24 . 2013-12-04 12:24 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-12-04 12:24 . 2013-12-04 12:24 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-12-04 12:24 . 2013-12-04 12:24 143872 ----a-w- c:\windows\system32\wextract.exe
2013-12-04 12:24 . 2013-12-04 12:24 101376 ----a-w- c:\windows\system32\inseng.dll
2013-12-04 12:24 . 2013-12-04 12:24 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-12-04 12:24 . 2013-12-04 12:24 147968 ----a-w- c:\windows\system32\occache.dll
2013-12-04 12:24 . 2013-12-04 12:24 13824 ----a-w- c:\windows\system32\mshta.exe
2013-12-04 12:24 . 2013-12-04 12:24 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-04 12:24 . 2013-12-04 12:24 774144 ----a-w- c:\windows\system32\jscript.dll
2013-12-04 12:24 . 2013-12-04 12:24 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-12-04 12:24 . 2013-12-04 12:24 135680 ----a-w- c:\windows\system32\iepeers.dll
2009-12-06 09:18 26624 --sh--w- c:\windows\bfcs2.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Kika\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Kika\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Kika\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-11-20 59720]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-11-20 59720]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-02-29 56088]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-27 291608]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2012-03-06 577024]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2013-12-18 40312]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"NeroLauncher"="c:\program files (x86)\Nero\SyncUP\NeroLauncher.exe" [2012-03-10 66872]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2012-02-01 968048]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-01-20 43848]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Wondershare Helper Compact.exe"="c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2012-03-27 1686528]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-01-20 152392]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2013-11-07 4956176]
"mncucnftSrv"="c:\windows\inf\mncucnft.vbe" [2014-01-19 1342]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 BthMtpEnum;Modul pro výčet zařízení Bluetooth MTP;c:\windows\system32\DRIVERS\BthMtpEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthMtpEnum.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 irstrtsv;Intel(R) Rapid Start Technology Service;c:\windows\SysWOW64\irstrtsv.exe;c:\windows\SysWOW64\irstrtsv.exe [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 irstrtdv;Intel(R) Rapid Start Technology Driver;c:\windows\system32\DRIVERS\irstrtdv.sys;c:\windows\SYSNATIVE\DRIVERS\irstrtdv.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-02-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-22 13:05]
.
2014-02-21 c:\windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-02-20 08:26]
.
2014-02-22 c:\windows\Tasks\DLL-Files.Com Fixer_Updates.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-02-20 08:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Kika\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Kika\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Kika\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Kika\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-03-13 1425408]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-08 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-08 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-08 439576]
"AtherosBtStack"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" [2012-03-09 1021056]
"AthBtTray"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe" [2012-03-09 800896]
"Stage Remote"="c:\program files (x86)\Dell\Stage Remote\StageRemote.exe" [2011-08-08 2034752]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2012-02-01 2195824]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.mojebanka.cz/InternetBanking/?L=CS
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 172.17.8.1
FF - ProfilePath - c:\users\Kika\AppData\Roaming\Mozilla\Firefox\Profiles\zbla8e5i.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-02-25 13:36:19
ComboFix-quarantined-files.txt 2014-02-25 13:36
ComboFix2.txt 2014-02-25 12:54
.
Před spuštěním: Volných bajtů: 22 129 586 176
Po spuštění: Volných bajtů: 22 060 761 088
.
- - End Of File - - B6E0D530F27E7D6CBBF9C7A97D76F6A8

Děeeeeekuju za pomoc sám bych na to fakt nepřišel.

#10 Příspěvek od **JaRon** » 25 úno 2014 14:52

este je tam zaznam v registroch
spust regedit
daj vyhladat mncucnftSrv najdenu polozku nechaj zmazat
zatvor regedit - restart - PC by mal byt OK
+ doporucenie >> nainstaluj nejaky vhodny antivir (nie AVG) a prescanuj nim PC

scrapydoo · #11 Příspěvek od **scrapydoo** » 25 úno 2014 15:25

Funguje

moooc děkuju.

#12 Příspěvek od **JaRon** » 25 úno 2014 17:26

rado sa stalo

VIRY.CZ

Windows se za necelou minutu vypne

Windows se za necelou minutu vypne

Re: Windows se za necelou minutu vypne

Re: Windows se za necelou minutu vypne

Re: Windows se za necelou minutu vypne

Re: Windows se za necelou minutu vypne

Re: Windows se za necelou minutu vypne

Re: Windows se za necelou minutu vypne

Re: Windows se za necelou minutu vypne

Re: Windows se za necelou minutu vypne

Re: Windows se za necelou minutu vypne

Re: Windows se za necelou minutu vypne

Re: Windows se za necelou minutu vypne