VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu PC

https://forum.viry.cz:443/viewtopic.php?t=137395

Stránka 1 z 1

Prosím o kontrolu PC

Napsal: 11 dub 2014 21:06
od venda-s
Zdravím,

Logfile of random's system information tool 1.09 (written by random/random)
Run by Vašek at 2014-04-11 22:01:17
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 159 GB (61%) free of 259 GB
Total RAM: 3033 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:01:30, on 11.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Lenovo\VeriFace\PManage.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\PDF24\pdf24.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\windows\system32\conhost.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\windows\system32\SearchFilterHost.exe
C:\Users\Vašek\Desktop\RSIT.exe
C:\Program Files\trend micro\Vašek.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Vašek\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe
O4 - HKLM\..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
O4 - HKLM\..\Run: [PDFPrint] C:\Program Files\PDF24\pdf24.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files\PlotSoft\PDFill\DownloadPDF.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: DefaultTabSearch - Unknown owner - C:\Program Files\DefaultTab\DefaultTabSearch.exe
O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\Vašek\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe

--
End of file - 8484 bytes

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\i8hbjau3.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
"fe_3.5@nokia.com"=C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_3.5
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF
"{FFB96CC1-7EB3-449D-B827-DB661701C6BB}"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker
"ntfdsaftsfdfdxx@mozilla.org"=C:\Users\Vašek\AppData\Roaming\iPumper\extension_firefox.xpi


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\system32\Adobe\Director\np32dsw_1200112.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=C:\Program Files\Veetle\plugins\npVeetle.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files\Veetle\Player\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
npwachk.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
NPOFFICE.DLL
nppdf32.dll
npwachk.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\i8hbjau3.default\extensions\
2020Player_IKEA@2020Technologies.com
gadget@gadgetbox

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-10-19 329712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]
DefaultTab Browser Helper - C:\Users\Vašek\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll [2013-12-09 462968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-08-30 603816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-04-01 597816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-10-19 59376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-08-30 603816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2008-03-26 163840]
"VeriFaceManager"=C:\Program Files\Lenovo\VeriFace\PManage.exe [2009-11-22 3122440]
"UpdateP2GShortCut"=C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]
"EnergyUtility"=C:\Program Files\Lenovo\Energy Management\utility.exe [2009-07-15 4081480]
"Energy Management"=C:\Program Files\Lenovo\Energy Management\Energy Management.exe [2009-06-25 5064520]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2010-08-25 136216]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-08-25 171032]
"Persistence"=C:\windows\system32\igfxpers.exe [2010-08-25 170520]
"ZoneAlarm"=C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [2012-10-09 73392]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2012-08-30 738984]
"PDFPrint"=C:\Program Files\PDF24\pdf24.exe [2013-07-22 162856]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2014-04-01 3854640]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Akcelerátor spuštění AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-08-25 228864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll [2013-12-07 208384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"msacm.clmp3enc"=C:\PROGRA~1\Lenovo\Power2Go\CLMP3Enc.ACM

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - "C:\windows\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-04-11 22:01:17 ----D---- C:\rsit
2014-04-11 21:23:47 ----D---- C:\ProgramData\2992199F9A
2014-04-10 18:06:28 ----A---- C:\windows\system32\drivers\msiscsi.sys
2014-04-01 20:49:39 ----A---- C:\windows\avastSS.scr
2014-03-30 00:16:45 ----D---- C:\Program Files\Mozilla Firefox
2014-03-19 17:35:12 ----A---- C:\windows\system32\javaws.exe
2014-03-14 21:16:29 ----A---- C:\windows\system32\qedit.dll
2014-03-14 21:16:28 ----A---- C:\windows\system32\jsproxy.dll
2014-03-14 21:16:28 ----A---- C:\windows\system32\iernonce.dll
2014-03-14 21:16:28 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-03-14 21:16:28 ----A---- C:\windows\system32\ieetwcollector.exe
2014-03-14 21:16:27 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-03-14 21:16:27 ----A---- C:\windows\system32\jscript9diag.dll
2014-03-14 21:16:27 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-03-14 21:16:27 ----A---- C:\windows\system32\ieapfltr.dll
2014-03-14 21:16:26 ----A---- C:\windows\system32\wininet.dll
2014-03-14 21:16:25 ----A---- C:\windows\system32\ieui.dll
2014-03-14 21:16:24 ----A---- C:\windows\system32\ieUnatt.exe
2014-03-14 21:16:24 ----A---- C:\windows\system32\iertutil.dll
2014-03-14 21:16:23 ----A---- C:\windows\system32\jscript9.dll
2014-03-14 21:16:22 ----A---- C:\windows\system32\mshtml.dll
2014-03-14 21:16:21 ----A---- C:\windows\system32\urlmon.dll
2014-03-14 21:16:20 ----A---- C:\windows\system32\msfeeds.dll
2014-03-14 21:16:19 ----A---- C:\windows\system32\msrating.dll
2014-03-14 21:16:19 ----A---- C:\windows\system32\ie4uinit.exe
2014-03-14 21:16:18 ----A---- C:\windows\system32\iesetup.dll
2014-03-14 21:16:17 ----A---- C:\windows\system32\ieframe.dll
2014-03-14 21:14:58 ----A---- C:\windows\system32\wwansvc.dll
2014-03-14 21:14:56 ----A---- C:\windows\system32\win32k.sys
2014-03-14 21:14:55 ----A---- C:\windows\system32\WindowsCodecs.dll
2014-03-14 21:14:54 ----A---- C:\windows\system32\wer.dll

======List of files/folders modified in the last 1 month======

2014-04-12 07:46:16 ----D---- C:\windows\Tasks
2014-04-12 07:46:16 ----D---- C:\windows\system32\wfp
2014-04-12 07:46:16 ----D---- C:\windows\system32\DriverStore
2014-04-12 07:46:16 ----D---- C:\windows\system32\drivers
2014-04-12 07:46:16 ----D---- C:\windows\system32\cs-CZ
2014-04-12 07:46:16 ----D---- C:\windows\system32\catroot2
2014-04-12 07:46:16 ----D---- C:\Windows
2014-04-12 07:46:15 ----D---- C:\windows\winsxs
2014-04-12 07:46:15 ----D---- C:\windows\system32\Tasks
2014-04-12 07:46:08 ----SHD---- C:\windows\Installer
2014-04-12 07:46:08 ----D---- C:\windows\AppCompat
2014-04-12 07:46:04 ----D---- C:\windows\system32\wbem
2014-04-12 07:46:04 ----D---- C:\windows\registration
2014-04-12 07:45:48 ----HD---- C:\ProgramData
2014-04-11 22:01:29 ----D---- C:\windows\Prefetch
2014-04-11 22:01:29 ----D---- C:\Program Files\trend micro
2014-04-11 22:01:23 ----D---- C:\windows\Temp
2014-04-11 21:58:22 ----D---- C:\windows\system32\config
2014-04-11 21:51:59 ----D---- C:\windows\System32
2014-04-11 21:51:59 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-04-11 21:51:58 ----D---- C:\windows\inf
2014-04-11 21:48:50 ----SHD---- C:\System Volume Information
2014-04-11 21:48:29 ----D---- C:\ProgramData\VeriFace
2014-04-11 17:36:18 ----D---- C:\windows\system32\MRT
2014-04-10 18:05:52 ----D---- C:\windows\system32\catroot
2014-04-08 16:56:26 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-04-06 15:24:02 ----RD---- C:\Program Files
2014-04-01 20:49:39 ----A---- C:\windows\system32\aswBoot.exe
2014-03-19 17:35:18 ----D---- C:\Program Files\Java
2014-03-18 18:14:38 ----A---- C:\windows\system32\MRT.exe
2014-03-15 12:18:59 ----D---- C:\Program Files\Microsoft Silverlight
2014-03-15 12:17:36 ----D---- C:\Program Files\Internet Explorer
2014-03-15 12:01:03 ----D---- C:\ProgramData\Microsoft Help
2014-03-13 06:47:57 ----D---- C:\Users\Vašek\AppData\Roaming\uTorrent
2014-03-12 18:53:42 ----A---- C:\windows\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2014-04-01 49944]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2014-04-01 180760]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2014-04-01 81768]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2014-04-01 776976]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2014-04-01 411552]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-09-29 232512]
R1 funfrm;funfrm; C:\windows\system32\drivers\funfrm.sys [2009-11-22 54800]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\windows\system32\DRIVERS\vsdatant.sys [2011-05-07 455256]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2014-04-01 67824]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2012-08-30 27056]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2009-05-19 21520]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\windows\system32\DRIVERS\Apfiltr.sys [2008-03-14 169008]
R3 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2014-04-01 67264]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-05-31 260648]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl6.sys [2009-08-13 2506232]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2009-07-01 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 29472]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT32.sys [2009-06-15 475648]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2010-08-25 9024512]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\windows\system32\drivers\IntcHdmi.sys [2009-05-25 122368]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2009-03-13 1759616]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
R3 wdmirror;wdmirror; C:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11792]
S0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2009-12-27 717296]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 Bridge0;Bridge0; C:\windows\system32\drivers\WDBridge.sys [2009-07-28 63240]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2013-06-04 84248]
S3 EagleXNt;EagleXNt; \??\C:\windows\system32\drivers\EagleXNt.sys []
S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-14 229888]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\mbamswissarmy.sys [2013-08-27 40776]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmb.sys [2011-11-01 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbo.sys [2011-11-01 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-07-30 171520]
S3 RtsUIR;Realtek IR Driver; C:\windows\system32\DRIVERS\Rts516xIR.sys []
S3 sisagp;Filtr SIS sběrnice AGP; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2013-06-04 181912]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2011-11-01 8192]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-11-01 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;Ovladač procesoru VIA C7; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2008-08-06 128104]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 81704]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-04-01 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2009-07-01 582944]
R2 DefaultTabUpdate;DefaultTabUpdate; C:\Users\Vašek\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe [2013-12-09 107520]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 IGRS;IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2012-08-30 497320]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2012-10-09 2447440]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 DefaultTabSearch;DefaultTabSearch; C:\Program Files\DefaultTab\DefaultTabSearch.exe [2013-12-20 574464]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-09 136176]
S2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-25 87904]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-01-31 77944]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-01-25 651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-09 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-03-01 108032]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2009-07-28 414984]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2009-07-28 472328]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-30 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PS_MDP;ReadyComm Presentation Space Helper Service; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-05-20 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------


Díky.

Re: Prosím o kontrolu PC

Napsal: 12 dub 2014 09:03
od Márty84
Zdravim :)

:???: Je s pc nejaky problem, nebo jde ciste jen o prevenci?


:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

Re: Prosím o kontrolu PC

Napsal: 16 dub 2014 17:19
od venda-s
NTB se mi vrátil od kamaráda, který mi oznámil, že se mu tam objevil vir (ta hrozba od Interpolu nebo tak nějak to vysvětloval) s tím že dal bod obnovy a od tý doby dobrý. Tak to chci nějak pročistit.

# AdwCleaner v3.023 - Report created 16/04/2014 at 18:12:13
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Vašek - VAŠEK-PC
# Running from : C:\Users\Vašek\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : DefaultTabSearch
Service Deleted : DefaultTabUpdate

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\DefaultTab
Folder Deleted : C:\Users\VAEK~1\AppData\Local\Temp\TempDir
Folder Deleted : C:\Users\Vašek\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
Folder Deleted : C:\Users\Vašek\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\Vašek\AppData\Roaming\goforfiles
Folder Deleted : C:\Users\Vašek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
File Deleted : C:\Users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\i8hbjau3.default\Extensions\addon@defaulttab.com.xpi
File Deleted : C:\windows\System32\Tasks\GoforFilesUpdate

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ntfdsaftsfdfdxx@mozilla.org]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kekfoodhbhpjhjcdecjngamojfhknooc
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{890F3D3A-EC1B-4522-BD21-1B47AE96D3E6}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{890F3D3A-EC1B-4522-BD21-1B47AE96D3E6}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askchecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askchecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\GoforFiles
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\i8hbjau3.default\prefs.js ]

Line Deleted : user_pref("extensions.enabledAddons", "2020Player_IKEA%402020Technologies.com:5.0.94.1,gadget%40gadgetbox:1.6,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0");

-\\ Google Chrome v34.0.1847.116

[ File : C:\Users\Vašek\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R2].txt - [7280 octets] - [16/04/2014 18:10:26]
AdwCleaner[S1].txt - [7383 octets] - [16/04/2014 18:12:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [7443 octets] ##########

Re: Prosím o kontrolu PC

Napsal: 16 dub 2014 18:08
od Márty84
venda-s píše:NTB se mi vrátil od kamaráda, který mi oznámil, že se mu tam objevil vir (ta hrozba od Interpolu nebo tak nějak to vysvětloval)
V prohlizeci, nebo normalne na plose?



:arrow: Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Re: Prosím o kontrolu PC

Napsal: 18 dub 2014 17:40
od venda-s
Tak to nevím jestli v prohlížeči anebo normálně. Je mezi tím nějaký rozdíl?

Zde dávám výsledky:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 18.4.2014
Čas skenování: 18:36:46
Protokol: text.txt
Správce: Ano

Verze: 2.00.1.1004
Databáze malwaru: v2014.04.17.07
Databáze rootkitů: v2014.03.27.01
Licence: Zkušební verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Chameleon: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: VaA!ek

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 545375
Uplynulý čas: 19 hod, 11 min, 18 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Shuriken: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 5
PUP.Optional.GetNow.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}, , [7f8111efd42c20e005420d0b39c908f8],
PUP.Optional.GetNow.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{237FDFDB-3722-470E-8BA8-90196DABE967}, , [7f8111efd42c20e005420d0b39c908f8],
PUP.Optional.DefaultTab.A, HKU\S-1-5-21-2531710527-863149846-1876656526-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7F6AFBF1-E065-4627-A2FD-810366367D01}, , [a759ce323ac6e81899f9f3255fa39b65],
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363}, , [27d93ec232ce42be2243dd3bc240649c],
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77}, , [01fffe0216ea59a788de73a58c76817f],

Hodnoty registru: 0
(No malicious items detected)

Data registru: 0
(No malicious items detected)

Složky: 25
PUP.Optional.DefaultTab.A, C:\Users\VaA!ek\AppData\Local\Temp\installdt.tmp, , [5aa6f10f748c98682814d0cba65d6f91],
PUP.Optional.DefaultTab.A, C:\Users\VaA!ek\AppData\Local\Temp\installdt.tmp\XPI, , [5aa6f10f748c98682814d0cba65d6f91],
PUP.Optional.DefaultTab.A, C:\Users\VaA!ek\AppData\Local\Temp\installdt.tmp\XPI\defaulttab, , [5aa6f10f748c98682814d0cba65d6f91],
PUP.Optional.DefaultTab.A, C:\Users\VaA!ek\AppData\Local\Temp\installdt.tmp\XPI\defaulttab\components, , [5aa6f10f748c98682814d0cba65d6f91],
PUP.Optional.DefaultTab.A, C:\Users\VaA!ek\AppData\Local\Temp\installdt.tmp\XPI\defaulttab\locale, , [5aa6f10f748c98682814d0cba65d6f91],
PUP.Optional.DefaultTab.A, C:\Users\VaA!ek\AppData\Local\Temp\installdt.tmp\XPI\defaulttab\locale\en-US, , [5aa6f10f748c98682814d0cba65d6f91],
PUP.Optional.DefaultTab.A, C:\Users\VaA!ek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc, , [738d768aa55b51af527a8ad818eae917],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\engines_icons, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\plugins, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\engines_icons, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js, , [aa56cc34966a5ca495376df5d131ce32],

Soubory: 133
PUP.Optional.DefaultTab, C:\AdwCleaner\Quarantine\C\Users\VaA!ek\AppData\Roaming\DefaultTab\defaulttab\DefaultTabBHO.dll.vir, , [689842be8d7353ad4b4fd62903fd0ff1],
PUP.Optional.DefaultTab, C:\AdwCleaner\Quarantine\C\Users\VaA!ek\AppData\Roaming\DefaultTab\defaulttab\DefaultTabStart.exe.vir, , [e21e4bb541bfe020cad0837c728ebd43],
PUP.Optional.DefaultTab, C:\AdwCleaner\Quarantine\C\Users\VaA!ek\AppData\Roaming\DefaultTab\defaulttab\DefaultTabStart64.exe.vir, , [fd0317e9e21e3bc5227838c77e8207f9],
PUP.Optional.DefaultTab, C:\AdwCleaner\Quarantine\C\Users\VaA!ek\AppData\Roaming\DefaultTab\defaulttab\DefaultTabWrap.dll.vir, , [c33d43bdc23e3fc1851507f8e41c0ef2],
PUP.Optional.DefaultTab, C:\AdwCleaner\Quarantine\C\Users\VaA!ek\AppData\Roaming\DefaultTab\defaulttab\DefaultTabWrap64.dll.vir, , [28d848b8788825dbd6c4cf3045bbf40c],
PUP.Optional.DefaultTab.A, C:\AdwCleaner\Quarantine\C\Users\VaA!ek\AppData\Roaming\DefaultTab\defaulttab\dtupdate.exe.vir, , [3dc3c33d02fe39c7bfd673ae857bef11],
Trojan.FakeMS, C:\ProgramData\2992199F9A\qmhz0flg.cpp, , [af515aa619e701ff8bf576f6679ab947],
PUP.Optional.DefaultTab.A, C:\Users\VaA!ek\AppData\Local\Temp\DefaultTabSetup2.exe, , [8e72c63af10fc43cb58270bcc23e26da],
PUP.Optional.DefaultTab.A, C:\Users\VaA!ek\AppData\Local\Temp\installdt.tmp\DefaultTab.xpi, , [5aa6f10f748c98682814d0cba65d6f91],
PUP.Optional.DefaultTab.A, C:\Users\VaA!ek\AppData\Local\Temp\installdt.tmp\XPI\defaulttab\locale\en-US\defaulttab.properties, , [5aa6f10f748c98682814d0cba65d6f91],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\18x18.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\background.html, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\blank.html, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\manifest.json, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\manifest_no_button.json, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\new_tab.html, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\search_box.html, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\injection.css, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\jquery-ui-1.8.16.custom.css, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_flat_0_aaaaaa_40x100.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_flat_75_ffffff_40x100.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_glass_55_fbf9ee_1x400.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_glass_65_ffffff_1x400.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_glass_75_dadada_1x400.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_glass_75_e6e6e6_1x400.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_glass_95_fef1ec_1x400.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-bg_highlight-soft_75_cccccc_1x100.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-icons_222222_256x240.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-icons_2e83ff_256x240.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-icons_454545_256x240.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-icons_888888_256x240.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\css\jquery_ui\images\ui-icons_cd0a0a_256x240.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\help.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\engines_icons\Bing.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\engines_icons\Google.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\engines_icons\Search here.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\engines_icons\Yahoo.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_bottom_border_bg.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\bullet_arrow_down.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\bullet_arrow_down_old.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\icon.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search-inner-wrapper.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search-left.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_arrow_top_button.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_arrow_top_button_hovered.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_bottom_bg.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_bottom_left_before_corner.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_bottom_left_corner.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_bottom_right_before_corner.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_bottom_right_corner.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_left_border_bg.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_left_bottom_border_bg.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_middle_bg.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_right_border_bg.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_right_bottom_border_bg.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_top_bg.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_top_left_before_corner.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_top_left_corner.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_top_right_before_corner.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\images\injection\search_top_right_corner.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\bg.js, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\ConfigManager.js, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\content.js, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\InjectionManager.js, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\jquery-1.7.1.min.js, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\jquery-ui-1.8.16.custom.min.js, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\jquery.guid.js, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\newTab.js, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\ScriptChecker.js, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\ScriptInjector.js, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\js\SearchBox.js, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.30_0\plugins\npDefaultTabSearch.dll, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\18x18.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\background.html, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\blank.html, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\manifest.json, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\manifest_no_button.json, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\new_tab.html, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\search_box.html, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\injection.css, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\jquery-ui-1.8.16.custom.css, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_flat_0_aaaaaa_40x100.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_flat_75_ffffff_40x100.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_glass_55_fbf9ee_1x400.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_glass_65_ffffff_1x400.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_glass_75_dadada_1x400.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_glass_75_e6e6e6_1x400.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_glass_95_fef1ec_1x400.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-bg_highlight-soft_75_cccccc_1x100.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-icons_222222_256x240.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-icons_2e83ff_256x240.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-icons_454545_256x240.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-icons_888888_256x240.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\css\jquery_ui\images\ui-icons_cd0a0a_256x240.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\help.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\engines_icons\Bing.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\engines_icons\Google.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\engines_icons\Search here.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\engines_icons\Yahoo.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_bottom_border_bg.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\bullet_arrow_down.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\bullet_arrow_down_old.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\icon.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search-inner-wrapper.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search-left.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_arrow_top_button.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_arrow_top_button_hovered.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_bottom_bg.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_bottom_left_before_corner.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_bottom_left_corner.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_bottom_right_before_corner.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_bottom_right_corner.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_left_border_bg.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_left_bottom_border_bg.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_middle_bg.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_right_border_bg.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_right_bottom_border_bg.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_top_bg.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_top_left_before_corner.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_top_left_corner.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_top_right_before_corner.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\images\injection\search_top_right_corner.png, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\bg.js, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\ConfigManager.js, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\content.js, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\InjectionManager.js, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\jquery-1.7.1.min.js, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\jquery-ui-1.8.16.custom.min.js, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\jquery.guid.js, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\newTab.js, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\ScriptChecker.js, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\ScriptInjector.js, , [aa56cc34966a5ca495376df5d131ce32],
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\2.0.0_0\js\SearchBox.js, , [aa56cc34966a5ca495376df5d131ce32],

Fyzické sektory: 0
(No malicious items detected)


(end)

Re: Prosím o kontrolu PC

Napsal: 18 dub 2014 17:49
od Márty84
venda-s píše:Tak to nevím jestli v prohlížeči anebo normálně. Je mezi tím nějaký rozdíl?
No to si piste, ze je tam rozdil. V prohlizeci je to v podstate neskodne, ale mimo nej to muze napachat poradne skody.


Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test zopakujte. Dejte vedet, jestli zase neco nasel. Podle toho zvolim dalsi postup.

Re: Prosím o kontrolu PC

Napsal: 19 dub 2014 19:37
od venda-s
Podruhé nebylo nalezeno nic.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 19.4.2014
Čas skenování: 14:08:17
Protokol: xxxxxxxx.txt
Správce: Ano

Verze: 2.00.1.1004
Databáze malwaru: v2014.04.18.07
Databáze rootkitů: v2014.03.27.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Chameleon: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: VaA!ek

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 542638
Uplynulý čas: 18 hod, 58 min, 7 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Shuriken: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 0
(No malicious items detected)

Hodnoty registru: 0
(No malicious items detected)

Data registru: 0
(No malicious items detected)

Složky: 0
(No malicious items detected)

Soubory: 0
(No malicious items detected)

Fyzické sektory: 0
(No malicious items detected)


(end)


Co dál? Děkuji

Re: Prosím o kontrolu PC

Napsal: 19 dub 2014 22:21
od Márty84
:arrow: MBAM muzete odinstalovat.


:!: Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
:arrow: Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

Re: Prosím o kontrolu PC

Napsal: 20 dub 2014 19:42
od venda-s
RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Vašek [Práva správce]
Mód : Kontrola -- Datum : 04/20/2014 17:17:58
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] EAT @explorer.exe (BeginBufferedAnimation) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BE09AE)
[Address] EAT @explorer.exe (BeginBufferedPaint) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BD49A1)
[Address] EAT @explorer.exe (BeginPanningFeedback) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73C00731)
[Address] EAT @explorer.exe (BufferedPaintClear) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BD6395)
[Address] EAT @explorer.exe (BufferedPaintInit) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BD940E)
[Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BE08ED)
[Address] EAT @explorer.exe (BufferedPaintSetAlpha) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BEE6B3)
[Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BED395)
[Address] EAT @explorer.exe (BufferedPaintUnInit) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BD94AB)
[Address] EAT @explorer.exe (CloseThemeData) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BD6A18)
[Address] EAT @explorer.exe (DrawThemeBackground) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BD3982)
[Address] EAT @explorer.exe (DrawThemeBackgroundEx) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BED9DA)
[Address] EAT @explorer.exe (DrawThemeEdge) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BF3B52)
[Address] EAT @explorer.exe (DrawThemeIcon) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73C035E7)
[Address] EAT @explorer.exe (DrawThemeParentBackground) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BD53E5)
[Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BD51BF)
[Address] EAT @explorer.exe (DrawThemeText) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BD4EA1)
[Address] EAT @explorer.exe (DrawThemeTextEx) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BD63E6)
[Address] EAT @explorer.exe (EnableThemeDialogTexture) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BDFCAF)
[Address] EAT @explorer.exe (EnableTheming) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73C02FEB)
[Address] EAT @explorer.exe (EndBufferedAnimation) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BD3F9A)
[Address] EAT @explorer.exe (EndBufferedPaint) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BD3F9A)
[Address] EAT @explorer.exe (EndPanningFeedback) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73C006CC)
[Address] EAT @explorer.exe (GetBufferedPaintBits) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BD4BAF)
[Address] EAT @explorer.exe (GetBufferedPaintDC) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BE04BC)
[Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BE0473)
[Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73C02E7F)
[Address] EAT @explorer.exe (GetCurrentThemeName) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BE05DD)
[Address] EAT @explorer.exe (GetThemeAppProperties) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BE0FB1)
[Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BDCD2E)
[Address] EAT @explorer.exe (GetThemeBackgroundExtent) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BDF8BF)
[Address] EAT @explorer.exe (GetThemeBackgroundRegion) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BE165D)
[Address] EAT @explorer.exe (GetThemeBitmap) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BDBF93)
[Address] EAT @explorer.exe (GetThemeBool) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BD7C1F)
[Address] EAT @explorer.exe (GetThemeColor) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BD616C)
[Address] EAT @explorer.exe (GetThemeDocumentationProperty) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73C02932)
[Address] EAT @explorer.exe (GetThemeEnumValue) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BD616C)
[Address] EAT @explorer.exe (GetThemeFilename) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73C02412)
[Address] EAT @explorer.exe (GetThemeFont) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BDFF21)
[Address] EAT @explorer.exe (GetThemeInt) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BD616C)
[Address] EAT @explorer.exe (GetThemeIntList) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73C023B1)
[Address] EAT @explorer.exe (GetThemeMargins) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BD86E9)
[Address] EAT @explorer.exe (GetThemeMetric) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BE06E2)
[Address] EAT @explorer.exe (GetThemePartSize) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BDCDB1)
[Address] EAT @explorer.exe (GetThemePosition) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73C02350)
[Address] EAT @explorer.exe (GetThemePropertyOrigin) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BF3FBB)
[Address] EAT @explorer.exe (GetThemeRect) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BE3611)
[Address] EAT @explorer.exe (GetThemeStream) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BE39D9)
[Address] EAT @explorer.exe (GetThemeString) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73C022E4)
[Address] EAT @explorer.exe (GetThemeSysBool) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73C03172)
[Address] EAT @explorer.exe (GetThemeSysColor) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BF3274)
[Address] EAT @explorer.exe (GetThemeSysColorBrush) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73C0301E)
[Address] EAT @explorer.exe (GetThemeSysFont) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73C029C4)
[Address] EAT @explorer.exe (GetThemeSysInt) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73C02BD3)
[Address] EAT @explorer.exe (GetThemeSysSize) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73C0320B)
[Address] EAT @explorer.exe (GetThemeSysString) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73C02B3F)
[Address] EAT @explorer.exe (GetThemeTextExtent) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BD2D57)
[Address] EAT @explorer.exe (GetThemeTextMetrics) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BDF992)
[Address] EAT @explorer.exe (GetThemeTransitionDuration) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BE1081)
[Address] EAT @explorer.exe (GetWindowTheme) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BDDF46)
[Address] EAT @explorer.exe (HitTestThemeBackground) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BE3CE3)
[Address] EAT @explorer.exe (IsAppThemed) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BDF869)
[Address] EAT @explorer.exe (IsCompositionActive) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BD2E9A)
[Address] EAT @explorer.exe (IsThemeActive) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BDF785)
[Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BD60AB)
[Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73C0312B)
[Address] EAT @explorer.exe (IsThemePartDefined) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BD85B4)
[Address] EAT @explorer.exe (OpenThemeData) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BD73D2)
[Address] EAT @explorer.exe (OpenThemeDataEx) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BF3D43)
[Address] EAT @explorer.exe (SetThemeAppProperties) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73C03296)
[Address] EAT @explorer.exe (SetWindowTheme) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BE0134)
[Address] EAT @explorer.exe (SetWindowThemeAttribute) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BECFE6)
[Address] EAT @explorer.exe (ThemeInitApiHook) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73BDB176)
[Address] EAT @explorer.exe (UpdatePanningFeedback) : shacct.dll -> HOOKED (C:\windows\system32\UxTheme.dll @ 0x73C0068D)
[Address] EAT @explorer.exe (DllGetClassObject) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ACF9D)
[Address] EAT @explorer.exe (IEnumString_Next_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE000)
[Address] EAT @explorer.exe (IEnumString_Reset_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE029)
[Address] EAT @explorer.exe (IPropertyBag2_Write_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE049)
[Address] EAT @explorer.exe (IWICBitmapClipper_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADD2A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AEA9A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AEABD)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AEAE0)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE9D3)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE9F6)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AEA1F)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AEA71)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AEA48)
[Address] EAT @explorer.exe (IWICBitmapDecoder_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD845)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE9AA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD822)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD9A2)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrame_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD868)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD8DA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetPreview_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADC74)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE9D3)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADC05)
[Address] EAT @explorer.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADB87)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADB5E)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD9A2)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADB32)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADBDC)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADBB3)
[Address] EAT @explorer.exe (IWICBitmapFlipRotator_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADD2A)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD88E)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD8DA)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD8B7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD9C5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AEB03)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADFB7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADB06)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADA17)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetSize_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD9E5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADADD)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADA71)
[Address] EAT @explorer.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD7FC)
[Address] EAT @explorer.exe (IWICBitmapLock_GetStride_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADC25)
[Address] EAT @explorer.exe (IWICBitmapScaler_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADCFE)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD822)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPixels_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADC48)
[Address] EAT @explorer.exe (IWICBitmapSource_GetPixelFormat_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADC25)
[Address] EAT @explorer.exe (IWICBitmapSource_GetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD7FC)
[Address] EAT @explorer.exe (IWICBitmapSource_GetSize_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD91D)
[Address] EAT @explorer.exe (IWICBitmap_Lock_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE981)
[Address] EAT @explorer.exe (IWICBitmap_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADC74)
[Address] EAT @explorer.exe (IWICBitmap_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADC97)
[Address] EAT @explorer.exe (IWICColorContext_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AEB75)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD7AA)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD7D3)
[Address] EAT @explorer.exe (IWICComponentInfo_GetAuthor_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE958)
[Address] EAT @explorer.exe (IWICComponentInfo_GetCLSID_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADC25)
[Address] EAT @explorer.exe (IWICComponentInfo_GetFriendlyName_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE9AA)
[Address] EAT @explorer.exe (IWICComponentInfo_GetSpecVersion_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD88E)
[Address] EAT @explorer.exe (IWICComponentInfo_GetVersion_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE981)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD8FD)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADC25)
[Address] EAT @explorer.exe (IWICFormatConverter_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADCC7)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD557)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD580)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD6BA)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD6E6)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD656)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD62D)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD52E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD68B)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD4D9)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD4A1)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD466)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD42E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateEncoder_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD5D2)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD70C)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_ProxS'Çðà˜¯ø".ÿÿÿÿ옯tD#3'ÇðW) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD732)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFormatConverter_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD505)
[Address] EAT @explorer.exe (IWICImagingFactory_CreatePalette_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADADD)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD781)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD758)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateStream_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD5A9)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetCount_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADC25)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetReaderByIndex_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADFB7)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetEnumerator_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD822)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetLocation_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE049)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_RemoveMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD8DA)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_SetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADFDA)
[Address] EAT @explorer.exe (IWICPalette_GetColorCount_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD96C)
[Address] EAT @explorer.exe (IWICPalette_GetColors_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD88E)
[Address] EAT @explorer.exe (IWICPalette_GetType_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD845)
[Address] EAT @explorer.exe (IWICPalette_HasAlpha_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD9A2)
[Address] EAT @explorer.exe (IWICPalette_InitializeCustom_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AEB75)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD943)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromPalette_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD822)
[Address] EAT @explorer.exe (IWICPalette_InitializePredefined_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD91D)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetBitsPerPixel_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AEB03)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelCount_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADD50)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelMask_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AEB26)
[Address] EAT @explorer.exe (IWICStream_InitializeFromIStream_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADD50)
[Address] EAT @explorer.exe (IWICStream_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADD73)
[Address] EAT @explorer.exe (WICConvertBitmapSource) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADDB8)
[Address] EAT @explorer.exe (WICCreateBitmapFromSection) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADF8D)
[Address] EAT @explorer.exe (WICCreateBitmapFromSectionEx) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADE8C)
[Address] EAT @explorer.exe (WICCreateColorContext_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AEB52)
[Address] EAT @explorer.exe (WICCreateImagingFactory_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD02B)
[Address] EAT @explorer.exe (WICGetMetadataContentSize) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE61D)
[Address] EAT @explorer.exe (WICMapGuidToShortName) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD0EC)
[Address] EAT @explorer.exe (WICMapSchemaToName) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD2E0)
[Address] EAT @explorer.exe (WICMapShortNameToGuid) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD217)
[Address] EAT @explorer.exe (WICMatchMetadataContent) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE072)
[Address] EAT @explorer.exe (WICSerializeMetadataContent) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE1B4)
[Address] EAT @explorer.exe (WICSetEncoderFormat_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADD99)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9320325AS +++++
--- User ---
[MBR] 75ee829144588f79680e8629845b1044
[BSP] f516c56a257293db598d516564562ba3 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 258961 MB
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 530766848 | Size: 30973 MB
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 594199552 | Size: 15108 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_04202014_171758.txt >>
RKreport[0]_S_04202014_165134.txt

Re: Prosím o kontrolu PC

Napsal: 20 dub 2014 20:48
od Márty84
:arrow: Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

Re: Prosím o kontrolu PC

Napsal: 21 dub 2014 14:12
od venda-s
RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Vašek [Práva správce]
Mód : Odebrat -- Datum : 04/20/2014 22:03:20
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] EAT @explorer.exe (DllGetClassObject) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ACF9D)
[Address] EAT @explorer.exe (IEnumString_Next_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE000)
[Address] EAT @explorer.exe (IEnumString_Reset_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE029)
[Address] EAT @explorer.exe (IPropertyBag2_Write_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE049)
[Address] EAT @explorer.exe (IWICBitmapClipper_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADD2A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AEA9A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AEABD)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AEAE0)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE9D3)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE9F6)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AEA1F)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AEA71)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AEA48)
[Address] EAT @explorer.exe (IWICBitmapDecoder_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD845)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE9AA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD822)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD9A2)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrame_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD868)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD8DA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetPreview_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADC74)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE9D3)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADC05)
[Address] EAT @explorer.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADB87)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADB5E)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD9A2)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADB32)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADBDC)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADBB3)
[Address] EAT @explorer.exe (IWICBitmapFlipRotator_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADD2A)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD88E)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD8DA)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD8B7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD9C5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AEB03)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADFB7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADB06)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADA17)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetSize_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD9E5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADADD)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADA71)
[Address] EAT @explorer.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD7FC)
[Address] EAT @explorer.exe (IWICBitmapLock_GetStride_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADC25)
[Address] EAT @explorer.exe (IWICBitmapScaler_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADCFE)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD822)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPixels_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADC48)
[Address] EAT @explorer.exe (IWICBitmapSource_GetPixelFormat_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADC25)
[Address] EAT @explorer.exe (IWICBitmapSource_GetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD7FC)
[Address] EAT @explorer.exe (IWICBitmapSource_GetSize_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD91D)
[Address] EAT @explorer.exe (IWICBitmap_Lock_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE981)
[Address] EAT @explorer.exe (IWICBitmap_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADC74)
[Address] EAT @explorer.exe (IWICBitmap_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADC97)
[Address] EAT @explorer.exe (IWICColorContext_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AEB75)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD7AA)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD7D3)
[Address] EAT @explorer.exe (IWICComponentInfo_GetAuthor_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE958)
[Address] EAT @explorer.exe (IWICComponentInfo_GetCLSID_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADC25)
[Address] EAT @explorer.exe (IWICComponentInfo_GetFriendlyName_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE9AA)
[Address] EAT @explorer.exe (IWICComponentInfo_GetSpecVersion_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD88E)
[Address] EAT @explorer.exe (IWICComponentInfo_GetVersion_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE981)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD8FD)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADC25)
[Address] EAT @explorer.exe (IWICFormatConverter_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADCC7)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD557)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD580)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD6BA)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD6E6)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD656)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD62D)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD52E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD68B)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD4D9)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD4A1)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD466)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD42E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateEncoder_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD5D2)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD70C)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_ProxC(ððð—˜ø".ÿÿÿÿü—˜tD##(ððV) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD732)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFormatConverter_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD505)
[Address] EAT @explorer.exe (IWICImagingFactory_CreatePalette_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADADD)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD781)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD758)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateStream_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD5A9)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetCount_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADC25)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetReaderByIndex_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADFB7)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetEnumerator_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD822)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetLocation_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE049)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_RemoveMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD8DA)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_SetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADFDA)
[Address] EAT @explorer.exe (IWICPalette_GetColorCount_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD96C)
[Address] EAT @explorer.exe (IWICPalette_GetColors_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD88E)
[Address] EAT @explorer.exe (IWICPalette_GetType_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD845)
[Address] EAT @explorer.exe (IWICPalette_HasAlpha_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD9A2)
[Address] EAT @explorer.exe (IWICPalette_InitializeCustom_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AEB75)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD943)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromPalette_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD822)
[Address] EAT @explorer.exe (IWICPalette_InitializePredefined_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD91D)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetBitsPerPixel_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AEB03)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelCount_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADD50)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelMask_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AEB26)
[Address] EAT @explorer.exe (IWICStream_InitializeFromIStream_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADD50)
[Address] EAT @explorer.exe (IWICStream_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADD73)
[Address] EAT @explorer.exe (WICConvertBitmapSource) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADDB8)
[Address] EAT @explorer.exe (WICCreateBitmapFromSection) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADF8D)
[Address] EAT @explorer.exe (WICCreateBitmapFromSectionEx) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADE8C)
[Address] EAT @explorer.exe (WICCreateColorContext_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AEB52)
[Address] EAT @explorer.exe (WICCreateImagingFactory_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD02B)
[Address] EAT @explorer.exe (WICGetMetadataContentSize) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE61D)
[Address] EAT @explorer.exe (WICMapGuidToShortName) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD0EC)
[Address] EAT @explorer.exe (WICMapSchemaToName) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD2E0)
[Address] EAT @explorer.exe (WICMapShortNameToGuid) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AD217)
[Address] EAT @explorer.exe (WICMatchMetadataContent) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE072)
[Address] EAT @explorer.exe (WICSerializeMetadataContent) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737AE1B4)
[Address] EAT @explorer.exe (WICSetEncoderFormat_Proxy) : XmlLite.dll -> HOOKED (C:\windows\system32\WindowsCodecs.dll @ 0x737ADD99)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9320325AS +++++
--- User ---
[MBR] 75ee829144588f79680e8629845b1044
[BSP] f516c56a257293db598d516564562ba3 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 258961 MB
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 530766848 | Size: 30973 MB
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 594199552 | Size: 15108 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_04202014_220320.txt >>
RKreport[0]_D_04202014_215854.txt;RKreport[0]_S_04202014_165134.txt;RKreport[0]_S_04202014_171758.txt
RKreport[0]_S_04202014_220159.txt

Re: Prosím o kontrolu PC

Napsal: 21 dub 2014 14:13
od venda-s
RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Vašek [Práva správce]
Mód : Oprava HOSTS -- Datum : 04/21/2014 15:12:44
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


ÿþ1

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost


Dokončeno : << RKreport[0]_H_04212014_151244.txt >>
RKreport[0]_D_04202014_215854.txt;RKreport[0]_D_04202014_220320.txt;RKreport[0]_S_04202014_165134.txt
RKreport[0]_S_04202014_171758.txt;RKreport[0]_S_04202014_220159.txt

Re: Prosím o kontrolu PC

Napsal: 21 dub 2014 14:14
od Márty84
Dejte novy log z RSIT

Re: Prosím o kontrolu PC

Napsal: 23 dub 2014 16:20
od venda-s
Logfile of random's system information tool 1.09 (written by random/random)
Run by Vašek at 2014-04-23 17:19:43
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 157 GB (61%) free of 259 GB
Total RAM: 3033 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:19:53, on 23.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Lenovo\VeriFace\PManage.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\windows\system32\taskhost.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\PDF24\pdf24.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\windows\system32\conhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Vašek\Desktop\RSIT.exe
C:\Program Files\trend micro\Vašek.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe
O4 - HKLM\..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
O4 - HKLM\..\Run: [PDFPrint] C:\Program Files\PDF24\pdf24.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files\PlotSoft\PDFill\DownloadPDF.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe

--
End of file - 8024 bytes

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\i8hbjau3.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
"fe_3.5@nokia.com"=C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_3.5
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF
"{FFB96CC1-7EB3-449D-B827-DB661701C6BB}"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\system32\Adobe\Director\np32dsw_1200112.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\ProgramData\NexonEU\NGM\npNxGameeu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=C:\Program Files\Veetle\plugins\npVeetle.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files\Veetle\Player\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
npwachk.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
NPOFFICE.DLL
nppdf32.dll
npwachk.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Vašek\AppData\Roaming\Mozilla\Firefox\Profiles\i8hbjau3.default\extensions\
2020Player_IKEA@2020Technologies.com
gadget@gadgetbox

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-10-19 329712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-08-30 603816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-04-01 597816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-10-19 59376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-08-30 603816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2008-03-26 163840]
"VeriFaceManager"=C:\Program Files\Lenovo\VeriFace\PManage.exe [2009-11-22 3122440]
"UpdateP2GShortCut"=C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]
"EnergyUtility"=C:\Program Files\Lenovo\Energy Management\utility.exe [2009-07-15 4081480]
"Energy Management"=C:\Program Files\Lenovo\Energy Management\Energy Management.exe [2009-06-25 5064520]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2010-08-25 136216]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-08-25 171032]
"Persistence"=C:\windows\system32\igfxpers.exe [2010-08-25 170520]
"ZoneAlarm"=C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [2012-10-09 73392]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2012-08-30 738984]
"PDFPrint"=C:\Program Files\PDF24\pdf24.exe [2013-07-22 162856]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2014-04-01 3854640]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Akcelerátor spuštění AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-08-25 228864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll [2013-12-07 208384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"msacm.clmp3enc"=C:\PROGRA~1\Lenovo\Power2Go\CLMP3Enc.ACM

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - "C:\windows\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-04-17 23:20:01 ----D---- C:\windows\Minidump
2014-04-17 03:02:48 ----A---- C:\windows\system32\vbscript.dll
2014-04-17 03:02:46 ----A---- C:\windows\system32\ieui.dll
2014-04-17 03:02:26 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-04-17 03:02:26 ----A---- C:\windows\system32\ieapfltr.dll
2014-04-17 03:02:20 ----A---- C:\windows\system32\msrating.dll
2014-04-17 03:02:19 ----A---- C:\windows\system32\msfeeds.dll
2014-04-17 03:02:19 ----A---- C:\windows\system32\jsproxy.dll
2014-04-17 03:02:17 ----A---- C:\windows\system32\dxtmsft.dll
2014-04-17 03:02:16 ----A---- C:\windows\system32\dxtrans.dll
2014-04-17 03:02:15 ----A---- C:\windows\system32\ieUnatt.exe
2014-04-17 03:02:15 ----A---- C:\windows\system32\iesetup.dll
2014-04-17 03:02:15 ----A---- C:\windows\system32\iernonce.dll
2014-04-17 03:02:15 ----A---- C:\windows\system32\ie4uinit.exe
2014-04-17 03:02:11 ----A---- C:\windows\system32\jscript9diag.dll
2014-04-17 03:02:11 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-04-17 03:02:10 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-04-17 03:02:10 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-04-17 03:02:10 ----A---- C:\windows\system32\ieetwcollector.exe
2014-04-17 03:01:57 ----A---- C:\windows\system32\iertutil.dll
2014-04-17 03:01:53 ----A---- C:\windows\system32\wininet.dll
2014-04-17 03:01:53 ----A---- C:\windows\system32\urlmon.dll
2014-04-17 03:01:47 ----A---- C:\windows\system32\ieframe.dll
2014-04-17 03:01:45 ----A---- C:\windows\system32\mshtml.dll
2014-04-17 03:01:44 ----A---- C:\windows\system32\jscript9.dll
2014-04-16 18:10:22 ----D---- C:\AdwCleaner
2014-04-12 03:02:18 ----A---- C:\windows\system32\drivers\msiscsi.sys
2014-04-12 03:02:17 ----A---- C:\windows\system32\iologmsg.dll
2014-04-12 03:02:17 ----A---- C:\windows\system32\drivers\storport.sys
2014-04-12 03:02:17 ----A---- C:\windows\system32\drivers\Diskdump.sys
2014-04-12 03:02:10 ----A---- C:\windows\system32\drivers\ntfs.sys
2014-04-12 03:02:08 ----A---- C:\windows\system32\kernel32.dll
2014-04-11 22:01:17 ----D---- C:\rsit
2014-04-11 21:23:47 ----D---- C:\ProgramData\2992199F9A
2014-04-01 20:49:39 ----A---- C:\windows\avastSS.scr
2014-03-30 00:16:45 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2014-04-23 17:19:53 ----D---- C:\windows\Prefetch
2014-04-23 17:19:46 ----D---- C:\windows\Temp
2014-04-23 17:19:46 ----D---- C:\Program Files\trend micro
2014-04-23 17:17:31 ----D---- C:\ProgramData\VeriFace
2014-04-23 06:01:54 ----SHD---- C:\System Volume Information
2014-04-23 04:55:00 ----D---- C:\windows\system32\config
2014-04-23 04:13:51 ----D---- C:\windows\system32\catroot2
2014-04-21 15:13:22 ----D---- C:\windows\System32
2014-04-20 22:01:49 ----D---- C:\windows\system32\drivers
2014-04-20 16:46:20 ----RD---- C:\Program Files
2014-04-18 21:24:50 ----D---- C:\Program Files\PokerStars
2014-04-18 19:06:43 ----D---- C:\windows\inf
2014-04-17 23:20:01 ----D---- C:\Windows
2014-04-17 03:54:07 ----D---- C:\windows\rescache
2014-04-17 03:23:42 ----D---- C:\windows\winsxs
2014-04-17 03:20:29 ----D---- C:\windows\system32\en-US
2014-04-17 03:20:29 ----D---- C:\windows\system32\cs-CZ
2014-04-17 03:20:29 ----D---- C:\windows\PolicyDefinitions
2014-04-17 03:20:28 ----D---- C:\Program Files\Internet Explorer
2014-04-17 03:03:30 ----D---- C:\windows\system32\catroot
2014-04-16 20:45:21 ----D---- C:\ProgramData\Malwarebytes
2014-04-16 18:13:49 ----D---- C:\Users\Vašek\AppData\Roaming\CheckPoint
2014-04-16 18:12:15 ----D---- C:\windows\system32\Tasks
2014-04-13 03:35:15 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-04-13 03:27:17 ----D---- C:\windows\system32\DriverStore
2014-04-13 03:12:07 ----SHD---- C:\windows\Installer
2014-04-13 03:12:05 ----D---- C:\ProgramData\Microsoft Help
2014-04-13 03:01:48 ----D---- C:\windows\system32\MRT
2014-04-13 03:01:40 ----A---- C:\windows\system32\MRT.exe
2014-04-12 07:46:16 ----D---- C:\windows\Tasks
2014-04-12 07:46:16 ----D---- C:\windows\system32\wfp
2014-04-12 07:46:08 ----D---- C:\windows\AppCompat
2014-04-12 07:46:04 ----D---- C:\windows\system32\wbem
2014-04-12 07:46:04 ----D---- C:\windows\registration
2014-04-12 07:45:48 ----HD---- C:\ProgramData
2014-04-08 16:56:26 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-04-01 20:49:39 ----A---- C:\windows\system32\aswBoot.exe
2014-03-31 09:35:10 ----N---- C:\windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2014-04-01 49944]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2014-04-01 180760]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2014-04-01 81768]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2014-04-01 776976]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2014-04-01 411552]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-09-29 232512]
R1 funfrm;funfrm; C:\windows\system32\drivers\funfrm.sys [2009-11-22 54800]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\windows\system32\DRIVERS\vsdatant.sys [2011-05-07 455256]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2014-04-01 67824]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2012-08-30 27056]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2009-05-19 21520]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\windows\system32\DRIVERS\Apfiltr.sys [2008-03-14 169008]
R3 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2014-04-01 67264]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-05-31 260648]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl6.sys [2009-08-13 2506232]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2009-07-01 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 29472]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT32.sys [2009-06-15 475648]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2010-08-25 9024512]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\windows\system32\drivers\IntcHdmi.sys [2009-05-25 122368]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [2014-04-20 107736]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2009-03-13 1759616]
R3 wdmirror;wdmirror; C:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11792]
S0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2009-12-27 717296]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 Bridge0;Bridge0; C:\windows\system32\drivers\WDBridge.sys [2009-07-28 63240]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2013-06-04 84248]
S3 EagleXNt;EagleXNt; \??\C:\windows\system32\drivers\EagleXNt.sys []
S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-14 229888]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmb.sys [2011-11-01 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbo.sys [2011-11-01 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-07-30 171520]
S3 RtsUIR;Realtek IR Driver; C:\windows\system32\DRIVERS\Rts516xIR.sys []
S3 sisagp;Filtr SIS sběrnice AGP; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2013-06-04 181912]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2011-11-01 8192]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-11-01 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;Ovladač procesoru VIA C7; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2008-08-06 128104]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 81704]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-04-01 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2009-07-01 582944]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 IGRS;IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2012-08-30 497320]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2012-10-09 2447440]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-09 136176]
S2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-25 87904]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-01-31 77944]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-01-25 651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-09 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-03-06 108032]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2009-07-28 414984]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2009-07-28 472328]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-30 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PS_MDP;ReadyComm Presentation Space Helper Service; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-05-20 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Re: Prosím o kontrolu PC

Napsal: 23 dub 2014 18:41
od Márty84
Posledni sken a budem mazat.


:!: Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).





11.5. pro neaktivitu :lock: http://forum.viry.cz/viewtopic.php?f=12&t=123975
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz