Zpomalený PC (Malware?)
Napsal: 06 črc 2014 00:22
Dobrý den,
před cca 10 dny jsem na počítači zpozorovala, že jede nějak pomalu (pomaleji reaguje, např. o 3 vteřiny později,načítá se pomaleji Win, soubory a se otevírají zpomaleně, ale uvnitř složek vše jede jak má). Počítač pravidelně čistím CCleanrem. Antivirus používám NOD32. Systémové informace PC:HP Pavilion m6 Notebook PC, x64-based PC, Procesor Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz, 2501 Mhz, jádra: 2, logické procesory: 4, Grafika radeon. Nedávno jsem použila pár doporučených programů na čištění PC, díky čemuž se zrychlil, protože jeden den PC ani nechtěl naběhnout, šla vidět jen šeď při spouštění. Ovšem nejsem si jistá, jestli je vše v pořádku. Mohla bych Vás prosím poprosit o shlédnutí logu a zhodnotit? Sama PC moc nerozumím, jen takové ty základní věci, tak se obracím na Vás. Předem děkuji. Logy přikládám z RSIT a z ComboFixu (který našel nějakou škodlivinu a zneškodnil, ovšem nemám absolutně tušení, co to bylo). Eset někdy najde nějaké potenciálně škodlivé aplikace, které údajně zneškodnil, ale také, kdo ví. Pokud by to bylo možné, tak prosím, vysvětlovat "po lopatě"
)))))))
RSIT Log.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Vendula at 2014-07-06 01:17:59
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 104 GB (69%) free of 150 GB
Total RAM: 6046 MB (61% free)
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
atieclxx
C:\Windows\system32\WLANExt.exe 28694144
\??\C:\Windows\system32\conhost.exe "6439559071527652495-1605810605-135857323420323684831135728286-7495413261528238930
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
taskeng.exe {6B1061C3-86F2-4074-B155-5804ABA9CA26}
"D:\Programy\Wise Care 365\WiseTray.exe" -StartTray
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\valWBFPolicyService.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-141fb91a-2521-43dd-bcdb-58ea49ce349e -SystemEventPortName:HostProcess-1021a608-416e-48d9-bcbe-dbdbd7113d62 -IoCancelEventPortName:HostProcess-ccfcb2a1-f1dd-4577-b119-6780af75bf81 -NonStateChangingEventPortName:HostProcess-c7d5c336-f153-45c9-bc6d-b1b51bdbc33a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0a8754a9-881c-4a7c-b012-4e0e4d8399b0 -DeviceGroupId:
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
taskeng.exe {81937C8A-D4A1-4034-9445-12430075C474}
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\explorer.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2752.0.56336807\2105070544" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,15 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3345 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_22/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="2752.2.116375871\2140502190" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_22/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="2752.4.48910526\1352838647" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_22/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="2752.5.1668681580\417370074" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_22/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="2752.7.989688969\1701567334" /prefetch:673131151
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\trend micro\Vendula.exe" /silentautolog
C:\Windows\system32\wbem\wmiprvse.exe
taskmgr.exe /3
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Vendula\Downloads\RSITx64 (2).exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Wise Care 365 PC Checkup Task.job - D:\Programy\Wise Care 365\WiseCare365.exe -c
C:\Windows\tasks\Wise Care 365.job - D:\Programy\Wise Care 365\WiseTray.exe -StartTray
C:\Windows\tasks\Wise Disk Cleaner Schedule Task.job - D:\Programy\Wise Disk Cleaner\WiseDiskCleaner.exe -a -adv
C:\Windows\tasks\Wise Registry Cleaner Schedule Task.job - D:\Programy\Wise Registry Cleaner\WiseRegCleaner.exe -a
C:\Windows\tasks\Wise Turbo Checker.job - D:\Programy\Wise Care 365\WiseTurbo.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-06-03 1703424]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-11-05 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-11-05 771056]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-11-05 770032]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-09-27 36352]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-05-06 3053808]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-02-24 5581888]
"OSHI Defender"=C:\Program Files\OSHI\Defender\oshidfui.exe [2014-04-09 5406704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Vendula\AppData\Roaming\Seznam.cz\szninstall.exe -c []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Vendula\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe -q []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
c:\program files (x86)\seznam.cz\distribution\szninstall.exe -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
[]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-08-30 766208]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-01-27 291608]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-10-29 623616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2014-07-06 01:07:20 ----DC---- C:\rsit
2014-07-06 01:07:20 ----D---- C:\Program Files\trend micro
2014-07-06 01:02:17 ----D---- C:\Windows\temp
2014-07-06 01:01:50 ----AC---- C:\ComboFix.txt
2014-07-06 00:40:58 ----DC---- C:\$RECYCLE.BIN
2014-07-06 00:26:36 ----A---- C:\Windows\zip.exe
2014-07-06 00:26:36 ----A---- C:\Windows\SWSC.exe
2014-07-06 00:26:36 ----A---- C:\Windows\SWREG.exe
2014-07-06 00:26:36 ----A---- C:\Windows\sed.exe
2014-07-06 00:26:36 ----A---- C:\Windows\PEV.exe
2014-07-06 00:26:36 ----A---- C:\Windows\NIRCMD.exe
2014-07-06 00:26:36 ----A---- C:\Windows\MBR.exe
2014-07-06 00:26:36 ----A---- C:\Windows\grep.exe
2014-07-06 00:25:39 ----DC---- C:\Qoobox
2014-07-06 00:25:28 ----D---- C:\Windows\erdnt
2014-07-05 23:29:26 ----D---- C:\ProgramData\OSHI
2014-07-05 23:29:26 ----D---- C:\Program Files\OSHI
2014-07-05 22:57:35 ----DC---- C:\AdwCleaner
2014-07-05 01:38:23 ----D---- C:\ProgramData\ESET
2014-07-05 01:38:23 ----D---- C:\Program Files\ESET
2014-07-04 11:53:27 ----D---- C:\Users\Vendula\AppData\Roaming\Wise Care 365
2014-07-04 11:42:56 ----D---- C:\Users\Vendula\AppData\Roaming\Wise Registry Cleaner
2014-07-04 11:37:19 ----D---- C:\Users\Vendula\AppData\Roaming\Wise Disk Cleaner
2014-07-04 00:07:37 ----D---- C:\Users\Vendula\AppData\Roaming\Dropbox
2014-07-03 23:50:12 ----D---- C:\ProgramData\AVAST Software
2014-07-03 22:54:10 ----D---- C:\Users\Vendula\AppData\Roaming\ESET
2014-07-03 21:46:30 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-07-03 11:05:02 ----D---- C:\ProgramData\Sony
2014-07-03 11:03:16 ----A---- C:\Windows\system32\RtNicProp64.dll
2014-07-03 11:03:16 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2014-07-02 12:13:23 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-07-02 12:13:23 ----A---- C:\Windows\system32\usp10.dll
2014-07-02 12:13:22 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-07-02 12:13:22 ----A---- C:\Windows\system32\msxml6.dll
2014-07-02 12:13:22 ----A---- C:\Windows\system32\msxml3.dll
2014-07-02 12:13:22 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-07-02 12:13:22 ----A---- C:\Windows\system32\drivers\netio.sys
2014-07-02 12:13:22 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-07-02 12:13:21 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2014-07-02 12:13:21 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-07-02 12:13:21 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-07-02 12:13:21 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-07-02 12:13:21 ----A---- C:\Windows\system32\msxml6r.dll
2014-07-02 12:13:21 ----A---- C:\Windows\system32\msxml3r.dll
2014-07-02 12:13:20 ----A---- C:\Windows\system32\rdpcorets.dll
2014-07-02 12:13:18 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-02 12:13:18 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-07-02 12:13:18 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-07-02 12:13:18 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-07-02 12:13:18 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-02 12:13:17 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-07-02 12:13:17 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-07-02 12:13:17 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-07-02 12:13:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-07-02 12:13:17 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-07-02 12:13:17 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-02 12:13:16 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-07-02 12:13:16 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-07-02 12:13:16 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-07-02 12:13:16 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-07-02 12:13:16 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-07-02 12:13:16 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-02 12:13:16 ----A---- C:\Windows\system32\iesetup.dll
2014-07-02 12:13:16 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-02 12:13:16 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-02 12:13:16 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-02 12:13:15 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-07-02 12:13:15 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-07-02 12:13:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-07-02 12:13:15 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-07-02 12:13:15 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-07-02 12:13:15 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-07-02 12:13:15 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-02 12:13:15 ----A---- C:\Windows\system32\iertutil.dll
2014-07-02 12:13:15 ----A---- C:\Windows\system32\iernonce.dll
2014-07-02 12:13:14 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-02 12:13:14 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-02 12:13:14 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-02 12:13:14 ----A---- C:\Windows\system32\ieui.dll
2014-07-02 12:13:14 ----A---- C:\Windows\system32\ieframe.dll
2014-07-02 12:13:14 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-02 12:13:13 ----A---- C:\Windows\system32\wininet.dll
2014-07-02 12:13:13 ----A---- C:\Windows\system32\vbscript.dll
2014-07-02 12:13:13 ----A---- C:\Windows\system32\msrating.dll
2014-07-02 12:13:13 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-02 12:13:13 ----A---- C:\Windows\system32\jscript9.dll
2014-07-02 12:13:12 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-02 12:13:12 ----A---- C:\Windows\system32\mshtml.dll
2014-07-02 12:13:11 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-07-02 12:13:11 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-07-02 12:13:11 ----A---- C:\Windows\system32\urlmon.dll
2014-07-02 12:10:57 ----A---- C:\Windows\system32\aepdu.dll
2014-07-02 12:10:56 ----A---- C:\Windows\system32\aeinv.dll
2014-06-12 15:51:00 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 15:50:54 ----A---- C:\Windows\system32\ieapfltr.dll
======List of files/folders modified in the last 1 month======
2014-07-06 01:07:20 ----D---- C:\Program Files
2014-07-06 01:02:29 ----D---- C:\Windows\system32\drivers
2014-07-06 01:02:17 ----D---- C:\Windows
2014-07-06 00:58:35 ----D---- C:\Windows\Tasks
2014-07-06 00:58:35 ----D---- C:\Windows\system32\Tasks
2014-07-06 00:43:34 ----D---- C:\Windows\SoftwareDistribution
2014-07-06 00:41:30 ----AC---- C:\Windows\system.ini
2014-07-06 00:40:54 ----D---- C:\Windows\system32\drivers\etc
2014-07-06 00:40:34 ----D---- C:\Windows\inf
2014-07-06 00:39:52 ----D---- C:\Windows\debug
2014-07-06 00:39:47 ----RD---- C:\Program Files (x86)
2014-07-06 00:39:21 ----D---- C:\Windows\system32\catroot2
2014-07-06 00:39:01 ----D---- C:\Windows\system32\config
2014-07-06 00:29:28 ----D---- C:\Windows\SYSWOW64\drivers
2014-07-06 00:29:28 ----D---- C:\Windows\SysWOW64
2014-07-06 00:29:28 ----D---- C:\Windows\AppPatch
2014-07-06 00:29:28 ----D---- C:\Program Files (x86)\Common Files
2014-07-05 23:29:31 ----SHD---- C:\Windows\Installer
2014-07-05 23:29:30 ----DC---- C:\Config.Msi
2014-07-05 23:29:26 ----D---- C:\ProgramData
2014-07-05 23:29:17 ----SHD---- C:\System Volume Information
2014-07-05 23:16:46 ----RD---- C:\Desktop
2014-07-05 23:09:30 ----D---- C:\Windows\SYSWOW64\config
2014-07-05 22:35:11 ----D---- C:\Users\Vendula\AppData\Roaming\Seznam.cz
2014-07-05 11:12:26 ----D---- C:\Windows\winsxs
2014-07-05 03:50:41 ----D---- C:\Users\Vendula\AppData\Roaming\vlc
2014-07-05 01:38:56 ----D---- C:\Windows\system32\DriverStore
2014-07-05 01:38:56 ----D---- C:\Windows\system32\catroot
2014-07-05 01:27:40 ----D---- C:\Windows\System32
2014-07-04 11:43:58 ----D---- C:\Windows\Downloaded Program Files
2014-07-04 00:39:28 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-07-04 00:35:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-04 00:07:44 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-07-03 23:51:30 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-07-03 23:41:43 ----D---- C:\ProgramData\Skype
2014-07-03 22:59:04 ----D---- C:\Windows\system32\logs
2014-07-03 21:48:55 ----AD---- C:\ProgramData\Temp
2014-07-03 21:48:49 ----D---- C:\ProgramData\Validity
2014-07-03 16:53:56 ----D---- C:\Windows\system32\wdi
2014-07-03 11:06:52 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-07-03 11:03:16 ----A---- C:\Windows\system32\RTNUninst64.dll
2014-07-03 10:49:14 ----D---- C:\ProgramData\ProductData
2014-07-03 10:47:44 ----D---- C:\Program Files (x86)\Google
2014-07-02 21:12:07 ----D---- C:\Program Files\Internet Explorer
2014-07-02 21:12:06 ----D---- C:\Windows\SYSWOW64\en-US
2014-07-02 21:12:06 ----D---- C:\Windows\system32\en-US
2014-07-02 21:12:05 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-02 15:27:19 ----D---- C:\Windows\system32\MRT
2014-07-02 15:26:11 ----A---- C:\Windows\system32\MRT.exe
2014-07-02 15:26:07 ----D---- C:\ProgramData\Microsoft Help
2014-07-02 15:24:44 ----SD---- C:\Windows\system32\CompatTel
2014-07-02 13:03:20 ----D---- C:\Windows\system32\wfp
2014-07-02 13:03:14 ----D---- C:\Windows\system32\wbem
2014-07-02 13:03:14 ----D---- C:\Windows\system32\CodeIntegrity
2014-07-02 13:03:12 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-07-02 13:03:06 ----D---- C:\Windows\registration
2014-07-02 13:02:51 ----D---- C:\Windows\ehome
2014-07-01 22:45:58 ----A---- C:\Users\Vendula\AppData\Roaming\bitlord_log.txt
2014-07-01 16:14:05 ----D---- C:\Windows\rescache
2014-07-01 16:14:03 ----D---- C:\Windows\AppCompat
2014-07-01 16:14:02 ----D---- C:\Users\Vendula\AppData\Roaming\Skype
2014-07-01 16:14:02 ----D---- C:\Users\Vendula\AppData\Roaming\IObit
2014-07-01 16:14:01 ----D---- C:\ProgramData\iobit
2014-07-01 16:11:59 ----D---- C:\Program Files (x86)\Sony
2014-07-01 12:07:52 ----D---- C:\Windows\Minidump
2014-07-01 12:02:57 ----D---- C:\Windows\Prefetch
2014-06-11 15:46:48 ----SD---- C:\Users\Vendula\AppData\Roaming\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2013-05-21 36096]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2014-03-16 31040]
R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-10-17 559384]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-09-27 630632]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-09-27 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-01-27 16152]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2013-10-21 213848]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2013-12-09 272480]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2013-10-21 60416]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2013-09-17 157432]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2014-03-16 43840]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-08-31 12528640]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-08-31 618496]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2014-01-22 170200]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2014-01-22 4749008]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2013-10-21 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-10-29 4195840]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-10-29 449496]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-01-27 356120]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-01-27 787736]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-05-24 100312]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSBASTOR;Realtek PCIE CardReader Driver - BA; C:\Windows\system32\DRIVERS\RtsBaStor.sys [2014-03-16 313048]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-07-03 939224]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-05-06 33008]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2013-06-03 550912]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-05-06 495856]
R3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2013-10-21 552960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys []
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys []
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys []
S3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys []
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys []
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-12-22 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-12-22 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2013-12-22 30208]
S3 WinRing0_1_2_0;WinRing0_1_2_0; C:\Windows\system32\drivers\WinRing0_1_2_0.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-08-31 239616]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-02-24 1343408]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2013-12-17 46904]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-09-27 15720]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-11 733696]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-08-28 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-08-28 390616]
R2 Správce výběru OS;Aktivátor Správce výběru OS Acronis; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2010-10-28 2156952]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-06-03 333824]
R2 valWBFPolicyService;Validity WBF Policy Service; C:\Windows\system32\valWBFPolicyService.exe [2013-10-30 35328]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18 116648]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-12-02 2151232]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-04 262320]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-11-05 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-05-30 111616]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-11 822232]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-04-24 572096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-12-10 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
ComboFix Log
ComboFix 14-07-03.01 - Vendula 06.07.2014 0:27.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.6046.3691 [GMT 2:00]
Spuštěný z: c:\users\Vendula\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Service KMSELDI
-------\Service_WiseBootAssistant
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-05 do 2014-07-05 )))))))))))))))))))))))))))))))
.
.
2014-07-05 22:37 . 2014-07-05 22:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-05 21:29 . 2014-07-05 21:29 -------- d-----w- c:\programdata\OSHI
2014-07-05 21:29 . 2014-07-05 21:29 -------- d-----w- c:\program files\OSHI
2014-07-05 20:57 . 2014-07-05 20:59 -------- dc----w- C:\AdwCleaner
2014-07-04 23:38 . 2014-07-04 23:38 -------- d-----w- c:\program files\ESET
2014-07-04 23:09 . 2014-04-13 22:00 398760 ----a-w- c:\users\Vendula\utorrent.exe
2014-07-04 09:53 . 2014-07-05 21:05 -------- d-----w- c:\users\Vendula\AppData\Roaming\Wise Care 365
2014-07-04 09:42 . 2014-07-04 09:44 -------- d-----w- c:\users\Vendula\AppData\Roaming\Wise Registry Cleaner
2014-07-04 09:40 . 2014-06-17 00:57 10779000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{68DD960A-07DA-439B-98E6-685F67203583}\mpengine.dll
2014-07-04 09:37 . 2014-07-05 21:07 -------- d-----w- c:\users\Vendula\AppData\Roaming\Wise Disk Cleaner
2014-07-03 22:07 . 2014-07-03 22:08 -------- d-----w- c:\users\Vendula\AppData\Roaming\Dropbox
2014-07-03 21:50 . 2014-07-05 08:51 -------- d-----w- c:\programdata\AVAST Software
2014-07-03 20:54 . 2014-07-03 21:43 -------- d-----w- c:\users\Vendula\AppData\Local\ESET
2014-07-03 19:46 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-07-03 09:05 . 2014-07-03 09:05 -------- d-----w- c:\programdata\Sony
2014-07-03 09:03 . 2014-07-03 09:03 939224 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2014-07-03 09:03 . 2014-07-03 09:03 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-07-02 10:10 . 2014-06-08 09:13 506368 ----a-w- c:\windows\system32\aepdu.dll
2014-07-02 10:10 . 2014-06-08 09:08 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-06-23 16:44 . 2014-06-23 16:44 -------- d-----w- c:\users\Vendula\AppData\Local\Western Digital
2014-06-12 13:51 . 2014-05-30 08:55 38400 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 13:50 . 2014-05-30 08:03 470016 ----a-w- c:\program files (x86)\Internet Explorer\ieinstal.exe
2014-06-12 13:50 . 2014-05-30 07:49 1964544 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-06-12 13:50 . 2014-05-30 07:13 846336 ----a-w- c:\windows\system32\ieapfltr.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-03 22:07 . 2013-12-09 22:23 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-03 22:07 . 2013-12-09 22:23 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-03 09:03 . 2013-12-09 18:10 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-07-02 13:26 . 2013-12-09 18:48 95414520 ----a-w- c:\windows\system32\MRT.exe
2014-05-26 19:22 . 2014-05-26 19:22 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2014-05-26 19:22 . 2014-05-26 19:22 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-05-24 09:45 . 2014-05-24 09:45 100312 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
2014-05-13 19:06 . 2014-04-29 15:06 17938608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-04-12 02:34 . 2014-05-14 19:51 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:34 . 2014-05-14 19:51 155072 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:32 . 2014-05-14 19:51 29184 ----a-w- c:\windows\system32\sspisrv.dll
2014-04-12 02:32 . 2014-05-14 19:51 136192 ----a-w- c:\windows\system32\sspicli.dll
2014-04-12 02:32 . 2014-05-14 19:51 28160 ----a-w- c:\windows\system32\secur32.dll
2014-04-12 02:32 . 2014-05-14 19:51 307712 ----a-w- c:\windows\system32\ncrypt.dll
2014-04-12 02:32 . 2014-05-14 19:51 1461248 ----a-w- c:\windows\system32\lsasrv.dll
2014-04-12 02:31 . 2014-05-14 19:51 43520 ----a-w- c:\windows\system32\csrsrv.dll
2014-04-12 02:31 . 2014-05-14 19:51 463872 ----a-w- c:\windows\system32\certcli.dll
2014-04-12 02:31 . 2014-05-14 19:51 58368 ----a-w- c:\windows\system32\appidapi.dll
2014-04-12 02:31 . 2014-05-14 19:51 34304 ----a-w- c:\windows\system32\appidsvc.dll
2014-04-12 02:31 . 2014-05-14 19:51 112640 ----a-w- c:\windows\system32\smss.exe
2014-04-12 02:31 . 2014-05-14 19:51 31232 ----a-w- c:\windows\system32\lsass.exe
2014-04-12 02:31 . 2014-05-14 19:51 64000 ----a-w- c:\windows\system32\auditpol.exe
2014-04-12 02:31 . 2014-05-14 19:51 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2014-04-12 02:31 . 2014-05-14 19:51 148480 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2014-04-12 02:30 . 2014-05-14 19:51 60416 ----a-w- c:\windows\system32\msobjs.dll
2014-04-12 02:29 . 2014-05-14 19:51 145920 ----a-w- c:\windows\system32\msaudite.dll
2014-04-12 02:28 . 2014-05-14 19:51 6656 ----a-w- c:\windows\system32\apisetschema.dll
2014-04-12 02:28 . 2014-05-14 19:51 685056 ----a-w- c:\windows\system32\adtschema.dll
2014-04-12 02:06 . 2014-05-14 19:51 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-04-12 02:06 . 2014-05-14 19:51 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-04-12 02:06 . 2014-05-14 19:51 342528 ----a-w- c:\windows\SysWow64\certcli.dll
2014-04-12 02:06 . 2014-05-14 19:51 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2014-04-12 02:06 . 2014-05-14 19:51 50176 ----a-w- c:\windows\SysWow64\auditpol.exe
2014-04-12 02:05 . 2014-05-14 19:51 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-04-12 02:04 . 2014-05-14 19:51 60416 ----a-w- c:\windows\SysWow64\msobjs.dll
2014-04-12 02:04 . 2014-05-14 19:51 145920 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-04-12 02:03 . 2014-05-14 19:51 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2014-04-12 02:03 . 2014-05-14 19:51 685056 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-04-12 01:34 . 2014-05-14 19:51 61952 ----a-w- c:\windows\system32\drivers\appid.sys
2014-04-08 19:44 . 2014-04-08 19:44 1684416 ----a-w- c:\windows\system32\drivers\ntfs.sys
2014-04-08 19:43 . 2014-04-08 19:43 27584 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2014-04-08 19:43 . 2014-04-08 19:43 274880 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2014-04-08 19:43 . 2014-04-08 19:43 2048 ----a-w- c:\windows\SysWow64\iologmsg.dll
2014-04-08 19:43 . 2014-04-08 19:43 2048 ----a-w- c:\windows\system32\iologmsg.dll
2014-04-08 19:43 . 2014-04-08 19:43 191424 ----a-w- c:\windows\system32\drivers\storport.sys
2014-04-08 19:43 . 2014-04-08 19:43 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2014-04-08 19:43 . 2014-04-08 19:43 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2014-04-08 19:43 . 2014-04-08 19:43 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-04-08 19:43 . 2014-04-08 19:43 362496 ----a-w- c:\windows\system32\wow64win.dll
2014-04-08 19:43 . 2014-04-08 19:43 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2014-04-08 19:43 . 2014-04-08 19:43 243712 ----a-w- c:\windows\system32\wow64.dll
2014-04-08 19:43 . 2014-04-08 19:43 2048 ----a-w- c:\windows\SysWow64\user.exe
2014-04-08 19:43 . 2014-04-08 19:43 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2014-04-08 19:43 . 2014-04-08 19:43 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2014-04-08 19:43 . 2014-04-08 19:43 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2014-04-08 19:43 . 2014-04-08 19:43 1163264 ----a-w- c:\windows\system32\kernel32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-08-30 766208]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-27 291608]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 YouTubeAcceleratorService;YouTubeAcceleratorService; [x]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0; [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 valWBFPolicyService;Validity WBF Policy Service;c:\windows\system32\valWBFPolicyService.exe;c:\windows\SYSNATIVE\valWBFPolicyService.exe [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 RSBASTOR;Realtek PCIE CardReader Driver - BA;c:\windows\system32\DRIVERS\RtsBaStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsBaStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-12 19:02 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-07-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-09 22:07]
.
2014-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18 08:40]
.
2014-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18 08:40]
.
2014-07-04 c:\windows\Tasks\Wise Care 365 PC Checkup Task.job
- d:\programy\Wise Care 365\WiseCare365.exe [2014-07-04 10:23]
.
2014-07-05 c:\windows\Tasks\Wise Care 365.job
- d:\programy\Wise Care 365\WiseTray.exe [2014-07-04 14:11]
.
2014-07-04 c:\windows\Tasks\Wise Disk Cleaner Schedule Task.job
- d:\programy\Wise Disk Cleaner\WiseDiskCleaner.exe [2014-07-04 11:29]
.
2014-07-04 c:\windows\Tasks\Wise Registry Cleaner Schedule Task.job
- d:\programy\Wise Registry Cleaner\WiseRegCleaner.exe [2014-07-04 12:49]
.
2014-07-05 c:\windows\Tasks\Wise Turbo Checker.job
- d:\programy\Wise Care 365\WiseTurbo.exe [2014-07-04 14:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-06-03 1703424]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-11-04 391152]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-11-04 771056]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-11-04 770032]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-09-27 36352]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2014-02-24 5581888]
"OSHI Defender"="c:\program files\OSHI\Defender\oshidfui.exe" [2014-04-09 5406704]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.google.com
mStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com/search?q={searchTerms}&r ... d=ie7&rlz=
mSearch Bar = www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
Binary file temp00 matches
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,0f,a5,7f,19,8b,79,06,46,95,5a,39,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,0f,a5,7f,19,8b,79,06,46,95,5a,39,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_125_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_125_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_125_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_125_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-07-06 01:01:28 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-07-05 23:01
.
Před spuštěním: Volných bajtů: 109 619 089 408
Po spuštění: Volných bajtů: 109 089 247 232
.
- - End Of File - - EF9BF949EC7CAC162A0C03E86857683C
A36C5E4F47E84449FF07ED3517B43A31
před cca 10 dny jsem na počítači zpozorovala, že jede nějak pomalu (pomaleji reaguje, např. o 3 vteřiny později,načítá se pomaleji Win, soubory a se otevírají zpomaleně, ale uvnitř složek vše jede jak má). Počítač pravidelně čistím CCleanrem. Antivirus používám NOD32. Systémové informace PC:HP Pavilion m6 Notebook PC, x64-based PC, Procesor Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz, 2501 Mhz, jádra: 2, logické procesory: 4, Grafika radeon. Nedávno jsem použila pár doporučených programů na čištění PC, díky čemuž se zrychlil, protože jeden den PC ani nechtěl naběhnout, šla vidět jen šeď při spouštění. Ovšem nejsem si jistá, jestli je vše v pořádku. Mohla bych Vás prosím poprosit o shlédnutí logu a zhodnotit? Sama PC moc nerozumím, jen takové ty základní věci, tak se obracím na Vás. Předem děkuji. Logy přikládám z RSIT a z ComboFixu (který našel nějakou škodlivinu a zneškodnil, ovšem nemám absolutně tušení, co to bylo). Eset někdy najde nějaké potenciálně škodlivé aplikace, které údajně zneškodnil, ale také, kdo ví. Pokud by to bylo možné, tak prosím, vysvětlovat "po lopatě"
)))))))RSIT Log.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Vendula at 2014-07-06 01:17:59
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 104 GB (69%) free of 150 GB
Total RAM: 6046 MB (61% free)
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
atieclxx
C:\Windows\system32\WLANExt.exe 28694144
\??\C:\Windows\system32\conhost.exe "6439559071527652495-1605810605-135857323420323684831135728286-7495413261528238930
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
taskeng.exe {6B1061C3-86F2-4074-B155-5804ABA9CA26}
"D:\Programy\Wise Care 365\WiseTray.exe" -StartTray
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\valWBFPolicyService.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-141fb91a-2521-43dd-bcdb-58ea49ce349e -SystemEventPortName:HostProcess-1021a608-416e-48d9-bcbe-dbdbd7113d62 -IoCancelEventPortName:HostProcess-ccfcb2a1-f1dd-4577-b119-6780af75bf81 -NonStateChangingEventPortName:HostProcess-c7d5c336-f153-45c9-bc6d-b1b51bdbc33a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0a8754a9-881c-4a7c-b012-4e0e4d8399b0 -DeviceGroupId:
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
taskeng.exe {81937C8A-D4A1-4034-9445-12430075C474}
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\explorer.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2752.0.56336807\2105070544" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,5,15 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3345 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_22/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="2752.2.116375871\2140502190" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_22/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="2752.4.48910526\1352838647" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_22/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="2752.5.1668681580\417370074" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_22/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="2752.7.989688969\1701567334" /prefetch:673131151
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\trend micro\Vendula.exe" /silentautolog
C:\Windows\system32\wbem\wmiprvse.exe
taskmgr.exe /3
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Vendula\Downloads\RSITx64 (2).exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Wise Care 365 PC Checkup Task.job - D:\Programy\Wise Care 365\WiseCare365.exe -c
C:\Windows\tasks\Wise Care 365.job - D:\Programy\Wise Care 365\WiseTray.exe -StartTray
C:\Windows\tasks\Wise Disk Cleaner Schedule Task.job - D:\Programy\Wise Disk Cleaner\WiseDiskCleaner.exe -a -adv
C:\Windows\tasks\Wise Registry Cleaner Schedule Task.job - D:\Programy\Wise Registry Cleaner\WiseRegCleaner.exe -a
C:\Windows\tasks\Wise Turbo Checker.job - D:\Programy\Wise Care 365\WiseTurbo.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-06-03 1703424]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-11-05 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-11-05 771056]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-11-05 770032]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-09-27 36352]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-05-06 3053808]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-02-24 5581888]
"OSHI Defender"=C:\Program Files\OSHI\Defender\oshidfui.exe [2014-04-09 5406704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Vendula\AppData\Roaming\Seznam.cz\szninstall.exe -c []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Vendula\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe -q []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
c:\program files (x86)\seznam.cz\distribution\szninstall.exe -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
[]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-08-30 766208]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-01-27 291608]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-10-29 623616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2014-07-06 01:07:20 ----DC---- C:\rsit
2014-07-06 01:07:20 ----D---- C:\Program Files\trend micro
2014-07-06 01:02:17 ----D---- C:\Windows\temp
2014-07-06 01:01:50 ----AC---- C:\ComboFix.txt
2014-07-06 00:40:58 ----DC---- C:\$RECYCLE.BIN
2014-07-06 00:26:36 ----A---- C:\Windows\zip.exe
2014-07-06 00:26:36 ----A---- C:\Windows\SWSC.exe
2014-07-06 00:26:36 ----A---- C:\Windows\SWREG.exe
2014-07-06 00:26:36 ----A---- C:\Windows\sed.exe
2014-07-06 00:26:36 ----A---- C:\Windows\PEV.exe
2014-07-06 00:26:36 ----A---- C:\Windows\NIRCMD.exe
2014-07-06 00:26:36 ----A---- C:\Windows\MBR.exe
2014-07-06 00:26:36 ----A---- C:\Windows\grep.exe
2014-07-06 00:25:39 ----DC---- C:\Qoobox
2014-07-06 00:25:28 ----D---- C:\Windows\erdnt
2014-07-05 23:29:26 ----D---- C:\ProgramData\OSHI
2014-07-05 23:29:26 ----D---- C:\Program Files\OSHI
2014-07-05 22:57:35 ----DC---- C:\AdwCleaner
2014-07-05 01:38:23 ----D---- C:\ProgramData\ESET
2014-07-05 01:38:23 ----D---- C:\Program Files\ESET
2014-07-04 11:53:27 ----D---- C:\Users\Vendula\AppData\Roaming\Wise Care 365
2014-07-04 11:42:56 ----D---- C:\Users\Vendula\AppData\Roaming\Wise Registry Cleaner
2014-07-04 11:37:19 ----D---- C:\Users\Vendula\AppData\Roaming\Wise Disk Cleaner
2014-07-04 00:07:37 ----D---- C:\Users\Vendula\AppData\Roaming\Dropbox
2014-07-03 23:50:12 ----D---- C:\ProgramData\AVAST Software
2014-07-03 22:54:10 ----D---- C:\Users\Vendula\AppData\Roaming\ESET
2014-07-03 21:46:30 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-07-03 11:05:02 ----D---- C:\ProgramData\Sony
2014-07-03 11:03:16 ----A---- C:\Windows\system32\RtNicProp64.dll
2014-07-03 11:03:16 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2014-07-02 12:13:23 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-07-02 12:13:23 ----A---- C:\Windows\system32\usp10.dll
2014-07-02 12:13:22 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-07-02 12:13:22 ----A---- C:\Windows\system32\msxml6.dll
2014-07-02 12:13:22 ----A---- C:\Windows\system32\msxml3.dll
2014-07-02 12:13:22 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-07-02 12:13:22 ----A---- C:\Windows\system32\drivers\netio.sys
2014-07-02 12:13:22 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-07-02 12:13:21 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2014-07-02 12:13:21 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-07-02 12:13:21 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-07-02 12:13:21 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-07-02 12:13:21 ----A---- C:\Windows\system32\msxml6r.dll
2014-07-02 12:13:21 ----A---- C:\Windows\system32\msxml3r.dll
2014-07-02 12:13:20 ----A---- C:\Windows\system32\rdpcorets.dll
2014-07-02 12:13:18 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-02 12:13:18 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-07-02 12:13:18 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-07-02 12:13:18 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-07-02 12:13:18 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-02 12:13:17 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-07-02 12:13:17 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-07-02 12:13:17 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-07-02 12:13:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-07-02 12:13:17 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-07-02 12:13:17 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-02 12:13:16 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-07-02 12:13:16 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-07-02 12:13:16 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-07-02 12:13:16 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-07-02 12:13:16 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-07-02 12:13:16 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-02 12:13:16 ----A---- C:\Windows\system32\iesetup.dll
2014-07-02 12:13:16 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-02 12:13:16 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-02 12:13:16 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-02 12:13:15 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-07-02 12:13:15 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-07-02 12:13:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-07-02 12:13:15 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-07-02 12:13:15 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-07-02 12:13:15 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-07-02 12:13:15 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-02 12:13:15 ----A---- C:\Windows\system32\iertutil.dll
2014-07-02 12:13:15 ----A---- C:\Windows\system32\iernonce.dll
2014-07-02 12:13:14 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-02 12:13:14 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-02 12:13:14 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-02 12:13:14 ----A---- C:\Windows\system32\ieui.dll
2014-07-02 12:13:14 ----A---- C:\Windows\system32\ieframe.dll
2014-07-02 12:13:14 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-02 12:13:13 ----A---- C:\Windows\system32\wininet.dll
2014-07-02 12:13:13 ----A---- C:\Windows\system32\vbscript.dll
2014-07-02 12:13:13 ----A---- C:\Windows\system32\msrating.dll
2014-07-02 12:13:13 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-02 12:13:13 ----A---- C:\Windows\system32\jscript9.dll
2014-07-02 12:13:12 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-02 12:13:12 ----A---- C:\Windows\system32\mshtml.dll
2014-07-02 12:13:11 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-07-02 12:13:11 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-07-02 12:13:11 ----A---- C:\Windows\system32\urlmon.dll
2014-07-02 12:10:57 ----A---- C:\Windows\system32\aepdu.dll
2014-07-02 12:10:56 ----A---- C:\Windows\system32\aeinv.dll
2014-06-12 15:51:00 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 15:50:54 ----A---- C:\Windows\system32\ieapfltr.dll
======List of files/folders modified in the last 1 month======
2014-07-06 01:07:20 ----D---- C:\Program Files
2014-07-06 01:02:29 ----D---- C:\Windows\system32\drivers
2014-07-06 01:02:17 ----D---- C:\Windows
2014-07-06 00:58:35 ----D---- C:\Windows\Tasks
2014-07-06 00:58:35 ----D---- C:\Windows\system32\Tasks
2014-07-06 00:43:34 ----D---- C:\Windows\SoftwareDistribution
2014-07-06 00:41:30 ----AC---- C:\Windows\system.ini
2014-07-06 00:40:54 ----D---- C:\Windows\system32\drivers\etc
2014-07-06 00:40:34 ----D---- C:\Windows\inf
2014-07-06 00:39:52 ----D---- C:\Windows\debug
2014-07-06 00:39:47 ----RD---- C:\Program Files (x86)
2014-07-06 00:39:21 ----D---- C:\Windows\system32\catroot2
2014-07-06 00:39:01 ----D---- C:\Windows\system32\config
2014-07-06 00:29:28 ----D---- C:\Windows\SYSWOW64\drivers
2014-07-06 00:29:28 ----D---- C:\Windows\SysWOW64
2014-07-06 00:29:28 ----D---- C:\Windows\AppPatch
2014-07-06 00:29:28 ----D---- C:\Program Files (x86)\Common Files
2014-07-05 23:29:31 ----SHD---- C:\Windows\Installer
2014-07-05 23:29:30 ----DC---- C:\Config.Msi
2014-07-05 23:29:26 ----D---- C:\ProgramData
2014-07-05 23:29:17 ----SHD---- C:\System Volume Information
2014-07-05 23:16:46 ----RD---- C:\Desktop
2014-07-05 23:09:30 ----D---- C:\Windows\SYSWOW64\config
2014-07-05 22:35:11 ----D---- C:\Users\Vendula\AppData\Roaming\Seznam.cz
2014-07-05 11:12:26 ----D---- C:\Windows\winsxs
2014-07-05 03:50:41 ----D---- C:\Users\Vendula\AppData\Roaming\vlc
2014-07-05 01:38:56 ----D---- C:\Windows\system32\DriverStore
2014-07-05 01:38:56 ----D---- C:\Windows\system32\catroot
2014-07-05 01:27:40 ----D---- C:\Windows\System32
2014-07-04 11:43:58 ----D---- C:\Windows\Downloaded Program Files
2014-07-04 00:39:28 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-07-04 00:35:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-04 00:07:44 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-07-03 23:51:30 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-07-03 23:41:43 ----D---- C:\ProgramData\Skype
2014-07-03 22:59:04 ----D---- C:\Windows\system32\logs
2014-07-03 21:48:55 ----AD---- C:\ProgramData\Temp
2014-07-03 21:48:49 ----D---- C:\ProgramData\Validity
2014-07-03 16:53:56 ----D---- C:\Windows\system32\wdi
2014-07-03 11:06:52 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-07-03 11:03:16 ----A---- C:\Windows\system32\RTNUninst64.dll
2014-07-03 10:49:14 ----D---- C:\ProgramData\ProductData
2014-07-03 10:47:44 ----D---- C:\Program Files (x86)\Google
2014-07-02 21:12:07 ----D---- C:\Program Files\Internet Explorer
2014-07-02 21:12:06 ----D---- C:\Windows\SYSWOW64\en-US
2014-07-02 21:12:06 ----D---- C:\Windows\system32\en-US
2014-07-02 21:12:05 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-02 15:27:19 ----D---- C:\Windows\system32\MRT
2014-07-02 15:26:11 ----A---- C:\Windows\system32\MRT.exe
2014-07-02 15:26:07 ----D---- C:\ProgramData\Microsoft Help
2014-07-02 15:24:44 ----SD---- C:\Windows\system32\CompatTel
2014-07-02 13:03:20 ----D---- C:\Windows\system32\wfp
2014-07-02 13:03:14 ----D---- C:\Windows\system32\wbem
2014-07-02 13:03:14 ----D---- C:\Windows\system32\CodeIntegrity
2014-07-02 13:03:12 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-07-02 13:03:06 ----D---- C:\Windows\registration
2014-07-02 13:02:51 ----D---- C:\Windows\ehome
2014-07-01 22:45:58 ----A---- C:\Users\Vendula\AppData\Roaming\bitlord_log.txt
2014-07-01 16:14:05 ----D---- C:\Windows\rescache
2014-07-01 16:14:03 ----D---- C:\Windows\AppCompat
2014-07-01 16:14:02 ----D---- C:\Users\Vendula\AppData\Roaming\Skype
2014-07-01 16:14:02 ----D---- C:\Users\Vendula\AppData\Roaming\IObit
2014-07-01 16:14:01 ----D---- C:\ProgramData\iobit
2014-07-01 16:11:59 ----D---- C:\Program Files (x86)\Sony
2014-07-01 12:07:52 ----D---- C:\Windows\Minidump
2014-07-01 12:02:57 ----D---- C:\Windows\Prefetch
2014-06-11 15:46:48 ----SD---- C:\Users\Vendula\AppData\Roaming\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2013-05-21 36096]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2014-03-16 31040]
R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-10-17 559384]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-09-27 630632]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-09-27 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-01-27 16152]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2013-10-21 213848]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2013-12-09 272480]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2013-10-21 60416]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2013-09-17 157432]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2014-03-16 43840]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-08-31 12528640]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-08-31 618496]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2014-01-22 170200]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2014-01-22 4749008]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2013-10-21 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-10-29 4195840]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-10-29 449496]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-01-27 356120]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-01-27 787736]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-05-24 100312]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSBASTOR;Realtek PCIE CardReader Driver - BA; C:\Windows\system32\DRIVERS\RtsBaStor.sys [2014-03-16 313048]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-07-03 939224]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-05-06 33008]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2013-06-03 550912]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-05-06 495856]
R3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2013-10-21 552960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys []
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys []
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys []
S3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys []
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys []
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-12-22 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-12-22 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2013-12-22 30208]
S3 WinRing0_1_2_0;WinRing0_1_2_0; C:\Windows\system32\drivers\WinRing0_1_2_0.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-08-31 239616]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-02-24 1343408]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2013-12-17 46904]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-09-27 15720]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-11 733696]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-08-28 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-08-28 390616]
R2 Správce výběru OS;Aktivátor Správce výběru OS Acronis; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2010-10-28 2156952]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-06-03 333824]
R2 valWBFPolicyService;Validity WBF Policy Service; C:\Windows\system32\valWBFPolicyService.exe [2013-10-30 35328]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18 116648]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-12-02 2151232]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-04 262320]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-11-05 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-05-30 111616]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-11 822232]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-04-24 572096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-12-10 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
ComboFix Log
ComboFix 14-07-03.01 - Vendula 06.07.2014 0:27.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.6046.3691 [GMT 2:00]
Spuštěný z: c:\users\Vendula\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Service KMSELDI
-------\Service_WiseBootAssistant
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-05 do 2014-07-05 )))))))))))))))))))))))))))))))
.
.
2014-07-05 22:37 . 2014-07-05 22:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-05 21:29 . 2014-07-05 21:29 -------- d-----w- c:\programdata\OSHI
2014-07-05 21:29 . 2014-07-05 21:29 -------- d-----w- c:\program files\OSHI
2014-07-05 20:57 . 2014-07-05 20:59 -------- dc----w- C:\AdwCleaner
2014-07-04 23:38 . 2014-07-04 23:38 -------- d-----w- c:\program files\ESET
2014-07-04 23:09 . 2014-04-13 22:00 398760 ----a-w- c:\users\Vendula\utorrent.exe
2014-07-04 09:53 . 2014-07-05 21:05 -------- d-----w- c:\users\Vendula\AppData\Roaming\Wise Care 365
2014-07-04 09:42 . 2014-07-04 09:44 -------- d-----w- c:\users\Vendula\AppData\Roaming\Wise Registry Cleaner
2014-07-04 09:40 . 2014-06-17 00:57 10779000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{68DD960A-07DA-439B-98E6-685F67203583}\mpengine.dll
2014-07-04 09:37 . 2014-07-05 21:07 -------- d-----w- c:\users\Vendula\AppData\Roaming\Wise Disk Cleaner
2014-07-03 22:07 . 2014-07-03 22:08 -------- d-----w- c:\users\Vendula\AppData\Roaming\Dropbox
2014-07-03 21:50 . 2014-07-05 08:51 -------- d-----w- c:\programdata\AVAST Software
2014-07-03 20:54 . 2014-07-03 21:43 -------- d-----w- c:\users\Vendula\AppData\Local\ESET
2014-07-03 19:46 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-07-03 09:05 . 2014-07-03 09:05 -------- d-----w- c:\programdata\Sony
2014-07-03 09:03 . 2014-07-03 09:03 939224 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2014-07-03 09:03 . 2014-07-03 09:03 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-07-02 10:10 . 2014-06-08 09:13 506368 ----a-w- c:\windows\system32\aepdu.dll
2014-07-02 10:10 . 2014-06-08 09:08 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-06-23 16:44 . 2014-06-23 16:44 -------- d-----w- c:\users\Vendula\AppData\Local\Western Digital
2014-06-12 13:51 . 2014-05-30 08:55 38400 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 13:50 . 2014-05-30 08:03 470016 ----a-w- c:\program files (x86)\Internet Explorer\ieinstal.exe
2014-06-12 13:50 . 2014-05-30 07:49 1964544 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-06-12 13:50 . 2014-05-30 07:13 846336 ----a-w- c:\windows\system32\ieapfltr.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-03 22:07 . 2013-12-09 22:23 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-03 22:07 . 2013-12-09 22:23 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-03 09:03 . 2013-12-09 18:10 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-07-02 13:26 . 2013-12-09 18:48 95414520 ----a-w- c:\windows\system32\MRT.exe
2014-05-26 19:22 . 2014-05-26 19:22 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2014-05-26 19:22 . 2014-05-26 19:22 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-05-24 09:45 . 2014-05-24 09:45 100312 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
2014-05-13 19:06 . 2014-04-29 15:06 17938608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-04-12 02:34 . 2014-05-14 19:51 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:34 . 2014-05-14 19:51 155072 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:32 . 2014-05-14 19:51 29184 ----a-w- c:\windows\system32\sspisrv.dll
2014-04-12 02:32 . 2014-05-14 19:51 136192 ----a-w- c:\windows\system32\sspicli.dll
2014-04-12 02:32 . 2014-05-14 19:51 28160 ----a-w- c:\windows\system32\secur32.dll
2014-04-12 02:32 . 2014-05-14 19:51 307712 ----a-w- c:\windows\system32\ncrypt.dll
2014-04-12 02:32 . 2014-05-14 19:51 1461248 ----a-w- c:\windows\system32\lsasrv.dll
2014-04-12 02:31 . 2014-05-14 19:51 43520 ----a-w- c:\windows\system32\csrsrv.dll
2014-04-12 02:31 . 2014-05-14 19:51 463872 ----a-w- c:\windows\system32\certcli.dll
2014-04-12 02:31 . 2014-05-14 19:51 58368 ----a-w- c:\windows\system32\appidapi.dll
2014-04-12 02:31 . 2014-05-14 19:51 34304 ----a-w- c:\windows\system32\appidsvc.dll
2014-04-12 02:31 . 2014-05-14 19:51 112640 ----a-w- c:\windows\system32\smss.exe
2014-04-12 02:31 . 2014-05-14 19:51 31232 ----a-w- c:\windows\system32\lsass.exe
2014-04-12 02:31 . 2014-05-14 19:51 64000 ----a-w- c:\windows\system32\auditpol.exe
2014-04-12 02:31 . 2014-05-14 19:51 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2014-04-12 02:31 . 2014-05-14 19:51 148480 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2014-04-12 02:30 . 2014-05-14 19:51 60416 ----a-w- c:\windows\system32\msobjs.dll
2014-04-12 02:29 . 2014-05-14 19:51 145920 ----a-w- c:\windows\system32\msaudite.dll
2014-04-12 02:28 . 2014-05-14 19:51 6656 ----a-w- c:\windows\system32\apisetschema.dll
2014-04-12 02:28 . 2014-05-14 19:51 685056 ----a-w- c:\windows\system32\adtschema.dll
2014-04-12 02:06 . 2014-05-14 19:51 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-04-12 02:06 . 2014-05-14 19:51 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-04-12 02:06 . 2014-05-14 19:51 342528 ----a-w- c:\windows\SysWow64\certcli.dll
2014-04-12 02:06 . 2014-05-14 19:51 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2014-04-12 02:06 . 2014-05-14 19:51 50176 ----a-w- c:\windows\SysWow64\auditpol.exe
2014-04-12 02:05 . 2014-05-14 19:51 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-04-12 02:04 . 2014-05-14 19:51 60416 ----a-w- c:\windows\SysWow64\msobjs.dll
2014-04-12 02:04 . 2014-05-14 19:51 145920 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-04-12 02:03 . 2014-05-14 19:51 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2014-04-12 02:03 . 2014-05-14 19:51 685056 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-04-12 01:34 . 2014-05-14 19:51 61952 ----a-w- c:\windows\system32\drivers\appid.sys
2014-04-08 19:44 . 2014-04-08 19:44 1684416 ----a-w- c:\windows\system32\drivers\ntfs.sys
2014-04-08 19:43 . 2014-04-08 19:43 27584 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2014-04-08 19:43 . 2014-04-08 19:43 274880 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2014-04-08 19:43 . 2014-04-08 19:43 2048 ----a-w- c:\windows\SysWow64\iologmsg.dll
2014-04-08 19:43 . 2014-04-08 19:43 2048 ----a-w- c:\windows\system32\iologmsg.dll
2014-04-08 19:43 . 2014-04-08 19:43 191424 ----a-w- c:\windows\system32\drivers\storport.sys
2014-04-08 19:43 . 2014-04-08 19:43 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2014-04-08 19:43 . 2014-04-08 19:43 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2014-04-08 19:43 . 2014-04-08 19:43 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-04-08 19:43 . 2014-04-08 19:43 362496 ----a-w- c:\windows\system32\wow64win.dll
2014-04-08 19:43 . 2014-04-08 19:43 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2014-04-08 19:43 . 2014-04-08 19:43 243712 ----a-w- c:\windows\system32\wow64.dll
2014-04-08 19:43 . 2014-04-08 19:43 2048 ----a-w- c:\windows\SysWow64\user.exe
2014-04-08 19:43 . 2014-04-08 19:43 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2014-04-08 19:43 . 2014-04-08 19:43 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2014-04-08 19:43 . 2014-04-08 19:43 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2014-04-08 19:43 . 2014-04-08 19:43 1163264 ----a-w- c:\windows\system32\kernel32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-08-30 766208]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-27 291608]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 YouTubeAcceleratorService;YouTubeAcceleratorService; [x]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0; [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 valWBFPolicyService;Validity WBF Policy Service;c:\windows\system32\valWBFPolicyService.exe;c:\windows\SYSNATIVE\valWBFPolicyService.exe [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 RSBASTOR;Realtek PCIE CardReader Driver - BA;c:\windows\system32\DRIVERS\RtsBaStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsBaStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-12 19:02 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-07-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-09 22:07]
.
2014-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18 08:40]
.
2014-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18 08:40]
.
2014-07-04 c:\windows\Tasks\Wise Care 365 PC Checkup Task.job
- d:\programy\Wise Care 365\WiseCare365.exe [2014-07-04 10:23]
.
2014-07-05 c:\windows\Tasks\Wise Care 365.job
- d:\programy\Wise Care 365\WiseTray.exe [2014-07-04 14:11]
.
2014-07-04 c:\windows\Tasks\Wise Disk Cleaner Schedule Task.job
- d:\programy\Wise Disk Cleaner\WiseDiskCleaner.exe [2014-07-04 11:29]
.
2014-07-04 c:\windows\Tasks\Wise Registry Cleaner Schedule Task.job
- d:\programy\Wise Registry Cleaner\WiseRegCleaner.exe [2014-07-04 12:49]
.
2014-07-05 c:\windows\Tasks\Wise Turbo Checker.job
- d:\programy\Wise Care 365\WiseTurbo.exe [2014-07-04 14:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-06-03 1703424]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-11-04 391152]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-11-04 771056]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-11-04 770032]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-09-27 36352]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2014-02-24 5581888]
"OSHI Defender"="c:\program files\OSHI\Defender\oshidfui.exe" [2014-04-09 5406704]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.google.com
mStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com/search?q={searchTerms}&r ... d=ie7&rlz=
mSearch Bar = www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
Binary file temp00 matches
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,0f,a5,7f,19,8b,79,06,46,95,5a,39,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,0f,a5,7f,19,8b,79,06,46,95,5a,39,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_125_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_125_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_125_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_125_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-07-06 01:01:28 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-07-05 23:01
.
Před spuštěním: Volných bajtů: 109 619 089 408
Po spuštění: Volných bajtů: 109 089 247 232
.
- - End Of File - - EF9BF949EC7CAC162A0C03E86857683C
A36C5E4F47E84449FF07ED3517B43A31
Kdo vam poradil ComboFix? 
Stahnete crystal disk info 