VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Kontrola logu

https://forum.viry.cz:443/viewtopic.php?t=139245

Stránka 1 z 3

Kontrola logu

Napsal: 20 črc 2014 23:13
od Klepla Pepka
Zdravím,
ukrutně dlouho se mi načítá počítač. Při přihlašování mi nezbývá nic jiného, než hypnotizovat točící se kolečko a zhlížet se v tmavém monitoru a celkově mu trvá vzpamatovat se, proto vás prosím o kontrolu logu, děkuju. :)

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-07-2014
Ran by uzivatel (administrator) on UZIVATEL-HP on 20-07-2014 21:49:01
Running from C:\Users\uzivatel\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\A2SERVICE.EXE.old
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506136 2014-03-22] (Realtek Semiconductor)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [8192 2010-06-18] ()
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-17] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-06-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2014-01-21] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2571288 2014-06-23] ()
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4841824 2014-07-20] (Emsisoft GmbH)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-07-08] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\.DEFAULT\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2295584 2014-04-21] (IObit)
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-04-06] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1605199458-3239476000-673508335-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation)
HKU\S-1-5-21-1605199458-3239476000-673508335-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1605199458-3239476000-673508335-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1605199458-3239476000-673508335-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-1605199458-3239476000-673508335-1000\...\MountPoints2: {58870f7c-448b-11e3-b23d-5cac4c910219} - F:\AutoRun.exe
HKU\S-1-5-21-1605199458-3239476000-673508335-1000\...\MountPoints2: {8fa98f02-6798-11e2-8726-3c4a92c61b83} - F:\Setup.exe
HKU\S-1-5-21-1605199458-3239476000-673508335-1000\...\MountPoints2: {fc05df2b-4143-11e3-9cef-3c4a92c61b83} - G:\AutoRun.exe
HKU\S-1-5-21-1605199458-3239476000-673508335-1001\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\S-1-5-21-1605199458-3239476000-673508335-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-05-19] (Hewlett-Packard Company)
HKU\S-1-5-21-1605199458-3239476000-673508335-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1605199458-3239476000-673508335-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1605199458-3239476000-673508335-1001\...\MountPoints2: {58870f7c-448b-11e3-b23d-5cac4c910219} - F:\AutoRun.exe
HKU\S-1-5-21-1605199458-3239476000-673508335-1002\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\S-1-5-21-1605199458-3239476000-673508335-1002\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-05-19] (Hewlett-Packard Company)
HKU\S-1-5-21-1605199458-3239476000-673508335-1002\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1605199458-3239476000-673508335-1002\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1605199458-3239476000-673508335-1004\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\S-1-5-21-1605199458-3239476000-673508335-1004\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-05-19] (Hewlett-Packard Company)
GroupPolicyUsers\S-1-5-21-1605199458-3239476000-673508335-1004\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
URLSearchHook: HKCU - (No Name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No File
URLSearchHook: HKCU - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
URLSearchHook: HKCU - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {118D1D26-D98E-402D-B897-CEFBF09EC1C7} URL = http://de.wikipedia.org/wiki/Special:Se ... earchTerms}
SearchScopes: HKLM - {7E247481-A32E-4C64-B801-6DC3A6496109} URL = http://de.search.yahoo.com/search?p={se ... ype=HPNTDF
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {118D1D26-D98E-402D-B897-CEFBF09EC1C7} URL = http://de.wikipedia.org/wiki/Special:Se ... earchTerms}
SearchScopes: HKLM-x32 - {7E247481-A32E-4C64-B801-6DC3A6496109} URL = http://de.search.yahoo.com/search?p={se ... ype=HPNTDF
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKCU - DefaultScope {1EFEADF7-EB9B-49D5-872A-73F2C52F9B60} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKCU - 7FD4A5FCC0814BE6962686EABC0D3498 URL = http://isearch.avg.com/search?cid={553C ... 2013-01-23 19:15:12&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {118D1D26-D98E-402D-B897-CEFBF09EC1C7} URL = http://de.wikipedia.org/wiki/Special:Se ... earchTerms}
SearchScopes: HKCU - {1EFEADF7-EB9B-49D5-872A-73F2C52F9B60} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKCU - {7330A8A9-F55D-4AFD-96F7-18751DBFAAF6} URL = http://websearch.ask.com/redirect?clien ... 1BADC2C3C4
SearchScopes: HKCU - {7E247481-A32E-4C64-B801-6DC3A6496109} URL = http://de.search.yahoo.com/search?p={se ... ype=HPNTDF
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKCU - {CFB928FE-6802-42D7-982D-1B3CBEAD2CD6} URL =
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/mb201/?se ... 9WSem&i=26
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - No Name - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No File
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - No Name - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No File
Handler: inbox - No CLSID Value -
Handler-x32: inbox - No CLSID Value -
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (AVG Secure Search)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-07-20] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll No File
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wolfram.com/Mathematica - C:\Program Files (x86)\Common Files\Wolfram Research\Browser\9.0.1.4055459\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\uzivatel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{55A8EC97-6AF6-442c-877F-11C51DBD162D}] - C:\Program Files (x86)\Tomabo\MP4 Converter\YVD_FX.xpi
FF Extension: YouTube Video Downloader Extension - C:\Program Files (x86)\Tomabo\MP4 Converter\YVD_FX.xpi [2014-02-17]

Chrome:
=======
CHR HomePage: hxxp://www.search.ask.com/?o=APN10645A&gct=hp& ... 33-116&t=4
CHR NewTab: "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.200.2) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U20) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Bing Bar) - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll No File
CHR Plugin: (Windows Live00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Extension: (HP Product Detection Plugin) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp [2013-06-20]
CHR Extension: (Disk Google) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-17]
CHR Extension: (YouTube) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-17]
CHR Extension: (Vyhled00E1v00E1n00ED Google) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-17]
CHR Extension: (Ads Removal) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2014-02-25]
CHR Extension: (DotA 2 Theme) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\llnonniajpaijjmbgbbeiecpkggidcpo [2013-02-09]
CHR Extension: (AVG Security Toolbar) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-05-21]
CHR Extension: (Peněženka Google) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2013-10-27]
CHR Extension: (Gmail) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-17]
CHR HKLM-x32\...\Chrome\Extension: [igljnkmljjbhcellpnjppojkfdfmkjmp] - C:\Program Files (x86)\Tomabo\MP4 Converter\YVD_CX.crx [2014-02-17]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx [2014-04-27]

==================== Services (Whitelisted) =================

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4741384 2014-07-20] (Emsisoft GmbH)
R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2013-01-12] (Hi-Rez Studios) [File not signed]
R2 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [121344 2010-06-30] (Hewlett-Packard Company) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-05-04] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-12-25] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2014-07-15] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-03-22] (Realtek Semiconductor)
R2 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-06-17] (Realtek Semiconductor Corp.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 vToolbarUpdater18.1.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe [1813528 2014-06-23] (AVG Secure Search)
S2 AdvancedSystemCareService6; No ImagePath
S3 OverwolfUpdaterService; No ImagePath

==================== Drivers (Whitelisted) ====================

R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-02-08] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2014-04-15] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-06-23] (AVG Technologies)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2014-02-20] (Emsisoft GmbH)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-15] (Disc Soft Ltd)
S3 EagleX64; No ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-20] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-23] (Realtek Semiconductor Corp.)
U4 Avgfwfd; system32\DRIVERS\avgfwd6a.sys [X]
U3 DfSdkS;
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-20 21:49 - 2014-07-20 21:49 - 00028517 _____ () C:\Users\uzivatel\Desktop\FRST.txt
2014-07-20 21:48 - 2014-07-20 21:48 - 00000000 ____D () C:\Users\uzivatel\Desktop\FRST-OlderVersion
2014-07-20 15:30 - 2014-07-20 15:30 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-07-20 13:50 - 2014-07-20 21:10 - 00000000 ____D () C:\Users\uzivatel\Desktop\Mobil
2014-07-20 11:10 - 2014-07-20 11:10 - 00000000 ____D () C:\Users\uzivatel\Downloads\Gameforge Live
2014-07-19 16:40 - 2014-07-20 21:11 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-19 16:40 - 2014-07-19 16:40 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-19 16:40 - 2014-07-19 16:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-19 16:40 - 2014-07-19 16:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-19 16:40 - 2014-07-19 16:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-19 16:40 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-19 16:40 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-19 16:40 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-19 16:39 - 2014-07-19 16:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\uzivatel\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-19 15:27 - 2014-07-20 21:49 - 00000000 ____D () C:\FRST
2014-07-19 15:27 - 2014-07-20 21:48 - 02089984 _____ (Farbar) C:\Users\uzivatel\Desktop\FRST64.exe
2014-07-18 11:19 - 2014-07-18 11:19 - 00000000 ____D () C:\Program Files\2K Games
2014-07-17 21:39 - 2014-07-17 21:39 - 00000000 ____D () C:\Program Files\EA Sports
2014-07-17 17:22 - 2014-07-20 13:48 - 00001858 _____ () C:\Windows\setupact.log
2014-07-17 17:22 - 2014-07-19 17:11 - 00030920 _____ () C:\Windows\PFRO.log
2014-07-17 17:22 - 2014-07-17 17:22 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-17 17:21 - 2014-07-17 17:21 - 00000000 _____ () C:\asc_rdflag
2014-07-17 14:16 - 2014-07-17 17:22 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleForuzivatel.job
2014-07-17 14:16 - 2014-07-17 14:16 - 00003204 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForuzivatel
2014-07-16 23:34 - 2014-07-16 23:34 - 00000000 ____D () C:\Users\uzivatel\Documents\Criterion Games
2014-07-16 23:30 - 2014-07-16 23:30 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-07-16 23:30 - 2014-07-16 23:30 - 00000000 ____D () C:\ProgramData\EA Core
2014-07-16 23:15 - 2014-07-16 23:15 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-07-16 23:02 - 2014-07-16 23:02 - 00000000 ____D () C:\ProgramData\Solidshield
2014-07-16 14:27 - 2014-07-16 14:27 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-07-16 14:24 - 2014-07-16 14:24 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-16 14:24 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-16 14:23 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-16 14:23 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-16 14:23 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-16 14:22 - 2014-07-16 14:23 - 00006107 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-16 14:22 - 2014-07-16 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-15 19:53 - 2014-07-15 20:09 - 00000000 ____D () C:\Users\Jitka\Desktop\Fotky - Kamča má narozeniny
2014-07-15 10:16 - 2014-07-15 10:16 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2014-07-15 10:11 - 2014-07-15 10:11 - 02250024 _____ () C:\Windows\SysWOW64\pbsvc.exe
2014-07-15 09:47 - 2014-07-15 09:47 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-07-15 09:46 - 2014-07-15 09:51 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-07-15 09:46 - 2014-07-15 09:47 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-07-12 11:39 - 2014-07-12 11:39 - 00939224 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-07-12 11:39 - 2014-07-12 11:39 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-07-12 11:33 - 2014-07-12 11:33 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-07-12 11:33 - 2014-07-12 11:33 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-07-12 11:33 - 2014-07-12 11:33 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-07-12 11:33 - 2014-07-12 11:33 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2014-07-12 11:33 - 2014-07-12 11:33 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-07-12 11:33 - 2014-07-12 11:33 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-07-12 11:33 - 2014-07-12 11:33 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-07-12 11:33 - 2014-07-12 11:33 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\SET14B7.tmp
2014-07-12 11:33 - 2014-07-12 11:33 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-07-12 11:33 - 2014-07-12 11:33 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-07-12 11:26 - 2014-07-14 22:49 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\ProductData
2014-07-12 11:25 - 2014-07-12 11:25 - 00002892 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2014-07-12 11:24 - 2014-07-12 11:24 - 00002860 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2014-07-10 23:38 - 2014-07-11 00:20 - 743754892 _____ () C:\Users\uzivatel\Downloads\Linie-obrany---akční-1986-cz-dabing-(ldandasova).avi
2014-07-09 20:40 - 2014-07-09 20:40 - 00659405 _____ () C:\Users\uzivatel\Desktop\Chemie v každodenním životě - sprchové gely.odt
2014-07-09 12:00 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 12:00 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 12:00 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 12:00 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 12:00 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 12:00 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 12:00 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 12:00 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 10:06 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 10:06 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 10:06 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 10:06 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 10:06 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 10:06 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 10:06 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 10:06 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 10:06 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 10:06 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 10:06 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 10:06 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 10:06 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 10:06 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 10:06 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 10:06 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 10:06 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 10:06 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 10:06 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 10:06 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 10:06 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 10:06 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 10:06 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 10:06 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 10:06 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 10:06 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 10:06 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 10:06 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 10:06 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 10:06 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 10:06 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 10:06 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 10:06 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 10:06 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 10:06 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 10:06 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 10:06 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 10:06 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 10:06 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 10:06 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 10:06 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 10:06 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 10:06 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 10:06 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 10:06 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 10:06 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 10:06 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 10:06 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 10:06 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 10:06 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 10:06 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 10:06 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 10:06 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 10:06 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 10:06 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 10:06 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 10:06 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 10:06 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 10:06 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 10:06 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 10:06 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 10:06 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 10:06 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 10:06 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 10:06 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 10:06 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 10:06 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 10:06 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 10:06 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 10:06 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 10:05 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 10:05 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 10:05 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-08 12:35 - 2014-07-08 12:38 - 00000000 ____D () C:\Users\Staňa\Desktop\00
2014-07-07 15:53 - 2014-07-07 15:53 - 00000000 ____D () C:\Users\Staňa\Desktop\Nová složka (2)
2014-07-07 15:38 - 2014-07-08 10:39 - 00000000 ____D () C:\Users\Staňa\Desktop\Nová složka
2014-07-07 15:36 - 2014-07-08 12:18 - 00000000 ____D () C:\Users\Staňa\Desktop\Nová složka (4)
2014-07-07 15:36 - 2014-07-08 10:45 - 00000000 ____D () C:\Users\Staňa\Desktop\LIVERPOOL CITY
2014-07-06 20:33 - 2014-07-06 20:33 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\CrashRpt
2014-07-06 20:30 - 2014-07-15 00:55 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\wf-launcher
2014-07-06 20:30 - 2014-07-14 23:10 - 00000000 ____D () C:\ProgramData\GFACE
2014-07-04 11:43 - 2014-07-18 21:06 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-04 11:43 - 2014-07-04 11:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-03 18:17 - 2014-07-08 10:52 - 00000000 ____D () C:\Users\Staňa\Desktop\9999
2014-07-03 18:15 - 2014-07-08 12:37 - 00000000 ____D () C:\Users\Staňa\Desktop\99
2014-07-01 19:14 - 2014-07-18 21:45 - 00000000 ____D () C:\Users\uzivatel\Desktop\Standičove fotky
2014-06-30 18:05 - 2014-06-30 22:40 - 2540456474 _____ () C:\Users\uzivatel\Downloads\Looper-cz-(720p,-XVID,-AC3-5.1).avi
2014-06-30 11:13 - 2014-06-30 12:35 - 1459425432 _____ () C:\Users\uzivatel\Downloads\SERENITY.avi
2014-06-28 20:38 - 2014-06-28 21:24 - 812100246 _____ () C:\Users\uzivatel\Downloads\Donnie-Darko-Directors-Cut-(2001)-+-cz-titulky.avi
2014-06-24 11:58 - 2014-07-05 19:59 - 00000000 ____D () C:\Users\Staňa\AppData\Local\Cyberlink
2014-06-24 11:58 - 2014-06-24 11:58 - 00000000 ____D () C:\Users\Staňa\Documents\CyberLink
2014-06-24 11:58 - 2014-06-24 11:58 - 00000000 ____D () C:\Users\Staňa\AppData\Roaming\CyberLink
2014-06-22 21:57 - 2014-06-22 23:20 - 1356154290 _____ () C:\Users\uzivatel\Downloads\Jedinečný.avi
2014-06-22 20:33 - 2014-06-22 21:11 - 683116544 _____ () C:\Users\uzivatel\Downloads\Fist-of-Legend.avi
2014-06-22 11:42 - 2014-06-22 15:14 - 00000000 ____D () C:\Users\uzivatel\Desktop\Nová složka
2014-06-22 08:04 - 2014-06-22 08:04 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\InstallKnife
2014-06-22 08:01 - 2014-07-14 20:11 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\.minecraft

==================== One Month Modified Files and Folders =======

2014-07-20 21:49 - 2014-07-20 21:49 - 00028517 _____ () C:\Users\uzivatel\Desktop\FRST.txt
2014-07-20 21:49 - 2014-07-19 15:27 - 00000000 ____D () C:\FRST
2014-07-20 21:48 - 2014-07-20 21:48 - 00000000 ____D () C:\Users\uzivatel\Desktop\FRST-OlderVersion
2014-07-20 21:48 - 2014-07-19 15:27 - 02089984 _____ (Farbar) C:\Users\uzivatel\Desktop\FRST64.exe
2014-07-20 21:48 - 2012-12-20 12:45 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Skype
2014-07-20 21:44 - 2012-11-09 16:55 - 00003994 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{6DB1E41E-EF72-44C0-9813-7EB95252E143}
2014-07-20 21:28 - 2012-12-17 11:12 - 00000956 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-20 21:15 - 2012-12-19 15:05 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-20 21:11 - 2014-07-19 16:40 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-20 21:11 - 2013-01-19 11:24 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-20 21:10 - 2014-07-20 13:50 - 00000000 ____D () C:\Users\uzivatel\Desktop\Mobil
2014-07-20 16:20 - 2013-03-02 16:24 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-07-20 15:36 - 2013-03-02 16:24 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\IObit
2014-07-20 15:30 - 2014-07-20 15:30 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-07-20 15:28 - 2012-12-17 11:12 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-20 13:49 - 2012-11-09 16:04 - 00669568 _____ () C:\Windows\system32\perfh005.dat
2014-07-20 13:49 - 2012-11-09 16:04 - 00141938 _____ () C:\Windows\system32\perfc005.dat
2014-07-20 13:49 - 2010-07-20 20:11 - 00054176 _____ () C:\Windows\system32\perfh007.dat
2014-07-20 13:49 - 2010-07-20 20:11 - 00026252 _____ () C:\Windows\system32\perfc007.dat
2014-07-20 13:49 - 2009-07-14 07:13 - 00942734 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-20 13:48 - 2014-07-17 17:22 - 00001858 _____ () C:\Windows\setupact.log
2014-07-20 13:48 - 2014-02-20 15:06 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-07-20 11:10 - 2014-07-20 11:10 - 00000000 ____D () C:\Users\uzivatel\Downloads\Gameforge Live
2014-07-19 17:21 - 2014-03-23 00:38 - 00000000 ____D () C:\Users\uzivatel\Tracing
2014-07-19 17:21 - 2014-02-08 14:06 - 00002093 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-07-19 17:20 - 2009-07-14 06:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-19 17:20 - 2009-07-14 06:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-19 17:13 - 2014-02-08 14:06 - 00000000 ____D () C:\ProgramData\ProductData
2014-07-19 17:12 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-19 17:11 - 2014-07-17 17:22 - 00030920 _____ () C:\Windows\PFRO.log
2014-07-19 17:11 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\addins
2014-07-19 16:40 - 2014-07-19 16:40 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-19 16:40 - 2014-07-19 16:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-19 16:40 - 2014-07-19 16:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-19 16:40 - 2014-07-19 16:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-19 16:39 - 2014-07-19 16:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\uzivatel\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-19 15:59 - 2014-01-21 10:00 - 00000000 ____D () C:\Users\uzivatel\Desktop\KleplaPepkaKixla
2014-07-19 15:32 - 2013-09-07 18:47 - 00000000 ____D () C:\Users\uzivatel\Downloads\Subs
2014-07-18 21:45 - 2014-07-01 19:14 - 00000000 ____D () C:\Users\uzivatel\Desktop\Standičove fotky
2014-07-18 21:06 - 2014-07-04 11:43 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-18 17:15 - 2014-02-20 18:17 - 00000416 _____ () C:\Windows\Tasks\One-Click Optimizer.job
2014-07-18 11:19 - 2014-07-18 11:19 - 00000000 ____D () C:\Program Files\2K Games
2014-07-18 11:09 - 2013-01-26 13:28 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\DAEMON Tools Lite
2014-07-17 21:39 - 2014-07-17 21:39 - 00000000 ____D () C:\Program Files\EA Sports
2014-07-17 17:22 - 2014-07-17 17:22 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-17 17:22 - 2014-07-17 14:16 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleForuzivatel.job
2014-07-17 17:21 - 2014-07-17 17:21 - 00000000 _____ () C:\asc_rdflag
2014-07-17 17:21 - 2014-03-07 08:28 - 00000000 ____D () C:\Users\Martin
2014-07-17 17:21 - 2014-02-10 15:21 - 83312640 _____ () C:\Windows\system32\config\software.iodefrag.bak
2014-07-17 17:21 - 2014-02-10 15:21 - 00946176 _____ () C:\Windows\system32\config\default.iodefrag.bak
2014-07-17 17:21 - 2014-02-10 15:21 - 00172032 _____ () C:\Windows\system32\config\sam.iodefrag.bak
2014-07-17 17:21 - 2014-02-10 15:21 - 00024576 _____ () C:\Windows\system32\config\security.iodefrag.bak
2014-07-17 17:21 - 2012-12-29 12:44 - 00000000 ____D () C:\Users\Staňa
2014-07-17 17:21 - 2012-12-25 14:47 - 00000000 ____D () C:\Users\Jitka
2014-07-17 17:21 - 2012-11-09 15:44 - 00000000 ____D () C:\Users\uzivatel
2014-07-17 14:55 - 2013-01-27 13:08 - 00000000 ____D () C:\Windows\Minidump
2014-07-17 14:52 - 2011-01-05 16:45 - 01499993 _____ () C:\Windows\WindowsUpdate.log
2014-07-17 14:16 - 2014-07-17 14:16 - 00003204 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForuzivatel
2014-07-17 14:03 - 2013-01-03 10:43 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-07-16 23:49 - 2013-01-12 16:14 - 00000000 ___RD () C:\Users\uzivatel\Klepla Pepka
2014-07-16 23:34 - 2014-07-16 23:34 - 00000000 ____D () C:\Users\uzivatel\Documents\Criterion Games
2014-07-16 23:30 - 2014-07-16 23:30 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-07-16 23:30 - 2014-07-16 23:30 - 00000000 ____D () C:\ProgramData\EA Core
2014-07-16 23:25 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-16 23:15 - 2014-07-16 23:15 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-07-16 23:02 - 2014-07-16 23:02 - 00000000 ____D () C:\ProgramData\Solidshield
2014-07-16 14:27 - 2014-07-16 14:27 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-07-16 14:24 - 2014-07-16 14:24 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-16 14:23 - 2014-07-16 14:22 - 00006107 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-16 14:23 - 2010-07-20 13:08 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-16 14:22 - 2014-07-16 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-15 20:09 - 2014-07-15 19:53 - 00000000 ____D () C:\Users\Jitka\Desktop\Fotky - Kamča má narozeniny
2014-07-15 10:19 - 2013-01-27 14:38 - 00000000 ____D () C:\Users\uzivatel\Documents\My Games
2014-07-15 10:16 - 2014-07-15 10:16 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2014-07-15 10:11 - 2014-07-15 10:11 - 02250024 _____ () C:\Windows\SysWOW64\pbsvc.exe
2014-07-15 10:11 - 2012-12-25 13:24 - 00107832 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-07-15 10:05 - 2013-02-02 13:07 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-07-15 10:05 - 2010-07-20 10:50 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-15 09:51 - 2014-07-15 09:46 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-07-15 09:47 - 2014-07-15 09:47 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-07-15 09:47 - 2014-07-15 09:46 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-07-15 00:55 - 2014-07-06 20:30 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\wf-launcher
2014-07-14 23:10 - 2014-07-06 20:30 - 00000000 ____D () C:\ProgramData\GFACE
2014-07-14 22:51 - 2014-02-17 17:30 - 00000000 ____D () C:\Program Files\WinZip
2014-07-14 22:49 - 2014-07-12 11:26 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\ProductData
2014-07-14 22:49 - 2014-02-17 17:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-07-14 22:49 - 2014-01-11 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
2014-07-14 22:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-07-14 22:05 - 2013-12-26 18:08 - 00000000 ____D () C:\Users\Staňa\Desktop\Klipy (tady ne)
2014-07-14 20:11 - 2014-06-22 08:01 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\.minecraft
2014-07-12 11:39 - 2014-07-12 11:39 - 00939224 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-07-12 11:39 - 2014-07-12 11:39 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-07-12 11:39 - 2011-01-05 16:48 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-07-12 11:39 - 2011-01-05 16:47 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-07-12 11:33 - 2014-07-12 11:33 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-07-12 11:33 - 2014-07-12 11:33 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-07-12 11:33 - 2014-07-12 11:33 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-07-12 11:33 - 2014-07-12 11:33 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2014-07-12 11:33 - 2014-07-12 11:33 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-07-12 11:33 - 2014-07-12 11:33 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-07-12 11:33 - 2014-07-12 11:33 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-07-12 11:33 - 2014-07-12 11:33 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\SET14B7.tmp
2014-07-12 11:33 - 2014-07-12 11:33 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-07-12 11:33 - 2014-07-12 11:33 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-07-12 11:25 - 2014-07-12 11:25 - 00002892 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2014-07-12 11:24 - 2014-07-12 11:24 - 00002860 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2014-07-11 03:02 - 2014-07-16 14:23 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-07-16 14:24 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-07-16 14:23 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-07-16 14:23 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-11 00:20 - 2014-07-10 23:38 - 743754892 _____ () C:\Users\uzivatel\Downloads\Linie-obrany---akční-1986-cz-dabing-(ldandasova).avi
2014-07-09 22:13 - 2009-07-14 06:45 - 05029048 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-09 22:09 - 2014-04-23 19:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-09 22:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-09 22:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-09 21:57 - 2013-06-16 21:48 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 21:55 - 2013-07-25 12:21 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 21:52 - 2013-02-20 20:59 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 20:40 - 2014-07-09 20:40 - 00659405 _____ () C:\Users\uzivatel\Desktop\Chemie v každodenním životě - sprchové gely.odt
2014-07-08 23:54 - 2013-01-19 11:24 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-08 23:54 - 2013-01-19 11:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-08 23:54 - 2013-01-19 11:24 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-08 12:38 - 2014-07-08 12:35 - 00000000 ____D () C:\Users\Staňa\Desktop\00
2014-07-08 12:37 - 2014-07-03 18:15 - 00000000 ____D () C:\Users\Staňa\Desktop\99
2014-07-08 12:18 - 2014-07-07 15:36 - 00000000 ____D () C:\Users\Staňa\Desktop\Nová složka (4)
2014-07-08 10:52 - 2014-07-03 18:17 - 00000000 ____D () C:\Users\Staňa\Desktop\9999
2014-07-08 10:45 - 2014-07-07 15:36 - 00000000 ____D () C:\Users\Staňa\Desktop\LIVERPOOL CITY
2014-07-08 10:39 - 2014-07-07 15:38 - 00000000 ____D () C:\Users\Staňa\Desktop\Nová složka
2014-07-08 09:25 - 2014-02-17 17:28 - 00000000 ____D () C:\Program Files (x86)\FreeTime
2014-07-07 15:53 - 2014-07-07 15:53 - 00000000 ____D () C:\Users\Staňa\Desktop\Nová složka (2)
2014-07-06 20:33 - 2014-07-06 20:33 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\CrashRpt
2014-07-06 16:15 - 2013-10-19 09:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-07-06 16:15 - 2013-10-19 09:19 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2014-07-05 19:59 - 2014-06-24 11:58 - 00000000 ____D () C:\Users\Staňa\AppData\Local\Cyberlink
2014-07-05 17:13 - 2013-12-27 16:47 - 00000644 __RSH () C:\Users\Staňa\ntuser.pol
2014-07-04 21:42 - 2013-12-26 14:34 - 00000644 __RSH () C:\Users\uzivatel\ntuser.pol
2014-07-04 11:43 - 2014-07-04 11:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-03 15:42 - 2013-03-17 18:15 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-06-30 22:40 - 2014-06-30 18:05 - 2540456474 _____ () C:\Users\uzivatel\Downloads\Looper-cz-(720p,-XVID,-AC3-5.1).avi
2014-06-30 12:35 - 2014-06-30 11:13 - 1459425432 _____ () C:\Users\uzivatel\Downloads\SERENITY.avi
2014-06-30 04:09 - 2014-07-09 12:00 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-09 12:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-28 21:24 - 2014-06-28 20:38 - 812100246 _____ () C:\Users\uzivatel\Downloads\Donnie-Darko-Directors-Cut-(2001)-+-cz-titulky.avi
2014-06-24 11:58 - 2014-06-24 11:58 - 00000000 ____D () C:\Users\Staňa\Documents\CyberLink
2014-06-24 11:58 - 2014-06-24 11:58 - 00000000 ____D () C:\Users\Staňa\AppData\Roaming\CyberLink
2014-06-23 10:58 - 2013-01-24 14:25 - 00000000 ____D () C:\Users\Jitka\AppData\Local\AVG Secure Search
2014-06-23 06:55 - 2014-04-27 13:03 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-06-23 06:55 - 2013-06-23 19:09 - 00000000 ____D () C:\Program Files (x86)\AVG Secure Search
2014-06-23 06:54 - 2013-01-23 20:15 - 00050464 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-06-22 23:20 - 2014-06-22 21:57 - 1356154290 _____ () C:\Users\uzivatel\Downloads\Jedinečný.avi
2014-06-22 21:11 - 2014-06-22 20:33 - 683116544 _____ () C:\Users\uzivatel\Downloads\Fist-of-Legend.avi
2014-06-22 15:14 - 2014-06-22 11:42 - 00000000 ____D () C:\Users\uzivatel\Desktop\Nová složka
2014-06-22 08:04 - 2014-06-22 08:04 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\InstallKnife
2014-06-20 22:14 - 2014-07-09 10:06 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 21:39 - 2014-07-09 10:06 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-20 20:19 - 2012-12-25 14:49 - 00127000 _____ () C:\Users\Jitka\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-20 00:59 - 2014-06-19 22:46 - 2372306944 _____ () C:\Users\uzivatel\Downloads\Huo-Yuan-Jia---Obávaný-bojovník---Fearless---2006---Bluray---Director-'s-Cut.avi

Files to move or delete:
====================
C:\Users\uzivatel\jagex_cl_runescape_LIVE.dat
C:\Users\uzivatel\random.dat


Some content of TEMP:
====================
C:\Users\Jitka\AppData\Local\Temp\Delta.exe
C:\Users\Jitka\AppData\Local\Temp\Extract.exe
C:\Users\Jitka\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Jitka\AppData\Local\Temp\propsys.dll
C:\Users\Jitka\AppData\Local\Temp\SP50498.exe
C:\Users\Jitka\AppData\Local\Temp\SP52131.exe
C:\Users\Jitka\AppData\Local\Temp\SP52264.exe
C:\Users\Jitka\AppData\Local\Temp\SP54714.exe
C:\Users\Jitka\AppData\Local\Temp\SP55657.exe
C:\Users\Jitka\AppData\Local\Temp\SP56215.exe
C:\Users\Jitka\AppData\Local\Temp\SP56221.exe
C:\Users\Jitka\AppData\Local\Temp\WSSetup.exe
C:\Users\uzivatel\AppData\Local\Temp\Delta.exe
C:\Users\uzivatel\AppData\Local\Temp\WSSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-18 05:57

==================== End Of Log ============================

Re: Kontrola logu

Napsal: 21 črc 2014 07:00
od Márty84
Zdravim :)

:arrow: Nejprve odinstalujte Advanced SystemCare a nejlepe vse od IObit. Dela to vic skody nez uzitku.

:arrow: Dale vam tam bezi dva antiviry - emsisoft anti-malware a AVG. Jeden musi rozhodne pryc. Pokud neni nektery z nich zakoupeny, vyhodil bych oba a dal tam treba Avast free.


:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

Re: Kontrola logu

Napsal: 21 črc 2014 21:24
od Klepla Pepka
Po delším brouzdání na vašem fóru jsem se utvrdil a většinu součástí IObitu odstranil ještě před založením tématu, ale když jinak nedáte i s ASC :cry: :idea:.
AVG free jsem odinstaloval, prozatím nahrazený Avastem free, podle Vašich rad :wink:.
Toš tu je log:

# AdwCleaner v3.216 - Report created 21/07/2014 at 22:04:30
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : uzivatel - UZIVATEL-HP
# Running from : C:\Users\uzivatel\Desktop\adwcleaner_3.216.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : vToolbarUpdater18.1.7

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\IObit\Driver Booster
Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\Jitka\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Jitka\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Jitka\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Jitka\AppData\Roaming\Nico Mak Computing
Folder Deleted : C:\Users\Martin\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Martin\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Staňa\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Staňa\AppData\LocalLow\Application Updater
Folder Deleted : C:\Users\Staňa\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Staňa\AppData\Roaming\Nico Mak Computing
Folder Deleted : C:\Users\uzivatel\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\uzivatel\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\uzivatel\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\uzivatel\AppData\LocalLow\Inbox Toolbar
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\IObit\Driver Booster
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\Nico Mak Computing
Folder Deleted : C:\Users\uzivatel\Documents\Mobogenie
Folder Deleted : C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod
Folder Deleted : C:\Users\Staňa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod
Folder Deleted : C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Deleted : C:\Users\Staňa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Jitka\daemonprocess.txt
File Deleted : C:\Users\Staňa\daemonprocess.txt
File Deleted : C:\Windows\System32\Tasks\SomotoUpdateCheckerAutoStart

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\inbox
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D8278076-BC68-4484-9233-6E7F1628B56C}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://dts.search.ask.com/web?q={searchTerms}&v=a9396-116&d=406-1034&t=4&o=APN10645A&tpr=1&gct=hp&ts=1399561249043
Deleted [Extension] : gkcefkcdkepgkpbgncjchhbjgoanleod
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof

[ File : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof

[ File : C:\Users\Staňa\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : gkcefkcdkepgkpbgncjchhbjgoanleod
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof

[ File : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=3BF36A1C-74AA-44A3-986F-526B3FEBD5D1&apn_ptnrs=U3&apn_sauid=47B8F972-056A-46A5-8105-271BADC2C3C4&apn_dtid=OSJ000YYCZ&q={searchTerms}
Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={553CBA65-3E3E-4737-A926-7FF4F87E1217}&mid=1b1c4c087fe747d09135ed03d422f270-13fe8d7cbd4806f741442629cab80b6c7263d0a5&lang=cs&ds=AVG&pr=pr&d=2013-06-23 19:09:59&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
Deleted [Search Provider] : hxxp://www.search.ask.com/web?p2=%5EAKE%5EOSJ0 ... earchTerms}
Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb203?a=6PQWY9WSem&search={searchTerms}
Deleted [Search Provider] : hxxp://www2.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=82120&iwk=284&lng=cs
Deleted [Search Provider] : hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 9&tsp=5108
Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=1034&systemid=406&v=a10733-116&apn_uid=2189508943124404&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=1034&systemid=406&v=a10733-116&apn_uid=2189508943124404&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
Deleted [Homepage] : hxxp://www.search.ask.com/?o=APN10645A&gct=hp& ... 33-116&t=4
Deleted [Extension] : aaaaabcbmongicmdegkmmfgdickgnnob
Deleted [Extension] : acfoobbgoakpihljnfedbcfaipcdlfhk
Deleted [Extension] : gkcefkcdkepgkpbgncjchhbjgoanleod
Deleted [Extension] : hbcennhacfaagdopikcegfcobcadeocj
Deleted [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
Deleted [Extension] : pfndaklgolladniicklehhancnlgocpp

*************************

AdwCleaner[R0].txt - [12913 octets] - [21/07/2014 22:02:49]
AdwCleaner[S0].txt - [12473 octets] - [21/07/2014 22:04:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12534 octets] ##########

Re: Kontrola logu

Napsal: 21 črc 2014 22:09
od Márty84
Klepla Pepka píše:ale když jinak nedáte i s ASC :cry:
To vam chybet nebude, nebo vam mozna jo, ale pocitaci urcite ne :D
Klepla Pepka píše:AVG free jsem odinstaloval, prozatím nahrazený Avastem free
:thumbsup:


:arrow: Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Re: Kontrola logu

Napsal: 22 črc 2014 19:10
od Klepla Pepka
To vam chybet nebude, nebo vam mozna jo, ale pocitaci urcite ne :D
Uvidíme, uvidíme. Teď to hořko těžko zjistím, ale mohl bych ho znovu nainstalovat a zjistit, jestli mi do budoucna PC rozhodí - máte-li pravdu :arcisit:.


Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 22.7.2014
Čas skenování: 16:51:25
Protokol: MBAM.txt
Správce: Ano

Verze: 2.00.2.1012
Databáze malwaru: v2014.07.22.03
Databáze rootkitů: v2014.07.17.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Self-protection: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: uzivatel

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 715355
Uplynulý čas: 3 hod, 4 min, 23 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristics: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 57
PUP.Optional.MiniBar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{60EACC1A-33FA-443D-9846-17B28E2C9BDB}, , [97f4cbd7512a7db9c1fcade5d131ea16],
PUP.Optional.BuenoSearch.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{828DC97A-2277-4E10-92A9-4907FA0922A9}, , [1b70ffa3f586a6902e74c2d28d7540c0],
PUP.Optional.BuenoSearch.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F1C81E40-2485-4DB6-8C9D-04BD596B281E}, , [91fa218118633105049d9bf91fe38e72],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, , [5a315d4582f91c1a9dcc87d65ea42bd5],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [5a315d4582f91c1a9dcc87d65ea42bd5],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [5a315d4582f91c1a9dcc87d65ea42bd5],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, , [5a315d4582f91c1a9dcc87d65ea42bd5],
PUP.Optional.Babylon.A, HKU\S-1-5-21-1605199458-3239476000-673508335-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, , [0784643e1a619f977401f860d32fce32],
PUP.Optional.Incredibar, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}, , [aedd1f835c1fa78fad690e8670920af6],
PUP.Optional.Incredibar, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}, , [aedd1f835c1fa78fad690e8670920af6],
PUP.Optional.Incredibar, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{F9639E4A-801B-4843-AEE3-03D9DA199E77}, , [ef9c445e4437ec4a82953d5758aafc04],
PUP.Optional.Incredibar, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{F9639E4A-801B-4843-AEE3-03D9DA199E77}, , [ef9c445e4437ec4a82953d5758aafc04],
PUP.Optional.Datamngr.A, HKU\S-1-5-21-1605199458-3239476000-673508335-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}, , [2b60198979025ed85376147e758d24dc],
PUP.Optional.MiniBar.A, HKU\S-1-5-21-1605199458-3239476000-673508335-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{AA74D58F-ACD0-450D-A85E-6C04B171C044}, , [2b60b6ec196276c003bb326042c0f30d],
PUP.Optional.MiniBar.A, HKU\S-1-5-21-1605199458-3239476000-673508335-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{AA74D58F-ACD0-450D-A85E-6C04B171C044}, , [2b60b6ec196276c003bb326042c0f30d],
PUP.Optional.InboxToolBar.A, HKU\S-1-5-21-1605199458-3239476000-673508335-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}, , [43487a28ea91e6501302fd5ca55d34cc],
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}, , [43487a28ea91e6501302fd5ca55d34cc],
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}, , [43487a28ea91e6501302fd5ca55d34cc],
PUP.Optional.InboxToolBar.A, HKU\S-1-5-21-1605199458-3239476000-673508335-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}, , [cbc0d2d07ffc3afc90993b584ab839c7],
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}, , [cbc0d2d07ffc3afc90993b584ab839c7],
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}, , [cbc0d2d07ffc3afc90993b584ab839c7],
PUP.Optional.Incredibar.A, HKLM\SOFTWARE\IB Updater, , [6f1cf2b05a212f0777a7e3f8778b58a8],
PUP.Optional.Incredibar.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\dlnembnfbcpjnepmfjmngjenhhajpdfd, , [8407465ca4d7b2843fdeddfedd25ea16],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bitguard.exe, , [5b30c4dedd9e03330331ec39aa5a0cf4],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bprotect.exe, , [5437fda5d7a436008baa46df59abf20e],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bpsvc.exe, , [63287032b3c82d093afcf62fe1236f91],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserdefender.exe, , [a9e2168c2754d46297a0be672dd79967],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserprotect.exe, , [e8a3c1e1611aa98dd860180d4eb60ef2],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browsersafeguard.exe, , [6f1c1191d5a63204d663c85d8480bd43],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\protectedsearch.exe, , [13788022bebdde58ce6e2ff6aa5a6b95],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\snapdo.exe, , [6f1cffa3f586ea4c0c36e93ca85ce917],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst32.exe, , [19729e04354696a0fd46151023e10ef2],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst64.exe, , [b8d3a200b2c931059fa4a97cf90b29d7],
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\apgjagobplilmcdfelodhgefiidomnfl, , [97f46a38f289092db37ddde7c042a060],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\hbcennhacfaagdopikcegfcobcadeocj, , [0784366c3f3cbe78dffb9a3c738f52ae],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\icdlfehblmklkikfigmjhbmmpmkmpooj, , [8ffc7a28532852e40bd09046e31f28d8],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mhkaekfpcppmmioggniknbnbdbcigpkk, , [7c0fe3bf304bd4622fad785ec83a40c0],
PUP.Optional.Spigot.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pfndaklgolladniicklehhancnlgocpp, , [37548f13f18a38feb22b993d09f99d63],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bitguard.exe, , [cfbcc1e197e49c9af440b075eb1936ca],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bprotect.exe, , [15766f33eb90201658dd51d4867eb14f],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bpsvc.exe, , [f2999d05e893171f7eb83de81ce837c9],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserdefender.exe, , [dead742e2259b97dfb3c909539cbda26],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserprotect.exe, , [65265b4752292610290f0a1b4eb612ee],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browsersafeguard.exe, , [b0dbecb6c6b5053138017aab1fe59f61],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\protectedsearch.exe, , [7813a8fad6a5171fe15b30f52ed6f10f],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\snapdo.exe, , [73185250700bdf57a49e31f40bf9956b],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst32.exe, , [0f7c633f2b5089ad3a090124857ff010],
PUP.Optional.IFEO.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst64.exe, , [4e3d3b672e4d7eb8172c82a34eb626da],
PUP.Optional.Spigot.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Search Settings, , [107b7929f78484b2d6f727fcb153e21e],
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, , [7912edb56c0f3cfa1e8636d421e3a060],
PUP.Optional.BuenoSearch.A, HKU\S-1-5-21-1605199458-3239476000-673508335-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\buenosearch LTD, , [b4d7138f5c1f8caad3e69356bb4730d0],
PUP.Optional.Spigot.A, HKU\S-1-5-21-1605199458-3239476000-673508335-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Search Settings, , [d6b5465cb1cadf576a6337ecc440d12f],
PUP.Optional.FilesFrog.A, HKU\S-1-5-21-1605199458-3239476000-673508335-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BI, , [8efd267ccead7db96da74fba23e136ca],
PUP.Optional.Spigot.A, HKU\S-1-5-21-1605199458-3239476000-673508335-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Search Settings, , [9deee6bcc0bbd85ec8059f84a163fc04],
PUP.Optional.InstallBrain.A, HKU\S-1-5-21-1605199458-3239476000-673508335-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, , [a0eb5a48a4d75bdbeeb68a80857fe41c],
PUP.Optional.Spigot.A, HKU\S-1-5-21-1605199458-3239476000-673508335-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Search Settings, , [d6b539697efdeb4bbf0e21029d67768a],
PUP.Optional.InstallBrain.A, HKU\S-1-5-21-1605199458-3239476000-673508335-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, , [4a41e1c1e8932c0a267e4ac0679da45c],

Hodnoty registru: 4
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, , [7912edb56c0f3cfa1e8636d421e3a060],
PUP.Optional.FilesFrog.A, HKU\S-1-5-21-1605199458-3239476000-673508335-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BI|ui_path_filesfrog, HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker, , [8efd267ccead7db96da74fba23e136ca]
PUP.Optional.InstallBrain.A, HKU\S-1-5-21-1605199458-3239476000-673508335-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, , [a0eb5a48a4d75bdbeeb68a80857fe41c],
PUP.Optional.InstallBrain.A, HKU\S-1-5-21-1605199458-3239476000-673508335-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, , [4a41e1c1e8932c0a267e4ac0679da45c],

Data registru: 0
(No malicious items detected)

Složky: 19
PUP.Optional.NextLive.A, C:\Users\uzivatel\AppData\Roaming\newnext.me, , [b4d73969b3c8ca6c9939e7bfe2203ec2],
PUP.Optional.NextLive.A, C:\Users\uzivatel\AppData\Roaming\newnext.me\cache, , [b4d73969b3c8ca6c9939e7bfe2203ec2],
PUP.Optional.BuenoSearch.A, C:\Users\uzivatel\AppData\Roaming\buenosearch LTD, , [6f1cefb3641762d435c9e7c02ed4ef11],
PUP.Optional.Datamngr.A, C:\Users\Jitka\AppData\LocalLow\DataMngr, , [4a41a101a4d7d6607d18f6b5ff039769],
PUP.Optional.Datamngr.A, C:\Users\uzivatel\AppData\LocalLow\DataMngr, , [aae1356d374446f0ff9605a654ae27d9],
PUP.Optional.MoviesToolbar.A, C:\Users\uzivatel\AppData\LocalLow\ilividmoviestoolbardla, , [5f2c19894c2f8fa77005367fa0629070],
PUP.Optional.Spigot.A, C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj, , [4f3c01a194e72313631fe9cfa85a42be],
PUP.Optional.Spigot.A, C:\Users\StaAˆa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj, , [f19afaa86e0d13239fe37b3d6f93ba46],
PUP.Optional.Spigot.A, C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp, , [4c3f356d9dde5fd76023368262a0d030],
PUP.Optional.Spigot.A, C:\Users\StaAˆa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp, , [ddae2181c3b89b9be89b3f793bc7bf41],
PUP.Optional.Spigot.A, C:\Users\Jitka\AppData\LocalLow\Search Settings, , [bdced5cd8fec44f2e48c13aa748ead53],
PUP.Optional.Spigot.A, C:\Users\Jitka\AppData\LocalLow\Search Settings\res, , [bdced5cd8fec44f2e48c13aa748ead53],
PUP.Optional.Spigot.A, C:\Users\Jitka\AppData\LocalLow\Search Settings\temp, , [bdced5cd8fec44f2e48c13aa748ead53],
PUP.Optional.Spigot.A, C:\Users\StaAˆa\AppData\LocalLow\Search Settings, , [8704049e4536d4626c04fbc229d9768a],
PUP.Optional.Spigot.A, C:\Users\StaAˆa\AppData\LocalLow\Search Settings\res, , [8704049e4536d4626c04fbc229d9768a],
PUP.Optional.Spigot.A, C:\Users\StaAˆa\AppData\LocalLow\Search Settings\temp, , [8704049e4536d4626c04fbc229d9768a],
PUP.Optional.Spigot.A, C:\Users\uzivatel\AppData\LocalLow\Search Settings, , [800b4f531f5c13231d534a73f60cfd03],
PUP.Optional.Spigot.A, C:\Users\uzivatel\AppData\LocalLow\Search Settings\res, , [800b4f531f5c13231d534a73f60cfd03],
PUP.Optional.Spigot.A, C:\Users\uzivatel\AppData\LocalLow\Search Settings\temp, , [800b4f531f5c13231d534a73f60cfd03],

Soubory: 38
PUP.Optional.MindSpark.A, C:\Users\Jitka\AppData\Local\Temp\kin1324.tmp\UPDATER.EXE, , [5833a200d4a7f83eecef36438180639d],
PUP.Optional.Spigot.A, C:\Windows\Installer\68f04.msi, , [6427f2b04833181e2c1afe8caa5722de],
PUP.Optional.Babylon.A, C:\Windows\System32\Tasks\EPUpdater, , [d2b9bce6f883c76f9705eddd3cc604fc],
PUP.Optional.Incredibar.A, C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dlnembnfbcpjnepmfjmngjenhhajpdfd_0.localstorage, , [4a41e9b9a5d6e84e928a8e4d26dcf709],
PUP.Optional.NextLive.A, C:\Users\uzivatel\AppData\Roaming\newnext.me\nengine.cookie, , [b4d73969b3c8ca6c9939e7bfe2203ec2],
PUP.Optional.BuenoSearch.A, C:\Users\uzivatel\AppData\Roaming\buenosearch LTD\sqlite3.dll, , [6f1cefb3641762d435c9e7c02ed4ef11],
PUP.Optional.Datamngr.A, C:\Users\Jitka\AppData\LocalLow\DataMngr\{7CA1F051-A4FB-4143-B263-02B41E571EED}64, , [4a41a101a4d7d6607d18f6b5ff039769],
PUP.Optional.Datamngr.A, C:\Users\uzivatel\AppData\LocalLow\DataMngr\{7CA1F051-A4FB-4143-B263-02B41E571EED}64, , [aae1356d374446f0ff9605a654ae27d9],
PUP.Optional.MoviesToolbar.A, C:\Users\uzivatel\AppData\LocalLow\ilividmoviestoolbardla\apnuserid.dat, , [5f2c19894c2f8fa77005367fa0629070],
PUP.Optional.MoviesToolbar.A, C:\Users\uzivatel\AppData\LocalLow\ilividmoviestoolbardla\appid.dat, , [5f2c19894c2f8fa77005367fa0629070],
PUP.Optional.MoviesToolbar.A, C:\Users\uzivatel\AppData\LocalLow\ilividmoviestoolbardla\geodata.xml, , [5f2c19894c2f8fa77005367fa0629070],
PUP.Optional.MoviesToolbar.A, C:\Users\uzivatel\AppData\LocalLow\ilividmoviestoolbardla\setupCfg.xml, , [5f2c19894c2f8fa77005367fa0629070],
PUP.Optional.MoviesToolbar.A, C:\Users\uzivatel\AppData\LocalLow\ilividmoviestoolbardla\sysid.dat, , [5f2c19894c2f8fa77005367fa0629070],
PUP.Optional.MoviesToolbar.A, C:\Users\uzivatel\AppData\LocalLow\ilividmoviestoolbardla\trackid.dat, , [5f2c19894c2f8fa77005367fa0629070],
PUP.Optional.Spigot.A, C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\000005.sst, , [4f3c01a194e72313631fe9cfa85a42be],
PUP.Optional.Spigot.A, C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\CURRENT, , [4f3c01a194e72313631fe9cfa85a42be],
PUP.Optional.Spigot.A, C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\LOG, , [4f3c01a194e72313631fe9cfa85a42be],
PUP.Optional.Spigot.A, C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\LOG.old, , [4f3c01a194e72313631fe9cfa85a42be],
PUP.Optional.Spigot.A, C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\MANIFEST-000335, , [4f3c01a194e72313631fe9cfa85a42be],
PUP.Optional.Spigot.A, C:\Users\StaAˆa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\000005.sst, , [f19afaa86e0d13239fe37b3d6f93ba46],
PUP.Optional.Spigot.A, C:\Users\StaAˆa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\CURRENT, , [f19afaa86e0d13239fe37b3d6f93ba46],
PUP.Optional.Spigot.A, C:\Users\StaAˆa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\LOG, , [f19afaa86e0d13239fe37b3d6f93ba46],
PUP.Optional.Spigot.A, C:\Users\StaAˆa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\LOG.old, , [f19afaa86e0d13239fe37b3d6f93ba46],
PUP.Optional.Spigot.A, C:\Users\StaAˆa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\MANIFEST-000083, , [f19afaa86e0d13239fe37b3d6f93ba46],
PUP.Optional.Spigot.A, C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\000005.sst, , [4c3f356d9dde5fd76023368262a0d030],
PUP.Optional.Spigot.A, C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\CURRENT, , [4c3f356d9dde5fd76023368262a0d030],
PUP.Optional.Spigot.A, C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\LOG, , [4c3f356d9dde5fd76023368262a0d030],
PUP.Optional.Spigot.A, C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\LOG.old, , [4c3f356d9dde5fd76023368262a0d030],
PUP.Optional.Spigot.A, C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\MANIFEST-000331, , [4c3f356d9dde5fd76023368262a0d030],
PUP.Optional.Spigot.A, C:\Users\StaAˆa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\000005.sst, , [ddae2181c3b89b9be89b3f793bc7bf41],
PUP.Optional.Spigot.A, C:\Users\StaAˆa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\CURRENT, , [ddae2181c3b89b9be89b3f793bc7bf41],
PUP.Optional.Spigot.A, C:\Users\StaAˆa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\LOG, , [ddae2181c3b89b9be89b3f793bc7bf41],
PUP.Optional.Spigot.A, C:\Users\StaAˆa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\LOG.old, , [ddae2181c3b89b9be89b3f793bc7bf41],
PUP.Optional.Spigot.A, C:\Users\StaAˆa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\MANIFEST-000083, , [ddae2181c3b89b9be89b3f793bc7bf41],
PUP.Optional.ASK.A, C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\preferences, Dobré: (), Špatné: ( "homepage": "http://www.search.ask.com/?o=APN10645A& ... 96-116&t=4",), ,[96f5960ccdae37ff81c28a536d9706fa]
PUP.Optional.ASK.A, C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\preferences, Dobré: (), Špatné: ( "startup_urls": [ "http://www.search.ask.com/?o=APN10645A& ... 96-116&t=4" ],), ,[42495b47b1cafd391b5a7667c63e3ac6]
PUP.Optional.ASK.A, C:\Users\StaAˆa\AppData\Local\Google\Chrome\User Data\Default\preferences, Dobré: (), Špatné: ( "homepage": "http://www.search.ask.com/?o=APN10645A& ... 483-66&t=4",), ,[8efd7230512a65d152f14d90d23252ae]
PUP.Optional.ASK.A, C:\Users\StaAˆa\AppData\Local\Google\Chrome\User Data\Default\preferences, Dobré: (), Špatné: ( "startup_urls": [ "http://www.search.ask.com/?o=APN10645A& ... 483-66&t=4" ],), ,[a8e39a08493248ee2a4bac31db29fa06]

Fyzické sektory: 0
(No malicious items detected)


(end) :oops:

Re: Kontrola logu

Napsal: 22 črc 2014 19:18
od Márty84
Klepla Pepka píše:Uvidíme, uvidíme. Teď to hořko těžko zjistím, ale mohl bych ho znovu nainstalovat a zjistit, jestli mi do budoucna PC rozhodí - máte-li pravdu :arcisit:.
To jo, ale opravovat si to pak budete sam, az se ma slova potvrdi :D


No krasna sbirecka to je, jen co je pravda :boxed:

Vsechno nechte odstranit (do karanteny) a po restartu pc test zopakujte, abychom vedeli, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

Re: Kontrola logu

Napsal: 22 črc 2014 19:34
od Klepla Pepka
Jde se na to :evil:

Re: Kontrola logu

Napsal: 22 črc 2014 19:37
od Márty84
:thumbsup:

Re: Kontrola logu

Napsal: 22 črc 2014 23:03
od Klepla Pepka
Bílá bělejší...

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 22.7.2014
Čas skenování: 20:42:22
Protokol: MBAM II.txt
Správce: Ano

Verze: 2.00.2.1012
Databáze malwaru: v2014.07.22.07
Databáze rootkitů: v2014.07.17.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Self-protection: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: uzivatel

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 715269
Uplynulý čas: 3 hod, 12 min, 45 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristics: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 0
(No malicious items detected)

Hodnoty registru: 0
(No malicious items detected)

Data registru: 0
(No malicious items detected)

Složky: 0
(No malicious items detected)

Soubory: 0
(No malicious items detected)

Fyzické sektory: 0
(No malicious items detected)


(end)

Re: Kontrola logu

Napsal: 23 črc 2014 08:31
od Márty84
:arrow: MBAM odinstalujte.


:!: Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.) :!:

:!: Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

:arrow: Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

:!: Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
:!: Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Re: Kontrola logu

Napsal: 23 črc 2014 11:10
od Klepla Pepka
ComboFix 14-07-22.01 - uzivatel 23.07.2014 11:38:16.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3835.2313 [GMT 2:00]
Spuštěný z: c:\users\uzivatel\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\PFRO.log
c:\windows\security\Database\tmp.edb
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-23 do 2014-07-23 )))))))))))))))))))))))))))))))
.
.
2014-07-23 09:51 . 2014-07-23 09:51 -------- d-----w- c:\users\Staňa\AppData\Local\temp
2014-07-23 09:51 . 2014-07-23 09:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-23 09:51 . 2014-07-23 09:51 -------- d-----w- c:\users\Martin\AppData\Local\temp
2014-07-21 20:03 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-07-21 19:26 . 2014-07-21 19:29 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Dropbox
2014-07-21 19:25 . 2014-07-21 19:25 -------- d-----w- c:\users\uzivatel\AppData\Roaming\AVAST Software
2014-07-21 19:06 . 2014-07-21 20:05 -------- d-----w- C:\AdwCleaner
2014-07-21 19:05 . 2014-07-21 19:04 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-07-21 19:05 . 2014-07-21 19:04 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-07-21 19:05 . 2014-07-21 19:04 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-07-21 19:05 . 2014-07-21 19:07 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-07-21 19:05 . 2014-07-21 19:04 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-07-21 19:05 . 2014-07-21 19:04 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-07-21 19:05 . 2014-07-21 19:04 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-07-21 19:05 . 2014-07-21 19:04 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-07-21 19:05 . 2014-07-21 19:04 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-07-21 19:04 . 2014-07-21 19:04 43152 ----a-w- c:\windows\avastSS.scr
2014-07-21 19:03 . 2014-07-21 19:03 -------- d-----w- c:\program files\AVAST Software
2014-07-21 19:01 . 2014-07-21 19:03 -------- d-----w- c:\programdata\AVAST Software
2014-07-19 14:40 . 2014-07-19 14:40 -------- d-----w- c:\programdata\Malwarebytes
2014-07-19 13:27 . 2014-07-20 19:51 -------- d-----w- C:\FRST
2014-07-18 09:19 . 2014-07-18 09:19 -------- d-----w- c:\program files\2K Games
2014-07-17 19:39 . 2014-07-17 19:39 -------- d-----w- c:\program files\EA Sports
2014-07-16 21:30 . 2014-07-16 21:30 -------- d-----w- c:\programdata\Electronic Arts
2014-07-16 21:30 . 2014-07-16 21:30 -------- d-----w- c:\programdata\EA Core
2014-07-16 21:15 . 2014-07-16 21:15 -------- d-----w- c:\program files (x86)\Electronic Arts
2014-07-16 21:02 . 2014-07-16 21:02 -------- d-----w- c:\programdata\Solidshield
2014-07-16 12:27 . 2014-07-16 12:27 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2014-07-16 12:24 . 2014-07-16 12:24 -------- d-----w- c:\programdata\Oracle
2014-07-16 12:24 . 2014-07-16 12:24 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-07-16 12:23 . 2014-07-11 01:02 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-15 08:16 . 2014-07-15 08:16 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2014-07-15 08:11 . 2014-07-15 08:11 2250024 ----a-w- c:\windows\SysWow64\pbsvc.exe
2014-07-15 07:47 . 2014-07-15 07:47 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-07-15 07:46 . 2014-07-15 07:47 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2014-07-15 07:46 . 2014-07-15 07:51 -------- d-----w- c:\programdata\DAEMON Tools Lite
2014-07-12 09:39 . 2014-07-12 09:39 939224 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2014-07-12 09:39 . 2014-07-12 09:39 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-07-12 09:33 . 2014-07-12 09:33 1959128 ----a-w- c:\windows\system32\RTSnMg64.cpl
2014-07-12 09:33 . 2014-07-12 09:33 2834648 ----a-w- c:\windows\system32\RtPgEx64.dll
2014-07-12 09:33 . 2014-07-12 09:33 3962840 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2014-07-12 09:33 . 2014-07-12 09:33 1022168 ----a-w- c:\windows\system32\SET14B7.tmp
2014-07-12 09:33 . 2014-07-12 09:33 628952 ----a-w- c:\windows\system32\RtDataProc64.dll
2014-07-12 09:33 . 2014-07-12 09:33 1286872 ----a-w- c:\windows\system32\RTCOM64.dll
2014-07-12 09:33 . 2014-07-12 09:33 2800344 ----a-w- c:\windows\system32\RltkAPO64.dll
2014-07-12 09:33 . 2014-07-12 09:33 60636160 ----a-w- c:\windows\system32\RCoRes64.dat
2014-07-12 09:33 . 2014-07-12 09:33 948952 ----a-w- c:\windows\system32\RCoInstII64.dll
2014-07-12 09:26 . 2014-07-14 20:49 -------- d-----w- c:\users\uzivatel\AppData\Roaming\ProductData
2014-07-09 10:00 . 2014-05-30 06:45 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2014-07-09 10:00 . 2014-06-03 10:02 1354240 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 10:00 . 2014-06-03 09:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 10:00 . 2014-06-30 02:09 519168 ----a-w- c:\windows\system32\aepdu.dll
2014-07-09 10:00 . 2014-06-30 02:04 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-07-09 10:00 . 2014-06-18 02:19 449024 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tabskb.dll
2014-07-09 10:00 . 2014-06-18 02:18 692736 ----a-w- c:\windows\system32\osk.exe
2014-07-09 10:00 . 2014-06-18 01:51 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-07-09 10:00 . 2014-06-18 01:10 3157504 ----a-w- c:\windows\system32\win32k.sys
2014-07-09 10:00 . 2014-06-06 10:10 624128 ----a-w- c:\windows\system32\qedit.dll
2014-07-09 10:00 . 2014-06-06 09:44 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-07-09 08:05 . 2014-06-05 14:45 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-07-09 08:05 . 2014-06-05 14:26 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-07-09 08:05 . 2014-06-05 14:25 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-07-06 18:33 . 2014-07-06 18:33 -------- d-----w- c:\users\uzivatel\AppData\Local\CrashRpt
2014-07-06 18:30 . 2014-07-14 21:10 -------- d-----w- c:\programdata\GFACE
2014-07-06 18:30 . 2014-07-14 22:55 -------- d-----w- c:\users\uzivatel\AppData\Local\wf-launcher
2014-07-04 09:43 . 2014-07-18 19:06 -------- d-----w- c:\program files (x86)\Steam
2014-06-24 09:58 . 2014-07-05 17:59 -------- d-----w- c:\users\Staňa\AppData\Local\Cyberlink
2014-06-24 09:58 . 2014-06-24 09:58 -------- d-----w- c:\users\Staňa\AppData\Roaming\CyberLink
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-15 08:11 . 2012-12-25 11:24 107832 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-07-12 09:39 . 2011-01-05 14:47 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-07-09 19:52 . 2013-02-20 18:59 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-07-08 21:54 . 2013-01-19 09:24 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-08 21:54 . 2013-01-19 09:24 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-23 04:54 . 2013-01-23 18:15 50464 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2014-05-30 08:08 . 2014-07-09 08:06 340992 ----a-w- c:\windows\system32\schannel.dll
2014-05-30 07:52 . 2014-07-09 08:06 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-05-08 09:32 . 2014-06-11 08:43 3178496 ----a-w- c:\windows\system32\rdpcorets.dll
2014-05-08 09:32 . 2014-06-11 08:43 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-04-25 02:34 . 2014-06-11 08:43 801280 ----a-w- c:\windows\system32\usp10.dll
2014-04-25 02:06 . 2014-06-11 08:43 626688 ----a-w- c:\windows\SysWow64\usp10.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-06-30 102400]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-02-15 577408]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2012-04-03 1273448]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-11 256896]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-07-21 4086432]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cleanhlp;cleanhlp;c:\program files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys;c:\program files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [x]
R3 EagleX64;EagleX64; [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 netr28x;Ralink 802.11n-Drahtlostreiber für Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 OverwolfUpdaterService;Overwolf Updater Service; [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-05-19 09:36 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-16 18:30 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-07-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-19 21:54]
.
2014-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-17 09:12]
.
2014-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-17 09:12]
.
2014-02-13 c:\windows\Tasks\HPCeeScheduleForSta?a.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 01:53]
.
2014-07-21 c:\windows\Tasks\HPCeeScheduleForuzivatel.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 01:53]
.
2014-07-18 c:\windows\Tasks\One-Click Optimizer.job
- c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 10\WO10.exe [2014-02-20 08:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-21 19:04 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-03-22 7506136]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-06-18 8192]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-17 767312]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKU-Default-Run-Advanced SystemCare 7 - c:\program files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
SafeBoot-CleanHlp
SafeBoot-CleanHlp.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{10921475-03CE-4E04-90CE-E2E7EF20C814} - c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
Toolbar-10 - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,62,41,b2,2d,ed,7c,96,4c,a8,a2,9d,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,62,41,b2,2d,ed,7c,96,4c,a8,a2,9d,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
.
**************************************************************************
.
Celkový čas: 2014-07-23 12:01:42 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-07-23 10:01
.
Před spuštěním: Volných bajtů: 468 785 504 256
Po spuštění: Volných bajtů: 468 743 385 088
.
- - End Of File - - 96D0AD23BFFF94B78B533683186E11A1

Re: Kontrola logu

Napsal: 23 črc 2014 11:28
od Márty84
:arrow: Vypnete trvale Windows Defender


:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

File::
c:\windows\SYSNATIVE\drivers\avgtpx64.sys

Folder::
c:\program files (x86)\Emsisoft Anti-Malware

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"SunJavaUpdateSched"=-
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=-

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

DDS::
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com

Driver::
AdvancedSystemCareService6
LiveUpdateSvc
SkypeUpdate
cleanhlp
SwitchBoard
MBAMSwissArmy
avgtp
NOBU

Reboot::
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

:!: Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
:!: Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Re: Kontrola logu

Napsal: 23 črc 2014 12:10
od Klepla Pepka
ComboFix 14-07-22.01 - uzivatel 23.07.2014 12:47:36.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3835.2569 [GMT 2:00]
Spuštěný z: c:\users\uzivatel\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-23 do 2014-07-23 )))))))))))))))))))))))))))))))
.
.
2014-07-23 10:58 . 2014-07-23 10:58 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2014-07-23 10:58 . 2014-07-23 10:58 -------- d-----w- c:\users\TEMP.uzivatel-HP\AppData\Local\temp
2014-07-23 10:58 . 2014-07-23 10:58 -------- d-----w- c:\users\Staňa\AppData\Local\temp
2014-07-23 10:58 . 2014-07-23 10:58 -------- d-----w- c:\users\Martin\AppData\Local\temp
2014-07-23 10:58 . 2014-07-23 10:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-23 10:58 . 2014-07-23 10:58 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2014-07-21 20:03 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-07-21 19:26 . 2014-07-21 19:29 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Dropbox
2014-07-21 19:25 . 2014-07-21 19:25 -------- d-----w- c:\users\uzivatel\AppData\Roaming\AVAST Software
2014-07-21 19:06 . 2014-07-21 20:05 -------- d-----w- C:\AdwCleaner
2014-07-21 19:05 . 2014-07-21 19:04 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-07-21 19:05 . 2014-07-21 19:04 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-07-21 19:05 . 2014-07-21 19:04 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-07-21 19:05 . 2014-07-21 19:07 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-07-21 19:05 . 2014-07-21 19:04 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-07-21 19:05 . 2014-07-21 19:04 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-07-21 19:05 . 2014-07-21 19:04 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-07-21 19:05 . 2014-07-21 19:04 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-07-21 19:05 . 2014-07-21 19:04 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-07-21 19:04 . 2014-07-21 19:04 43152 ----a-w- c:\windows\avastSS.scr
2014-07-21 19:03 . 2014-07-21 19:03 -------- d-----w- c:\program files\AVAST Software
2014-07-21 19:01 . 2014-07-21 19:03 -------- d-----w- c:\programdata\AVAST Software
2014-07-19 14:40 . 2014-07-19 14:40 -------- d-----w- c:\programdata\Malwarebytes
2014-07-19 13:27 . 2014-07-20 19:51 -------- d-----w- C:\FRST
2014-07-18 09:19 . 2014-07-18 09:19 -------- d-----w- c:\program files\2K Games
2014-07-17 19:39 . 2014-07-17 19:39 -------- d-----w- c:\program files\EA Sports
2014-07-16 21:30 . 2014-07-16 21:30 -------- d-----w- c:\programdata\Electronic Arts
2014-07-16 21:30 . 2014-07-16 21:30 -------- d-----w- c:\programdata\EA Core
2014-07-16 21:15 . 2014-07-16 21:15 -------- d-----w- c:\program files (x86)\Electronic Arts
2014-07-16 21:02 . 2014-07-16 21:02 -------- d-----w- c:\programdata\Solidshield
2014-07-16 12:27 . 2014-07-16 12:27 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2014-07-16 12:24 . 2014-07-16 12:24 -------- d-----w- c:\programdata\Oracle
2014-07-16 12:24 . 2014-07-16 12:24 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-07-16 12:23 . 2014-07-11 01:02 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-15 08:16 . 2014-07-15 08:16 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2014-07-15 08:11 . 2014-07-15 08:11 2250024 ----a-w- c:\windows\SysWow64\pbsvc.exe
2014-07-15 07:47 . 2014-07-15 07:47 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-07-15 07:46 . 2014-07-15 07:47 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2014-07-15 07:46 . 2014-07-15 07:51 -------- d-----w- c:\programdata\DAEMON Tools Lite
2014-07-12 09:39 . 2014-07-12 09:39 939224 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2014-07-12 09:39 . 2014-07-12 09:39 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-07-12 09:33 . 2014-07-12 09:33 1959128 ----a-w- c:\windows\system32\RTSnMg64.cpl
2014-07-12 09:33 . 2014-07-12 09:33 2834648 ----a-w- c:\windows\system32\RtPgEx64.dll
2014-07-12 09:33 . 2014-07-12 09:33 3962840 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2014-07-12 09:33 . 2014-07-12 09:33 1022168 ----a-w- c:\windows\system32\SET14B7.tmp
2014-07-12 09:33 . 2014-07-12 09:33 628952 ----a-w- c:\windows\system32\RtDataProc64.dll
2014-07-12 09:33 . 2014-07-12 09:33 1286872 ----a-w- c:\windows\system32\RTCOM64.dll
2014-07-12 09:33 . 2014-07-12 09:33 2800344 ----a-w- c:\windows\system32\RltkAPO64.dll
2014-07-12 09:33 . 2014-07-12 09:33 60636160 ----a-w- c:\windows\system32\RCoRes64.dat
2014-07-12 09:33 . 2014-07-12 09:33 948952 ----a-w- c:\windows\system32\RCoInstII64.dll
2014-07-12 09:26 . 2014-07-14 20:49 -------- d-----w- c:\users\uzivatel\AppData\Roaming\ProductData
2014-07-09 10:00 . 2014-05-30 06:45 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2014-07-09 10:00 . 2014-06-03 10:02 1354240 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 10:00 . 2014-06-03 09:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 10:00 . 2014-06-30 02:09 519168 ----a-w- c:\windows\system32\aepdu.dll
2014-07-09 10:00 . 2014-06-30 02:04 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-07-09 10:00 . 2014-06-18 02:19 449024 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tabskb.dll
2014-07-09 10:00 . 2014-06-18 02:18 692736 ----a-w- c:\windows\system32\osk.exe
2014-07-09 10:00 . 2014-06-18 01:51 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-07-09 10:00 . 2014-06-18 01:10 3157504 ----a-w- c:\windows\system32\win32k.sys
2014-07-09 10:00 . 2014-06-06 10:10 624128 ----a-w- c:\windows\system32\qedit.dll
2014-07-09 10:00 . 2014-06-06 09:44 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-07-09 08:05 . 2014-06-05 14:45 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-07-09 08:05 . 2014-06-05 14:26 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-07-09 08:05 . 2014-06-05 14:25 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-07-06 18:33 . 2014-07-06 18:33 -------- d-----w- c:\users\uzivatel\AppData\Local\CrashRpt
2014-07-06 18:30 . 2014-07-14 21:10 -------- d-----w- c:\programdata\GFACE
2014-07-06 18:30 . 2014-07-14 22:55 -------- d-----w- c:\users\uzivatel\AppData\Local\wf-launcher
2014-07-04 09:43 . 2014-07-18 19:06 -------- d-----w- c:\program files (x86)\Steam
2014-06-24 09:58 . 2014-07-05 17:59 -------- d-----w- c:\users\Staňa\AppData\Local\Cyberlink
2014-06-24 09:58 . 2014-06-24 09:58 -------- d-----w- c:\users\Staňa\AppData\Roaming\CyberLink
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-15 08:11 . 2012-12-25 11:24 107832 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-07-12 09:39 . 2011-01-05 14:47 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-07-09 19:52 . 2013-02-20 18:59 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-07-08 21:54 . 2013-01-19 09:24 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-08 21:54 . 2013-01-19 09:24 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-23 04:54 . 2013-01-23 18:15 50464 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2014-05-30 08:08 . 2014-07-09 08:06 340992 ----a-w- c:\windows\system32\schannel.dll
2014-05-30 07:52 . 2014-07-09 08:06 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-05-08 09:32 . 2014-06-11 08:43 3178496 ----a-w- c:\windows\system32\rdpcorets.dll
2014-05-08 09:32 . 2014-06-11 08:43 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-04-25 02:34 . 2014-06-11 08:43 801280 ----a-w- c:\windows\system32\usp10.dll
2014-04-25 02:06 . 2014-06-11 08:43 626688 ----a-w- c:\windows\SysWow64\usp10.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-06-30 102400]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-02-15 577408]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2012-04-03 1273448]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-11 256896]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-07-21 4086432]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; [x]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cleanhlp;cleanhlp;c:\program files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys;c:\program files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [x]
R3 EagleX64;EagleX64; [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 netr28x;Ralink 802.11n-Drahtlostreiber für Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 OverwolfUpdaterService;Overwolf Updater Service; [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-05-19 09:36 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-16 18:30 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-07-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-19 21:54]
.
2014-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-17 09:12]
.
2014-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-17 09:12]
.
2014-02-13 c:\windows\Tasks\HPCeeScheduleForSta?a.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 01:53]
.
2014-07-21 c:\windows\Tasks\HPCeeScheduleForuzivatel.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 01:53]
.
2014-07-18 c:\windows\Tasks\One-Click Optimizer.job
- c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 10\WO10.exe [2014-02-20 08:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-21 19:04 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-03-22 7506136]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-06-18 8192]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-17 767312]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,62,41,b2,2d,ed,7c,96,4c,a8,a2,9d,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,62,41,b2,2d,ed,7c,96,4c,a8,a2,9d,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-07-23 13:02:01
ComboFix-quarantined-files.txt 2014-07-23 11:02
ComboFix2.txt 2014-07-23 10:01
.
Před spuštěním: Volných bajtů: 468 596 899 840
Po spuštění: Volných bajtů: 468 501 164 032
.
- - End Of File - - E83BB459E741B88A5D4EBB5E9A394DAD

Re: Kontrola logu

Napsal: 23 črc 2014 12:30
od Márty84
Nic se nesmazalo. Pouzil jste ten skript?

Re: Kontrola logu

Napsal: 23 črc 2014 14:10
od Klepla Pepka
Chybička se vloudila

ComboFix 14-07-22.01 - uzivatel 23.07.2014 14:47:37.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3835.2423 [GMT 2:00]
Spuštěný z: c:\users\uzivatel\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\uzivatel\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\drivers\avgtpx64.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\avgtpx64.sys
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_AVGTP
-------\Legacy_CLEANHLP
-------\Legacy_MBAMSWISSARMY
-------\Service_AdvancedSystemCareService6
-------\Service_avgtp
-------\Service_cleanhlp
-------\Service_LiveUpdateSvc
-------\Service_MBAMSwissArmy
-------\Service_NOBU
-------\Service_SkypeUpdate
-------\Service_SwitchBoard
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-23 do 2014-07-23 )))))))))))))))))))))))))))))))
.
.
2014-07-23 12:59 . 2014-07-23 12:59 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2014-07-23 12:59 . 2014-07-23 12:59 -------- d-----w- c:\users\TEMP.uzivatel-HP\AppData\Local\temp
2014-07-23 12:59 . 2014-07-23 12:59 -------- d-----w- c:\users\Staňa\AppData\Local\temp
2014-07-23 12:59 . 2014-07-23 12:59 -------- d-----w- c:\users\Martin\AppData\Local\temp
2014-07-23 12:59 . 2014-07-23 12:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-21 20:03 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-07-21 19:26 . 2014-07-21 19:29 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Dropbox
2014-07-21 19:25 . 2014-07-21 19:25 -------- d-----w- c:\users\uzivatel\AppData\Roaming\AVAST Software
2014-07-21 19:06 . 2014-07-21 20:05 -------- d-----w- C:\AdwCleaner
2014-07-21 19:05 . 2014-07-21 19:04 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-07-21 19:05 . 2014-07-21 19:04 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-07-21 19:05 . 2014-07-21 19:04 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-07-21 19:05 . 2014-07-21 19:07 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-07-21 19:05 . 2014-07-21 19:04 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-07-21 19:05 . 2014-07-21 19:04 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-07-21 19:05 . 2014-07-21 19:04 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-07-21 19:05 . 2014-07-21 19:04 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-07-21 19:05 . 2014-07-21 19:04 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-07-21 19:04 . 2014-07-21 19:04 43152 ----a-w- c:\windows\avastSS.scr
2014-07-21 19:03 . 2014-07-21 19:03 -------- d-----w- c:\program files\AVAST Software
2014-07-21 19:01 . 2014-07-21 19:03 -------- d-----w- c:\programdata\AVAST Software
2014-07-19 14:40 . 2014-07-19 14:40 -------- d-----w- c:\programdata\Malwarebytes
2014-07-19 13:27 . 2014-07-20 19:51 -------- d-----w- C:\FRST
2014-07-18 09:19 . 2014-07-18 09:19 -------- d-----w- c:\program files\2K Games
2014-07-17 19:39 . 2014-07-17 19:39 -------- d-----w- c:\program files\EA Sports
2014-07-16 21:30 . 2014-07-16 21:30 -------- d-----w- c:\programdata\Electronic Arts
2014-07-16 21:30 . 2014-07-16 21:30 -------- d-----w- c:\programdata\EA Core
2014-07-16 21:15 . 2014-07-16 21:15 -------- d-----w- c:\program files (x86)\Electronic Arts
2014-07-16 21:02 . 2014-07-16 21:02 -------- d-----w- c:\programdata\Solidshield
2014-07-16 12:27 . 2014-07-16 12:27 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2014-07-16 12:24 . 2014-07-16 12:24 -------- d-----w- c:\programdata\Oracle
2014-07-16 12:24 . 2014-07-16 12:24 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-07-16 12:23 . 2014-07-11 01:02 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-15 08:16 . 2014-07-15 08:16 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2014-07-15 08:11 . 2014-07-15 08:11 2250024 ----a-w- c:\windows\SysWow64\pbsvc.exe
2014-07-15 07:47 . 2014-07-15 07:47 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-07-15 07:46 . 2014-07-15 07:47 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2014-07-15 07:46 . 2014-07-15 07:51 -------- d-----w- c:\programdata\DAEMON Tools Lite
2014-07-12 09:39 . 2014-07-12 09:39 939224 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2014-07-12 09:39 . 2014-07-12 09:39 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-07-12 09:33 . 2014-07-12 09:33 1959128 ----a-w- c:\windows\system32\RTSnMg64.cpl
2014-07-12 09:33 . 2014-07-12 09:33 2834648 ----a-w- c:\windows\system32\RtPgEx64.dll
2014-07-12 09:33 . 2014-07-12 09:33 3962840 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2014-07-12 09:33 . 2014-07-12 09:33 1022168 ----a-w- c:\windows\system32\SET14B7.tmp
2014-07-12 09:33 . 2014-07-12 09:33 628952 ----a-w- c:\windows\system32\RtDataProc64.dll
2014-07-12 09:33 . 2014-07-12 09:33 1286872 ----a-w- c:\windows\system32\RTCOM64.dll
2014-07-12 09:33 . 2014-07-12 09:33 2800344 ----a-w- c:\windows\system32\RltkAPO64.dll
2014-07-12 09:33 . 2014-07-12 09:33 60636160 ----a-w- c:\windows\system32\RCoRes64.dat
2014-07-12 09:33 . 2014-07-12 09:33 948952 ----a-w- c:\windows\system32\RCoInstII64.dll
2014-07-12 09:26 . 2014-07-14 20:49 -------- d-----w- c:\users\uzivatel\AppData\Roaming\ProductData
2014-07-09 10:00 . 2014-05-30 06:45 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2014-07-09 10:00 . 2014-06-03 10:02 1354240 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 10:00 . 2014-06-03 09:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-07-09 10:00 . 2014-06-30 02:09 519168 ----a-w- c:\windows\system32\aepdu.dll
2014-07-09 10:00 . 2014-06-30 02:04 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-07-09 10:00 . 2014-06-18 02:19 449024 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tabskb.dll
2014-07-09 10:00 . 2014-06-18 02:18 692736 ----a-w- c:\windows\system32\osk.exe
2014-07-09 10:00 . 2014-06-18 01:51 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-07-09 10:00 . 2014-06-18 01:10 3157504 ----a-w- c:\windows\system32\win32k.sys
2014-07-09 10:00 . 2014-06-06 10:10 624128 ----a-w- c:\windows\system32\qedit.dll
2014-07-09 10:00 . 2014-06-06 09:44 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-07-09 08:05 . 2014-06-05 14:45 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-07-09 08:05 . 2014-06-05 14:26 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-07-09 08:05 . 2014-06-05 14:25 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-07-06 18:33 . 2014-07-06 18:33 -------- d-----w- c:\users\uzivatel\AppData\Local\CrashRpt
2014-07-06 18:30 . 2014-07-14 21:10 -------- d-----w- c:\programdata\GFACE
2014-07-06 18:30 . 2014-07-14 22:55 -------- d-----w- c:\users\uzivatel\AppData\Local\wf-launcher
2014-07-04 09:43 . 2014-07-18 19:06 -------- d-----w- c:\program files (x86)\Steam
2014-06-24 09:58 . 2014-07-05 17:59 -------- d-----w- c:\users\Staňa\AppData\Local\Cyberlink
2014-06-24 09:58 . 2014-06-24 09:58 -------- d-----w- c:\users\Staňa\AppData\Roaming\CyberLink
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-15 08:11 . 2012-12-25 11:24 107832 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-07-12 09:39 . 2011-01-05 14:47 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-07-09 19:52 . 2013-02-20 18:59 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-07-08 21:54 . 2013-01-19 09:24 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-08 21:54 . 2013-01-19 09:24 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-23 04:54 . 2013-01-23 18:15 50464 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2014-05-30 08:08 . 2014-07-09 08:06 340992 ----a-w- c:\windows\system32\schannel.dll
2014-05-30 07:52 . 2014-07-09 08:06 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-05-08 09:32 . 2014-06-11 08:43 3178496 ----a-w- c:\windows\system32\rdpcorets.dll
2014-05-08 09:32 . 2014-06-11 08:43 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-04-25 02:34 . 2014-06-11 08:43 801280 ----a-w- c:\windows\system32\usp10.dll
2014-04-25 02:06 . 2014-06-11 08:43 626688 ----a-w- c:\windows\SysWow64\usp10.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-06-30 102400]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-02-15 577408]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2012-04-03 1273448]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-07-21 4086432]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
R2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [x]
R3 EagleX64;EagleX64; [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 netr28x;Ralink 802.11n-Drahtlostreiber für Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 OverwolfUpdaterService;Overwolf Updater Service; [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-05-19 09:36 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-16 18:30 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-07-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-19 21:54]
.
2014-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-17 09:12]
.
2014-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-17 09:12]
.
2014-02-13 c:\windows\Tasks\HPCeeScheduleForSta?a.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 01:53]
.
2014-07-21 c:\windows\Tasks\HPCeeScheduleForuzivatel.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 01:53]
.
2014-07-18 c:\windows\Tasks\One-Click Optimizer.job
- c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 10\WO10.exe [2014-02-20 08:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-21 19:04 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-03-22 7506136]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-06-18 8192]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-17 767312]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
.
**************************************************************************
.
Celkový čas: 2014-07-23 15:07:58 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-07-23 13:07
ComboFix2.txt 2014-07-23 12:18
ComboFix3.txt 2014-07-23 11:02
ComboFix4.txt 2014-07-23 10:01
.
Před spuštěním: Volných bajtů: 468 453 527 552
Po spuštění: Volných bajtů: 467 910 946 816
.
- - End Of File - - 8BF29C43AB7D631A60163D573054E1B9
Všechny časy jsou v UTC+01:00
Stránka 1 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz