Neznámá ikona - vir?

Zpráva

jajani · #1 Příspěvek od **jajani** » 21 říj 2014 10:34

: neznámá ikona.jpg (8.09 KiB) Zobrazeno 2303 x

Dobrý den,
na ploše po startu PC se mi objevuje tato ikona. Nejde mazat, nejde spustit, nejde s ní dělat nic. pouze přemístit na ploše.
V příloze jsem ji vyfotil? Nevíte někdo prosím co to je? Asi budete chtít log, je to tak?

#2 Příspěvek od **Márty84** » 21 říj 2014 11:04

Zdravim

Jmenuje se ta ikona nejak? Objevi se i v nouzovem rezimu?

Dejte log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=130786

jajani · #3 Příspěvek od **jajani** » 21 říj 2014 12:20

V nouzovém režimu jsem ji nikde nenašel. Pokud tedy nebyla schovaná za rámečkem obrazovky.

Název nemá vůbec žádný a jak jsem psal, nejde s ní dělat vůbec nic. Jen přemístit tažením myši.

Níže přikládám log svého PC.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jaroslav at 2014-10-21 13:14:20
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 532 GB (76%) free of 700 GB
Total RAM: 4002 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:14:26, on 21.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\CPP\CppKalkulacky\CppCalcServer.exe
C:\Program Files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe
C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\ProgramData\Search Protection\SearchProtection.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\trend micro\Jaroslav.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.idnes.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/secur ... =20.4.0.40
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HPUsageTracking] "C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT\"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Search Protection] C:\ProgramData\Search Protection\SearchProtection.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
O4 - HKLM\..\RunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
O4 - HKLM\..\RunOnce: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: CPP - CalcServer.lnk = C:\CPP\CppKalkulacky\CppCalcServer.exe
O4 - Startup: Kooperativa - PDF Server.lnk = C:\Program Files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\gadget~1\sprote~1.dll
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWOW64\CbFsMntNtf3.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWOW64\CbFsMntNtf3.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: CxUtilSvc - Conexant Systems, Inc. - C:\Program Files\Conexant\SA3\CxUtilSvc.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Print Job Accounting (OkiJaSvc) - Oki Data Corporation - C:\Program Files\Okidata\Print Job Accounting\oklogsvc.exe
O23 - Service: Print Job Accounting Watch Service (OkiWchSvc) - Oki Data Corporation - C:\Program Files\Okidata\Print Job Accounting\okwchsvc.exe
O23 - Service: Print Job Accounting opja0004 (opja0004) - Oki Data Corporation - C:\Program Files\Okidata\Print Job Accounting\opja0004.exe
O23 - Service: OKI Local Port Manager (OpLclSrv) - Oki Data Corporation - C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15856 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 17818704
\??\C:\windows\system32\conhost.exe "5464379771800946574234818767-15762597284075911131740703100967492118-658225415
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\DigitalPersona\Bin\DpHostW.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\CxAudMsg64.exe
"C:\Program Files\Conexant\SA3\CxUtilSvc.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe" /s "N360" /m "C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\diMaster.dll" /prefetch:1
C:\windows\System32\svchost.exe -k HPZ12
"C:\Program Files\Okidata\Print Job Accounting\oklogsvc.exe"
"C:\Program Files\Okidata\Print Job Accounting\okwchsvc.exe"
"C:\Program Files\Okidata\Print Job Accounting\opja0004.exe"
"C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe"
C:\windows\System32\svchost.exe -k HPZ12
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2808
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"taskhost.exe"
"C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\DigitalPersona\Bin\DPAgent.exe"
"C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe" /c /a /s UserSession
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe"
"C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe" C:\Users\Jaroslav"
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe"
"C:\Program Files\Conexant\SA3\SmartAudio3.exe" /sa3 /nv:3.0 /dne /s
"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe" "HP Color LaserJet CM2320 MFP Series Fax"
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe" /RunWithOS
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\CPP\CppKalkulacky\CppCalcServer.exe"
"C:\Program Files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe"
"C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT\"
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
"C:\ProgramData\Search Protection\SearchProtection.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"

taskeng.exe {683189A0-BDDD-427D-86C2-0825382034C2}
"C:\Users\Jaroslav\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\schedule!451760640.job - C:\ProgramData\BetterSoft\GadgetBox Updater\GadgetBox Updater.exe /schedule /profile "c:\programdata\bettersoft\gadgetbox updater\451760640.ini"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll [2014-09-20 917856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-04-02 75656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll [2014-09-20 655200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL [2014-07-23 392336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-21 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-21 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll [2014-09-20 917856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll [2014-09-20 655200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-06-20 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-06-20 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-06-20 416024]
"SmartAudio"=C:\Program Files\CONEXANT\SA3\SACpl.exe [2011-09-09 1628288]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-04-30 2780968]
"FreeFallProtection"=C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [2010-12-17 686704]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"IntelPAN"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2012-01-04 1935120]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-05-19 10365952]
"HP Color LaserJet CM2320 MFP Series Fax"=C:\Program Files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe [2009-09-22 3700736]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-03-24 2184520]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-18 767312]
"Network Configuration"=c:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe [2012-08-27 725280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2014-08-08 22734160]
"ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2013-09-15 59720]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-08-21 6462744]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-02-18 283160]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2014-09-04 40336]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"HPUsageTracking"=C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [2009-05-11 24576]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"Dell Webcam Central"=C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2013-01-08 577536]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Search Protection"=C:\ProgramData\Search Protection\SearchProtection.exe [2013-06-13 943016]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"=C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [2010-08-12 163040]
"DSUpdateLauncher"=C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe [2010-07-21 18240]
"STToasterLauncher"=C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe [2010-08-12 120032]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\Jaroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CPP - CalcServer.lnk - C:\CPP\CppKalkulacky\CppCalcServer.exe
Kooperativa - PDF Server.lnk - C:\Program Files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-06-10 389632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll [2012-04-09 190480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll [2012-04-09 190480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DpHost]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-10-21 12:55:57 ----A---- C:\windows\ntbtlog.txt
2014-10-21 08:39:00 ----RD---- C:\Program Files (x86)\Skype
2014-10-21 01:25:02 ----A---- C:\windows\SYSWOW64\javaws.exe
2014-10-21 01:24:47 ----A---- C:\windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-10-21 01:24:47 ----A---- C:\windows\SYSWOW64\javaw.exe
2014-10-21 01:24:47 ----A---- C:\windows\SYSWOW64\java.exe
2014-10-15 08:42:34 ----A---- C:\windows\system32\win32k.sys
2014-10-15 08:42:33 ----A---- C:\windows\SYSWOW64\mscories.dll
2014-10-15 08:42:33 ----A---- C:\windows\SYSWOW64\mscorier.dll
2014-10-15 08:42:33 ----A---- C:\windows\SYSWOW64\dfshim.dll
2014-10-15 08:42:33 ----A---- C:\windows\system32\mscories.dll
2014-10-15 08:42:33 ----A---- C:\windows\system32\mscorier.dll
2014-10-15 08:42:33 ----A---- C:\windows\system32\dfshim.dll
2014-10-15 08:42:30 ----A---- C:\windows\SYSWOW64\KBDYAK.DLL
2014-10-15 08:42:30 ----A---- C:\windows\SYSWOW64\KBDTAT.DLL
2014-10-15 08:42:30 ----A---- C:\windows\SYSWOW64\KBDRU1.DLL
2014-10-15 08:42:30 ----A---- C:\windows\SYSWOW64\KBDRU.DLL
2014-10-15 08:42:30 ----A---- C:\windows\SYSWOW64\KBDBASH.DLL
2014-10-15 08:42:30 ----A---- C:\windows\system32\KBDYAK.DLL
2014-10-15 08:42:30 ----A---- C:\windows\system32\KBDTAT.DLL
2014-10-15 08:42:30 ----A---- C:\windows\system32\KBDRU1.DLL
2014-10-15 08:42:30 ----A---- C:\windows\system32\KBDRU.DLL
2014-10-15 08:42:30 ----A---- C:\windows\system32\KBDBASH.DLL
2014-10-15 08:42:18 ----A---- C:\windows\SYSWOW64\blackbox.dll
2014-10-15 08:42:18 ----A---- C:\windows\system32\blackbox.dll
2014-10-15 08:42:17 ----A---- C:\windows\system32\drmv2clt.dll
2014-10-15 08:42:16 ----A---- C:\windows\SYSWOW64\drmv2clt.dll
2014-10-15 08:42:13 ----A---- C:\windows\system32\wmp.dll
2014-10-15 08:42:11 ----A---- C:\windows\SYSWOW64\wmdrmsdk.dll
2014-10-15 08:42:11 ----A---- C:\windows\system32\wmdrmsdk.dll
2014-10-15 08:42:11 ----A---- C:\windows\system32\mf.dll
2014-10-15 08:42:11 ----A---- C:\windows\system32\AUDIOKSE.dll
2014-10-15 08:42:09 ----A---- C:\windows\SYSWOW64\wmp.dll
2014-10-15 08:42:09 ----A---- C:\windows\SYSWOW64\mf.dll
2014-10-15 08:42:09 ----A---- C:\windows\system32\drmmgrtn.dll
2014-10-15 08:42:08 ----A---- C:\windows\SYSWOW64\drmmgrtn.dll
2014-10-15 08:42:08 ----A---- C:\windows\SYSWOW64\AUDIOKSE.dll
2014-10-15 08:42:08 ----A---- C:\windows\system32\drivers\PEAuth.sys
2014-10-15 08:42:08 ----A---- C:\windows\system32\ci.dll
2014-10-15 08:42:07 ----A---- C:\windows\system32\AudioEng.dll
2014-10-15 08:42:06 ----A---- C:\windows\SYSWOW64\AudioSes.dll
2014-10-15 08:42:06 ----A---- C:\windows\system32\wintrust.dll
2014-10-15 08:42:06 ----A---- C:\windows\system32\winresume.exe
2014-10-15 08:42:06 ----A---- C:\windows\system32\winload.exe
2014-10-15 08:42:06 ----A---- C:\windows\system32\quartz.dll
2014-10-15 08:42:06 ----A---- C:\windows\system32\cryptsvc.dll
2014-10-15 08:42:05 ----A---- C:\windows\SYSWOW64\wintrust.dll
2014-10-15 08:42:05 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2014-10-15 08:42:05 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2014-10-15 08:42:05 ----A---- C:\windows\SYSWOW64\cryptsvc.dll
2014-10-15 08:42:05 ----A---- C:\windows\system32\ntoskrnl.exe
2014-10-15 08:42:05 ----A---- C:\windows\system32\evr.dll
2014-10-15 08:42:05 ----A---- C:\windows\system32\EncDump.dll
2014-10-15 08:42:05 ----A---- C:\windows\system32\cryptui.dll
2014-10-15 08:42:05 ----A---- C:\windows\system32\crypt32.dll
2014-10-15 08:42:05 ----A---- C:\windows\system32\AudioSes.dll
2014-10-15 08:42:04 ----A---- C:\windows\SYSWOW64\quartz.dll
2014-10-15 08:42:04 ----A---- C:\windows\SYSWOW64\msscp.dll
2014-10-15 08:42:04 ----A---- C:\windows\SYSWOW64\mfplat.dll
2014-10-15 08:42:04 ----A---- C:\windows\SYSWOW64\evr.dll
2014-10-15 08:42:04 ----A---- C:\windows\SYSWOW64\cryptui.dll
2014-10-15 08:42:04 ----A---- C:\windows\SYSWOW64\cryptsp.dll
2014-10-15 08:42:04 ----A---- C:\windows\SYSWOW64\crypt32.dll
2014-10-15 08:42:04 ----A---- C:\windows\SYSWOW64\AudioEng.dll
2014-10-15 08:42:04 ----A---- C:\windows\system32\srcore.dll
2014-10-15 08:42:04 ----A---- C:\windows\system32\rstrui.exe
2014-10-15 08:42:04 ----A---- C:\windows\system32\pcasvc.dll
2014-10-15 08:42:04 ----A---- C:\windows\system32\msscp.dll
2014-10-15 08:42:04 ----A---- C:\windows\system32\msnetobj.dll
2014-10-15 08:42:04 ----A---- C:\windows\system32\mfplat.dll
2014-10-15 08:42:04 ----A---- C:\windows\system32\cryptsp.dll
2014-10-15 08:42:04 ----A---- C:\windows\system32\audiosrv.dll
2014-10-15 08:42:04 ----A---- C:\windows\system32\appidsvc.dll
2014-10-15 08:42:03 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2014-10-15 08:42:03 ----A---- C:\windows\SYSWOW64\srclient.dll
2014-10-15 08:42:03 ----A---- C:\windows\SYSWOW64\spwmp.dll
2014-10-15 08:42:03 ----A---- C:\windows\SYSWOW64\rrinstaller.exe
2014-10-15 08:42:03 ----A---- C:\windows\SYSWOW64\msnetobj.dll
2014-10-15 08:42:03 ----A---- C:\windows\SYSWOW64\mfps.dll
2014-10-15 08:42:03 ----A---- C:\windows\SYSWOW64\mfpmp.exe
2014-10-15 08:42:03 ----A---- C:\windows\SYSWOW64\mferror.dll
2014-10-15 08:42:03 ----A---- C:\windows\SYSWOW64\dxmasf.dll
2014-10-15 08:42:03 ----A---- C:\windows\SYSWOW64\appidapi.dll
2014-10-15 08:42:03 ----A---- C:\windows\system32\wmploc.DLL
2014-10-15 08:42:03 ----A---- C:\windows\system32\srclient.dll
2014-10-15 08:42:03 ----A---- C:\windows\system32\spwmp.dll
2014-10-15 08:42:03 ----A---- C:\windows\system32\setbcdlocale.dll
2014-10-15 08:42:03 ----A---- C:\windows\system32\rrinstaller.exe
2014-10-15 08:42:03 ----A---- C:\windows\system32\mfps.dll
2014-10-15 08:42:03 ----A---- C:\windows\system32\mfpmp.exe
2014-10-15 08:42:03 ----A---- C:\windows\system32\mferror.dll
2014-10-15 08:42:03 ----A---- C:\windows\system32\dxmasf.dll
2014-10-15 08:42:03 ----A---- C:\windows\system32\drivers\appid.sys
2014-10-15 08:42:03 ----A---- C:\windows\system32\audiodg.exe
2014-10-15 08:42:03 ----A---- C:\windows\system32\appidpolicyconverter.exe
2014-10-15 08:42:03 ----A---- C:\windows\system32\appidcertstorecheck.exe
2014-10-15 08:42:03 ----A---- C:\windows\system32\appidapi.dll
2014-10-15 08:41:54 ----A---- C:\windows\system32\generaltel.dll
2014-10-15 08:41:53 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-10-15 08:41:53 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-10-15 08:41:53 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-10-15 08:41:53 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-10-15 08:41:53 ----A---- C:\windows\system32\aepdu.dll
2014-10-15 08:41:53 ----A---- C:\windows\system32\aeinv.dll
2014-10-15 08:41:52 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-10-15 08:41:52 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-10-15 08:41:52 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-10-15 08:41:52 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-15 08:41:52 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2014-10-15 08:41:52 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-10-15 08:41:52 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 08:41:52 ----A---- C:\windows\system32\iernonce.dll
2014-10-15 08:41:52 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-10-15 08:41:52 ----A---- C:\windows\system32\ie4uinit.exe
2014-10-15 08:41:51 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-10-15 08:41:51 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-10-15 08:41:51 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-10-15 08:41:51 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-10-15 08:41:51 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-10-15 08:41:51 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-10-15 08:41:51 ----A---- C:\windows\system32\urlmon.dll
2014-10-15 08:41:51 ----A---- C:\windows\system32\msfeeds.dll
2014-10-15 08:41:51 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-10-15 08:41:51 ----A---- C:\windows\system32\ieetwcollector.exe
2014-10-15 08:41:51 ----A---- C:\windows\system32\iedkcs32.dll
2014-10-15 08:41:51 ----A---- C:\windows\system32\dxtmsft.dll
2014-10-15 08:41:50 ----A---- C:\windows\system32\iesetup.dll
2014-10-15 08:41:50 ----A---- C:\windows\system32\iertutil.dll
2014-10-15 08:41:49 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-10-15 08:41:49 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-10-15 08:41:49 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-10-15 08:41:49 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2014-10-15 08:41:49 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2014-10-15 08:41:49 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-10-15 08:41:49 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-10-15 08:41:49 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-10-15 08:41:49 ----A---- C:\windows\system32\jsproxy.dll
2014-10-15 08:41:49 ----A---- C:\windows\system32\ieui.dll
2014-10-15 08:41:49 ----A---- C:\windows\system32\ieframe.dll
2014-10-15 08:41:49 ----A---- C:\windows\system32\dxtrans.dll
2014-10-15 08:41:48 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-10-15 08:41:48 ----A---- C:\windows\system32\mshtmled.dll
2014-10-15 08:41:48 ----A---- C:\windows\system32\jscript9diag.dll
2014-10-15 08:41:48 ----A---- C:\windows\system32\jscript9.dll
2014-10-15 08:41:48 ----A---- C:\windows\system32\ieUnatt.exe
2014-10-15 08:41:47 ----A---- C:\windows\system32\wininet.dll
2014-10-15 08:41:47 ----A---- C:\windows\system32\vbscript.dll
2014-10-15 08:41:47 ----A---- C:\windows\system32\msrating.dll
2014-10-15 08:41:47 ----A---- C:\windows\system32\MshtmlDac.dll
2014-10-15 08:41:47 ----A---- C:\windows\system32\ieapfltr.dll
2014-10-15 08:41:46 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-15 08:41:46 ----A---- C:\windows\system32\mshtml.dll
2014-10-15 08:40:09 ----A---- C:\windows\system32\msi.dll
2014-10-15 08:40:06 ----A---- C:\windows\SYSWOW64\msi.dll
2014-10-15 08:39:59 ----A---- C:\windows\SYSWOW64\tsgqec.dll
2014-10-15 08:39:59 ----A---- C:\windows\SYSWOW64\mstscax.dll
2014-10-15 08:39:59 ----A---- C:\windows\SYSWOW64\mstsc.exe
2014-10-15 08:39:59 ----A---- C:\windows\SYSWOW64\aaclient.dll
2014-10-15 08:39:59 ----A---- C:\windows\system32\tsgqec.dll
2014-10-15 08:39:59 ----A---- C:\windows\system32\mstscax.dll
2014-10-15 08:39:59 ----A---- C:\windows\system32\mstsc.exe
2014-10-15 08:39:59 ----A---- C:\windows\system32\aaclient.dll
2014-10-15 08:39:57 ----A---- C:\windows\system32\rdpcorets.dll
2014-10-15 08:39:52 ----A---- C:\windows\SYSWOW64\rastls.dll
2014-10-15 08:39:52 ----A---- C:\windows\system32\rastls.dll
2014-10-15 08:39:48 ----A---- C:\windows\system32\termsrv.dll
2014-10-15 08:39:47 ----A---- C:\windows\SYSWOW64\winsta.dll
2014-10-15 08:39:47 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2014-10-15 08:39:47 ----A---- C:\windows\SYSWOW64\credssp.dll
2014-10-15 08:39:47 ----A---- C:\windows\system32\winsta.dll
2014-10-15 08:39:47 ----A---- C:\windows\system32\winlogon.exe
2014-10-15 08:39:47 ----A---- C:\windows\system32\TSpkg.dll
2014-10-15 08:39:47 ----A---- C:\windows\system32\rdpcorekmts.dll
2014-10-15 08:39:47 ----A---- C:\windows\system32\drivers\tssecsrv.sys
2014-10-15 08:39:47 ----A---- C:\windows\system32\drivers\rdpwd.sys
2014-10-15 08:39:47 ----A---- C:\windows\system32\credssp.dll
2014-10-15 08:39:30 ----A---- C:\windows\SYSWOW64\packager.dll
2014-10-15 08:39:30 ----A---- C:\windows\system32\packager.dll
2014-10-08 10:22:38 ----D---- C:\Users\Jaroslav\AppData\Roaming\Bolide(R) Software
2014-10-01 20:19:58 ----A---- C:\windows\SYSWOW64\qdvd.dll
2014-10-01 20:19:58 ----A---- C:\windows\system32\qdvd.dll
2014-09-27 11:38:36 ----A---- C:\windows\SYSWOW64\FlashPlayerInstaller.exe
2014-09-24 07:51:44 ----A---- C:\windows\SYSWOW64\tzres.dll
2014-09-24 07:51:44 ----A---- C:\windows\system32\tzres.dll

======List of files/folders modified in the last 1 month======

2014-10-21 13:14:23 ----D---- C:\Program Files\trend micro
2014-10-21 13:05:59 ----AD---- C:\windows\System32
2014-10-21 13:05:59 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-10-21 13:05:58 ----D---- C:\windows\inf
2014-10-21 13:03:28 ----A---- C:\windows\SYSWOW64\log.txt
2014-10-21 13:02:19 ----D---- C:\Program Files (x86)\Dell DataSafe Local Backup
2014-10-21 13:01:43 ----D---- C:\windows\SysWOW64
2014-10-21 13:01:30 ----D---- C:\windows\system32\LogFiles
2014-10-21 13:01:26 ----AD---- C:\windows\Temp
2014-10-21 12:58:13 ----SHD---- C:\System Volume Information
2014-10-21 12:55:57 ----AD---- C:\Windows
2014-10-21 12:46:00 ----D---- C:\windows\system32\config
2014-10-21 08:48:34 ----D---- C:\Users\Jaroslav\AppData\Roaming\Skype
2014-10-21 08:39:08 ----SHD---- C:\windows\Installer
2014-10-21 08:39:08 ----SHD---- C:\Config.Msi
2014-10-21 08:39:08 ----D---- C:\ProgramData\Skype
2014-10-21 08:39:01 ----D---- C:\Program Files (x86)\Common Files
2014-10-21 08:39:00 ----RD---- C:\Program Files (x86)
2014-10-21 01:25:46 ----D---- C:\ProgramData\Oracle
2014-10-21 01:24:40 ----D---- C:\Program Files (x86)\Java
2014-10-20 23:30:02 ----D---- C:\windows\system32\catroot
2014-10-20 22:13:41 ----D---- C:\windows\Prefetch
2014-10-20 21:33:56 ----D---- C:\windows\system32\DriverStore
2014-10-20 21:33:43 ----RD---- C:\Program Files
2014-10-20 21:31:10 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-10-20 21:30:48 ----DC---- C:\windows\system32\DRVSTORE
2014-10-20 21:30:48 ----D---- C:\windows\system32\drivers
2014-10-16 13:42:15 ----D---- C:\windows\Microsoft.NET
2014-10-16 13:17:29 ----RSD---- C:\windows\assembly
2014-10-16 09:41:08 ----D---- C:\windows\winsxs
2014-10-16 09:40:59 ----D---- C:\windows\system32\catroot2
2014-10-16 09:35:51 ----RSD---- C:\windows\Fonts
2014-10-16 09:35:46 ----D---- C:\windows\SYSWOW64\Dism
2014-10-16 09:35:46 ----D---- C:\windows\SYSWOW64\cs-CZ
2014-10-16 09:35:46 ----D---- C:\Program Files\Windows Media Player
2014-10-16 09:35:46 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-16 09:35:44 ----D---- C:\windows\system32\Dism
2014-10-16 09:35:43 ----D---- C:\windows\system32\en-US
2014-10-16 09:35:43 ----D---- C:\windows\system32\cs-CZ
2014-10-16 09:35:41 ----D---- C:\windows\system32\CodeIntegrity
2014-10-16 09:35:41 ----D---- C:\windows\system32\Boot
2014-10-16 09:35:40 ----SD---- C:\windows\system32\CompatTel
2014-10-16 09:35:39 ----D---- C:\Program Files\Internet Explorer
2014-10-16 09:35:37 ----D---- C:\windows\SYSWOW64\en-US
2014-10-16 09:35:31 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-16 08:39:05 ----D---- C:\ProgramData\Microsoft Help
2014-10-16 08:33:00 ----D---- C:\windows\system32\MRT
2014-10-16 08:28:11 ----D---- C:\windows\debug
2014-10-16 08:28:07 ----A---- C:\windows\system32\MRT.exe
2014-10-06 13:18:30 ----D---- C:\windows\system32\Tasks
2014-10-06 13:13:00 ----D---- C:\windows\system32\drivers\N360x64
2014-09-30 23:42:17 ----D---- C:\windows\system32\NDF
2014-09-30 17:01:25 ----D---- C:\windows\Minidump
2014-09-30 16:42:40 ----D---- C:\ProgramData\firebird
2014-09-27 11:41:25 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 21616]
R0 SymDS;Symantec Data Store; C:\windows\system32\drivers\N360x64\1506000.020\SYMDS64.SYS [2013-10-30 493656]
R0 SymEFA;Symantec Extended File Attributes; C:\windows\system32\drivers\N360x64\1506000.020\SYMEFA64.SYS [2014-03-04 1148120]
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\BASHDefs\20141016.001\BHDrvx64.sys [2014-10-03 1587416]
R1 cbfs3;cbfs3; \??\C:\windows\system32\drivers\cbfs3.sys [2012-04-09 352144]
R1 ccSet_N360;N360 Settings Manager; C:\windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [2014-02-25 162392]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-09-09 487216]
R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\IPSDefs\20141020.001\IDSvia64.sys [2014-09-01 633560]
R1 SRTSP;Symantec Real Time Storage Protection x64; C:\windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [2014-08-26 876248]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [2014-08-26 37592]
R1 SymIRON;Symantec Iron Driver; C:\windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [2014-08-06 266968]
R1 SymNetS;Symantec Network Security WFP Driver; C:\windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [2014-02-18 593112]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 TurboB;Turbo Boost UI Monitor driver; C:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
R3 Acceler;Accelerometer Service; C:\windows\system32\DRIVERS\Accelern.sys [2010-12-13 27760]
R3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed; C:\windows\system32\DRIVERS\AMPPAL.sys [2011-12-12 195072]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btmaudio;Intel Bluetooth Audio Service; C:\windows\system32\drivers\btmaud.sys [2011-05-19 51712]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2011-05-19 53248]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2011-07-19 282624]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2011-06-10 1591936]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\windows\system32\DRIVERS\CtClsFlt.sys [2011-06-16 176000]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-09-09 142640]
R3 iBtFltCoex;iBtFltCoex; C:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-07-20 59904]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-06-10 12230912]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 iwdbus;IWD Bus Enumerator; C:\windows\system32\DRIVERS\iwdbus.sys [2011-03-24 25496]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20141020.019\ENG64.SYS [2014-09-02 129752]
R3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20141020.019\EX64.SYS [2014-09-02 2137304]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2011-12-12 8616448]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 SymEvent;SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS [2014-05-30 177752]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-04-30 1439280]
R3 tihub3;TI USB3 Hub Service; C:\windows\system32\DRIVERS\tihub3.sys [2011-07-21 136000]
R3 tixhci;TI XHCI Service; C:\windows\system32\DRIVERS\tixhci.sys [2011-07-21 406336]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed; C:\windows\system32\DRIVERS\amppal.sys [2011-12-12 195072]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dmvsc;dmvsc; C:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2011-03-24 34200]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\windows\system32\DRIVERS\netaapl64.sys [2013-07-25 23040]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-04-22 25600]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2010-12-02 250984]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 vmbus;vmbus; C:\windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-12 661504]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-05-19 921664]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-05-19 995392]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-13 135952]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 CxAudMsg;@C:\Windows\system32\CxAudMsg64.exe,-100; C:\Windows\system32\CxAudMsg64.exe [2011-08-10 200832]
R2 CxUtilSvc;CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [2011-10-12 109184]
R2 DpHost;@C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2010-12-29 440144]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-01-04 1526032]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\windows\system32\svchost.exe [2009-07-14 27136]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-02-18 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-23 326168]
R2 N360;Norton 360; C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [2014-09-21 265040]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 OkiJaSvc;Print Job Accounting; C:\Program Files\Okidata\Print Job Accounting\oklogsvc.exe [2014-03-13 414720]
R2 OkiWchSvc;Print Job Accounting Watch Service; C:\Program Files\Okidata\Print Job Accounting\okwchsvc.exe [2012-02-14 55808]
R2 opja0004;Print Job Accounting opja0004; C:\Program Files\Okidata\Print Job Accounting\opja0004.exe [2014-02-05 200704]
R2 OpLclSrv;OKI Local Port Manager; C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe [2014-01-30 182784]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-01-04 844560]
R2 SftService;SoftThinks Agent Service; C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-08-21 689472]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-23 2656280]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-05-19 1335360]
R3 hpqcxs08;hpqcxs08; C:\windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-26 116648]
S2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2012-05-02 164864]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-27 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-26 116648]
S3 HP DS Service;HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [2011-10-17 13824]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-01-04 340240]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-04-22 720936]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-06-03 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#4 Příspěvek od **Márty84** » 21 říj 2014 14:54

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

jajani · #5 Příspěvek od **jajani** » 21 říj 2014 21:22

# AdwCleaner v4.001 - Report created 21/10/2014 at 22:14:38
# DB v2014-10-20.3
# Updated 20/10/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Jaroslav - JAROSLAV-PC
# Running from : C:\Users\Jaroslav\Downloads\adwcleaner_4.001.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344

-\\ Mozilla Firefox v

Tak snad je to ono....

-\\ Google Chrome v38.0.2125.104

*************************

AdwCleaner[R0].txt - [3142 octets] - [05/10/2013 00:22:52]
AdwCleaner[R1].txt - [9277 octets] - [21/10/2014 21:58:50]
AdwCleaner[R2].txt - [1022 octets] - [21/10/2014 22:12:31]
AdwCleaner[S0].txt - [2196 octets] - [05/10/2013 00:25:05]
AdwCleaner[S1].txt - [8761 octets] - [21/10/2014 22:01:36]
AdwCleaner[S2].txt - [938 octets] - [21/10/2014 22:14:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [997 octets] ##########

#6 Příspěvek od **Márty84** » 21 říj 2014 23:14

Je to ono, ale jelikoz jste to spustil dvakrat a log je az z toho druheho skenu, tak nevim, co nasel. Ale nevadi.

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

jajani · #7 Příspěvek od **jajani** » 26 říj 2014 12:05

Dobrý den,
konečně jsem se k tomu dostal a přikládám log dle Vašeho návodu.
Díky za pomoc.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 26.10.2014
Scan Time: 11:41:23
Logfile: export.txt
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.09.19.05
Rootkit Database: v2014.09.18.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Jaroslav

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 364949
Time Elapsed: 17 min, 55 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 10
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\mz, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\skin, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\mz, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\skin, , [6c15925d48332f07b99123ce7e84738d],

Files: 62
Backdoor.Agent, C:\ProgramData\InstallMate\{206C2D0D-D6ED-46E9-A402-9ECFFB8F0FFB}\Custom.dll, , [1d6410df9ddec76ff71d678c61a0f709],
PUP.Optional.RelevantKnowledge, C:\Windows\System32\rlls64.dll, , [1e63925d057654e2152ab960669fd52b],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome.manifest, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\icon.png, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\install.rdf, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\background.html, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\bg.js, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\button.xml, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\config.js, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\content.js, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\framework.js, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\framework.png, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\framework.xul, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon128.ico, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon128.png, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon16.ico, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon16.png, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon18.ico, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon18.png, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon24.ico, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon24.png, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon32.ico, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon32.png, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon48.ico, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon48.png, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon64.ico, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon64.png, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\jquery-1.9.1.min.js, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\options.xul, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\settings.json, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\mz\background.js, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\mz\content.js, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\skin\framework.css, , [552c08e7a7d4e551109946a416ec718f],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome.manifest, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\icon.png, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\install.rdf, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\background.html, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\bg.js, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\button.xml, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\config.js, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\content.js, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\framework.js, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\framework.png, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\framework.xul, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon128.ico, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon128.png, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon16.ico, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon16.png, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon18.ico, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon18.png, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon24.ico, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon24.png, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon32.ico, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon32.png, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon48.ico, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon48.png, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\jquery-1.9.1.min.js, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\options.xul, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\settings.json, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\mz\background.js, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\mz\content.js, , [6c15925d48332f07b99123ce7e84738d],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\skin\framework.css, , [6c15925d48332f07b99123ce7e84738d],

Physical Sectors: 0
(No malicious items detected)

(end)

#8 Příspěvek od **Márty84** » 26 říj 2014 13:34

Dle meho navodu to nebylo, protoze sken nebyl nastaven tak, jak je v navodu napsano.

Vsechny nalezy hodte do karanteny. Po restartu pc test zopakujte, tentokrat se spravnym nastavenim. Napiste jeho vysledek a podle nej zvolim dalsi postup.

jajani · #9 Příspěvek od **jajani** » 29 říj 2014 00:12

Tak znovu a lépe, snad jsem to už nastavil správně.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 28.10.2014
Čas skenování: 22:21:32
Protokol: export.txt
Správce: Ano

Verze: 2.00.3.1025
Databáze malwaru: v2014.10.28.06
Databáze rootkitů: v2014.10.22.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Jaroslav

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 542218
Uplynulý čas: 1 hod, 45 min, 11 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 10
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\mz, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\skin, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\mz, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\skin, , [1ef8809a6e0eec4afb4fae6243c07f81],

Soubory: 70
PUP.Optional.RelevantKnowledge, C:\AdwCleaner\Quarantine\C\Program Files (x86)\RelevantKnowledge\rlls.dll.vir, , [6aac9b7f97e5a78f2b133312759004fc],
PUP.Optional.RelevantKnowledge, C:\AdwCleaner\Quarantine\C\Program Files (x86)\RelevantKnowledge\rlls64.dll.vir, , [5eb83dddff7df0460c325de87491bf41],
PUP.Optional.RelevantKnowledge, C:\AdwCleaner\Quarantine\C\Program Files (x86)\RelevantKnowledge\rlservice.exe.vir, , [2ee8d248aece53e3a19d72d324e119e7],
PUP.Optional.RelevantKnowledge, C:\AdwCleaner\Quarantine\C\Program Files (x86)\RelevantKnowledge\rlvknlg.exe.vir, , [1501b664cdafae88e45a48fd8085db25],
PUP.Optional.RelevantKnowledge, C:\AdwCleaner\Quarantine\C\Program Files (x86)\RelevantKnowledge\rlvknlg32.exe.vir, , [c84e68b2fc80191da69887be05009d63],
PUP.Optional.RelevantKnowledge, C:\AdwCleaner\Quarantine\C\Program Files (x86)\RelevantKnowledge\rlvknlg64.exe.vir, , [0e08b268c1bb0333320cf84d2ed73ec2],
PUP.Optional.Wilsys.A, C:\AdwCleaner\Quarantine\C\Users\Jaroslav\AppData\Local\Temp\eIntaller\5B09E3A566644148B0CB9743AD8FA9D7\eXQ.exe.vir, , [64b2de3ce8942b0b5a752f0dd32e1fe1],
PUP.Optional.RelevantKnowledge, C:\AdwCleaner\Quarantine\C\windows\SysWOW64\rlls.dll.vir, , [c74fa17999e3c47258e6a79ebc4918e8],
Backdoor.Agent, C:\ProgramData\InstallMate\{206C2D0D-D6ED-46E9-A402-9ECFFB8F0FFB}\Custom.dll, , [71a54bcf1f5d1f17f65bc845d929bb45],
PUP.Optional.RelevantKnowledge, C:\Windows\System32\rlls64.dll, , [5cbaec2e9be113239f9f69dc040128d8],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome.manifest, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\icon.png, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\install.rdf, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\background.html, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\bg.js, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\button.xml, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\config.js, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\content.js, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\framework.js, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\framework.png, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\framework.xul, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon128.ico, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon128.png, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon16.ico, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon16.png, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon18.ico, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon18.png, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon24.ico, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon24.png, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon32.ico, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon32.png, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon48.ico, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon48.png, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon64.ico, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\icon64.png, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\jquery-1.9.1.min.js, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\options.xul, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\settings.json, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\mz\background.js, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\content\mz\content.js, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.SpeedAnalysis.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com\chrome\skin\framework.css, , [b264001a9ce0df57e5df8d7c9e6545bb],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome.manifest, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\icon.png, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\install.rdf, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\background.html, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\bg.js, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\button.xml, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\config.js, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\content.js, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\framework.js, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\framework.png, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\framework.xul, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon128.ico, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon128.png, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon16.ico, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon16.png, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon18.ico, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon18.png, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon24.ico, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon24.png, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon32.ico, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon32.png, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon48.ico, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\icon48.png, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\jquery-1.9.1.min.js, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\options.xul, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\settings.json, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\mz\background.js, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\content\mz\content.js, , [1ef8809a6e0eec4afb4fae6243c07f81],
PUP.Optional.ZulaGames.A, C:\Users\Jaroslav\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com\chrome\skin\framework.css, , [1ef8809a6e0eec4afb4fae6243c07f81],

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)

(end)

#10 Příspěvek od **Márty84** » 29 říj 2014 02:43

Ano, ted je to spravne

Takze nalezy do karanteny, po restartu opet test zopakovat. Napiste zase vysledek a podle nej zvolim dalsi postup.

jajani · #11 Příspěvek od **jajani** » 30 říj 2014 00:38

Tak další log. Bez záznamu........

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 29.10.2014
Čas skenování: 22:22:41
Protokol: export 1.txt
Správce: Ano

Verze: 2.00.3.1025
Databáze malwaru: v2014.10.29.07
Databáze rootkitů: v2014.10.22.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Jaroslav

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 542383
Uplynulý čas: 1 hod, 47 min, 42 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 0
(Žádné zákerné zjištěny položek)

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)

(end)

#12 Příspěvek od **Márty84** » 30 říj 2014 04:32

MBAM odinstalujte.

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

jajani · #13 Příspěvek od **jajani** » 02 lis 2014 15:47

Dobrý den,
přikládám log z ComboFix. Stále mi nešel vypnout norton360 - antispyware, tak jsem celý program odinstaloval.
Můžu ho už naistalovat?

ComboFix 14-10-29.01 - Jaroslav 02.11.2014 15:30:52.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4002.2020 [GMT 1:00]
Spuštěný z: c:\users\Jaroslav\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\_ctypes.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\_elementtree.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\_hashlib.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\_multiprocessing.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\_socket.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\_ssl.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\hashobjs_ext.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\pyexpat.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\pysqlite2._sqlite.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\python27.dll
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\pythoncom27.dll
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\PyWinTypes27.dll
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\select.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\unicodedata.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\win32api.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\win32com.shell.shell.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\win32crypt.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\win32event.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\win32file.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\win32gui.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\win32inet.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\win32pdh.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\win32pipe.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\win32process.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\win32profile.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\win32security.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\win32ts.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\windows._lib_cacheinvalidation.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\wx._animate.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\wx._controls_.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\wx._core_.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\wx._gdi_.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\wx._html2.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\wx._misc_.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\wx._windows_.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\wx._wizard.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\wxbase294u_net_vc90.dll
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\wxbase294u_vc90.dll
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\wxmsw294u_adv_vc90.dll
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\wxmsw294u_core_vc90.dll
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\wxmsw294u_html_vc90.dll
c:\users\Jaroslav\AppData\Local\Temp\_MEI32082\wxmsw294u_webview_vc90.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-10-02 do 2014-11-02 )))))))))))))))))))))))))))))))
.
.
2014-11-02 14:36 . 2014-11-02 14:36 -------- d-----w- c:\users\Guest\AppData\Local\temp
2014-11-02 14:36 . 2014-11-02 14:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-22 21:24 . 2014-10-22 21:24 -------- d-----w- c:\programdata\Malwarebytes
2014-10-21 06:39 . 2014-10-21 06:39 -------- d-----w- c:\users\Jaroslav\AppData\Local\Skype
2014-10-21 06:39 . 2014-10-21 06:39 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-10-21 06:39 . 2014-10-21 06:39 -------- d-----r- c:\program files (x86)\Skype
2014-10-20 23:25 . 2014-10-20 23:25 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-10-20 23:24 . 2014-10-20 23:24 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-20 19:48 . 2014-10-20 19:48 -------- d-----w- c:\users\Guest\AppData\Roaming\OkiData
2014-10-15 06:41 . 2014-10-10 02:05 276480 ----a-w- c:\windows\system32\generaltel.dll
2014-10-15 06:40 . 2014-09-18 02:00 3241472 ----a-w- c:\windows\system32\msi.dll
2014-10-15 06:40 . 2014-09-18 01:32 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-10-08 08:22 . 2014-10-08 08:24 -------- d-----w- c:\users\Jaroslav\AppData\Roaming\Bolide(R) Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-16 06:28 . 2012-06-03 11:05 103265616 ----a-w- c:\windows\system32\MRT.exe
2014-09-27 09:41 . 2012-08-01 06:59 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-27 09:41 . 2012-04-02 10:41 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-27 09:38 . 2014-09-27 09:38 3675824 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-09-25 02:08 . 2014-10-01 18:19 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-01 18:19 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-09 22:11 . 2014-09-24 05:51 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-09 21:47 . 2014-09-24 05:51 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-09-01 15:38 . 2010-06-24 16:33 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-23 02:07 . 2014-08-28 06:07 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-28 06:07 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1EldosIconOverlay]
@="{65A971D5-DC68-4EA6-ABAD-705B78DB6919}"
[HKEY_CLASSES_ROOT\CLSID\{65A971D5-DC68-4EA6-ABAD-705B78DB6919}]
2012-04-09 15:27 158224 ----a-w- c:\windows\SysWOW64\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-04-09 15:27 158224 ----a-w- c:\windows\SysWOW64\CbFsMntNtf3.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2014-08-08 22734160]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-09-15 59720]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-08-21 6462744]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-02-18 283160]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2014-09-04 40336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"HPUsageTracking"="c:\program files (x86)\HP\HP UT\bin\hppusg.exe" [2009-05-11 24576]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2013-01-08 577536]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-09-26 271744]
.
c:\users\Jaroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CPP - CalcServer.lnk - c:\cpp\CppKalkulacky\CppCalcServer.exe [2014-1-13 1014272]
Kooperativa - PDF Server.lnk - c:\program files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe [2012-7-18 10620928]
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 HP DS Service;HP DS Service;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys;c:\windows\SYSNATIVE\DRIVERS\stdcfltn.sys [x]
S1 cbfs3;cbfs3;c:\windows\system32\drivers\cbfs3.sys;c:\windows\SYSNATIVE\drivers\cbfs3.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
S2 CxUtilSvc;CxUtilSvc;c:\program files\Conexant\SA3\CxUtilSvc.exe;c:\program files\Conexant\SA3\CxUtilSvc.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 OkiJaSvc;Print Job Accounting;c:\program files\Okidata\Print Job Accounting\oklogsvc.exe;c:\program files\Okidata\Print Job Accounting\oklogsvc.exe [x]
S2 OkiWchSvc;Print Job Accounting Watch Service;c:\program files\Okidata\Print Job Accounting\okwchsvc.exe;c:\program files\Okidata\Print Job Accounting\okwchsvc.exe [x]
S2 opja0004;Print Job Accounting opja0004;c:\program files\Okidata\Print Job Accounting\opja0004.exe;c:\program files\Okidata\Print Job Accounting\opja0004.exe [x]
S2 OpLclSrv;OKI Local Port Manager;c:\program files\Okidata\Common\Extend3\portmgrsrv.exe;c:\program files\Okidata\Common\Extend3\portmgrsrv.exe [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys;c:\windows\SYSNATIVE\DRIVERS\Accelern.sys [x]
S3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 tihub3;TI USB3 Hub Service;c:\windows\system32\DRIVERS\tihub3.sys;c:\windows\SYSNATIVE\DRIVERS\tihub3.sys [x]
S3 tixhci;TI XHCI Service;c:\windows\system32\DRIVERS\tixhci.sys;c:\windows\SYSNATIVE\DRIVERS\tixhci.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-28 15:45 1089352 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-11-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-01 09:42]
.
2014-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-26 08:57]
.
2014-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-26 08:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1EldosIconOverlay]
@="{65A971D5-DC68-4EA6-ABAD-705B78DB6919}"
[HKEY_CLASSES_ROOT\CLSID\{65A971D5-DC68-4EA6-ABAD-705B78DB6919}]
2012-04-09 15:27 190480 ----a-w- c:\windows\System32\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-04-09 15:27 190480 ----a-w- c:\windows\System32\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-08-08 08:34 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-08-08 08:34 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-08-08 08:34 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-08-08 08:34 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-08-08 08:34 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-20 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-20 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-20 416024]
"SmartAudio"="c:\program files\CONEXANT\SA3\SACpl.exe" [2011-09-09 1628288]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2012-01-04 1935120]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-05-19 10365952]
"HP Color LaserJet CM2320 MFP Series Fax"="c:\program files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe" [2009-09-22 3700736]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-03-24 2184520]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312]
"Network Configuration"="c:\program files (x86)\Okidata\ActKey\Network Configuration.exe" [2012-08-27 725280]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.idnes.cz/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.symantec.com/redirects/security_res ... =20.4.0.40
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: dell.com
TCP: DhcpNameServer = 84.16.103.65 84.16.96.2
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-11-02 15:43:51 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-11-02 14:43
.
Před spuštěním: Volných bajtů: 559 502 917 632
Po spuštění: Volných bajtů: 559 028 019 200
.
- - End Of File - - B0576D9BA458A6C9A183E978A7AD5843

#14 Příspěvek od **Márty84** » 02 lis 2014 16:23

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"=-
"CCleaner Monitoring"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"GrooveMonitor"=-
"SunJavaUpdateSched"=-

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Driver::
SkypeUpdate
esgiguard
MBAMSwissArmy

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Ted uz muzete Norton nainstalovat.

jajani · #15 Příspěvek od **jajani** » 03 lis 2014 08:00

Dobré ráno,
zde přikládám log z ComboFix.

ComboFix 14-10-29.01 - Jaroslav 03.11.2014 7:43.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4002.2248 [GMT 1:00]
Spuštěný z: c:\users\Jaroslav\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jaroslav\Desktop\CFScript.txt
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\_ctypes.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\_elementtree.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\_hashlib.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\_multiprocessing.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\_socket.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\_ssl.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\hashobjs_ext.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\pyexpat.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\pysqlite2._sqlite.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\python27.dll
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\pythoncom27.dll
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\PyWinTypes27.dll
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\select.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\unicodedata.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\win32api.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\win32com.shell.shell.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\win32crypt.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\win32event.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\win32file.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\win32gui.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\win32inet.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\win32pdh.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\win32pipe.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\win32process.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\win32profile.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\win32security.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\win32ts.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\windows._lib_cacheinvalidation.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\wx._animate.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\wx._controls_.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\wx._core_.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\wx._gdi_.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\wx._html2.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\wx._misc_.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\wx._windows_.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\wx._wizard.pyd
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\wxbase294u_net_vc90.dll
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\wxbase294u_vc90.dll
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\wxmsw294u_adv_vc90.dll
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\wxmsw294u_core_vc90.dll
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\wxmsw294u_html_vc90.dll
c:\users\Jaroslav\AppData\Local\Temp\_MEI40042\wxmsw294u_webview_vc90.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ESGIGUARD
-------\Legacy_MBAMSWISSARMY
-------\Service_esgiguard
-------\Service_MBAMSwissArmy
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-10-03 do 2014-11-03 )))))))))))))))))))))))))))))))
.
.
2014-11-03 06:48 . 2014-11-03 06:48 -------- d-----w- c:\users\Guest\AppData\Local\temp
2014-11-03 06:48 . 2014-11-03 06:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-02 16:01 . 2014-11-02 16:01 -------- d-----w- c:\program files (x86)\Norton Identity Safe
2014-11-02 16:01 . 2014-11-02 16:01 -------- d-----w- c:\windows\system32\drivers\NSTx64
2014-11-02 15:43 . 2014-11-03 06:23 -------- d-----w- c:\program files (x86)\NortonInstaller
2014-10-22 21:24 . 2014-10-22 21:24 -------- d-----w- c:\programdata\Malwarebytes
2014-10-21 06:39 . 2014-10-21 06:39 -------- d-----w- c:\users\Jaroslav\AppData\Local\Skype
2014-10-21 06:39 . 2014-10-21 06:39 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-10-21 06:39 . 2014-10-21 06:39 -------- d-----r- c:\program files (x86)\Skype
2014-10-20 23:25 . 2014-10-20 23:25 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-10-20 23:24 . 2014-10-20 23:24 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-20 19:48 . 2014-10-20 19:48 -------- d-----w- c:\users\Guest\AppData\Roaming\OkiData
2014-10-15 06:41 . 2014-10-10 02:05 276480 ----a-w- c:\windows\system32\generaltel.dll
2014-10-15 06:40 . 2014-09-18 02:00 3241472 ----a-w- c:\windows\system32\msi.dll
2014-10-15 06:40 . 2014-09-18 01:32 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-10-08 08:22 . 2014-10-08 08:24 -------- d-----w- c:\users\Jaroslav\AppData\Roaming\Bolide(R) Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-16 06:28 . 2012-06-03 11:05 103265616 ----a-w- c:\windows\system32\MRT.exe
2014-09-27 09:41 . 2012-08-01 06:59 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-27 09:41 . 2012-04-02 10:41 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-27 09:38 . 2014-09-27 09:38 3675824 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-09-25 02:08 . 2014-10-01 18:19 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-01 18:19 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-09 22:11 . 2014-09-24 05:51 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-09 21:47 . 2014-09-24 05:51 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-09-01 15:38 . 2010-06-24 16:33 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-23 02:07 . 2014-08-28 06:07 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-28 06:07 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1EldosIconOverlay]
@="{65A971D5-DC68-4EA6-ABAD-705B78DB6919}"
[HKEY_CLASSES_ROOT\CLSID\{65A971D5-DC68-4EA6-ABAD-705B78DB6919}]
2012-04-09 15:27 158224 ----a-w- c:\windows\SysWOW64\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-04-09 15:27 158224 ----a-w- c:\windows\SysWOW64\CbFsMntNtf3.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-09-15 59720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-02-18 283160]
"HPUsageTracking"="c:\program files (x86)\HP\HP UT\bin\hppusg.exe" [2009-05-11 24576]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2013-01-08 577536]
"StatusAlerts"="c:\program files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" [2012-07-18 313248]
.
c:\users\Jaroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CPP - CalcServer.lnk - c:\cpp\CppKalkulacky\CppCalcServer.exe [2014-1-13 1014272]
Kooperativa - PDF Server.lnk - c:\program files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe [2012-7-18 10620928]
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
R3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 HP DS Service;HP DS Service;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys;c:\windows\SYSNATIVE\DRIVERS\stdcfltn.sys [x]
S1 cbfs3;cbfs3;c:\windows\system32\drivers\cbfs3.sys;c:\windows\SYSNATIVE\drivers\cbfs3.sys [x]
S1 ccSet_NST;Norton Identity Safe Settings Manager;c:\windows\system32\drivers\NSTx64\7DE07080.017\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NSTx64\7DE07080.017\ccSetx64.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
S2 CxUtilSvc;CxUtilSvc;c:\program files\Conexant\SA3\CxUtilSvc.exe;c:\program files\Conexant\SA3\CxUtilSvc.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NCO;Norton Identity Safe;c:\program files (x86)\Norton Identity Safe\Engine\2014.7.8.23\NST.exe;c:\program files (x86)\Norton Identity Safe\Engine\2014.7.8.23\NST.exe [x]
S2 OkiJaSvc;Print Job Accounting;c:\program files\Okidata\Print Job Accounting\oklogsvc.exe;c:\program files\Okidata\Print Job Accounting\oklogsvc.exe [x]
S2 OkiWchSvc;Print Job Accounting Watch Service;c:\program files\Okidata\Print Job Accounting\okwchsvc.exe;c:\program files\Okidata\Print Job Accounting\okwchsvc.exe [x]
S2 opja0004;Print Job Accounting opja0004;c:\program files\Okidata\Print Job Accounting\opja0004.exe;c:\program files\Okidata\Print Job Accounting\opja0004.exe [x]
S2 OpLclSrv;OKI Local Port Manager;c:\program files\Okidata\Common\Extend3\portmgrsrv.exe;c:\program files\Okidata\Common\Extend3\portmgrsrv.exe [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys;c:\windows\SYSNATIVE\DRIVERS\Accelern.sys [x]
S3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 tihub3;TI USB3 Hub Service;c:\windows\system32\DRIVERS\tihub3.sys;c:\windows\SYSNATIVE\DRIVERS\tihub3.sys [x]
S3 tixhci;TI XHCI Service;c:\windows\system32\DRIVERS\tixhci.sys;c:\windows\SYSNATIVE\DRIVERS\tixhci.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-28 15:45 1089352 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-11-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-01 09:42]
.
2014-11-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-26 08:57]
.
2014-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-26 08:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1EldosIconOverlay]
@="{65A971D5-DC68-4EA6-ABAD-705B78DB6919}"
[HKEY_CLASSES_ROOT\CLSID\{65A971D5-DC68-4EA6-ABAD-705B78DB6919}]
2012-04-09 15:27 190480 ----a-w- c:\windows\System32\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-04-09 15:27 190480 ----a-w- c:\windows\System32\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-08-08 08:34 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-08-08 08:34 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-08-08 08:34 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-08-08 08:34 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-08-08 08:34 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-20 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-20 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-20 416024]
"SmartAudio"="c:\program files\CONEXANT\SA3\SACpl.exe" [2011-09-09 1628288]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2012-01-04 1935120]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-05-19 10365952]
"HP Color LaserJet CM2320 MFP Series Fax"="c:\program files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe" [2009-09-22 3700736]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-03-24 2184520]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-03-18 767312]
"Network Configuration"="c:\program files (x86)\Okidata\ActKey\Network Configuration.exe" [2012-08-27 725280]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.idnes.cz/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.symantec.com/redirects/security_res ... =20.4.0.40
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: dell.com
TCP: DhcpNameServer = 84.16.103.65 84.16.96.2
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NCO]
"ImagePath"="\"c:\program files (x86)\Norton Identity Safe\Engine\2014.7.8.23\NST.exe\" /s \"NCO\" /m \"c:\program files (x86)\Norton Identity Safe\Engine\2014.7.8.23\diMaster.dll\" /prefetch:1"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-11-03 07:58:17 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-11-03 06:58
ComboFix2.txt 2014-11-02 14:43
.
Před spuštěním: Volných bajtů: 557 684 572 160
Po spuštění: Volných bajtů: 557 359 173 632
.
- - End Of File - - 68EC2CE2FA9F8C5FAB189468A4779C02

VIRY.CZ

Neznámá ikona - vir?

Neznámá ikona - vir?

Re: Neznámá ikona - vir?

Re: Neznámá ikona - vir?

Re: Neznámá ikona - vir?

Re: Neznámá ikona - vir?

Re: Neznámá ikona - vir?

Re: Neznámá ikona - vir?

Re: Neznámá ikona - vir?

Re: Neznámá ikona - vir?

Re: Neznámá ikona - vir?

Re: Neznámá ikona - vir?

Re: Neznámá ikona - vir?

Re: Neznámá ikona - vir?

Re: Neznámá ikona - vir?

Re: Neznámá ikona - vir?