Dobrý den, bohužel jsem si ten program nainstaloval a teď se ho nemůžu zbavit. Prosím rádce o pomoc. Posílám log z RSITu. Děkuji. Sekyra
Logfile of random's system information tool 1.10 (written by random/random)
Run by uzivatel at 2014-11-06 10:34:57
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 234 GB (77%) free of 305 GB
Total RAM: 1023 MB (11% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:35:31, on 6.11.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Elex-tech\YAC\iSafeSvc.exe
C:\Program Files\Elex-tech\YAC\iSafeSvc2.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Elex-tech\YAC\iSafeTray.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler.exe
C:\Program Files\OO Software\Defrag\oodag.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Program Files\OO Software\Defrag\oodtray.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\uzivatel\Data aplikací\Dropbox\bin\Dropbox.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\uzivatel\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\uzivatel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - (no file)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Google Update] "C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil11c_Plugin.exe -update plugin (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil11c_Plugin.exe -update plugin (User 'Default user')
O4 - Startup: Dropbox.lnk = ?
O4 - Global Startup: O&O Defrag Tray.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra 'Tools' menuitem: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{294AE381-EE6D-4033-B791-9F27DFE63972}: NameServer = 88.103.219.2
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O20 - AppInit_DLLs: c:\progra~1\google\go333c~1\goec62~1.dll
O20 - Winlogon Notify: TPSvc - TPSvc.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: TP-LINK Configuration Service (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate1c9ab2f2dc67244) (gupdate1c9ab2f2dc67244) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\WINDOWS\system32\hasplms.exe (file missing)
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: YAC Service (iSafeService) - Elex do Brasil Participaçoes Ltda - C:\Program Files\Elex-tech\YAC\iSafeSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: PHPGeekUtil - Unknown owner - (no file)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
--
End of file - 10654 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\1-Click PC Care Reminder.job - C:\Program Files\Wondershare\1-Click PC Care\reminder.exe -s "reminder_00.html"
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job - C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\Google Software Updater.job - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe scheduled_start
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-18Core.job - C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-18UA.job - C:\WINDOWS\system32\config\systemprofile\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\87gpy156.default
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"fiddlerhook@fiddler2.com"=C:\Program Files\Fiddler2\FiddlerHook
"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pack.google.com/Google Updater;version=14]
"Description"=Google Updater
"Path"=C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{3112ca9c-de6d-4884-a869-9855de68056c}
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Program Files\Mozilla Firefox\components\
GoogleDesktopMozilla.dll
GoogleDesktopMozillaStub.js
GoogleDesktopMozillaStub.xpt
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
install.rdf
np-mswmp.dll
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
np_gp.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-11-06 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-18 457712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-11-06 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LGODDFU"=C:\Program Files\lg_fwupdate\fwupdate.exe [2005-04-12 229376]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-07 30192]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"SpywareTerminatorShield"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2012-09-07 2777296]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2011-01-07 111208]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2013-10-23 5039400]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-01-07 13880424]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-01 4085896]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface]
C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Akamai\netsession_win.exe [2013-06-05 4489472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2011-01-12 49208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
C:\Program Files\Ahead\InCD\InCD.exe [2006-11-02 1397760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2006-02-10 2048000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2011-01-07 13880424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2011-01-07 111208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-11-04 1753192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pinnacle WebUpdater]
C:\Program Files\Pinnacle\Shared Files\Programs\WebUpdater\WebUpdater.exe [2006-06-08 385024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [2004-11-02 32768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2006-07-21 16261632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater]
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2013-04-03 3684488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipDiscount]
C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe [2013-06-23 19428168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2009-11-18 275072]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
O&O Defrag Tray.lnk - C:\WINDOWS\Installer\{95E6C53F-F92D-4232-B700-1842806F59B6}\DefragIcon.exe
C:\Documents and Settings\uzivatel\Nabídka Start\Programy\Po spuštění
Dropbox.lnk - C:\Documents and Settings\uzivatel\Data aplikací\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" c:\progra~1\google\go333c~1\goec62~1.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\TPSvc]
TPSvc.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"=C:\PROGRA~1\DVDREG~1\DVDShell.dll [2004-10-09 49152]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe:LocalSubNet:Enabled:PMSManager.exe"
"C:\Program Files\Pinnacle\Studio 10\programs\RM.exe"="C:\Program Files\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 10\programs\umi.exe"="C:\Program Files\Pinnacle\Studio 10\programs\umi.exe:*:Enabled:umi"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe"="C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe:*:Enabled:VoipDiscount"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Akamai\netsession_win.exe"="C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Interface"
"C:\Program Files\Spyware Terminator\SpywareTerminator.exe"="C:\Program Files\Spyware Terminator\SpywareTerminator.exe:*:Enabled:Spyware Terminator 2012"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Spyware Terminator 2012"
"C:\Program Files\HP\HP Software Update\hpwucli.exe"="C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Cisco Packet Tracer 6.0.1\bin\PacketTracer6.exe"="C:\Program Files\Cisco Packet Tracer 6.0.1\bin\PacketTracer6.exe:*:Enabled:PacketTracer6"
"C:\Documents and Settings\uzivatel\Data aplikací\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\uzivatel\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HP\HP Software Update\hpwucli.exe"="C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer5"=wdmaud.drv
======File associations======
.reg - edit -
.reg - open -
======List of files/folders created in the last 1 month======
2014-11-06 10:34:57 ----D---- C:\rsit
2014-11-06 10:34:57 ----D---- C:\Program Files\trend micro
2014-11-06 09:02:31 ----A---- C:\WINDOWS\system32\javaws.exe
2014-11-06 09:02:20 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-11-06 09:02:20 ----A---- C:\WINDOWS\system32\javaw.exe
2014-11-06 09:02:20 ----A---- C:\WINDOWS\system32\java.exe
2014-11-01 20:32:47 ----A---- C:\WINDOWS\system32\sqlite3.dll
2014-10-31 20:30:26 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Lavasoft
2014-10-31 20:04:08 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\LavasoftStatistics
2014-10-31 17:59:34 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Media Player Classic
2014-10-30 09:26:17 ----D---- C:\sh4ldr
2014-10-27 17:26:36 ----A---- C:\WINDOWS\system32\drivers\EsgScanner.sys
2014-10-27 17:14:34 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\spotmau
2014-10-27 17:13:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp360
2014-10-27 17:13:05 ----D---- C:\Program Files\Wondershare
2014-10-24 18:56:02 ----A---- C:\WINDOWS\system32\drivers\iSafeNetFilter.sys
2014-10-24 18:55:34 ----D---- C:\Program Files\Elex-tech
2014-10-24 18:54:42 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Elex-tech
2014-10-22 18:25:18 ----A---- C:\WINDOWS\system32\taskkill.exe
2014-10-22 17:58:30 ----D---- C:\Program Files\DLLSuite
2014-10-22 17:16:19 ----D---- C:\WINDOWS\ERUNT
2014-10-22 16:48:04 ----D---- C:\AdwCleaner
2014-10-21 09:20:10 ----D---- C:\Program Files\Mozilla Firefox
2014-10-17 20:53:25 ----D---- C:\WINDOWS\system32\MpEngineStore
2014-10-17 20:51:12 ----D---- C:\eaca0b1a2b4e658f82822b
======List of files/folders modified in the last 1 month======
2014-11-06 10:34:57 ----D---- C:\Program Files
2014-11-06 10:33:57 ----D---- C:\WINDOWS\Prefetch
2014-11-06 10:25:07 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Dropbox
2014-11-06 10:23:40 ----D---- C:\WINDOWS\system32\CatRoot2
2014-11-06 10:23:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2014-11-06 10:23:19 ----D---- C:\WINDOWS\Temp
2014-11-06 10:22:55 ----D---- C:\Config.Msi
2014-11-06 10:22:13 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-11-06 09:59:25 ----D---- C:\Program Files\Opera
2014-11-06 09:55:16 ----SD---- C:\WINDOWS\Tasks
2014-11-06 09:52:16 ----SHD---- C:\WINDOWS\Installer
2014-11-06 09:50:08 ----D---- C:\WINDOWS\system32
2014-11-06 09:46:22 ----D---- C:\WINDOWS\WinSxS
2014-11-06 09:40:39 ----RSD---- C:\WINDOWS\assembly
2014-11-06 09:02:51 ----D---- C:\Program Files\Common Files\Java
2014-11-06 08:36:45 ----D---- C:\WINDOWS
2014-11-05 16:18:20 ----D---- C:\Program Files\Common Files
2014-11-05 16:18:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2014-11-05 16:17:50 ----D---- C:\WINDOWS\system32\drivers
2014-10-31 20:00:11 ----HD---- C:\WINDOWS\inf
2014-10-31 19:30:33 ----D---- C:\WINDOWS\Microsoft.NET
2014-10-31 18:58:40 ----DC---- C:\WINDOWS\system32\DRVSTORE
2014-10-31 18:15:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2014-10-31 18:13:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2014-10-31 18:13:26 ----RD---- C:\Program Files\Skype
2014-10-31 17:59:53 ----D---- C:\Program Files\QuickTime Alternative
2014-10-31 17:59:44 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Apple Computer
2014-10-31 17:59:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2014-10-31 17:51:29 ----D---- C:\Program Files\Microsoft Office
2014-10-31 17:47:10 ----D---- C:\Program Files\Safari
2014-10-31 17:45:12 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2014-10-31 17:45:12 ----RSD---- C:\WINDOWS\Fonts
2014-10-31 17:42:01 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2014-10-31 17:42:00 ----D---- C:\Program Files\IKEA HomePlanner
2014-10-31 17:41:25 ----D---- C:\Program Files\CyberLink DVD Solution
2014-10-31 17:41:23 ----HD---- C:\Program Files\InstallShield Installation Information
2014-10-31 17:36:53 ----D---- C:\Program Files\Microsoft
2014-10-31 17:25:37 ----D---- C:\WINDOWS\system32\URTTemp
2014-10-31 17:25:26 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-31 17:25:20 ----D---- C:\WINDOWS\Registration
2014-10-31 17:19:59 ----D---- C:\Program Files\Java
2014-10-31 17:16:02 ----D---- C:\Program Files\EasyPHP-5.3.5.0
2014-10-31 17:13:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\Autodesk
2014-10-31 13:48:08 ----D---- C:\Program Files\Microsoft Visual Studio 9.0
2014-10-31 13:47:40 ----AC---- C:\WINDOWS\ODBC.INI
2014-10-31 13:33:35 ----D---- C:\Program Files\Microsoft.NET
2014-10-31 13:19:39 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-10-31 13:19:36 ----D---- C:\WINDOWS\system32\1033
2014-10-31 12:37:24 ----D---- C:\Program Files\MSBuild
2014-10-27 18:40:21 ----D---- C:\Program Files\ESET
2014-10-27 17:26:12 ----D---- C:\Program Files\Enigma Software Group
2014-10-27 16:55:05 ----D---- C:\WINDOWS\Minidump
2014-10-27 16:12:43 ----D---- C:\WINDOWS\system32\config
2014-10-26 13:08:53 ----AC---- C:\WINDOWS\wincmd.ini
2014-10-25 12:19:03 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-10-24 20:44:12 ----D---- C:\Program Files\Mozilla Thunderbird
2014-10-24 20:41:31 ----D---- C:\Program Files\Common Files\Adobe AIR
2014-10-24 20:21:50 ----D---- C:\WINDOWS\Logs
2014-10-24 20:21:50 ----D---- C:\WINDOWS\Debug
2014-10-24 20:21:49 ----SD---- C:\WINDOWS\Downloaded Program Files
2014-10-24 20:02:55 ----D---- C:\Program Files\Security Task Manager
2014-10-24 09:49:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-10-23 10:38:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\HitmanPro
2014-10-22 18:13:15 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-10-21 09:11:09 ----A---- C:\checkrun.txt
2014-10-19 10:27:10 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-10-17 20:51:57 ----D---- C:\WINDOWS\system32\MRT
2014-10-17 20:51:27 ----AC---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-07-18 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-07-18 192352]
R0 oodrvled;oodrvled; C:\WINDOWS\system32\DRIVERS\oodrvled.sys [2011-03-02 25680]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-11-20 43872]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-10-05 691696]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2014-07-18 55112]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-07-18 779536]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-07-18 414520]
R1 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2014-07-18 57800]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2005-07-08 29696]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2006-11-02 28672]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 iSafeKrnl;YAC Mini-Filter Driver; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys []
R1 iSafeKrnlKit;YAC Kit Driver; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys []
R1 iSafeKrnlR3;YAC Ring3 Driver; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys []
R1 iSafeNetFilter;YAC NDIS Driver; C:\WINDOWS\system32\DRIVERS\iSafeNetFilter.sys [2014-09-22 55464]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 aksfridge;Sentinel Fridge; C:\WINDOWS\system32\DRIVERS\aksfridge.sys [2013-03-15 376200]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-07-18 24184]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-07-18 67824]
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R3 3xHybrid;Pinnacle PCTV 310i Stereo DVB-T; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-09-02 827008]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-07-24 4353024]
R3 JSWSCIMD;jswscimd Service; C:\WINDOWS\system32\DRIVERS\jswscimd.sys [2011-03-31 57440]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-01-08 9888672]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2010-11-12 100456]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-08-14 83200]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2005-07-08 99584]
S0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys []
S1 sbaphd;sbaphd; C:\WINDOWS\system32\drivers\sbaphd.sys []
S2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys []
S2 sbapifs;sbapifs; C:\WINDOWS\system32\drivers\sbapifs.sys []
S3 a0joiuwd;a0joiuwd; C:\WINDOWS\system32\drivers\a0joiuwd.sys []
S3 akshasp;SafeNet Inc. HASP Key; C:\WINDOWS\system32\DRIVERS\akshasp.sys [2013-03-15 244040]
S3 akshhl;SafeNet Inc. Sentinel HL Key; C:\WINDOWS\system32\DRIVERS\akshhl.sys [2013-03-15 53192]
S3 aksusb;SafeNet Inc. USB Key; C:\WINDOWS\system32\DRIVERS\aksusb.sys [2013-03-15 295944]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2009-08-05 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2009-08-05 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2009-08-05 21568]
S3 iSafeKrnlBoot;YAC Boot Driver; C:\WINDOWS\system32\DRIVERS\iSafeKrnlBoot.sys []
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2011-03-31 58208]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACS;TP-LINK Configuration Service; C:\WINDOWS\system32\acs.exe [2011-03-31 499796]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-18 50344]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 iSafeService;YAC Service; C:\Program Files\Elex-tech\YAC\iSafeSvc.exe [2014-10-08 118048]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2014-11-06 182696]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2011-01-07 156776]
R2 OODefragAgent;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2013-10-23 2034472]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2012-09-07 587472]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1c9ab2f2dc67244;Služba Google Update (gupdate1c9ab2f2dc67244); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S2 hasplms;HASP License Manager; C:\WINDOWS\system32\hasplms.exe -run []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-19 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-07 30192]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20 107912]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-09 194104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2005-07-08 871424]
S3 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-21 114288]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
YAC - Yet Another Cleaner (PUP)
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: YAC - Yet Another Cleaner (PUP)
ahoj,
stiahni a uloz na plochu ComboFix
potom spust pod uctom s administratorskym opravnenim
akcia trva cca. 5-10 minut, niekedy i dlhsie -, Pocas scanu nespustaj ziadne ine aplikacie
Nie je dovod na paniku ak stroj bude restartovany
upozornenie: ak pouzivas antispyware s rezidentnim stitem, ten pred scanom vypni.
po restarte aplikacie vytvori log, ulozeny na C:\Combofix.txt (jeho obsah vloz sem)
stiahni a uloz na plochu ComboFix
potom spust pod uctom s administratorskym opravnenim
akcia trva cca. 5-10 minut, niekedy i dlhsie -, Pocas scanu nespustaj ziadne ine aplikacie
Nie je dovod na paniku ak stroj bude restartovany
upozornenie: ak pouzivas antispyware s rezidentnim stitem, ten pred scanom vypni.
po restarte aplikacie vytvori log, ulozeny na C:\Combofix.txt (jeho obsah vloz sem)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: YAC - Yet Another Cleaner (PUP)
Ahoj, provedl jsem dle pokynů, posílám log z ComboFixu:
ComboFix 14-10-29.01 - uzivatel 06.11.2014 16:52:01.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.573 [GMT 1:00]
Spuštěný z: c:\documents and settings\uzivatel\Dokumenty\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\$msi31uninstall_kb893803v2$
c:\windows\$msi31uninstall_kb893803v2$\msi.dll
c:\windows\$msi31uninstall_kb893803v2$\msiexec.exe
c:\windows\$msi31uninstall_kb893803v2$\msihnd.dll
c:\windows\$msi31uninstall_kb893803v2$\msimsg.dll
c:\windows\$msi31uninstall_kb893803v2$\msisip.dll
c:\windows\$msi31uninstall_kb893803v2$\reg00013
c:\windows\$msi31uninstall_kb893803v2$\reg00014
c:\windows\$msi31uninstall_kb893803v2$\reg00015
c:\windows\$msi31uninstall_kb893803v2$\reg00016
c:\windows\$msi31uninstall_kb893803v2$\reg00017
c:\windows\$msi31uninstall_kb893803v2$\reg00018
c:\windows\$msi31uninstall_kb893803v2$\reg00019
c:\windows\$msi31uninstall_kb893803v2$\reg00020
c:\windows\$msi31uninstall_kb893803v2$\reg00021
c:\windows\$msi31uninstall_kb893803v2$\reg00022
c:\windows\$msi31uninstall_kb893803v2$\reg00023
c:\windows\$msi31uninstall_kb893803v2$\reg00024
c:\windows\$msi31uninstall_kb893803v2$\reg00025
c:\windows\$msi31uninstall_kb893803v2$\reg00026
c:\windows\$msi31uninstall_kb893803v2$\reg00027
c:\windows\$msi31uninstall_kb893803v2$\reg00028
c:\windows\$msi31uninstall_kb893803v2$\reg00029
c:\windows\$msi31uninstall_kb893803v2$\reg00030
c:\windows\$msi31uninstall_kb893803v2$\reg00031
c:\windows\$msi31uninstall_kb893803v2$\reg00032
c:\windows\$msi31uninstall_kb893803v2$\reg00033
c:\windows\$msi31uninstall_kb893803v2$\reg00034
c:\windows\$msi31uninstall_kb893803v2$\reg00035
c:\windows\$msi31uninstall_kb893803v2$\reg00036
c:\windows\$msi31uninstall_kb893803v2$\reg00037
c:\windows\$msi31uninstall_kb893803v2$\reg00038
c:\windows\$msi31uninstall_kb893803v2$\reg00039
c:\windows\$msi31uninstall_kb893803v2$\reg00040
c:\windows\$msi31uninstall_kb893803v2$\reg00041
c:\windows\$msi31uninstall_kb893803v2$\reg00042
c:\windows\$msi31uninstall_kb893803v2$\reg00043
c:\windows\$msi31uninstall_kb893803v2$\reg00044
c:\windows\$msi31uninstall_kb893803v2$\reg00045
c:\windows\$msi31uninstall_kb893803v2$\reg00046
c:\windows\$msi31uninstall_kb893803v2$\reg00047
c:\windows\$msi31uninstall_kb893803v2$\reg00048
c:\windows\$msi31uninstall_kb893803v2$\reg00051
c:\windows\$msi31uninstall_kb893803v2$\reg00052
c:\windows\$msi31uninstall_kb893803v2$\reg00053
c:\windows\$msi31uninstall_kb893803v2$\reg00054
c:\windows\$msi31uninstall_kb893803v2$\reg00055
c:\windows\$msi31uninstall_kb893803v2$\reg00056
c:\windows\$msi31uninstall_kb893803v2$\reg00057
c:\windows\$msi31uninstall_kb893803v2$\reg00058
c:\windows\$msi31uninstall_kb893803v2$\reg00059
c:\windows\$msi31uninstall_kb893803v2$\reg00060
c:\windows\$msi31uninstall_kb893803v2$\reg00061
c:\windows\$msi31uninstall_kb893803v2$\reg00062
c:\windows\$msi31uninstall_kb893803v2$\reg00063
c:\windows\$msi31uninstall_kb893803v2$\reg00064
c:\windows\$msi31uninstall_kb893803v2$\reg00065
c:\windows\$msi31uninstall_kb893803v2$\reg00066
c:\windows\$msi31uninstall_kb893803v2$\reg00067
c:\windows\$msi31uninstall_kb893803v2$\reg00068
c:\windows\$msi31uninstall_kb893803v2$\reg00069
c:\windows\$msi31uninstall_kb893803v2$\reg00070
c:\windows\$msi31uninstall_kb893803v2$\reg00071
c:\windows\$msi31uninstall_kb893803v2$\reg00072
c:\windows\$msi31uninstall_kb893803v2$\reg00073
c:\windows\$msi31uninstall_kb893803v2$\reg00074
c:\windows\$msi31uninstall_kb893803v2$\reg00075
c:\windows\$msi31uninstall_kb893803v2$\reg00076
c:\windows\$msi31uninstall_kb893803v2$\reg00077
c:\windows\$msi31uninstall_kb893803v2$\reg00078
c:\windows\$msi31uninstall_kb893803v2$\reg00079
c:\windows\$msi31uninstall_kb893803v2$\reg00080
c:\windows\$msi31uninstall_kb893803v2$\reg00081
c:\windows\$msi31uninstall_kb893803v2$\reg00082
c:\windows\$msi31uninstall_kb893803v2$\reg00083
c:\windows\$msi31uninstall_kb893803v2$\reg00084
c:\windows\$msi31uninstall_kb893803v2$\reg00085
c:\windows\$msi31uninstall_kb893803v2$\reg00086
c:\windows\$msi31uninstall_kb893803v2$\reg00087
c:\windows\$msi31uninstall_kb893803v2$\reg00088
c:\windows\$msi31uninstall_kb893803v2$\reg00089
c:\windows\$msi31uninstall_kb893803v2$\reg00090
c:\windows\$msi31uninstall_kb893803v2$\reg00091
c:\windows\$msi31uninstall_kb893803v2$\reg00092
c:\windows\$msi31uninstall_kb893803v2$\reg00093
c:\windows\$msi31uninstall_kb893803v2$\reg00094
c:\windows\$msi31uninstall_kb893803v2$\reg00095
c:\windows\$msi31uninstall_kb893803v2$\reg00096
c:\windows\$msi31uninstall_kb893803v2$\reg00097
c:\windows\$msi31uninstall_kb893803v2$\reg00098
c:\windows\$msi31uninstall_kb893803v2$\reg00099
c:\windows\$msi31uninstall_kb893803v2$\reg00100
c:\windows\$msi31uninstall_kb893803v2$\reg00101
c:\windows\$msi31uninstall_kb893803v2$\reg00102
c:\windows\$msi31uninstall_kb893803v2$\reg00103
c:\windows\$msi31uninstall_kb893803v2$\reg00104
c:\windows\$msi31uninstall_kb893803v2$\reg00105
c:\windows\$msi31uninstall_kb893803v2$\reg00106
c:\windows\$msi31uninstall_kb893803v2$\reg00107
c:\windows\$msi31uninstall_kb893803v2$\reg00108
c:\windows\$msi31uninstall_kb893803v2$\reg00109
c:\windows\$msi31uninstall_kb893803v2$\reg00110
c:\windows\$msi31uninstall_kb893803v2$\reg00111
c:\windows\$msi31uninstall_kb893803v2$\reg00112
c:\windows\$msi31uninstall_kb893803v2$\reg00113
c:\windows\$msi31uninstall_kb893803v2$\reg00114
c:\windows\$msi31uninstall_kb893803v2$\reg00115
c:\windows\$msi31uninstall_kb893803v2$\reg00116
c:\windows\$msi31uninstall_kb893803v2$\spuninst\spuninst.exe
c:\windows\$msi31uninstall_kb893803v2$\spuninst\spuninst.inf
c:\windows\$msi31uninstall_kb893803v2$\spuninst\spuninst.txt
c:\windows\$msi31uninstall_kb893803v2$\spuninst\updspapi.dll
c:\windows\AutoRun.ini
c:\windows\d.ini
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\SET39.tmp
c:\windows\system32\SET3E.tmp
c:\windows\system32\SET45.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-10-06 do 2014-11-06 )))))))))))))))))))))))))))))))
.
.
2014-11-06 16:14 . 2014-11-06 16:14 7271 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2014-11-06 16:14 . 2014-11-06 16:14 8782 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2014-11-06 09:34 . 2014-11-06 09:35 -------- d-----w- C:\rsit
2014-11-06 09:34 . 2014-11-06 09:35 -------- d-----w- c:\program files\trend micro
2014-11-06 08:02 . 2014-11-06 08:02 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-11-01 19:32 . 2010-08-30 07:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-10-31 19:30 . 2014-10-31 19:30 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\Lavasoft
2014-10-31 17:44 . 2014-10-31 17:44 -------- d-----w- c:\documents and settings\All Users\Data aplikacÝ
2014-10-31 17:13 . 2014-10-31 17:13 -------- d-----w- c:\documents and settings\LocalService\Plocha
2014-10-31 16:59 . 2014-10-31 16:59 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\Media Player Classic
2014-10-30 08:27 . 2014-10-30 08:27 110080 ----a-r- c:\documents and settings\uzivatel\Data aplikací\Microsoft\Installer\{AF549236-6258-4AC6-A043-5B5B89C6EB61}\IconCF33A0CE.exe
2014-10-30 08:27 . 2014-10-30 08:27 110080 ----a-r- c:\documents and settings\uzivatel\Data aplikací\Microsoft\Installer\{AF549236-6258-4AC6-A043-5B5B89C6EB61}\IconD7F16134.exe
2014-10-30 08:27 . 2014-10-30 08:27 110080 ----a-r- c:\documents and settings\uzivatel\Data aplikací\Microsoft\Installer\{AF549236-6258-4AC6-A043-5B5B89C6EB61}\IconF7A21AF7.exe
2014-10-30 08:26 . 2014-10-30 08:26 -------- d-----w- C:\sh4ldr
2014-10-27 16:26 . 2014-10-27 16:26 19984 ----a-w- c:\windows\system32\drivers\EsgScanner.sys
2014-10-27 16:14 . 2014-10-27 16:14 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\spotmau
2014-10-27 16:13 . 2014-10-30 16:20 -------- d-----w- c:\documents and settings\All Users\Data aplikací\TuneUp360
2014-10-27 16:13 . 2014-10-30 08:02 -------- d-----w- c:\program files\Wondershare
2014-10-24 17:56 . 2014-09-22 12:13 55464 ----a-w- c:\windows\system32\drivers\iSafeNetFilter.sys
2014-10-24 17:55 . 2014-10-24 17:55 -------- d-----w- c:\program files\Elex-tech
2014-10-24 17:54 . 2014-10-24 17:54 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\Elex-tech
2014-10-22 17:25 . 2008-04-14 02:22 77312 ----a-w- c:\windows\system32\taskkill.exe
2014-10-22 17:23 . 2009-07-14 01:14 77824 ----a-w- c:\windows\system32\taskkill.puv
2014-10-22 17:13 . 2014-10-22 17:13 33280 -c--a-w- c:\windows\system32\dllcache\snmp.exe
2014-10-22 17:13 . 2014-10-22 17:13 50688 -c--a-w- c:\windows\system32\dllcache\smss.exe
2014-10-22 17:13 . 2014-10-22 17:13 236544 -c--a-w- c:\windows\system32\dllcache\smi2smir.exe
2014-10-22 17:13 . 2014-10-22 17:13 119808 -c--a-w- c:\windows\system32\dllcache\mtstocom.exe
2014-10-22 17:13 . 2014-10-22 17:13 40960 -c--a-w- c:\windows\system32\dllcache\msiregmv.exe
2014-10-22 17:12 . 2014-10-22 17:12 7680 -c--a-w- c:\windows\system32\dllcache\migregdb.exe
2014-10-22 17:12 . 2014-10-22 17:12 13312 -c--a-w- c:\windows\system32\dllcache\lsass.exe
2014-10-22 17:12 . 2014-10-22 17:12 267776 -c--a-w- c:\windows\system32\dllcache\fxssvc.exe
2014-10-22 17:12 . 2014-10-22 17:12 229376 -c--a-w- c:\windows\system32\dllcache\fxscover.exe
2014-10-22 17:12 . 2014-10-22 17:12 142848 -c--a-w- c:\windows\system32\dllcache\fxsclnt.exe
2014-10-22 17:07 . 2014-10-22 17:07 24632 -c--a-w- c:\windows\system32\dllcache\fpadmcgi.exe
2014-10-22 17:07 . 2014-10-22 17:07 1033728 -c--a-w- c:\windows\system32\dllcache\explorer.exe
2014-10-22 17:07 . 2014-10-22 17:07 92160 -c--a-w- c:\windows\system32\dllcache\evntwin.exe
2014-10-22 17:07 . 2014-10-22 17:07 24064 -c--a-w- c:\windows\system32\dllcache\evntcmd.exe
2014-10-22 17:07 . 2014-10-22 17:07 15360 -c--a-w- c:\windows\system32\dllcache\ctfmon.exe
2014-10-22 17:07 . 2014-10-22 17:07 6144 -c--a-w- c:\windows\system32\dllcache\csrss.exe
2014-10-22 17:07 . 2014-10-22 17:07 64000 -c--a-w- c:\windows\system32\dllcache\cleanmgr.exe
2014-10-22 17:07 . 2014-10-22 17:07 44544 -c--a-w- c:\windows\system32\dllcache\alg.exe
2014-10-22 16:58 . 2014-10-22 16:58 -------- d-----w- c:\program files\DLLSuite
2014-10-22 16:16 . 2014-10-22 16:16 -------- d-----w- c:\windows\ERUNT
2014-10-22 15:48 . 2014-11-06 09:20 -------- d-----w- C:\AdwCleaner
2014-10-17 19:53 . 2014-10-18 17:52 -------- d-----w- c:\windows\system32\MpEngineStore
2014-10-17 19:51 . 2014-10-17 20:08 -------- d-----w- C:\eaca0b1a2b4e658f82822b
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-06 08:02 . 2007-06-30 23:41 145408 ----a-w- c:\windows\system32\javacpl.cpl
2014-10-19 09:27 . 2012-04-01 13:17 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-10-19 09:27 . 2011-06-28 14:53 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2004-10-01 14:00 . 2007-03-15 12:10 40960 -c--a-w- c:\program files\Uninstall_CDS.exe
2010-08-07 08:44 . 2014-10-21 08:20 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-18 08:56 578240 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2005-04-12 229376]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-07 30192]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"SpywareTerminatorShield"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2012-09-07 2777296]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-07 111208]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2013-10-23 5039400]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-01 4085896]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2014-09-26 271744]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Guest\Nabídka Start\Programy\Po spuštění\
prf33.tmp [2009-10-27 0]
.
c:\documents and settings\uzivatel\Nabídka Start\Programy\Po spuštění\
Dropbox.lnk - c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\Dropbox.exe /systemstartup [2014-9-13 36414624]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
O&O Defrag Tray.lnk - c:\windows\Installer\{95E6C53F-F92D-4232-B700-1842806F59B6}\DefragIcon.exe [2014-8-16 292878]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"= "c:\progra~1\DVDREG~1\DVDShell.dll" [2004-10-09 49152]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface]
2013-06-04 23:01 4489472 ----a-w- c:\documents and settings\uzivatel\Local Settings\Data aplikací\Akamai\netsession_win.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2011-01-12 11:21 49208 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
2006-11-02 06:55 1397760 ------w- c:\program files\Ahead\InCD\InCD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
2006-02-10 19:40 2048000 -c----w- c:\program files\Ahead\Nero BackItUp\NBJ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2011-01-07 17:58 13880424 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2011-01-07 17:58 111208 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2010-11-04 06:51 1753192 ----a-w- c:\program files\NVIDIA Corporation\nview\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pinnacle WebUpdater]
2006-06-08 08:40 385024 -c--a-w- c:\program files\Pinnacle\Shared Files\Programs\WebUpdater\WebUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-02 19:24 32768 ----a-w- c:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-07-21 08:56 16261632 ------r- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater]
2013-04-03 01:19 3684488 ----a-w- c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2014-09-26 17:19 271744 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipDiscount]
2013-06-23 09:19 19428168 ----a-w- c:\program files\VoipDiscount.com\VoipDiscount\voipdiscount.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\VoipDiscount.com\\VoipDiscount\\VoipDiscount.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Documents and Settings\\uzivatel\\Local Settings\\Data aplikací\\Akamai\\netsession_win.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminator.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\HP\\HP Software Update\\hpwucli.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Cisco Packet Tracer 6.0.1\\bin\\PacketTracer6.exe"=
"c:\\Documents and Settings\\uzivatel\\Data aplikací\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [18.3.2013 13:19 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [18.3.2013 13:19 192352]
R0 oodrvled;oodrvled;c:\windows\system32\drivers\OODrvled.sys [2.3.2011 16:48 25680]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [5.10.2010 13:39 691696]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [12.8.2011 23:33 779536]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [12.8.2011 23:33 414520]
R1 iSafeKrnl;YAC Mini-Filter Driver;c:\program files\Elex-tech\YAC\iSafeKrnl.sys [24.10.2014 18:55 215080]
R1 iSafeKrnlR3;YAC Ring3 Driver;c:\program files\Elex-tech\YAC\iSafeKrnlR3.sys [24.10.2014 18:55 38440]
R1 iSafeNetFilter;YAC NDIS Driver;c:\windows\system32\drivers\iSafeNetFilter.sys [24.10.2014 18:56 55464]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [13.1.2014 19:03 32768]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [6.5.2014 10:48 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [18.3.2013 13:19 67824]
R2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [23.10.2013 12:25 2034472]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\Spyware Terminator\st_rsser.exe [30.11.2011 10:31 587472]
R3 3xHybrid;Pinnacle PCTV 310i Stereo DVB-T;c:\windows\system32\drivers\3xHybrid.sys [15.3.2007 12:42 827008]
R3 JSWSCIMD;jswscimd Service;c:\windows\system32\drivers\jswscimd.sys [16.4.2013 12:12 57440]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S1 iSafeKrnlKit;YAC Kit Driver;c:\program files\Elex-tech\YAC\iSafeKrnlKit.sys [24.10.2014 18:55 83112]
S1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys --> c:\windows\system32\drivers\sbaphd.sys [?]
S2 gupdate1c9ab2f2dc67244;Služba Google Update (gupdate1c9ab2f2dc67244);c:\program files\Google\Update\GoogleUpdate.exe [22.3.2009 21:45 107912]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]
S2 iSafeService;YAC Service;c:\program files\Elex-tech\YAC\iSafeSvc.exe [24.10.2014 18:55 118048]
S2 PHPGeekUtil;PHPGeekUtil; [x]
S2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys --> c:\windows\system32\drivers\sbapifs.sys [?]
S3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [7.1.2014 4:48 12288]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [23.3.2009 18:19 30192]
S3 iSafeKrnlBoot;YAC Boot Driver;c:\windows\system32\DRIVERS\iSafeKrnlBoot.sys --> c:\windows\system32\DRIVERS\iSafeKrnlBoot.sys [?]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-30 07:24 1089352 ----a-w- c:\program files\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-11-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 09:27]
.
2014-10-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
2014-11-06 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-18 08:56]
.
2014-10-24 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-22 07:26]
.
2014-10-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-22 07:17]
.
2014-10-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-22 07:17]
.
2014-04-08 c:\windows\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-12 23:28]
.
2014-11-06 c:\windows\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-12 23:28]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = about:blank
mSearch Bar = https://www.seznam.cz/?clid=22668
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{294AE381-EE6D-4033-B791-9F27DFE63972}: NameServer = 88.103.219.2
FF - ProfilePath - c:\documents and settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\87gpy156.default\
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKU-Default-RunOnce-FlashPlayerUpdate - c:\windows\system32\Macromed\Flash\FlashUtil11c_Plugin.exe
Notify-TPSvc - TPSvc.dll
MSConfigStartUp-Ad-Watch - c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-11-06 17:16
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_15_0_0_189_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_15_0_0_189_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="BEE5DB3A0726C58AB6CF4C65000D6FFD5C5F93C18D40DC42163553E5877A29A21FC2C8DD6FC21648A868F6BE39151A15CA25144BE79AB79043D1D2A270EB2EDB0775760678E97443239D3529D72507D4EA506F1878D0818BFC0B3023F64EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3DA6A0AC4980AC79339DB7CE019D40AA5C10B2B9AA900F368869EE0D65C8926FADBB26971B7E61504BA03823248E3B934FFEF2493548DA8A30A636F3E46FED45FC3CB3303390948BE878B64B2FA972A3FEAE7E429C9756ED49312A893D6066CAA6F7B21415C4E852931E733C4F280E611C30486DABBEDE6ECAC7B6297A1AA2B031F626D4AC75EA9C8208ABDDF3E1A32AB08568257034316EAD98EBC26ACE2880AB3837972A328E3771214229CD64ADAE4A2517583CA1F1A2F2497DDB2266E592A1AAB39481BFA74024C5BC2D506E0A737BFB358BA563A9159A6F438B777AA9172A350D1A6B92EF2C5C4AC48CB6F77BD058674654070CC124AD193AFE85592A115A2E560964DA844364F1A97C7CA528747BBAEEDEFDE18B0235C600762B86FD56CE654A572B73E6208778DA47E3D69ADD02BDFBE9EDDB3932C0EA5A458CB72311A71AC40EC473FDB3178CEFCCF19AC1630E2BDBCAFB2A6191E2ED31D311D6F8C10903C549F8201040694E237D6F356FABC4B020E512AD814BB12C0F9FE383C33A98C7F33CD475CCDF54D4D060E821DAB5D0F302385FF9F7E2C775A53871902DA1048597AAA7A4C4FBB52A7C8FB1091D515F89DAD055DA082DC40E47427084C0F2F84E9D6E060FEE57EE4B4B395CCE3623217D2A532A4D5953CAADECF45618EE7C2D2617F3C8CC2282E2AB0621448486244D4E92765703F6558000329EDDBB0C60570638BE8AAA1EE5FB321D1B047556A19B705B849D5F500390A6561D08905096B2DADAE12BA683BE27B5A0137F9C4EBACBC96E5E7B0039032AB33EE595ED5969FE07FA87D0F4D59BD286C6075AABFEE61EB5DBF63AAEE8CE7E3171810F5F26F7805EB9EC627D81E1F566E9887D8659ECD882D5D562EEFB33C4999B0B40A11BB3FEAA5C630CDA52C7878B873F1745346945F43495C1756FD4B8DC0DB4B7A881E54527CB50BEDCF959051FC1E31835C9CE31C170E46BABA7A698DF3941C79806272407952CAD860E756FBFDD463556B760EE162A8936306D73267A398987CE37E66D6F680551110752CAFE4647E7DC81B6538F25D73A53E959A878C67953590C687AF61CFBE5E6C3F51F6389DE6CB10FBF384146BCD71B2EC9EB9A43114A78DAC127ACA646EB28843CFAE659944572273CFA339AB72FC1AD0A3B133266CE2560DDD191A72E27A7EE55EC770A0AB7ED7A407EDF505A28B3BDB5EC8B3C9F88093E7BDE195E"
"OODEFRAG12.00.00.01PROFESSIONAL"="E45C92C93ED527CD2235CE4A01A06D55821BD52A357AB8CBED5C1DD237F739D3E45296124F44EBF8B4BD030A49CA1CB17B3CA140E3F3AE6E7CC922AE88EDC9B546D4EF6D5F0740D2A6DE4FE42318D119EC31B998D503BF29009C257C37342AD9C5CB025A9449419FD0AB17C8622E458C6C56A933ADE35660EB1978EB51C299A65187FE5A0BD9A3E3419C942950D33D55466C4F92FE78EEBCE86BBD33D8B2E9C510B97273D1ABAE6A388BD7FCA7F4957CF7985EBFD2451BA9519FED0944410022D8F8362F6B55BD422D38C0BD19A140D2B361DBC4A77400D7B427542CFC5158EE3A3FFB9A4E933EBB494784EA470EC1EA61B3FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808FEBC9E127BECC74CA2D97226D213B555A6171C11EC38DE3D32C1A7A679A9ADF9FD287CF29C781D8132471A96EFA8E60D747A88AC8D20BCDCF9C56A4EAEB312415AC79BB330A62088BE431F7BDB39388557B456EA1147E99F247A95C9307679768B88F8D4D9F2A014C831942C0441A5AD1B7AF168D71A3EFB5885D82F635C44154081EF5F1707BDE6213AA64C9AC92B3458A5F00568A4302916105834C49409FD78CD5185F853C92BEE89EFA363A47828F8925D41DBB76FBFABC6A93363111073890B6199A10ACAECACCE8321B8E6F0003EA13644E169D93F3E5DD72BE286571D9FDCD615CBA37B1C2BBB65D40767AB16BBB66C56BA91058BC709E1BEF9EF1006B6685F9342DACA0D0B0B0E73D0C2F42659BB66673E4E39E894023C37738C211E22D999D365ADDAF843F6EA56AAD7CB53531D7E885600F281C408CC7C2F5CA23906DF1ABA2AE0837B203E5DF9BDCC63A137CA02EE814DE2E54DDA6F9EA028638DDBAB69CE98F94D163FA6BA804709A4F9EABA33F4529EED07F641F1D04F78E3B6737402BDCCC5772B93F4CBAC9938A9AB26E348196D20AC3BDE841869569AD9346C75D6D676D1748463784C68194B4267F3446BFB8F446ABCF5721864E3222EEA3F6D488E5A72EBCE4AFCEE413E75F142B4DCBAE4053F29AA01DB9EDE3DE50020331E317B513FB699B6D9D86797AF71351BB048BCB08B1C879797491DB7FD9F80E64F5CD94791645AEBE3212F46B5AA9EB0C8989208642D39A77FAB06BF4A929A4B4A890ABC89B7670077D6937F09BE3FCFB2A817974C778BF26FCCA454EB9363285FED90C48B26005DF4FAAF8CEAFE3D28FE6320FA084C2A8B4BA72608498DB09560B09309BBDAC2C4408044C9E57521BEC12D29662131295CF72B5F038C26BE02A36DDF4588B3B4C6BF523729C5DBD7E914DACD9FE45DFE22DDB9C68124AE2BAF8336E6C99EC4BD4BDF4D913099A234D513B5520163BC86EB6BABF6D0C2337CB3608C3A7BF253290C10417F78B66CEB04DDFD9AF8F2"
"OODEFRAG14.00.00.01PROFESSIONAL"="38B46E634BE300C31F0C32035BE76CDFB446426CD4DFB2E023810A8FC329C5483D261E3E93CC2647604E16051A64AD54A72E4B88EE95A8D6EB93D1F81693C6E111FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98089DB7CE019D40AA5C9DB7CE019D40AA5CA6A0AC4980AC7933C16893D4AD709F4815C9C6084A9EF267D2A08E68270F87F91A6CC2EBFB46D0221136F8D37104DE435C0AFB54A63313D8B4D5508B49A4EA8F8088C04FBD1BE03F838784BE51A6CF221D74F0AB0155EFEC9BBE3FDB57ACE428900B5704C67550684AE7BA2AAB5A84C84B4FF0CC4CD2B8BCD8FD8E57EF6259B22115C3EC87205E02DC9381026397342E1C152BC479F23DF587EA5952B8F9D42F49FB2AC3F6DAED03F57D270260CA3DE00BF5B57580EDF15802129BF45A980336E7C60E150ED886F5124A583E8BD21E7FD8D287965EF070BA68B2383A82D837711DB25DC04AC0527A74D2291AD3867ABE87C2FD33129C75879F3FF3736048661FCE31E2FDADAD204422A511D02CAA9A675E90D92A9E0662B8CFDF7742A9E8AA91A66554D2BDAD639AE604EB6E8CFC6A54E8B93EAD0C36BA6264F0D1A016B0C12E1028C61E044634D85063F9D76D2DF9F77671B344672B28A80E02F2D8630A0EF0BC07348F8EEBCA6DAFECDBBFCDDF7CD4989EA849BED477C4C054318BD15315E62340FA2B6F0B07DC1B7F1C31322B4A04A8DA6AEAA5989A0435E1452B25DD01327ACBDD4C3B026D3D6F2BA30A9E9EDFB1BF75302DB4CF25C7E655CC0126709F8942CE831D8CA3A2BAC6B5C37CA0365C1D3F71106686C6D006168DC829A2C3E3B7B928F5207F3873138699AD8CC4E8841D480488BFBBBE7AC7C69F9F116B866199E5E62329B7F9CD1C52837B959D1DBE17C218F8BAF76D212941D11BFE535B532311CF5F615917C3BA17D4A646432F1909D94CA5A7E17BECDC92A0660AB45798D9C8DCDEC48EB30E6B01A48F9ECF704103FC7337AEA605A42789B9949C6C0531D75CB8BC2506E6863D0239F87361238C28DE14B849F39BB5E13B039B775863C44CE2447827EF3B2C5451148AF11B7FF1B2F6691DC87FC5B079FE13522F60629C77B395724382B022E669E3CF9423338E6D01E0374D007A4BF0713479AAEB6926316D73F2C677392FBF070FB730A4DBA139FA9CC0CE31285DDBF3E7AF26E7D172E3EFDAA3520C3C3EBEADAF1667CD908E0AA8735418512FE4642861FBB0C36AB98DE1FC12590293DDD82312223552565EE890F0F248266481C77806472EF5F454C0ABBD322620904112EF3977E8E7AABBF1FED201D1771179578FF35FD67528C0227AB559D4ADF44008E4591623497D77D3028C487A8E72B4785EF8F3B640ACA0EE3EB1C257FBF7D3E992DDDF58B53384546DC2F2DDBD3941"
"OODEFRAG15.00.00.01PROFESSIONAL"="694954EFFC2BFE83DBB96BA6A676B0054336F1F4323312E58CA4A99EA2EA54CE8F76CC5BAEE4EDE24DFB0265170C0211F04EAD105FD917722CBE8EF3CD5693C562E72429B4A81C699ABAF5939D2FB073CEAA96392F34284E005F8330752CEA719E80519A6F7E11214789AA2AEDE9C040463119C2C7706733F35BA42157D638D5D8A7BB134D3308752B827548CD096A6D15CB9A2564F92A43CA8F033444068F5A77C9C01DD45671B8F241202E181D9956C9E770F9D483FA0099D8227F9F2DB7CDB4D5B2E41FBCF0A19CE669C339FAEE38CAF8E501FC0516D14B1A79B9E082A85F9FBF533BD97D5CC6FC968291B63E4036D0F1BA9CD2356EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A6A0AC4980AC7933C038D530D6EB3452FEBC9E127BECC74C06981770CC8E536E0B23A93363BD2EDAA728194B428E4485C63AA584E56ABFC3F1A9B34E309C6F899F832F897E05B7241BF20A23DA9B0AB4F064B78130B77E8D76004EC219BBEAD259F0A7C5397B8FEC440096872504DC5290F9B052E12A3D9785E725386AE6F255B09B9EDECD1089DE46033E9D56CD51C28F5322674878F0A1F301F70C292E7F530588A6409AC4BB58A78684FAC5113D2240211DA5D5724F267B3E8A900030C940181054C8A432FE6AD468EDAE70793CBFD7E53CE41D77574FB9E8268ABD264EC5115FC1CA9083F25A1CDA0837F3C7AC9B6DF799F3D8FBC77DAF9C18B6D1D94CBE79F60E0FAA7878A23262DE0916CF346E7C035492E40C2442C2C631BF53A84C3E41AC59CEE16237EFAD59068BBE7A36A1E7051177C244B667BC2EC4CAFC059585B82849B9472A17A309EE941BF7C361D4F1D0F64A97D309684B69AC6B2B76B51097E608F3144CC85426232508743B2359448D32282B81ED73FEE3452D61167D8878384392A2553DCA464B551685852E36EA3671A26B27F6EB4D5DEE8D459281CF58C22CA1F0692A041293C8FC25DB7A26D518693EE7317EE9116A8DFD9E2D1D7B9BFD781FA24189B1147726E8ED89C396D958D0F357A09F3A85728B66DD3DEB5386B7E280FD261CBA3CCA97FA1FEE08AC2F6B6431920BB959CDB1D49E14AD4E53458F272A6E79DF375D31CBC61F010ABB729DE3D6151B727EEE3659F5777BEA2DE4FB897903AC1FF5B025F552F3C75350A38D113A000B310ED0658E2EE0B9A94359C34DBAEDC76176CE75CC1CC95E2C28A72DB5A4192FA22643F66C7D4F0E3AB1F7053CB486657570B8C30A1370772636C7441C5148EB36147676F00EE3B20A417BB0A51AC8366DCC52846D1C5CD413212EEC94F21C39205D7F439AFCE4F750F402895A99D1FB20A76102388D25CF89C26D16F12FC3A559385811705C3C3C07800EABAFCFE50FA6D313DAB2B48755662AF7"
"OODLED04.00.00.01PRO"="DB9597F6109B414B8CFE47EF18137E42CCB7E90926CFB11F5447D3F50350CD267E18C302408E73E06AA1E00FBAE79B2463240A2270A80C261C727686A997A4A842CAAB77631C742A5241B5DE9FF0A22DC93E3E2971662A13A485E89CE1305DFEA3CF064E2CD0414CEDF9139A3783B6167CB909B87245F24E54EC80567762C2E198701EC6FE1BAC73DF8C5742A158501B65707E3374E722C405BB271566D678908695536375CEDBCC3A5CF798B70A377B675F483BAB5248E68426DBFCDC9DF0CAC84E1AE9DC23C90C07F1FD2481990B7A56A724B97DEF48A99408FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98085D575E7D6A3B98088EDD5E5BE2F6E6678EDD5E5BE2F6E667674F945FB911D2F83386B16D39FD0A16D270FD341361188E956817BEE904A18461492CBC8701D9BC4A3F8EC0972182A56F221796B04132F52B665DA2ABC3F856951939D5499DC399D17218B0B068A18933EFA0D4B389C7BFA9872A27E8EC7691835E7F0414429D0AFEA06E7FDD5F6173A85C37B95B1CDD75106C3841E94ECBB8C0FA7303555067299A0FE551CF97303AEEABAB73BC56F0C5EF7CF2C5C5B924F3F396C0F3C8AA18B70244053189A5705637E68214BFA1F08472617D736C871A905A1C45DA83B8961C260D870CE42277E6C75A721323E53EA8530AAC679E12BC7D443B15206B66415E8D79DD320BA88F2CFB196B497610B14CDF288AA5F1B612CD9466758FBBA2E82BD0DD2A5AFDDB770E40778AF61E1316ADFB31D395515911BA465561DA02E152D31DD1449C10DF6015990EA63C54E4AAB120DEF982F85F252063048715A21C36CCB3B239F7E9DBEFEE9B3BC52225FD225ED532A39BFA352FFB0DAF4937534CC1AFE920C64C877DC06FF19F2810F0DCA25FBEE9A9F43E4803F4F7DCBD1E1F7196B8A87D6060B676618ADA9FBA576C0348810C0F1A86FB8B6951EBD1B089659049C8EDF22FDC9EF8535BA76424A8A074A23985E9352942741D7DC41B1F9E5731E365CAEE8D4FB3C00D9E40DB3D1BEA3EB31D0609F19E717F4E09F285BBE4FDDDE038631E0BA74208F7379DB790A7FBEAF1E77EBE790AC02BA1A7FAA66EC8B127B30C73776B3E6C8F72AACEEBDF2FD70E4A79702128713A792F3275D3509B2320C1524632A54A241D4DA275329F72573C9A53F38A91C1B9F082A48EAA3190D461E0A1BD49E66A3179D06EC807F819278EB59DB419F949F21C9B1D060711C19B8661B0CEFE8C9FAF70B5FD11AC46AB492563A1712E5ABCEB8A6FE0308E29AAA52E835E0356ABCE8F53AAE7AF289A99911F5E507C7161B2FBCEE45875A7622AEE7C7AAAF7978B411575CFE614C1B9352923553BBF4B7025D27E590ED2FC5C074B1971B95ECEA625D5313DD746869BB40DDA"
"OODEFRAG16.00.00.01PROFESSIONAL"="2DE3F465A7D8002FF0BFCCD9829769D7E657D81A91871E07D5E5A144CD3F6AB72D05AFC94BC8C4BDE187EE3DC59195DDA267643AF5D756F9D543B251BDB8FD4DEC71EC0F9B42BF3300983C0FF598120642E3D71B36338F0542BDC1DF2D1C23FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407A2D97226D213B5558EDD5E5BE2F6E667C038D530D6EB3452204B454BEDEDDF7A4033C1789FB8B8B202A75F4FC8109EFA771DAC40AF5D34D7572E24106F1053B56955E919AE0AD21BFD01956362D75CA2F67495051C36584368739CDAF1EA5B753F4A9E09ED71B21AF81761D1106F7CB775711ABBE0FCC80449549A0297C0514AAE5F10D947D4468B7D6FD50B25019A8434714DD0D9C3F17215A0500E622717B7CEFCB052066FFAC1382144B1570E57479AE1816343ED47588A3CB4BCB9078BB5D51938EC5BCF460079DB459CBE6956333044D24A41B43E758C9D027FE82098B09EBFA1D8DA581E0036DF3659D9BB42ED252F9B8C58244F7C2251367C9F82A6882B12AB787D40006E070235260900C68FCACE7F66759FF81476F4130D711425901F445A6220926AEDA92CA8F51306142896DD62C965D8BC57D7BC9E3F568F0711419E7360022E61917EDB3871A07160B822B1EC5A59DA2056397024D2A7824347FD7C83F047C46C640C224FF3BEBA62382CAF8DEF6A01AD9232E931BE264DD2626550D84779DE96E1F7231E0C5EADD71016D0F49812FBF105FD1A972DF527B5862B9B07C98555F07A119A19FE56E9011E65A49713ADD1FD16F903ED791D996FCB27F86513B9D78D9449537842DF62233445CDAF56015AE927AA3C8D37080304BDD5938EF04DE985093330B88298608699030239883143CC8AB471942B841401DBD6AAE0E65661F3A40A26192000FDF787108AF608490C4606E562674EC853731C6D15822B51E8F728283D9DADFC2CC72B0247ECE3B78AF556AA60A9CEE9196DE40239D628207F3548111510F158AECA2894AA64E050E583AA18D4460EE215071321148C7B06F8552F685C7BE8401CD993A3B9E978469D972463B9EB2295C7DA76F8B50F792CF9807AF65A2FC34661D077B28ED05636805F5B681F8CD3C30806D2DFC215A71D7FE9B8A8E741E35EBE91D2E5D82B5B9E338EDAA5A7DDA015FD2D60CB721441CB5743F011F18961E3C680160959D49C60AFD722BD8A59BA942AF4CBD89146348CA3C31BE2F8228891E0052809E8686144C276A3F794BF06325B0AB3C782ADA295DBA8A5F794EC580CCA8D63F76E4AA6720CA8C53FA2101E41B8192DFB350AE284CAB0EE4E6B8D04D69389948BE91D1EF980306422A99350F9BCD63F7DB56581598F9F4F043CEC745A9DED001EED4AAACD69504FD331521DF5337867F79F88BAF81D3C0D5F"
"OODEFRAG17.00.00.01PROFESSIONAL"="A1F94D1715563FA5641D796AEA68CA53A9B5996AF0D8B67DE326D344B99843B0244E64373C36622ADBB1A8684412AD09F9317ECF37142A78D3CA6E359C01597459F829B609D8269C221253E6C5408F17C242A2F25603B502F9924AE145A2277720FA395C49F1091B7B8EA185B1C88E45CDFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407A2D97226D213B555C038D530D6EB3452C038D530D6EB3452502A027D1A886B1B19EBF742E1E931495E4DE5ED1405F4C9537AE0DFB0E8D270072648AD74829A8307109E0A8512F5CE98E0760DB3EE178F00D9EA41C11C7E2ED351AC04CBABCAC3E47C1B38AFF61C72368FEEC48D1E899082257264575F9EA1D000CEC8ECBCF0971D95E609CDED42F611E8C164D224B23444B800CE822303F4987C6E55EAA167119DB09BCB917F6BF187F0015074485F3537E6C11A168AE129CD06F31797FAEE1557997763F16AFECCFC1FE502AB04C021CD7288F22A6D5592154DE7138F1EA65AC0105E47A99EC8C6D6DF4C04F287E9DCFE97491C9B5659589578F6DCAC921870D145D602B544F76F019432F78834541DC7001C690A85D0F6FBA2759F9315ABB60AE28BB3D832202EE810BD9170215CED284F3E44DA6E003CF9D8581AA6962FE0E9014B109878383C829936997198C12D2299122B35B811CDC41DB99D8FBBD779F731895DBFD51D27446E07EB17192A0E3D67992E05408FA294E55612BCDBB9DCBCF45E77DCC10C5128BDC0F7AF541C1808B67F737B13EF87241D916FDE05CFBB474381CC41E5A9EFADAC96434F3206258EF790B20BF6859B37A07046E975781BA88854E2831E7D8DD551E0654DCCB66467903EBA6DE00A5110C31DB798A576D2F522594E7D7D7207A9B99C8BC3F16358A8589B6C1FFE1B737849667AE6B9EF11C964B63B4CC9580F31E5E67512A5A3586D1E643D5EAE3A9A3C6E3C571791EE55C09538E855F9622A7DC885765C1D758DD6A1F23630844DB82CE0B5AFADBB62F47D71CC2CBBBE27B3204A61F7094338788898C8F3DC489C8F9EC18D7273FC9C97A4A585E96AF82458AF46837644362F6BA82C8BA971F355B96AA69F28754FD4BCE0571C9E10BBB61A468E9E817AC9058D6478049ABC390AA06C1A6FE9075D2332DF9B69D99E5323CE83E584BDE1044559E98F9EA0D37AB006061A23E5B989099E52FD6DBECBBB119F0A832FE2701EDF1D6EF56CA88ECE20FB9A1982606A66657AEE7D4A8491280B0C0094B8BE608829FBA92422360903196914FD7DACB2BD0212ED0E47F430FA81649039613033E35A6C5587985B22953A8D5F9FA537F68B86068E95CE71A652C64EEA858D2B290810B932824D43003A8974EB4FB0FDD90104CC1170706CBDF613C4BF0145B94B7F498204E7E02B8A5971"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1536)
c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
c:\windows\system32\msi.dll
c:\program files\Google\Drive\googledrivesync32.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\acs.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Google\Update\1.3.25.5\GoogleCrashHandler.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\wbem\unsecapp.exe
c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\Dropbox.exe
.
**************************************************************************
.
Celkový čas: 2014-11-06 17:21:53 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-11-06 16:21
ComboFix2.txt 2011-08-10 17:35
ComboFix3.txt 2010-04-16 06:46
.
Před spuštěním: Volných bajtů: 246 076 309 504
Po spuštění: Volných bajtů: 248 333 230 080
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - ADDE78F998F6A5334EB29D794106CC2D
413FC2A0C716421B3158746D63736515
Jan
ComboFix 14-10-29.01 - uzivatel 06.11.2014 16:52:01.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.573 [GMT 1:00]
Spuštěný z: c:\documents and settings\uzivatel\Dokumenty\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\$msi31uninstall_kb893803v2$
c:\windows\$msi31uninstall_kb893803v2$\msi.dll
c:\windows\$msi31uninstall_kb893803v2$\msiexec.exe
c:\windows\$msi31uninstall_kb893803v2$\msihnd.dll
c:\windows\$msi31uninstall_kb893803v2$\msimsg.dll
c:\windows\$msi31uninstall_kb893803v2$\msisip.dll
c:\windows\$msi31uninstall_kb893803v2$\reg00013
c:\windows\$msi31uninstall_kb893803v2$\reg00014
c:\windows\$msi31uninstall_kb893803v2$\reg00015
c:\windows\$msi31uninstall_kb893803v2$\reg00016
c:\windows\$msi31uninstall_kb893803v2$\reg00017
c:\windows\$msi31uninstall_kb893803v2$\reg00018
c:\windows\$msi31uninstall_kb893803v2$\reg00019
c:\windows\$msi31uninstall_kb893803v2$\reg00020
c:\windows\$msi31uninstall_kb893803v2$\reg00021
c:\windows\$msi31uninstall_kb893803v2$\reg00022
c:\windows\$msi31uninstall_kb893803v2$\reg00023
c:\windows\$msi31uninstall_kb893803v2$\reg00024
c:\windows\$msi31uninstall_kb893803v2$\reg00025
c:\windows\$msi31uninstall_kb893803v2$\reg00026
c:\windows\$msi31uninstall_kb893803v2$\reg00027
c:\windows\$msi31uninstall_kb893803v2$\reg00028
c:\windows\$msi31uninstall_kb893803v2$\reg00029
c:\windows\$msi31uninstall_kb893803v2$\reg00030
c:\windows\$msi31uninstall_kb893803v2$\reg00031
c:\windows\$msi31uninstall_kb893803v2$\reg00032
c:\windows\$msi31uninstall_kb893803v2$\reg00033
c:\windows\$msi31uninstall_kb893803v2$\reg00034
c:\windows\$msi31uninstall_kb893803v2$\reg00035
c:\windows\$msi31uninstall_kb893803v2$\reg00036
c:\windows\$msi31uninstall_kb893803v2$\reg00037
c:\windows\$msi31uninstall_kb893803v2$\reg00038
c:\windows\$msi31uninstall_kb893803v2$\reg00039
c:\windows\$msi31uninstall_kb893803v2$\reg00040
c:\windows\$msi31uninstall_kb893803v2$\reg00041
c:\windows\$msi31uninstall_kb893803v2$\reg00042
c:\windows\$msi31uninstall_kb893803v2$\reg00043
c:\windows\$msi31uninstall_kb893803v2$\reg00044
c:\windows\$msi31uninstall_kb893803v2$\reg00045
c:\windows\$msi31uninstall_kb893803v2$\reg00046
c:\windows\$msi31uninstall_kb893803v2$\reg00047
c:\windows\$msi31uninstall_kb893803v2$\reg00048
c:\windows\$msi31uninstall_kb893803v2$\reg00051
c:\windows\$msi31uninstall_kb893803v2$\reg00052
c:\windows\$msi31uninstall_kb893803v2$\reg00053
c:\windows\$msi31uninstall_kb893803v2$\reg00054
c:\windows\$msi31uninstall_kb893803v2$\reg00055
c:\windows\$msi31uninstall_kb893803v2$\reg00056
c:\windows\$msi31uninstall_kb893803v2$\reg00057
c:\windows\$msi31uninstall_kb893803v2$\reg00058
c:\windows\$msi31uninstall_kb893803v2$\reg00059
c:\windows\$msi31uninstall_kb893803v2$\reg00060
c:\windows\$msi31uninstall_kb893803v2$\reg00061
c:\windows\$msi31uninstall_kb893803v2$\reg00062
c:\windows\$msi31uninstall_kb893803v2$\reg00063
c:\windows\$msi31uninstall_kb893803v2$\reg00064
c:\windows\$msi31uninstall_kb893803v2$\reg00065
c:\windows\$msi31uninstall_kb893803v2$\reg00066
c:\windows\$msi31uninstall_kb893803v2$\reg00067
c:\windows\$msi31uninstall_kb893803v2$\reg00068
c:\windows\$msi31uninstall_kb893803v2$\reg00069
c:\windows\$msi31uninstall_kb893803v2$\reg00070
c:\windows\$msi31uninstall_kb893803v2$\reg00071
c:\windows\$msi31uninstall_kb893803v2$\reg00072
c:\windows\$msi31uninstall_kb893803v2$\reg00073
c:\windows\$msi31uninstall_kb893803v2$\reg00074
c:\windows\$msi31uninstall_kb893803v2$\reg00075
c:\windows\$msi31uninstall_kb893803v2$\reg00076
c:\windows\$msi31uninstall_kb893803v2$\reg00077
c:\windows\$msi31uninstall_kb893803v2$\reg00078
c:\windows\$msi31uninstall_kb893803v2$\reg00079
c:\windows\$msi31uninstall_kb893803v2$\reg00080
c:\windows\$msi31uninstall_kb893803v2$\reg00081
c:\windows\$msi31uninstall_kb893803v2$\reg00082
c:\windows\$msi31uninstall_kb893803v2$\reg00083
c:\windows\$msi31uninstall_kb893803v2$\reg00084
c:\windows\$msi31uninstall_kb893803v2$\reg00085
c:\windows\$msi31uninstall_kb893803v2$\reg00086
c:\windows\$msi31uninstall_kb893803v2$\reg00087
c:\windows\$msi31uninstall_kb893803v2$\reg00088
c:\windows\$msi31uninstall_kb893803v2$\reg00089
c:\windows\$msi31uninstall_kb893803v2$\reg00090
c:\windows\$msi31uninstall_kb893803v2$\reg00091
c:\windows\$msi31uninstall_kb893803v2$\reg00092
c:\windows\$msi31uninstall_kb893803v2$\reg00093
c:\windows\$msi31uninstall_kb893803v2$\reg00094
c:\windows\$msi31uninstall_kb893803v2$\reg00095
c:\windows\$msi31uninstall_kb893803v2$\reg00096
c:\windows\$msi31uninstall_kb893803v2$\reg00097
c:\windows\$msi31uninstall_kb893803v2$\reg00098
c:\windows\$msi31uninstall_kb893803v2$\reg00099
c:\windows\$msi31uninstall_kb893803v2$\reg00100
c:\windows\$msi31uninstall_kb893803v2$\reg00101
c:\windows\$msi31uninstall_kb893803v2$\reg00102
c:\windows\$msi31uninstall_kb893803v2$\reg00103
c:\windows\$msi31uninstall_kb893803v2$\reg00104
c:\windows\$msi31uninstall_kb893803v2$\reg00105
c:\windows\$msi31uninstall_kb893803v2$\reg00106
c:\windows\$msi31uninstall_kb893803v2$\reg00107
c:\windows\$msi31uninstall_kb893803v2$\reg00108
c:\windows\$msi31uninstall_kb893803v2$\reg00109
c:\windows\$msi31uninstall_kb893803v2$\reg00110
c:\windows\$msi31uninstall_kb893803v2$\reg00111
c:\windows\$msi31uninstall_kb893803v2$\reg00112
c:\windows\$msi31uninstall_kb893803v2$\reg00113
c:\windows\$msi31uninstall_kb893803v2$\reg00114
c:\windows\$msi31uninstall_kb893803v2$\reg00115
c:\windows\$msi31uninstall_kb893803v2$\reg00116
c:\windows\$msi31uninstall_kb893803v2$\spuninst\spuninst.exe
c:\windows\$msi31uninstall_kb893803v2$\spuninst\spuninst.inf
c:\windows\$msi31uninstall_kb893803v2$\spuninst\spuninst.txt
c:\windows\$msi31uninstall_kb893803v2$\spuninst\updspapi.dll
c:\windows\AutoRun.ini
c:\windows\d.ini
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\SET39.tmp
c:\windows\system32\SET3E.tmp
c:\windows\system32\SET45.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-10-06 do 2014-11-06 )))))))))))))))))))))))))))))))
.
.
2014-11-06 16:14 . 2014-11-06 16:14 7271 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2014-11-06 16:14 . 2014-11-06 16:14 8782 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2014-11-06 09:34 . 2014-11-06 09:35 -------- d-----w- C:\rsit
2014-11-06 09:34 . 2014-11-06 09:35 -------- d-----w- c:\program files\trend micro
2014-11-06 08:02 . 2014-11-06 08:02 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-11-01 19:32 . 2010-08-30 07:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-10-31 19:30 . 2014-10-31 19:30 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\Lavasoft
2014-10-31 17:44 . 2014-10-31 17:44 -------- d-----w- c:\documents and settings\All Users\Data aplikacÝ
2014-10-31 17:13 . 2014-10-31 17:13 -------- d-----w- c:\documents and settings\LocalService\Plocha
2014-10-31 16:59 . 2014-10-31 16:59 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\Media Player Classic
2014-10-30 08:27 . 2014-10-30 08:27 110080 ----a-r- c:\documents and settings\uzivatel\Data aplikací\Microsoft\Installer\{AF549236-6258-4AC6-A043-5B5B89C6EB61}\IconCF33A0CE.exe
2014-10-30 08:27 . 2014-10-30 08:27 110080 ----a-r- c:\documents and settings\uzivatel\Data aplikací\Microsoft\Installer\{AF549236-6258-4AC6-A043-5B5B89C6EB61}\IconD7F16134.exe
2014-10-30 08:27 . 2014-10-30 08:27 110080 ----a-r- c:\documents and settings\uzivatel\Data aplikací\Microsoft\Installer\{AF549236-6258-4AC6-A043-5B5B89C6EB61}\IconF7A21AF7.exe
2014-10-30 08:26 . 2014-10-30 08:26 -------- d-----w- C:\sh4ldr
2014-10-27 16:26 . 2014-10-27 16:26 19984 ----a-w- c:\windows\system32\drivers\EsgScanner.sys
2014-10-27 16:14 . 2014-10-27 16:14 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\spotmau
2014-10-27 16:13 . 2014-10-30 16:20 -------- d-----w- c:\documents and settings\All Users\Data aplikací\TuneUp360
2014-10-27 16:13 . 2014-10-30 08:02 -------- d-----w- c:\program files\Wondershare
2014-10-24 17:56 . 2014-09-22 12:13 55464 ----a-w- c:\windows\system32\drivers\iSafeNetFilter.sys
2014-10-24 17:55 . 2014-10-24 17:55 -------- d-----w- c:\program files\Elex-tech
2014-10-24 17:54 . 2014-10-24 17:54 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\Elex-tech
2014-10-22 17:25 . 2008-04-14 02:22 77312 ----a-w- c:\windows\system32\taskkill.exe
2014-10-22 17:23 . 2009-07-14 01:14 77824 ----a-w- c:\windows\system32\taskkill.puv
2014-10-22 17:13 . 2014-10-22 17:13 33280 -c--a-w- c:\windows\system32\dllcache\snmp.exe
2014-10-22 17:13 . 2014-10-22 17:13 50688 -c--a-w- c:\windows\system32\dllcache\smss.exe
2014-10-22 17:13 . 2014-10-22 17:13 236544 -c--a-w- c:\windows\system32\dllcache\smi2smir.exe
2014-10-22 17:13 . 2014-10-22 17:13 119808 -c--a-w- c:\windows\system32\dllcache\mtstocom.exe
2014-10-22 17:13 . 2014-10-22 17:13 40960 -c--a-w- c:\windows\system32\dllcache\msiregmv.exe
2014-10-22 17:12 . 2014-10-22 17:12 7680 -c--a-w- c:\windows\system32\dllcache\migregdb.exe
2014-10-22 17:12 . 2014-10-22 17:12 13312 -c--a-w- c:\windows\system32\dllcache\lsass.exe
2014-10-22 17:12 . 2014-10-22 17:12 267776 -c--a-w- c:\windows\system32\dllcache\fxssvc.exe
2014-10-22 17:12 . 2014-10-22 17:12 229376 -c--a-w- c:\windows\system32\dllcache\fxscover.exe
2014-10-22 17:12 . 2014-10-22 17:12 142848 -c--a-w- c:\windows\system32\dllcache\fxsclnt.exe
2014-10-22 17:07 . 2014-10-22 17:07 24632 -c--a-w- c:\windows\system32\dllcache\fpadmcgi.exe
2014-10-22 17:07 . 2014-10-22 17:07 1033728 -c--a-w- c:\windows\system32\dllcache\explorer.exe
2014-10-22 17:07 . 2014-10-22 17:07 92160 -c--a-w- c:\windows\system32\dllcache\evntwin.exe
2014-10-22 17:07 . 2014-10-22 17:07 24064 -c--a-w- c:\windows\system32\dllcache\evntcmd.exe
2014-10-22 17:07 . 2014-10-22 17:07 15360 -c--a-w- c:\windows\system32\dllcache\ctfmon.exe
2014-10-22 17:07 . 2014-10-22 17:07 6144 -c--a-w- c:\windows\system32\dllcache\csrss.exe
2014-10-22 17:07 . 2014-10-22 17:07 64000 -c--a-w- c:\windows\system32\dllcache\cleanmgr.exe
2014-10-22 17:07 . 2014-10-22 17:07 44544 -c--a-w- c:\windows\system32\dllcache\alg.exe
2014-10-22 16:58 . 2014-10-22 16:58 -------- d-----w- c:\program files\DLLSuite
2014-10-22 16:16 . 2014-10-22 16:16 -------- d-----w- c:\windows\ERUNT
2014-10-22 15:48 . 2014-11-06 09:20 -------- d-----w- C:\AdwCleaner
2014-10-17 19:53 . 2014-10-18 17:52 -------- d-----w- c:\windows\system32\MpEngineStore
2014-10-17 19:51 . 2014-10-17 20:08 -------- d-----w- C:\eaca0b1a2b4e658f82822b
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-06 08:02 . 2007-06-30 23:41 145408 ----a-w- c:\windows\system32\javacpl.cpl
2014-10-19 09:27 . 2012-04-01 13:17 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-10-19 09:27 . 2011-06-28 14:53 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2004-10-01 14:00 . 2007-03-15 12:10 40960 -c--a-w- c:\program files\Uninstall_CDS.exe
2010-08-07 08:44 . 2014-10-21 08:20 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-18 08:56 578240 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2005-04-12 229376]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-07 30192]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"SpywareTerminatorShield"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2012-09-07 2777296]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-07 111208]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2013-10-23 5039400]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-01 4085896]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2014-09-26 271744]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Guest\Nabídka Start\Programy\Po spuštění\
prf33.tmp [2009-10-27 0]
.
c:\documents and settings\uzivatel\Nabídka Start\Programy\Po spuštění\
Dropbox.lnk - c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\Dropbox.exe /systemstartup [2014-9-13 36414624]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
O&O Defrag Tray.lnk - c:\windows\Installer\{95E6C53F-F92D-4232-B700-1842806F59B6}\DefragIcon.exe [2014-8-16 292878]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"= "c:\progra~1\DVDREG~1\DVDShell.dll" [2004-10-09 49152]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface]
2013-06-04 23:01 4489472 ----a-w- c:\documents and settings\uzivatel\Local Settings\Data aplikací\Akamai\netsession_win.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2011-01-12 11:21 49208 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
2006-11-02 06:55 1397760 ------w- c:\program files\Ahead\InCD\InCD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
2006-02-10 19:40 2048000 -c----w- c:\program files\Ahead\Nero BackItUp\NBJ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2011-01-07 17:58 13880424 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2011-01-07 17:58 111208 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2010-11-04 06:51 1753192 ----a-w- c:\program files\NVIDIA Corporation\nview\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pinnacle WebUpdater]
2006-06-08 08:40 385024 -c--a-w- c:\program files\Pinnacle\Shared Files\Programs\WebUpdater\WebUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-02 19:24 32768 ----a-w- c:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-07-21 08:56 16261632 ------r- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater]
2013-04-03 01:19 3684488 ----a-w- c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2014-09-26 17:19 271744 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipDiscount]
2013-06-23 09:19 19428168 ----a-w- c:\program files\VoipDiscount.com\VoipDiscount\voipdiscount.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\VoipDiscount.com\\VoipDiscount\\VoipDiscount.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Documents and Settings\\uzivatel\\Local Settings\\Data aplikací\\Akamai\\netsession_win.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminator.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\HP\\HP Software Update\\hpwucli.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Cisco Packet Tracer 6.0.1\\bin\\PacketTracer6.exe"=
"c:\\Documents and Settings\\uzivatel\\Data aplikací\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [18.3.2013 13:19 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [18.3.2013 13:19 192352]
R0 oodrvled;oodrvled;c:\windows\system32\drivers\OODrvled.sys [2.3.2011 16:48 25680]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [5.10.2010 13:39 691696]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [12.8.2011 23:33 779536]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [12.8.2011 23:33 414520]
R1 iSafeKrnl;YAC Mini-Filter Driver;c:\program files\Elex-tech\YAC\iSafeKrnl.sys [24.10.2014 18:55 215080]
R1 iSafeKrnlR3;YAC Ring3 Driver;c:\program files\Elex-tech\YAC\iSafeKrnlR3.sys [24.10.2014 18:55 38440]
R1 iSafeNetFilter;YAC NDIS Driver;c:\windows\system32\drivers\iSafeNetFilter.sys [24.10.2014 18:56 55464]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [13.1.2014 19:03 32768]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [6.5.2014 10:48 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [18.3.2013 13:19 67824]
R2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [23.10.2013 12:25 2034472]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\Spyware Terminator\st_rsser.exe [30.11.2011 10:31 587472]
R3 3xHybrid;Pinnacle PCTV 310i Stereo DVB-T;c:\windows\system32\drivers\3xHybrid.sys [15.3.2007 12:42 827008]
R3 JSWSCIMD;jswscimd Service;c:\windows\system32\drivers\jswscimd.sys [16.4.2013 12:12 57440]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S1 iSafeKrnlKit;YAC Kit Driver;c:\program files\Elex-tech\YAC\iSafeKrnlKit.sys [24.10.2014 18:55 83112]
S1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys --> c:\windows\system32\drivers\sbaphd.sys [?]
S2 gupdate1c9ab2f2dc67244;Služba Google Update (gupdate1c9ab2f2dc67244);c:\program files\Google\Update\GoogleUpdate.exe [22.3.2009 21:45 107912]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]
S2 iSafeService;YAC Service;c:\program files\Elex-tech\YAC\iSafeSvc.exe [24.10.2014 18:55 118048]
S2 PHPGeekUtil;PHPGeekUtil; [x]
S2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys --> c:\windows\system32\drivers\sbapifs.sys [?]
S3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [7.1.2014 4:48 12288]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [23.3.2009 18:19 30192]
S3 iSafeKrnlBoot;YAC Boot Driver;c:\windows\system32\DRIVERS\iSafeKrnlBoot.sys --> c:\windows\system32\DRIVERS\iSafeKrnlBoot.sys [?]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-30 07:24 1089352 ----a-w- c:\program files\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-11-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 09:27]
.
2014-10-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
2014-11-06 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-18 08:56]
.
2014-10-24 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-22 07:26]
.
2014-10-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-22 07:17]
.
2014-10-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-22 07:17]
.
2014-04-08 c:\windows\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-12 23:28]
.
2014-11-06 c:\windows\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-12 23:28]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = about:blank
mSearch Bar = https://www.seznam.cz/?clid=22668
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{294AE381-EE6D-4033-B791-9F27DFE63972}: NameServer = 88.103.219.2
FF - ProfilePath - c:\documents and settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\87gpy156.default\
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKU-Default-RunOnce-FlashPlayerUpdate - c:\windows\system32\Macromed\Flash\FlashUtil11c_Plugin.exe
Notify-TPSvc - TPSvc.dll
MSConfigStartUp-Ad-Watch - c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-11-06 17:16
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_15_0_0_189_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_15_0_0_189_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="BEE5DB3A0726C58AB6CF4C65000D6FFD5C5F93C18D40DC42163553E5877A29A21FC2C8DD6FC21648A868F6BE39151A15CA25144BE79AB79043D1D2A270EB2EDB0775760678E97443239D3529D72507D4EA506F1878D0818BFC0B3023F64EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3DA6A0AC4980AC79339DB7CE019D40AA5C10B2B9AA900F368869EE0D65C8926FADBB26971B7E61504BA03823248E3B934FFEF2493548DA8A30A636F3E46FED45FC3CB3303390948BE878B64B2FA972A3FEAE7E429C9756ED49312A893D6066CAA6F7B21415C4E852931E733C4F280E611C30486DABBEDE6ECAC7B6297A1AA2B031F626D4AC75EA9C8208ABDDF3E1A32AB08568257034316EAD98EBC26ACE2880AB3837972A328E3771214229CD64ADAE4A2517583CA1F1A2F2497DDB2266E592A1AAB39481BFA74024C5BC2D506E0A737BFB358BA563A9159A6F438B777AA9172A350D1A6B92EF2C5C4AC48CB6F77BD058674654070CC124AD193AFE85592A115A2E560964DA844364F1A97C7CA528747BBAEEDEFDE18B0235C600762B86FD56CE654A572B73E6208778DA47E3D69ADD02BDFBE9EDDB3932C0EA5A458CB72311A71AC40EC473FDB3178CEFCCF19AC1630E2BDBCAFB2A6191E2ED31D311D6F8C10903C549F8201040694E237D6F356FABC4B020E512AD814BB12C0F9FE383C33A98C7F33CD475CCDF54D4D060E821DAB5D0F302385FF9F7E2C775A53871902DA1048597AAA7A4C4FBB52A7C8FB1091D515F89DAD055DA082DC40E47427084C0F2F84E9D6E060FEE57EE4B4B395CCE3623217D2A532A4D5953CAADECF45618EE7C2D2617F3C8CC2282E2AB0621448486244D4E92765703F6558000329EDDBB0C60570638BE8AAA1EE5FB321D1B047556A19B705B849D5F500390A6561D08905096B2DADAE12BA683BE27B5A0137F9C4EBACBC96E5E7B0039032AB33EE595ED5969FE07FA87D0F4D59BD286C6075AABFEE61EB5DBF63AAEE8CE7E3171810F5F26F7805EB9EC627D81E1F566E9887D8659ECD882D5D562EEFB33C4999B0B40A11BB3FEAA5C630CDA52C7878B873F1745346945F43495C1756FD4B8DC0DB4B7A881E54527CB50BEDCF959051FC1E31835C9CE31C170E46BABA7A698DF3941C79806272407952CAD860E756FBFDD463556B760EE162A8936306D73267A398987CE37E66D6F680551110752CAFE4647E7DC81B6538F25D73A53E959A878C67953590C687AF61CFBE5E6C3F51F6389DE6CB10FBF384146BCD71B2EC9EB9A43114A78DAC127ACA646EB28843CFAE659944572273CFA339AB72FC1AD0A3B133266CE2560DDD191A72E27A7EE55EC770A0AB7ED7A407EDF505A28B3BDB5EC8B3C9F88093E7BDE195E"
"OODEFRAG12.00.00.01PROFESSIONAL"="E45C92C93ED527CD2235CE4A01A06D55821BD52A357AB8CBED5C1DD237F739D3E45296124F44EBF8B4BD030A49CA1CB17B3CA140E3F3AE6E7CC922AE88EDC9B546D4EF6D5F0740D2A6DE4FE42318D119EC31B998D503BF29009C257C37342AD9C5CB025A9449419FD0AB17C8622E458C6C56A933ADE35660EB1978EB51C299A65187FE5A0BD9A3E3419C942950D33D55466C4F92FE78EEBCE86BBD33D8B2E9C510B97273D1ABAE6A388BD7FCA7F4957CF7985EBFD2451BA9519FED0944410022D8F8362F6B55BD422D38C0BD19A140D2B361DBC4A77400D7B427542CFC5158EE3A3FFB9A4E933EBB494784EA470EC1EA61B3FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808FEBC9E127BECC74CA2D97226D213B555A6171C11EC38DE3D32C1A7A679A9ADF9FD287CF29C781D8132471A96EFA8E60D747A88AC8D20BCDCF9C56A4EAEB312415AC79BB330A62088BE431F7BDB39388557B456EA1147E99F247A95C9307679768B88F8D4D9F2A014C831942C0441A5AD1B7AF168D71A3EFB5885D82F635C44154081EF5F1707BDE6213AA64C9AC92B3458A5F00568A4302916105834C49409FD78CD5185F853C92BEE89EFA363A47828F8925D41DBB76FBFABC6A93363111073890B6199A10ACAECACCE8321B8E6F0003EA13644E169D93F3E5DD72BE286571D9FDCD615CBA37B1C2BBB65D40767AB16BBB66C56BA91058BC709E1BEF9EF1006B6685F9342DACA0D0B0B0E73D0C2F42659BB66673E4E39E894023C37738C211E22D999D365ADDAF843F6EA56AAD7CB53531D7E885600F281C408CC7C2F5CA23906DF1ABA2AE0837B203E5DF9BDCC63A137CA02EE814DE2E54DDA6F9EA028638DDBAB69CE98F94D163FA6BA804709A4F9EABA33F4529EED07F641F1D04F78E3B6737402BDCCC5772B93F4CBAC9938A9AB26E348196D20AC3BDE841869569AD9346C75D6D676D1748463784C68194B4267F3446BFB8F446ABCF5721864E3222EEA3F6D488E5A72EBCE4AFCEE413E75F142B4DCBAE4053F29AA01DB9EDE3DE50020331E317B513FB699B6D9D86797AF71351BB048BCB08B1C879797491DB7FD9F80E64F5CD94791645AEBE3212F46B5AA9EB0C8989208642D39A77FAB06BF4A929A4B4A890ABC89B7670077D6937F09BE3FCFB2A817974C778BF26FCCA454EB9363285FED90C48B26005DF4FAAF8CEAFE3D28FE6320FA084C2A8B4BA72608498DB09560B09309BBDAC2C4408044C9E57521BEC12D29662131295CF72B5F038C26BE02A36DDF4588B3B4C6BF523729C5DBD7E914DACD9FE45DFE22DDB9C68124AE2BAF8336E6C99EC4BD4BDF4D913099A234D513B5520163BC86EB6BABF6D0C2337CB3608C3A7BF253290C10417F78B66CEB04DDFD9AF8F2"
"OODEFRAG14.00.00.01PROFESSIONAL"="38B46E634BE300C31F0C32035BE76CDFB446426CD4DFB2E023810A8FC329C5483D261E3E93CC2647604E16051A64AD54A72E4B88EE95A8D6EB93D1F81693C6E111FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98089DB7CE019D40AA5C9DB7CE019D40AA5CA6A0AC4980AC7933C16893D4AD709F4815C9C6084A9EF267D2A08E68270F87F91A6CC2EBFB46D0221136F8D37104DE435C0AFB54A63313D8B4D5508B49A4EA8F8088C04FBD1BE03F838784BE51A6CF221D74F0AB0155EFEC9BBE3FDB57ACE428900B5704C67550684AE7BA2AAB5A84C84B4FF0CC4CD2B8BCD8FD8E57EF6259B22115C3EC87205E02DC9381026397342E1C152BC479F23DF587EA5952B8F9D42F49FB2AC3F6DAED03F57D270260CA3DE00BF5B57580EDF15802129BF45A980336E7C60E150ED886F5124A583E8BD21E7FD8D287965EF070BA68B2383A82D837711DB25DC04AC0527A74D2291AD3867ABE87C2FD33129C75879F3FF3736048661FCE31E2FDADAD204422A511D02CAA9A675E90D92A9E0662B8CFDF7742A9E8AA91A66554D2BDAD639AE604EB6E8CFC6A54E8B93EAD0C36BA6264F0D1A016B0C12E1028C61E044634D85063F9D76D2DF9F77671B344672B28A80E02F2D8630A0EF0BC07348F8EEBCA6DAFECDBBFCDDF7CD4989EA849BED477C4C054318BD15315E62340FA2B6F0B07DC1B7F1C31322B4A04A8DA6AEAA5989A0435E1452B25DD01327ACBDD4C3B026D3D6F2BA30A9E9EDFB1BF75302DB4CF25C7E655CC0126709F8942CE831D8CA3A2BAC6B5C37CA0365C1D3F71106686C6D006168DC829A2C3E3B7B928F5207F3873138699AD8CC4E8841D480488BFBBBE7AC7C69F9F116B866199E5E62329B7F9CD1C52837B959D1DBE17C218F8BAF76D212941D11BFE535B532311CF5F615917C3BA17D4A646432F1909D94CA5A7E17BECDC92A0660AB45798D9C8DCDEC48EB30E6B01A48F9ECF704103FC7337AEA605A42789B9949C6C0531D75CB8BC2506E6863D0239F87361238C28DE14B849F39BB5E13B039B775863C44CE2447827EF3B2C5451148AF11B7FF1B2F6691DC87FC5B079FE13522F60629C77B395724382B022E669E3CF9423338E6D01E0374D007A4BF0713479AAEB6926316D73F2C677392FBF070FB730A4DBA139FA9CC0CE31285DDBF3E7AF26E7D172E3EFDAA3520C3C3EBEADAF1667CD908E0AA8735418512FE4642861FBB0C36AB98DE1FC12590293DDD82312223552565EE890F0F248266481C77806472EF5F454C0ABBD322620904112EF3977E8E7AABBF1FED201D1771179578FF35FD67528C0227AB559D4ADF44008E4591623497D77D3028C487A8E72B4785EF8F3B640ACA0EE3EB1C257FBF7D3E992DDDF58B53384546DC2F2DDBD3941"
"OODEFRAG15.00.00.01PROFESSIONAL"="694954EFFC2BFE83DBB96BA6A676B0054336F1F4323312E58CA4A99EA2EA54CE8F76CC5BAEE4EDE24DFB0265170C0211F04EAD105FD917722CBE8EF3CD5693C562E72429B4A81C699ABAF5939D2FB073CEAA96392F34284E005F8330752CEA719E80519A6F7E11214789AA2AEDE9C040463119C2C7706733F35BA42157D638D5D8A7BB134D3308752B827548CD096A6D15CB9A2564F92A43CA8F033444068F5A77C9C01DD45671B8F241202E181D9956C9E770F9D483FA0099D8227F9F2DB7CDB4D5B2E41FBCF0A19CE669C339FAEE38CAF8E501FC0516D14B1A79B9E082A85F9FBF533BD97D5CC6FC968291B63E4036D0F1BA9CD2356EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A6A0AC4980AC7933C038D530D6EB3452FEBC9E127BECC74C06981770CC8E536E0B23A93363BD2EDAA728194B428E4485C63AA584E56ABFC3F1A9B34E309C6F899F832F897E05B7241BF20A23DA9B0AB4F064B78130B77E8D76004EC219BBEAD259F0A7C5397B8FEC440096872504DC5290F9B052E12A3D9785E725386AE6F255B09B9EDECD1089DE46033E9D56CD51C28F5322674878F0A1F301F70C292E7F530588A6409AC4BB58A78684FAC5113D2240211DA5D5724F267B3E8A900030C940181054C8A432FE6AD468EDAE70793CBFD7E53CE41D77574FB9E8268ABD264EC5115FC1CA9083F25A1CDA0837F3C7AC9B6DF799F3D8FBC77DAF9C18B6D1D94CBE79F60E0FAA7878A23262DE0916CF346E7C035492E40C2442C2C631BF53A84C3E41AC59CEE16237EFAD59068BBE7A36A1E7051177C244B667BC2EC4CAFC059585B82849B9472A17A309EE941BF7C361D4F1D0F64A97D309684B69AC6B2B76B51097E608F3144CC85426232508743B2359448D32282B81ED73FEE3452D61167D8878384392A2553DCA464B551685852E36EA3671A26B27F6EB4D5DEE8D459281CF58C22CA1F0692A041293C8FC25DB7A26D518693EE7317EE9116A8DFD9E2D1D7B9BFD781FA24189B1147726E8ED89C396D958D0F357A09F3A85728B66DD3DEB5386B7E280FD261CBA3CCA97FA1FEE08AC2F6B6431920BB959CDB1D49E14AD4E53458F272A6E79DF375D31CBC61F010ABB729DE3D6151B727EEE3659F5777BEA2DE4FB897903AC1FF5B025F552F3C75350A38D113A000B310ED0658E2EE0B9A94359C34DBAEDC76176CE75CC1CC95E2C28A72DB5A4192FA22643F66C7D4F0E3AB1F7053CB486657570B8C30A1370772636C7441C5148EB36147676F00EE3B20A417BB0A51AC8366DCC52846D1C5CD413212EEC94F21C39205D7F439AFCE4F750F402895A99D1FB20A76102388D25CF89C26D16F12FC3A559385811705C3C3C07800EABAFCFE50FA6D313DAB2B48755662AF7"
"OODLED04.00.00.01PRO"="DB9597F6109B414B8CFE47EF18137E42CCB7E90926CFB11F5447D3F50350CD267E18C302408E73E06AA1E00FBAE79B2463240A2270A80C261C727686A997A4A842CAAB77631C742A5241B5DE9FF0A22DC93E3E2971662A13A485E89CE1305DFEA3CF064E2CD0414CEDF9139A3783B6167CB909B87245F24E54EC80567762C2E198701EC6FE1BAC73DF8C5742A158501B65707E3374E722C405BB271566D678908695536375CEDBCC3A5CF798B70A377B675F483BAB5248E68426DBFCDC9DF0CAC84E1AE9DC23C90C07F1FD2481990B7A56A724B97DEF48A99408FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98085D575E7D6A3B98088EDD5E5BE2F6E6678EDD5E5BE2F6E667674F945FB911D2F83386B16D39FD0A16D270FD341361188E956817BEE904A18461492CBC8701D9BC4A3F8EC0972182A56F221796B04132F52B665DA2ABC3F856951939D5499DC399D17218B0B068A18933EFA0D4B389C7BFA9872A27E8EC7691835E7F0414429D0AFEA06E7FDD5F6173A85C37B95B1CDD75106C3841E94ECBB8C0FA7303555067299A0FE551CF97303AEEABAB73BC56F0C5EF7CF2C5C5B924F3F396C0F3C8AA18B70244053189A5705637E68214BFA1F08472617D736C871A905A1C45DA83B8961C260D870CE42277E6C75A721323E53EA8530AAC679E12BC7D443B15206B66415E8D79DD320BA88F2CFB196B497610B14CDF288AA5F1B612CD9466758FBBA2E82BD0DD2A5AFDDB770E40778AF61E1316ADFB31D395515911BA465561DA02E152D31DD1449C10DF6015990EA63C54E4AAB120DEF982F85F252063048715A21C36CCB3B239F7E9DBEFEE9B3BC52225FD225ED532A39BFA352FFB0DAF4937534CC1AFE920C64C877DC06FF19F2810F0DCA25FBEE9A9F43E4803F4F7DCBD1E1F7196B8A87D6060B676618ADA9FBA576C0348810C0F1A86FB8B6951EBD1B089659049C8EDF22FDC9EF8535BA76424A8A074A23985E9352942741D7DC41B1F9E5731E365CAEE8D4FB3C00D9E40DB3D1BEA3EB31D0609F19E717F4E09F285BBE4FDDDE038631E0BA74208F7379DB790A7FBEAF1E77EBE790AC02BA1A7FAA66EC8B127B30C73776B3E6C8F72AACEEBDF2FD70E4A79702128713A792F3275D3509B2320C1524632A54A241D4DA275329F72573C9A53F38A91C1B9F082A48EAA3190D461E0A1BD49E66A3179D06EC807F819278EB59DB419F949F21C9B1D060711C19B8661B0CEFE8C9FAF70B5FD11AC46AB492563A1712E5ABCEB8A6FE0308E29AAA52E835E0356ABCE8F53AAE7AF289A99911F5E507C7161B2FBCEE45875A7622AEE7C7AAAF7978B411575CFE614C1B9352923553BBF4B7025D27E590ED2FC5C074B1971B95ECEA625D5313DD746869BB40DDA"
"OODEFRAG16.00.00.01PROFESSIONAL"="2DE3F465A7D8002FF0BFCCD9829769D7E657D81A91871E07D5E5A144CD3F6AB72D05AFC94BC8C4BDE187EE3DC59195DDA267643AF5D756F9D543B251BDB8FD4DEC71EC0F9B42BF3300983C0FF598120642E3D71B36338F0542BDC1DF2D1C23FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407A2D97226D213B5558EDD5E5BE2F6E667C038D530D6EB3452204B454BEDEDDF7A4033C1789FB8B8B202A75F4FC8109EFA771DAC40AF5D34D7572E24106F1053B56955E919AE0AD21BFD01956362D75CA2F67495051C36584368739CDAF1EA5B753F4A9E09ED71B21AF81761D1106F7CB775711ABBE0FCC80449549A0297C0514AAE5F10D947D4468B7D6FD50B25019A8434714DD0D9C3F17215A0500E622717B7CEFCB052066FFAC1382144B1570E57479AE1816343ED47588A3CB4BCB9078BB5D51938EC5BCF460079DB459CBE6956333044D24A41B43E758C9D027FE82098B09EBFA1D8DA581E0036DF3659D9BB42ED252F9B8C58244F7C2251367C9F82A6882B12AB787D40006E070235260900C68FCACE7F66759FF81476F4130D711425901F445A6220926AEDA92CA8F51306142896DD62C965D8BC57D7BC9E3F568F0711419E7360022E61917EDB3871A07160B822B1EC5A59DA2056397024D2A7824347FD7C83F047C46C640C224FF3BEBA62382CAF8DEF6A01AD9232E931BE264DD2626550D84779DE96E1F7231E0C5EADD71016D0F49812FBF105FD1A972DF527B5862B9B07C98555F07A119A19FE56E9011E65A49713ADD1FD16F903ED791D996FCB27F86513B9D78D9449537842DF62233445CDAF56015AE927AA3C8D37080304BDD5938EF04DE985093330B88298608699030239883143CC8AB471942B841401DBD6AAE0E65661F3A40A26192000FDF787108AF608490C4606E562674EC853731C6D15822B51E8F728283D9DADFC2CC72B0247ECE3B78AF556AA60A9CEE9196DE40239D628207F3548111510F158AECA2894AA64E050E583AA18D4460EE215071321148C7B06F8552F685C7BE8401CD993A3B9E978469D972463B9EB2295C7DA76F8B50F792CF9807AF65A2FC34661D077B28ED05636805F5B681F8CD3C30806D2DFC215A71D7FE9B8A8E741E35EBE91D2E5D82B5B9E338EDAA5A7DDA015FD2D60CB721441CB5743F011F18961E3C680160959D49C60AFD722BD8A59BA942AF4CBD89146348CA3C31BE2F8228891E0052809E8686144C276A3F794BF06325B0AB3C782ADA295DBA8A5F794EC580CCA8D63F76E4AA6720CA8C53FA2101E41B8192DFB350AE284CAB0EE4E6B8D04D69389948BE91D1EF980306422A99350F9BCD63F7DB56581598F9F4F043CEC745A9DED001EED4AAACD69504FD331521DF5337867F79F88BAF81D3C0D5F"
"OODEFRAG17.00.00.01PROFESSIONAL"="A1F94D1715563FA5641D796AEA68CA53A9B5996AF0D8B67DE326D344B99843B0244E64373C36622ADBB1A8684412AD09F9317ECF37142A78D3CA6E359C01597459F829B609D8269C221253E6C5408F17C242A2F25603B502F9924AE145A2277720FA395C49F1091B7B8EA185B1C88E45CDFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407A2D97226D213B555C038D530D6EB3452C038D530D6EB3452502A027D1A886B1B19EBF742E1E931495E4DE5ED1405F4C9537AE0DFB0E8D270072648AD74829A8307109E0A8512F5CE98E0760DB3EE178F00D9EA41C11C7E2ED351AC04CBABCAC3E47C1B38AFF61C72368FEEC48D1E899082257264575F9EA1D000CEC8ECBCF0971D95E609CDED42F611E8C164D224B23444B800CE822303F4987C6E55EAA167119DB09BCB917F6BF187F0015074485F3537E6C11A168AE129CD06F31797FAEE1557997763F16AFECCFC1FE502AB04C021CD7288F22A6D5592154DE7138F1EA65AC0105E47A99EC8C6D6DF4C04F287E9DCFE97491C9B5659589578F6DCAC921870D145D602B544F76F019432F78834541DC7001C690A85D0F6FBA2759F9315ABB60AE28BB3D832202EE810BD9170215CED284F3E44DA6E003CF9D8581AA6962FE0E9014B109878383C829936997198C12D2299122B35B811CDC41DB99D8FBBD779F731895DBFD51D27446E07EB17192A0E3D67992E05408FA294E55612BCDBB9DCBCF45E77DCC10C5128BDC0F7AF541C1808B67F737B13EF87241D916FDE05CFBB474381CC41E5A9EFADAC96434F3206258EF790B20BF6859B37A07046E975781BA88854E2831E7D8DD551E0654DCCB66467903EBA6DE00A5110C31DB798A576D2F522594E7D7D7207A9B99C8BC3F16358A8589B6C1FFE1B737849667AE6B9EF11C964B63B4CC9580F31E5E67512A5A3586D1E643D5EAE3A9A3C6E3C571791EE55C09538E855F9622A7DC885765C1D758DD6A1F23630844DB82CE0B5AFADBB62F47D71CC2CBBBE27B3204A61F7094338788898C8F3DC489C8F9EC18D7273FC9C97A4A585E96AF82458AF46837644362F6BA82C8BA971F355B96AA69F28754FD4BCE0571C9E10BBB61A468E9E817AC9058D6478049ABC390AA06C1A6FE9075D2332DF9B69D99E5323CE83E584BDE1044559E98F9EA0D37AB006061A23E5B989099E52FD6DBECBBB119F0A832FE2701EDF1D6EF56CA88ECE20FB9A1982606A66657AEE7D4A8491280B0C0094B8BE608829FBA92422360903196914FD7DACB2BD0212ED0E47F430FA81649039613033E35A6C5587985B22953A8D5F9FA537F68B86068E95CE71A652C64EEA858D2B290810B932824D43003A8974EB4FB0FDD90104CC1170706CBDF613C4BF0145B94B7F498204E7E02B8A5971"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1536)
c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
c:\windows\system32\msi.dll
c:\program files\Google\Drive\googledrivesync32.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\acs.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Google\Update\1.3.25.5\GoogleCrashHandler.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\wbem\unsecapp.exe
c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\Dropbox.exe
.
**************************************************************************
.
Celkový čas: 2014-11-06 17:21:53 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-11-06 16:21
ComboFix2.txt 2011-08-10 17:35
ComboFix3.txt 2010-04-16 06:46
.
Před spuštěním: Volných bajtů: 246 076 309 504
Po spuštění: Volných bajtů: 248 333 230 080
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - ADDE78F998F6A5334EB29D794106CC2D
413FC2A0C716421B3158746D63736515
Jan
Re: YAC - Yet Another Cleaner (PUP)
Presun ComboFix
na plochu (ak tam este nie je)
otvor si Poznamkovy blok - notepad
do neho zkopiruj skript z nasledujiceho okna:
uloz vytvoreny textovy soubor ako CFScript.txt na plochu
po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:
po aplikacii by mal vzniknut dalsi log, ten vloz sem
na plochu (ak tam este nie je)
otvor si Poznamkovy blok - notepad
do neho zkopiruj skript z nasledujiceho okna:
Kód: Vybrat vše
Driver::
sbapifs
iSafeKrnl
iSafeKrnlR3
iSafeNetFilter
Folder::
c:\program files\Lavasoft
c:\program files\Elex-tech\YAC
File::
c:\documents and settings\Guest\Nabídka Start\Programy\Po spuštění\prf33.tmp
po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:
po aplikacii by mal vzniknut dalsi log, ten vloz sem
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: YAC - Yet Another Cleaner (PUP)
Ahoj, posílám požadovaný log z ComboFixu. Navíc už šla konečně smazat složka ProgramFiles\Ellex-tech se soubory té havěti.
ComboFix 14-10-29.01 - uzivatel 07.11.2014 12:10:21.4.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.168 [GMT 1:00]
Spuštěný z: c:\documents and settings\uzivatel\Dokumenty\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\uzivatel\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"c:\documents and settings\Guest\Nabídka Start\Programy\Po spuštění\prf33.tmp"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ISAFEKRNL
-------\Legacy_ISAFEKRNLR3
-------\Legacy_ISAFENETFILTER
-------\Legacy_SBAPIFS
-------\Service_iSafeKrnl
-------\Service_iSafeKrnlR3
-------\Service_iSafeNetFilter
-------\Service_sbapifs
-------\Legacy_iSafeKrnlKit
-------\Legacy_iSafeService
-------\Service_iSafeKrnlKit
-------\Service_iSafeService
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-10-07 do 2014-11-07 )))))))))))))))))))))))))))))))
.
.
2014-11-06 16:45 . 2014-11-06 16:58 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\HPAppData
2014-11-06 09:34 . 2014-11-06 09:35 -------- d-----w- C:\rsit
2014-11-06 09:34 . 2014-11-06 09:35 -------- d-----w- c:\program files\trend micro
2014-11-06 08:02 . 2014-11-06 08:02 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-11-01 19:32 . 2010-08-30 07:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-10-31 19:30 . 2014-10-31 19:30 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\Lavasoft
2014-10-31 17:44 . 2014-10-31 17:44 -------- d-----w- c:\documents and settings\All Users\Data aplikacÝ
2014-10-31 17:13 . 2014-10-31 17:13 -------- d-----w- c:\documents and settings\LocalService\Plocha
2014-10-31 16:59 . 2014-10-31 16:59 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\Media Player Classic
2014-10-30 08:27 . 2014-10-30 08:27 110080 ----a-r- c:\documents and settings\uzivatel\Data aplikací\Microsoft\Installer\{AF549236-6258-4AC6-A043-5B5B89C6EB61}\IconCF33A0CE.exe
2014-10-30 08:27 . 2014-10-30 08:27 110080 ----a-r- c:\documents and settings\uzivatel\Data aplikací\Microsoft\Installer\{AF549236-6258-4AC6-A043-5B5B89C6EB61}\IconD7F16134.exe
2014-10-30 08:27 . 2014-10-30 08:27 110080 ----a-r- c:\documents and settings\uzivatel\Data aplikací\Microsoft\Installer\{AF549236-6258-4AC6-A043-5B5B89C6EB61}\IconF7A21AF7.exe
2014-10-30 08:26 . 2014-10-30 08:26 -------- d-----w- C:\sh4ldr
2014-10-27 16:26 . 2014-10-27 16:26 19984 ----a-w- c:\windows\system32\drivers\EsgScanner.sys
2014-10-27 16:14 . 2014-10-27 16:14 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\spotmau
2014-10-27 16:13 . 2014-10-30 16:20 -------- d-----w- c:\documents and settings\All Users\Data aplikací\TuneUp360
2014-10-27 16:13 . 2014-10-30 08:02 -------- d-----w- c:\program files\Wondershare
2014-10-24 17:56 . 2014-09-22 12:13 55464 ----a-w- c:\windows\system32\drivers\iSafeNetFilter.sys
2014-10-24 17:55 . 2014-10-24 17:55 -------- d-----w- c:\program files\Elex-tech
2014-10-24 17:54 . 2014-10-24 17:54 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\Elex-tech
2014-10-22 17:25 . 2008-04-14 02:22 77312 ----a-w- c:\windows\system32\taskkill.exe
2014-10-22 17:23 . 2009-07-14 01:14 77824 ----a-w- c:\windows\system32\taskkill.puv
2014-10-22 17:13 . 2014-10-22 17:13 33280 -c--a-w- c:\windows\system32\dllcache\snmp.exe
2014-10-22 17:13 . 2014-10-22 17:13 50688 -c--a-w- c:\windows\system32\dllcache\smss.exe
2014-10-22 17:13 . 2014-10-22 17:13 236544 -c--a-w- c:\windows\system32\dllcache\smi2smir.exe
2014-10-22 17:13 . 2014-10-22 17:13 119808 -c--a-w- c:\windows\system32\dllcache\mtstocom.exe
2014-10-22 17:13 . 2014-10-22 17:13 40960 -c--a-w- c:\windows\system32\dllcache\msiregmv.exe
2014-10-22 17:12 . 2014-10-22 17:12 7680 -c--a-w- c:\windows\system32\dllcache\migregdb.exe
2014-10-22 17:12 . 2014-10-22 17:12 13312 -c--a-w- c:\windows\system32\dllcache\lsass.exe
2014-10-22 17:12 . 2014-10-22 17:12 267776 -c--a-w- c:\windows\system32\dllcache\fxssvc.exe
2014-10-22 17:12 . 2014-10-22 17:12 229376 -c--a-w- c:\windows\system32\dllcache\fxscover.exe
2014-10-22 17:12 . 2014-10-22 17:12 142848 -c--a-w- c:\windows\system32\dllcache\fxsclnt.exe
2014-10-22 17:07 . 2014-10-22 17:07 24632 -c--a-w- c:\windows\system32\dllcache\fpadmcgi.exe
2014-10-22 17:07 . 2014-10-22 17:07 1033728 -c--a-w- c:\windows\system32\dllcache\explorer.exe
2014-10-22 17:07 . 2014-10-22 17:07 92160 -c--a-w- c:\windows\system32\dllcache\evntwin.exe
2014-10-22 17:07 . 2014-10-22 17:07 24064 -c--a-w- c:\windows\system32\dllcache\evntcmd.exe
2014-10-22 17:07 . 2014-10-22 17:07 15360 -c--a-w- c:\windows\system32\dllcache\ctfmon.exe
2014-10-22 17:07 . 2014-10-22 17:07 6144 -c--a-w- c:\windows\system32\dllcache\csrss.exe
2014-10-22 17:07 . 2014-10-22 17:07 64000 -c--a-w- c:\windows\system32\dllcache\cleanmgr.exe
2014-10-22 17:07 . 2014-10-22 17:07 44544 -c--a-w- c:\windows\system32\dllcache\alg.exe
2014-10-22 16:58 . 2014-10-22 16:58 -------- d-----w- c:\program files\DLLSuite
2014-10-22 16:16 . 2014-10-22 16:16 -------- d-----w- c:\windows\ERUNT
2014-10-22 15:48 . 2014-11-06 09:20 -------- d-----w- C:\AdwCleaner
2014-10-17 19:53 . 2014-10-18 17:52 -------- d-----w- c:\windows\system32\MpEngineStore
2014-10-17 19:51 . 2014-10-17 20:08 -------- d-----w- C:\eaca0b1a2b4e658f82822b
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-06 08:02 . 2007-06-30 23:41 145408 ----a-w- c:\windows\system32\javacpl.cpl
2014-10-19 09:27 . 2012-04-01 13:17 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-10-19 09:27 . 2011-06-28 14:53 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2004-10-01 14:00 . 2007-03-15 12:10 40960 -c--a-w- c:\program files\Uninstall_CDS.exe
2010-08-07 08:44 . 2014-10-21 08:20 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-18 08:56 578240 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2005-04-12 229376]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-07 30192]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"SpywareTerminatorShield"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2012-09-07 2777296]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-07 111208]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2013-10-23 5039400]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-01 4085896]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2014-09-26 271744]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Guest\Nabídka Start\Programy\Po spuštění\
prf33.tmp [2009-10-27 0]
.
c:\documents and settings\uzivatel\Nabídka Start\Programy\Po spuštění\
Dropbox.lnk - c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\Dropbox.exe /systemstartup [2014-9-13 36414624]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
O&O Defrag Tray.lnk - c:\windows\Installer\{95E6C53F-F92D-4232-B700-1842806F59B6}\DefragIcon.exe [2014-8-16 292878]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"= "c:\progra~1\DVDREG~1\DVDShell.dll" [2004-10-09 49152]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface]
2013-06-04 23:01 4489472 ----a-w- c:\documents and settings\uzivatel\Local Settings\Data aplikací\Akamai\netsession_win.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2011-01-12 11:21 49208 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
2006-11-02 06:55 1397760 ------w- c:\program files\Ahead\InCD\InCD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
2006-02-10 19:40 2048000 -c----w- c:\program files\Ahead\Nero BackItUp\NBJ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2011-01-07 17:58 13880424 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2011-01-07 17:58 111208 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2010-11-04 06:51 1753192 ----a-w- c:\program files\NVIDIA Corporation\nview\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pinnacle WebUpdater]
2006-06-08 08:40 385024 -c--a-w- c:\program files\Pinnacle\Shared Files\Programs\WebUpdater\WebUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-02 19:24 32768 ----a-w- c:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-07-21 08:56 16261632 ------r- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater]
2013-04-03 01:19 3684488 ----a-w- c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2014-09-26 17:19 271744 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipDiscount]
2013-06-23 09:19 19428168 ----a-w- c:\program files\VoipDiscount.com\VoipDiscount\voipdiscount.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\VoipDiscount.com\\VoipDiscount\\VoipDiscount.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Documents and Settings\\uzivatel\\Local Settings\\Data aplikací\\Akamai\\netsession_win.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminator.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\HP\\HP Software Update\\hpwucli.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Cisco Packet Tracer 6.0.1\\bin\\PacketTracer6.exe"=
"c:\\Documents and Settings\\uzivatel\\Data aplikací\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [18.3.2013 13:19 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [18.3.2013 13:19 192352]
R0 oodrvled;oodrvled;c:\windows\system32\drivers\OODrvled.sys [2.3.2011 16:48 25680]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [5.10.2010 13:39 691696]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [12.8.2011 23:33 779536]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [12.8.2011 23:33 414520]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [13.1.2014 19:03 32768]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [6.5.2014 10:48 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [18.3.2013 13:19 67824]
R2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [23.10.2013 12:25 2034472]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\Spyware Terminator\st_rsser.exe [30.11.2011 10:31 587472]
R3 3xHybrid;Pinnacle PCTV 310i Stereo DVB-T;c:\windows\system32\drivers\3xHybrid.sys [15.3.2007 12:42 827008]
R3 JSWSCIMD;jswscimd Service;c:\windows\system32\drivers\jswscimd.sys [16.4.2013 12:12 57440]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys --> c:\windows\system32\drivers\sbaphd.sys [?]
S2 gupdate1c9ab2f2dc67244;Služba Google Update (gupdate1c9ab2f2dc67244);c:\program files\Google\Update\GoogleUpdate.exe [22.3.2009 21:45 107912]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]
S2 PHPGeekUtil;PHPGeekUtil; [x]
S3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [7.1.2014 4:48 12288]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [23.3.2009 18:19 30192]
S3 iSafeKrnlBoot;YAC Boot Driver;c:\windows\system32\DRIVERS\iSafeKrnlBoot.sys --> c:\windows\system32\DRIVERS\iSafeKrnlBoot.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-30 07:24 1089352 ----a-w- c:\program files\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-11-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 09:27]
.
2014-10-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
2014-11-07 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-18 08:56]
.
2014-10-24 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-22 07:26]
.
2014-10-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-22 07:17]
.
2014-10-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-22 07:17]
.
2014-04-08 c:\windows\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-12 23:28]
.
2014-11-07 c:\windows\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-12 23:28]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = about:blank
mSearch Bar = https://www.seznam.cz/?clid=22668
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{294AE381-EE6D-4033-B791-9F27DFE63972}: NameServer = 88.103.219.2
FF - ProfilePath - c:\documents and settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\NovyProfil\
FF - ExtSQL: !HIDDEN! 2009-09-01 09:54; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2010-12-23 13:05; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-11-07 12:32
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_15_0_0_189_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_15_0_0_189_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="BEE5DB3A0726C58AB6CF4C65000D6FFD5C5F93C18D40DC42163553E5877A29A21FC2C8DD6FC21648A868F6BE39151A15CA25144BE79AB79043D1D2A270EB2EDB0775760678E97443239D3529D72507D4EA506F1878D0818BFC0B3023F64EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3DA6A0AC4980AC79339DB7CE019D40AA5C10B2B9AA900F368869EE0D65C8926FADBB26971B7E61504BA03823248E3B934FFEF2493548DA8A30A636F3E46FED45FC3CB3303390948BE878B64B2FA972A3FEAE7E429C9756ED49312A893D6066CAA6F7B21415C4E852931E733C4F280E611C30486DABBEDE6ECAC7B6297A1AA2B031F626D4AC75EA9C8208ABDDF3E1A32AB08568257034316EAD98EBC26ACE2880AB3837972A328E3771214229CD64ADAE4A2517583CA1F1A2F2497DDB2266E592A1AAB39481BFA74024C5BC2D506E0A737BFB358BA563A9159A6F438B777AA9172A350D1A6B92EF2C5C4AC48CB6F77BD058674654070CC124AD193AFE85592A115A2E560964DA844364F1A97C7CA528747BBAEEDEFDE18B0235C600762B86FD56CE654A572B73E6208778DA47E3D69ADD02BDFBE9EDDB3932C0EA5A458CB72311A71AC40EC473FDB3178CEFCCF19AC1630E2BDBCAFB2A6191E2ED31D311D6F8C10903C549F8201040694E237D6F356FABC4B020E512AD814BB12C0F9FE383C33A98C7F33CD475CCDF54D4D060E821DAB5D0F302385FF9F7E2C775A53871902DA1048597AAA7A4C4FBB52A7C8FB1091D515F89DAD055DA082DC40E47427084C0F2F84E9D6E060FEE57EE4B4B395CCE3623217D2A532A4D5953CAADECF45618EE7C2D2617F3C8CC2282E2AB0621448486244D4E92765703F6558000329EDDBB0C60570638BE8AAA1EE5FB321D1B047556A19B705B849D5F500390A6561D08905096B2DADAE12BA683BE27B5A0137F9C4EBACBC96E5E7B0039032AB33EE595ED5969FE07FA87D0F4D59BD286C6075AABFEE61EB5DBF63AAEE8CE7E3171810F5F26F7805EB9EC627D81E1F566E9887D8659ECD882D5D562EEFB33C4999B0B40A11BB3FEAA5C630CDA52C7878B873F1745346945F43495C1756FD4B8DC0DB4B7A881E54527CB50BEDCF959051FC1E31835C9CE31C170E46BABA7A698DF3941C79806272407952CAD860E756FBFDD463556B760EE162A8936306D73267A398987CE37E66D6F680551110752CAFE4647E7DC81B6538F25D73A53E959A878C67953590C687AF61CFBE5E6C3F51F6389DE6CB10FBF384146BCD71B2EC9EB9A43114A78DAC127ACA646EB28843CFAE659944572273CFA339AB72FC1AD0A3B133266CE2560DDD191A72E27A7EE55EC770A0AB7ED7A407EDF505A28B3BDB5EC8B3C9F88093E7BDE195E"
"OODEFRAG12.00.00.01PROFESSIONAL"="E45C92C93ED527CD2235CE4A01A06D55821BD52A357AB8CBED5C1DD237F739D3E45296124F44EBF8B4BD030A49CA1CB17B3CA140E3F3AE6E7CC922AE88EDC9B546D4EF6D5F0740D2A6DE4FE42318D119EC31B998D503BF29009C257C37342AD9C5CB025A9449419FD0AB17C8622E458C6C56A933ADE35660EB1978EB51C299A65187FE5A0BD9A3E3419C942950D33D55466C4F92FE78EEBCE86BBD33D8B2E9C510B97273D1ABAE6A388BD7FCA7F4957CF7985EBFD2451BA9519FED0944410022D8F8362F6B55BD422D38C0BD19A140D2B361DBC4A77400D7B427542CFC5158EE3A3FFB9A4E933EBB494784EA470EC1EA61B3FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808FEBC9E127BECC74CA2D97226D213B555A6171C11EC38DE3D32C1A7A679A9ADF9FD287CF29C781D8132471A96EFA8E60D747A88AC8D20BCDCF9C56A4EAEB312415AC79BB330A62088BE431F7BDB39388557B456EA1147E99F247A95C9307679768B88F8D4D9F2A014C831942C0441A5AD1B7AF168D71A3EFB5885D82F635C44154081EF5F1707BDE6213AA64C9AC92B3458A5F00568A4302916105834C49409FD78CD5185F853C92BEE89EFA363A47828F8925D41DBB76FBFABC6A93363111073890B6199A10ACAECACCE8321B8E6F0003EA13644E169D93F3E5DD72BE286571D9FDCD615CBA37B1C2BBB65D40767AB16BBB66C56BA91058BC709E1BEF9EF1006B6685F9342DACA0D0B0B0E73D0C2F42659BB66673E4E39E894023C37738C211E22D999D365ADDAF843F6EA56AAD7CB53531D7E885600F281C408CC7C2F5CA23906DF1ABA2AE0837B203E5DF9BDCC63A137CA02EE814DE2E54DDA6F9EA028638DDBAB69CE98F94D163FA6BA804709A4F9EABA33F4529EED07F641F1D04F78E3B6737402BDCCC5772B93F4CBAC9938A9AB26E348196D20AC3BDE841869569AD9346C75D6D676D1748463784C68194B4267F3446BFB8F446ABCF5721864E3222EEA3F6D488E5A72EBCE4AFCEE413E75F142B4DCBAE4053F29AA01DB9EDE3DE50020331E317B513FB699B6D9D86797AF71351BB048BCB08B1C879797491DB7FD9F80E64F5CD94791645AEBE3212F46B5AA9EB0C8989208642D39A77FAB06BF4A929A4B4A890ABC89B7670077D6937F09BE3FCFB2A817974C778BF26FCCA454EB9363285FED90C48B26005DF4FAAF8CEAFE3D28FE6320FA084C2A8B4BA72608498DB09560B09309BBDAC2C4408044C9E57521BEC12D29662131295CF72B5F038C26BE02A36DDF4588B3B4C6BF523729C5DBD7E914DACD9FE45DFE22DDB9C68124AE2BAF8336E6C99EC4BD4BDF4D913099A234D513B5520163BC86EB6BABF6D0C2337CB3608C3A7BF253290C10417F78B66CEB04DDFD9AF8F2"
"OODEFRAG14.00.00.01PROFESSIONAL"="38B46E634BE300C31F0C32035BE76CDFB446426CD4DFB2E023810A8FC329C5483D261E3E93CC2647604E16051A64AD54A72E4B88EE95A8D6EB93D1F81693C6E111FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98089DB7CE019D40AA5C9DB7CE019D40AA5CA6A0AC4980AC7933C16893D4AD709F4815C9C6084A9EF267D2A08E68270F87F91A6CC2EBFB46D0221136F8D37104DE435C0AFB54A63313D8B4D5508B49A4EA8F8088C04FBD1BE03F838784BE51A6CF221D74F0AB0155EFEC9BBE3FDB57ACE428900B5704C67550684AE7BA2AAB5A84C84B4FF0CC4CD2B8BCD8FD8E57EF6259B22115C3EC87205E02DC9381026397342E1C152BC479F23DF587EA5952B8F9D42F49FB2AC3F6DAED03F57D270260CA3DE00BF5B57580EDF15802129BF45A980336E7C60E150ED886F5124A583E8BD21E7FD8D287965EF070BA68B2383A82D837711DB25DC04AC0527A74D2291AD3867ABE87C2FD33129C75879F3FF3736048661FCE31E2FDADAD204422A511D02CAA9A675E90D92A9E0662B8CFDF7742A9E8AA91A66554D2BDAD639AE604EB6E8CFC6A54E8B93EAD0C36BA6264F0D1A016B0C12E1028C61E044634D85063F9D76D2DF9F77671B344672B28A80E02F2D8630A0EF0BC07348F8EEBCA6DAFECDBBFCDDF7CD4989EA849BED477C4C054318BD15315E62340FA2B6F0B07DC1B7F1C31322B4A04A8DA6AEAA5989A0435E1452B25DD01327ACBDD4C3B026D3D6F2BA30A9E9EDFB1BF75302DB4CF25C7E655CC0126709F8942CE831D8CA3A2BAC6B5C37CA0365C1D3F71106686C6D006168DC829A2C3E3B7B928F5207F3873138699AD8CC4E8841D480488BFBBBE7AC7C69F9F116B866199E5E62329B7F9CD1C52837B959D1DBE17C218F8BAF76D212941D11BFE535B532311CF5F615917C3BA17D4A646432F1909D94CA5A7E17BECDC92A0660AB45798D9C8DCDEC48EB30E6B01A48F9ECF704103FC7337AEA605A42789B9949C6C0531D75CB8BC2506E6863D0239F87361238C28DE14B849F39BB5E13B039B775863C44CE2447827EF3B2C5451148AF11B7FF1B2F6691DC87FC5B079FE13522F60629C77B395724382B022E669E3CF9423338E6D01E0374D007A4BF0713479AAEB6926316D73F2C677392FBF070FB730A4DBA139FA9CC0CE31285DDBF3E7AF26E7D172E3EFDAA3520C3C3EBEADAF1667CD908E0AA8735418512FE4642861FBB0C36AB98DE1FC12590293DDD82312223552565EE890F0F248266481C77806472EF5F454C0ABBD322620904112EF3977E8E7AABBF1FED201D1771179578FF35FD67528C0227AB559D4ADF44008E4591623497D77D3028C487A8E72B4785EF8F3B640ACA0EE3EB1C257FBF7D3E992DDDF58B53384546DC2F2DDBD3941"
"OODEFRAG15.00.00.01PROFESSIONAL"="694954EFFC2BFE83DBB96BA6A676B0054336F1F4323312E58CA4A99EA2EA54CE8F76CC5BAEE4EDE24DFB0265170C0211F04EAD105FD917722CBE8EF3CD5693C562E72429B4A81C699ABAF5939D2FB073CEAA96392F34284E005F8330752CEA719E80519A6F7E11214789AA2AEDE9C040463119C2C7706733F35BA42157D638D5D8A7BB134D3308752B827548CD096A6D15CB9A2564F92A43CA8F033444068F5A77C9C01DD45671B8F241202E181D9956C9E770F9D483FA0099D8227F9F2DB7CDB4D5B2E41FBCF0A19CE669C339FAEE38CAF8E501FC0516D14B1A79B9E082A85F9FBF533BD97D5CC6FC968291B63E4036D0F1BA9CD2356EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A6A0AC4980AC7933C038D530D6EB3452FEBC9E127BECC74C06981770CC8E536E0B23A93363BD2EDAA728194B428E4485C63AA584E56ABFC3F1A9B34E309C6F899F832F897E05B7241BF20A23DA9B0AB4F064B78130B77E8D76004EC219BBEAD259F0A7C5397B8FEC440096872504DC5290F9B052E12A3D9785E725386AE6F255B09B9EDECD1089DE46033E9D56CD51C28F5322674878F0A1F301F70C292E7F530588A6409AC4BB58A78684FAC5113D2240211DA5D5724F267B3E8A900030C940181054C8A432FE6AD468EDAE70793CBFD7E53CE41D77574FB9E8268ABD264EC5115FC1CA9083F25A1CDA0837F3C7AC9B6DF799F3D8FBC77DAF9C18B6D1D94CBE79F60E0FAA7878A23262DE0916CF346E7C035492E40C2442C2C631BF53A84C3E41AC59CEE16237EFAD59068BBE7A36A1E7051177C244B667BC2EC4CAFC059585B82849B9472A17A309EE941BF7C361D4F1D0F64A97D309684B69AC6B2B76B51097E608F3144CC85426232508743B2359448D32282B81ED73FEE3452D61167D8878384392A2553DCA464B551685852E36EA3671A26B27F6EB4D5DEE8D459281CF58C22CA1F0692A041293C8FC25DB7A26D518693EE7317EE9116A8DFD9E2D1D7B9BFD781FA24189B1147726E8ED89C396D958D0F357A09F3A85728B66DD3DEB5386B7E280FD261CBA3CCA97FA1FEE08AC2F6B6431920BB959CDB1D49E14AD4E53458F272A6E79DF375D31CBC61F010ABB729DE3D6151B727EEE3659F5777BEA2DE4FB897903AC1FF5B025F552F3C75350A38D113A000B310ED0658E2EE0B9A94359C34DBAEDC76176CE75CC1CC95E2C28A72DB5A4192FA22643F66C7D4F0E3AB1F7053CB486657570B8C30A1370772636C7441C5148EB36147676F00EE3B20A417BB0A51AC8366DCC52846D1C5CD413212EEC94F21C39205D7F439AFCE4F750F402895A99D1FB20A76102388D25CF89C26D16F12FC3A559385811705C3C3C07800EABAFCFE50FA6D313DAB2B48755662AF7"
"OODLED04.00.00.01PRO"="DB9597F6109B414B8CFE47EF18137E42CCB7E90926CFB11F5447D3F50350CD267E18C302408E73E06AA1E00FBAE79B2463240A2270A80C261C727686A997A4A842CAAB77631C742A5241B5DE9FF0A22DC93E3E2971662A13A485E89CE1305DFEA3CF064E2CD0414CEDF9139A3783B6167CB909B87245F24E54EC80567762C2E198701EC6FE1BAC73DF8C5742A158501B65707E3374E722C405BB271566D678908695536375CEDBCC3A5CF798B70A377B675F483BAB5248E68426DBFCDC9DF0CAC84E1AE9DC23C90C07F1FD2481990B7A56A724B97DEF48A99408FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98085D575E7D6A3B98088EDD5E5BE2F6E6678EDD5E5BE2F6E667674F945FB911D2F83386B16D39FD0A16D270FD341361188E956817BEE904A18461492CBC8701D9BC4A3F8EC0972182A56F221796B04132F52B665DA2ABC3F856951939D5499DC399D17218B0B068A18933EFA0D4B389C7BFA9872A27E8EC7691835E7F0414429D0AFEA06E7FDD5F6173A85C37B95B1CDD75106C3841E94ECBB8C0FA7303555067299A0FE551CF97303AEEABAB73BC56F0C5EF7CF2C5C5B924F3F396C0F3C8AA18B70244053189A5705637E68214BFA1F08472617D736C871A905A1C45DA83B8961C260D870CE42277E6C75A721323E53EA8530AAC679E12BC7D443B15206B66415E8D79DD320BA88F2CFB196B497610B14CDF288AA5F1B612CD9466758FBBA2E82BD0DD2A5AFDDB770E40778AF61E1316ADFB31D395515911BA465561DA02E152D31DD1449C10DF6015990EA63C54E4AAB120DEF982F85F252063048715A21C36CCB3B239F7E9DBEFEE9B3BC52225FD225ED532A39BFA352FFB0DAF4937534CC1AFE920C64C877DC06FF19F2810F0DCA25FBEE9A9F43E4803F4F7DCBD1E1F7196B8A87D6060B676618ADA9FBA576C0348810C0F1A86FB8B6951EBD1B089659049C8EDF22FDC9EF8535BA76424A8A074A23985E9352942741D7DC41B1F9E5731E365CAEE8D4FB3C00D9E40DB3D1BEA3EB31D0609F19E717F4E09F285BBE4FDDDE038631E0BA74208F7379DB790A7FBEAF1E77EBE790AC02BA1A7FAA66EC8B127B30C73776B3E6C8F72AACEEBDF2FD70E4A79702128713A792F3275D3509B2320C1524632A54A241D4DA275329F72573C9A53F38A91C1B9F082A48EAA3190D461E0A1BD49E66A3179D06EC807F819278EB59DB419F949F21C9B1D060711C19B8661B0CEFE8C9FAF70B5FD11AC46AB492563A1712E5ABCEB8A6FE0308E29AAA52E835E0356ABCE8F53AAE7AF289A99911F5E507C7161B2FBCEE45875A7622AEE7C7AAAF7978B411575CFE614C1B9352923553BBF4B7025D27E590ED2FC5C074B1971B95ECEA625D5313DD746869BB40DDA"
"OODEFRAG16.00.00.01PROFESSIONAL"="2DE3F465A7D8002FF0BFCCD9829769D7E657D81A91871E07D5E5A144CD3F6AB72D05AFC94BC8C4BDE187EE3DC59195DDA267643AF5D756F9D543B251BDB8FD4DEC71EC0F9B42BF3300983C0FF598120642E3D71B36338F0542BDC1DF2D1C23FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407A2D97226D213B5558EDD5E5BE2F6E667C038D530D6EB3452204B454BEDEDDF7A4033C1789FB8B8B202A75F4FC8109EFA771DAC40AF5D34D7572E24106F1053B56955E919AE0AD21BFD01956362D75CA2F67495051C36584368739CDAF1EA5B753F4A9E09ED71B21AF81761D1106F7CB775711ABBE0FCC80449549A0297C0514AAE5F10D947D4468B7D6FD50B25019A8434714DD0D9C3F17215A0500E622717B7CEFCB052066FFAC1382144B1570E57479AE1816343ED47588A3CB4BCB9078BB5D51938EC5BCF460079DB459CBE6956333044D24A41B43E758C9D027FE82098B09EBFA1D8DA581E0036DF3659D9BB42ED252F9B8C58244F7C2251367C9F82A6882B12AB787D40006E070235260900C68FCACE7F66759FF81476F4130D711425901F445A6220926AEDA92CA8F51306142896DD62C965D8BC57D7BC9E3F568F0711419E7360022E61917EDB3871A07160B822B1EC5A59DA2056397024D2A7824347FD7C83F047C46C640C224FF3BEBA62382CAF8DEF6A01AD9232E931BE264DD2626550D84779DE96E1F7231E0C5EADD71016D0F49812FBF105FD1A972DF527B5862B9B07C98555F07A119A19FE56E9011E65A49713ADD1FD16F903ED791D996FCB27F86513B9D78D9449537842DF62233445CDAF56015AE927AA3C8D37080304BDD5938EF04DE985093330B88298608699030239883143CC8AB471942B841401DBD6AAE0E65661F3A40A26192000FDF787108AF608490C4606E562674EC853731C6D15822B51E8F728283D9DADFC2CC72B0247ECE3B78AF556AA60A9CEE9196DE40239D628207F3548111510F158AECA2894AA64E050E583AA18D4460EE215071321148C7B06F8552F685C7BE8401CD993A3B9E978469D972463B9EB2295C7DA76F8B50F792CF9807AF65A2FC34661D077B28ED05636805F5B681F8CD3C30806D2DFC215A71D7FE9B8A8E741E35EBE91D2E5D82B5B9E338EDAA5A7DDA015FD2D60CB721441CB5743F011F18961E3C680160959D49C60AFD722BD8A59BA942AF4CBD89146348CA3C31BE2F8228891E0052809E8686144C276A3F794BF06325B0AB3C782ADA295DBA8A5F794EC580CCA8D63F76E4AA6720CA8C53FA2101E41B8192DFB350AE284CAB0EE4E6B8D04D69389948BE91D1EF980306422A99350F9BCD63F7DB56581598F9F4F043CEC745A9DED001EED4AAACD69504FD331521DF5337867F79F88BAF81D3C0D5F"
"OODEFRAG17.00.00.01PROFESSIONAL"="A1F94D1715563FA5641D796AEA68CA53A9B5996AF0D8B67DE326D344B99843B0244E64373C36622ADBB1A8684412AD09F9317ECF37142A78D3CA6E359C01597459F829B609D8269C221253E6C5408F17C242A2F25603B502F9924AE145A2277720FA395C49F1091B7B8EA185B1C88E45CDFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407A2D97226D213B555C038D530D6EB3452C038D530D6EB3452502A027D1A886B1B19EBF742E1E931495E4DE5ED1405F4C9537AE0DFB0E8D270072648AD74829A8307109E0A8512F5CE98E0760DB3EE178F00D9EA41C11C7E2ED351AC04CBABCAC3E47C1B38AFF61C72368FEEC48D1E899082257264575F9EA1D000CEC8ECBCF0971D95E609CDED42F611E8C164D224B23444B800CE822303F4987C6E55EAA167119DB09BCB917F6BF187F0015074485F3537E6C11A168AE129CD06F31797FAEE1557997763F16AFECCFC1FE502AB04C021CD7288F22A6D5592154DE7138F1EA65AC0105E47A99EC8C6D6DF4C04F287E9DCFE97491C9B5659589578F6DCAC921870D145D602B544F76F019432F78834541DC7001C690A85D0F6FBA2759F9315ABB60AE28BB3D832202EE810BD9170215CED284F3E44DA6E003CF9D8581AA6962FE0E9014B109878383C829936997198C12D2299122B35B811CDC41DB99D8FBBD779F731895DBFD51D27446E07EB17192A0E3D67992E05408FA294E55612BCDBB9DCBCF45E77DCC10C5128BDC0F7AF541C1808B67F737B13EF87241D916FDE05CFBB474381CC41E5A9EFADAC96434F3206258EF790B20BF6859B37A07046E975781BA88854E2831E7D8DD551E0654DCCB66467903EBA6DE00A5110C31DB798A576D2F522594E7D7D7207A9B99C8BC3F16358A8589B6C1FFE1B737849667AE6B9EF11C964B63B4CC9580F31E5E67512A5A3586D1E643D5EAE3A9A3C6E3C571791EE55C09538E855F9622A7DC885765C1D758DD6A1F23630844DB82CE0B5AFADBB62F47D71CC2CBBBE27B3204A61F7094338788898C8F3DC489C8F9EC18D7273FC9C97A4A585E96AF82458AF46837644362F6BA82C8BA971F355B96AA69F28754FD4BCE0571C9E10BBB61A468E9E817AC9058D6478049ABC390AA06C1A6FE9075D2332DF9B69D99E5323CE83E584BDE1044559E98F9EA0D37AB006061A23E5B989099E52FD6DBECBBB119F0A832FE2701EDF1D6EF56CA88ECE20FB9A1982606A66657AEE7D4A8491280B0C0094B8BE608829FBA92422360903196914FD7DACB2BD0212ED0E47F430FA81649039613033E35A6C5587985B22953A8D5F9FA537F68B86068E95CE71A652C64EEA858D2B290810B932824D43003A8974EB4FB0FDD90104CC1170706CBDF613C4BF0145B94B7F498204E7E02B8A5971"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3884)
c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
c:\windows\system32\msi.dll
c:\program files\Google\Drive\googledrivesync32.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\acs.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Google\Update\1.3.25.5\GoogleCrashHandler.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\RUNDLL32.EXE
c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\Dropbox.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Celkový čas: 2014-11-07 12:37:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-11-07 11:36
ComboFix2.txt 2011-08-10 17:35
ComboFix3.txt 2010-04-16 06:46
.
Před spuštěním: Volných bajtů: 248 241 221 632
Po spuštění: Volných bajtů: 248 223 039 488
.
- - End Of File - - 44A8BB439284160E091C47CA9EDE50C8
413FC2A0C716421B3158746D63736515
Jan
ComboFix 14-10-29.01 - uzivatel 07.11.2014 12:10:21.4.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.168 [GMT 1:00]
Spuštěný z: c:\documents and settings\uzivatel\Dokumenty\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\uzivatel\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"c:\documents and settings\Guest\Nabídka Start\Programy\Po spuštění\prf33.tmp"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ISAFEKRNL
-------\Legacy_ISAFEKRNLR3
-------\Legacy_ISAFENETFILTER
-------\Legacy_SBAPIFS
-------\Service_iSafeKrnl
-------\Service_iSafeKrnlR3
-------\Service_iSafeNetFilter
-------\Service_sbapifs
-------\Legacy_iSafeKrnlKit
-------\Legacy_iSafeService
-------\Service_iSafeKrnlKit
-------\Service_iSafeService
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-10-07 do 2014-11-07 )))))))))))))))))))))))))))))))
.
.
2014-11-06 16:45 . 2014-11-06 16:58 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\HPAppData
2014-11-06 09:34 . 2014-11-06 09:35 -------- d-----w- C:\rsit
2014-11-06 09:34 . 2014-11-06 09:35 -------- d-----w- c:\program files\trend micro
2014-11-06 08:02 . 2014-11-06 08:02 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-11-01 19:32 . 2010-08-30 07:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-10-31 19:30 . 2014-10-31 19:30 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\Lavasoft
2014-10-31 17:44 . 2014-10-31 17:44 -------- d-----w- c:\documents and settings\All Users\Data aplikacÝ
2014-10-31 17:13 . 2014-10-31 17:13 -------- d-----w- c:\documents and settings\LocalService\Plocha
2014-10-31 16:59 . 2014-10-31 16:59 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\Media Player Classic
2014-10-30 08:27 . 2014-10-30 08:27 110080 ----a-r- c:\documents and settings\uzivatel\Data aplikací\Microsoft\Installer\{AF549236-6258-4AC6-A043-5B5B89C6EB61}\IconCF33A0CE.exe
2014-10-30 08:27 . 2014-10-30 08:27 110080 ----a-r- c:\documents and settings\uzivatel\Data aplikací\Microsoft\Installer\{AF549236-6258-4AC6-A043-5B5B89C6EB61}\IconD7F16134.exe
2014-10-30 08:27 . 2014-10-30 08:27 110080 ----a-r- c:\documents and settings\uzivatel\Data aplikací\Microsoft\Installer\{AF549236-6258-4AC6-A043-5B5B89C6EB61}\IconF7A21AF7.exe
2014-10-30 08:26 . 2014-10-30 08:26 -------- d-----w- C:\sh4ldr
2014-10-27 16:26 . 2014-10-27 16:26 19984 ----a-w- c:\windows\system32\drivers\EsgScanner.sys
2014-10-27 16:14 . 2014-10-27 16:14 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\spotmau
2014-10-27 16:13 . 2014-10-30 16:20 -------- d-----w- c:\documents and settings\All Users\Data aplikací\TuneUp360
2014-10-27 16:13 . 2014-10-30 08:02 -------- d-----w- c:\program files\Wondershare
2014-10-24 17:56 . 2014-09-22 12:13 55464 ----a-w- c:\windows\system32\drivers\iSafeNetFilter.sys
2014-10-24 17:55 . 2014-10-24 17:55 -------- d-----w- c:\program files\Elex-tech
2014-10-24 17:54 . 2014-10-24 17:54 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\Elex-tech
2014-10-22 17:25 . 2008-04-14 02:22 77312 ----a-w- c:\windows\system32\taskkill.exe
2014-10-22 17:23 . 2009-07-14 01:14 77824 ----a-w- c:\windows\system32\taskkill.puv
2014-10-22 17:13 . 2014-10-22 17:13 33280 -c--a-w- c:\windows\system32\dllcache\snmp.exe
2014-10-22 17:13 . 2014-10-22 17:13 50688 -c--a-w- c:\windows\system32\dllcache\smss.exe
2014-10-22 17:13 . 2014-10-22 17:13 236544 -c--a-w- c:\windows\system32\dllcache\smi2smir.exe
2014-10-22 17:13 . 2014-10-22 17:13 119808 -c--a-w- c:\windows\system32\dllcache\mtstocom.exe
2014-10-22 17:13 . 2014-10-22 17:13 40960 -c--a-w- c:\windows\system32\dllcache\msiregmv.exe
2014-10-22 17:12 . 2014-10-22 17:12 7680 -c--a-w- c:\windows\system32\dllcache\migregdb.exe
2014-10-22 17:12 . 2014-10-22 17:12 13312 -c--a-w- c:\windows\system32\dllcache\lsass.exe
2014-10-22 17:12 . 2014-10-22 17:12 267776 -c--a-w- c:\windows\system32\dllcache\fxssvc.exe
2014-10-22 17:12 . 2014-10-22 17:12 229376 -c--a-w- c:\windows\system32\dllcache\fxscover.exe
2014-10-22 17:12 . 2014-10-22 17:12 142848 -c--a-w- c:\windows\system32\dllcache\fxsclnt.exe
2014-10-22 17:07 . 2014-10-22 17:07 24632 -c--a-w- c:\windows\system32\dllcache\fpadmcgi.exe
2014-10-22 17:07 . 2014-10-22 17:07 1033728 -c--a-w- c:\windows\system32\dllcache\explorer.exe
2014-10-22 17:07 . 2014-10-22 17:07 92160 -c--a-w- c:\windows\system32\dllcache\evntwin.exe
2014-10-22 17:07 . 2014-10-22 17:07 24064 -c--a-w- c:\windows\system32\dllcache\evntcmd.exe
2014-10-22 17:07 . 2014-10-22 17:07 15360 -c--a-w- c:\windows\system32\dllcache\ctfmon.exe
2014-10-22 17:07 . 2014-10-22 17:07 6144 -c--a-w- c:\windows\system32\dllcache\csrss.exe
2014-10-22 17:07 . 2014-10-22 17:07 64000 -c--a-w- c:\windows\system32\dllcache\cleanmgr.exe
2014-10-22 17:07 . 2014-10-22 17:07 44544 -c--a-w- c:\windows\system32\dllcache\alg.exe
2014-10-22 16:58 . 2014-10-22 16:58 -------- d-----w- c:\program files\DLLSuite
2014-10-22 16:16 . 2014-10-22 16:16 -------- d-----w- c:\windows\ERUNT
2014-10-22 15:48 . 2014-11-06 09:20 -------- d-----w- C:\AdwCleaner
2014-10-17 19:53 . 2014-10-18 17:52 -------- d-----w- c:\windows\system32\MpEngineStore
2014-10-17 19:51 . 2014-10-17 20:08 -------- d-----w- C:\eaca0b1a2b4e658f82822b
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-06 08:02 . 2007-06-30 23:41 145408 ----a-w- c:\windows\system32\javacpl.cpl
2014-10-19 09:27 . 2012-04-01 13:17 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-10-19 09:27 . 2011-06-28 14:53 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2004-10-01 14:00 . 2007-03-15 12:10 40960 -c--a-w- c:\program files\Uninstall_CDS.exe
2010-08-07 08:44 . 2014-10-21 08:20 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-18 08:56 578240 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2005-04-12 229376]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-07 30192]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"SpywareTerminatorShield"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2012-09-07 2777296]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-07 111208]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2013-10-23 5039400]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-01 4085896]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2014-09-26 271744]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Guest\Nabídka Start\Programy\Po spuštění\
prf33.tmp [2009-10-27 0]
.
c:\documents and settings\uzivatel\Nabídka Start\Programy\Po spuštění\
Dropbox.lnk - c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\Dropbox.exe /systemstartup [2014-9-13 36414624]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
O&O Defrag Tray.lnk - c:\windows\Installer\{95E6C53F-F92D-4232-B700-1842806F59B6}\DefragIcon.exe [2014-8-16 292878]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"= "c:\progra~1\DVDREG~1\DVDShell.dll" [2004-10-09 49152]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface]
2013-06-04 23:01 4489472 ----a-w- c:\documents and settings\uzivatel\Local Settings\Data aplikací\Akamai\netsession_win.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2011-01-12 11:21 49208 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
2006-11-02 06:55 1397760 ------w- c:\program files\Ahead\InCD\InCD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
2006-02-10 19:40 2048000 -c----w- c:\program files\Ahead\Nero BackItUp\NBJ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2011-01-07 17:58 13880424 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2011-01-07 17:58 111208 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2010-11-04 06:51 1753192 ----a-w- c:\program files\NVIDIA Corporation\nview\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pinnacle WebUpdater]
2006-06-08 08:40 385024 -c--a-w- c:\program files\Pinnacle\Shared Files\Programs\WebUpdater\WebUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-02 19:24 32768 ----a-w- c:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-07-21 08:56 16261632 ------r- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater]
2013-04-03 01:19 3684488 ----a-w- c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2014-09-26 17:19 271744 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipDiscount]
2013-06-23 09:19 19428168 ----a-w- c:\program files\VoipDiscount.com\VoipDiscount\voipdiscount.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\VoipDiscount.com\\VoipDiscount\\VoipDiscount.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Documents and Settings\\uzivatel\\Local Settings\\Data aplikací\\Akamai\\netsession_win.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminator.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\HP\\HP Software Update\\hpwucli.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Cisco Packet Tracer 6.0.1\\bin\\PacketTracer6.exe"=
"c:\\Documents and Settings\\uzivatel\\Data aplikací\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [18.3.2013 13:19 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [18.3.2013 13:19 192352]
R0 oodrvled;oodrvled;c:\windows\system32\drivers\OODrvled.sys [2.3.2011 16:48 25680]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [5.10.2010 13:39 691696]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [12.8.2011 23:33 779536]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [12.8.2011 23:33 414520]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [13.1.2014 19:03 32768]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [6.5.2014 10:48 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [18.3.2013 13:19 67824]
R2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [23.10.2013 12:25 2034472]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\Spyware Terminator\st_rsser.exe [30.11.2011 10:31 587472]
R3 3xHybrid;Pinnacle PCTV 310i Stereo DVB-T;c:\windows\system32\drivers\3xHybrid.sys [15.3.2007 12:42 827008]
R3 JSWSCIMD;jswscimd Service;c:\windows\system32\drivers\jswscimd.sys [16.4.2013 12:12 57440]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys --> c:\windows\system32\drivers\sbaphd.sys [?]
S2 gupdate1c9ab2f2dc67244;Služba Google Update (gupdate1c9ab2f2dc67244);c:\program files\Google\Update\GoogleUpdate.exe [22.3.2009 21:45 107912]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]
S2 PHPGeekUtil;PHPGeekUtil; [x]
S3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [7.1.2014 4:48 12288]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [23.3.2009 18:19 30192]
S3 iSafeKrnlBoot;YAC Boot Driver;c:\windows\system32\DRIVERS\iSafeKrnlBoot.sys --> c:\windows\system32\DRIVERS\iSafeKrnlBoot.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-30 07:24 1089352 ----a-w- c:\program files\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-11-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 09:27]
.
2014-10-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
2014-11-07 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-18 08:56]
.
2014-10-24 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-22 07:26]
.
2014-10-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-22 07:17]
.
2014-10-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-22 07:17]
.
2014-04-08 c:\windows\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-12 23:28]
.
2014-11-07 c:\windows\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-12 23:28]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = about:blank
mSearch Bar = https://www.seznam.cz/?clid=22668
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{294AE381-EE6D-4033-B791-9F27DFE63972}: NameServer = 88.103.219.2
FF - ProfilePath - c:\documents and settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\NovyProfil\
FF - ExtSQL: !HIDDEN! 2009-09-01 09:54; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2010-12-23 13:05; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-11-07 12:32
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_15_0_0_189_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_15_0_0_189_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="BEE5DB3A0726C58AB6CF4C65000D6FFD5C5F93C18D40DC42163553E5877A29A21FC2C8DD6FC21648A868F6BE39151A15CA25144BE79AB79043D1D2A270EB2EDB0775760678E97443239D3529D72507D4EA506F1878D0818BFC0B3023F64EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3DA6A0AC4980AC79339DB7CE019D40AA5C10B2B9AA900F368869EE0D65C8926FADBB26971B7E61504BA03823248E3B934FFEF2493548DA8A30A636F3E46FED45FC3CB3303390948BE878B64B2FA972A3FEAE7E429C9756ED49312A893D6066CAA6F7B21415C4E852931E733C4F280E611C30486DABBEDE6ECAC7B6297A1AA2B031F626D4AC75EA9C8208ABDDF3E1A32AB08568257034316EAD98EBC26ACE2880AB3837972A328E3771214229CD64ADAE4A2517583CA1F1A2F2497DDB2266E592A1AAB39481BFA74024C5BC2D506E0A737BFB358BA563A9159A6F438B777AA9172A350D1A6B92EF2C5C4AC48CB6F77BD058674654070CC124AD193AFE85592A115A2E560964DA844364F1A97C7CA528747BBAEEDEFDE18B0235C600762B86FD56CE654A572B73E6208778DA47E3D69ADD02BDFBE9EDDB3932C0EA5A458CB72311A71AC40EC473FDB3178CEFCCF19AC1630E2BDBCAFB2A6191E2ED31D311D6F8C10903C549F8201040694E237D6F356FABC4B020E512AD814BB12C0F9FE383C33A98C7F33CD475CCDF54D4D060E821DAB5D0F302385FF9F7E2C775A53871902DA1048597AAA7A4C4FBB52A7C8FB1091D515F89DAD055DA082DC40E47427084C0F2F84E9D6E060FEE57EE4B4B395CCE3623217D2A532A4D5953CAADECF45618EE7C2D2617F3C8CC2282E2AB0621448486244D4E92765703F6558000329EDDBB0C60570638BE8AAA1EE5FB321D1B047556A19B705B849D5F500390A6561D08905096B2DADAE12BA683BE27B5A0137F9C4EBACBC96E5E7B0039032AB33EE595ED5969FE07FA87D0F4D59BD286C6075AABFEE61EB5DBF63AAEE8CE7E3171810F5F26F7805EB9EC627D81E1F566E9887D8659ECD882D5D562EEFB33C4999B0B40A11BB3FEAA5C630CDA52C7878B873F1745346945F43495C1756FD4B8DC0DB4B7A881E54527CB50BEDCF959051FC1E31835C9CE31C170E46BABA7A698DF3941C79806272407952CAD860E756FBFDD463556B760EE162A8936306D73267A398987CE37E66D6F680551110752CAFE4647E7DC81B6538F25D73A53E959A878C67953590C687AF61CFBE5E6C3F51F6389DE6CB10FBF384146BCD71B2EC9EB9A43114A78DAC127ACA646EB28843CFAE659944572273CFA339AB72FC1AD0A3B133266CE2560DDD191A72E27A7EE55EC770A0AB7ED7A407EDF505A28B3BDB5EC8B3C9F88093E7BDE195E"
"OODEFRAG12.00.00.01PROFESSIONAL"="E45C92C93ED527CD2235CE4A01A06D55821BD52A357AB8CBED5C1DD237F739D3E45296124F44EBF8B4BD030A49CA1CB17B3CA140E3F3AE6E7CC922AE88EDC9B546D4EF6D5F0740D2A6DE4FE42318D119EC31B998D503BF29009C257C37342AD9C5CB025A9449419FD0AB17C8622E458C6C56A933ADE35660EB1978EB51C299A65187FE5A0BD9A3E3419C942950D33D55466C4F92FE78EEBCE86BBD33D8B2E9C510B97273D1ABAE6A388BD7FCA7F4957CF7985EBFD2451BA9519FED0944410022D8F8362F6B55BD422D38C0BD19A140D2B361DBC4A77400D7B427542CFC5158EE3A3FFB9A4E933EBB494784EA470EC1EA61B3FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808FEBC9E127BECC74CA2D97226D213B555A6171C11EC38DE3D32C1A7A679A9ADF9FD287CF29C781D8132471A96EFA8E60D747A88AC8D20BCDCF9C56A4EAEB312415AC79BB330A62088BE431F7BDB39388557B456EA1147E99F247A95C9307679768B88F8D4D9F2A014C831942C0441A5AD1B7AF168D71A3EFB5885D82F635C44154081EF5F1707BDE6213AA64C9AC92B3458A5F00568A4302916105834C49409FD78CD5185F853C92BEE89EFA363A47828F8925D41DBB76FBFABC6A93363111073890B6199A10ACAECACCE8321B8E6F0003EA13644E169D93F3E5DD72BE286571D9FDCD615CBA37B1C2BBB65D40767AB16BBB66C56BA91058BC709E1BEF9EF1006B6685F9342DACA0D0B0B0E73D0C2F42659BB66673E4E39E894023C37738C211E22D999D365ADDAF843F6EA56AAD7CB53531D7E885600F281C408CC7C2F5CA23906DF1ABA2AE0837B203E5DF9BDCC63A137CA02EE814DE2E54DDA6F9EA028638DDBAB69CE98F94D163FA6BA804709A4F9EABA33F4529EED07F641F1D04F78E3B6737402BDCCC5772B93F4CBAC9938A9AB26E348196D20AC3BDE841869569AD9346C75D6D676D1748463784C68194B4267F3446BFB8F446ABCF5721864E3222EEA3F6D488E5A72EBCE4AFCEE413E75F142B4DCBAE4053F29AA01DB9EDE3DE50020331E317B513FB699B6D9D86797AF71351BB048BCB08B1C879797491DB7FD9F80E64F5CD94791645AEBE3212F46B5AA9EB0C8989208642D39A77FAB06BF4A929A4B4A890ABC89B7670077D6937F09BE3FCFB2A817974C778BF26FCCA454EB9363285FED90C48B26005DF4FAAF8CEAFE3D28FE6320FA084C2A8B4BA72608498DB09560B09309BBDAC2C4408044C9E57521BEC12D29662131295CF72B5F038C26BE02A36DDF4588B3B4C6BF523729C5DBD7E914DACD9FE45DFE22DDB9C68124AE2BAF8336E6C99EC4BD4BDF4D913099A234D513B5520163BC86EB6BABF6D0C2337CB3608C3A7BF253290C10417F78B66CEB04DDFD9AF8F2"
"OODEFRAG14.00.00.01PROFESSIONAL"="38B46E634BE300C31F0C32035BE76CDFB446426CD4DFB2E023810A8FC329C5483D261E3E93CC2647604E16051A64AD54A72E4B88EE95A8D6EB93D1F81693C6E111FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98089DB7CE019D40AA5C9DB7CE019D40AA5CA6A0AC4980AC7933C16893D4AD709F4815C9C6084A9EF267D2A08E68270F87F91A6CC2EBFB46D0221136F8D37104DE435C0AFB54A63313D8B4D5508B49A4EA8F8088C04FBD1BE03F838784BE51A6CF221D74F0AB0155EFEC9BBE3FDB57ACE428900B5704C67550684AE7BA2AAB5A84C84B4FF0CC4CD2B8BCD8FD8E57EF6259B22115C3EC87205E02DC9381026397342E1C152BC479F23DF587EA5952B8F9D42F49FB2AC3F6DAED03F57D270260CA3DE00BF5B57580EDF15802129BF45A980336E7C60E150ED886F5124A583E8BD21E7FD8D287965EF070BA68B2383A82D837711DB25DC04AC0527A74D2291AD3867ABE87C2FD33129C75879F3FF3736048661FCE31E2FDADAD204422A511D02CAA9A675E90D92A9E0662B8CFDF7742A9E8AA91A66554D2BDAD639AE604EB6E8CFC6A54E8B93EAD0C36BA6264F0D1A016B0C12E1028C61E044634D85063F9D76D2DF9F77671B344672B28A80E02F2D8630A0EF0BC07348F8EEBCA6DAFECDBBFCDDF7CD4989EA849BED477C4C054318BD15315E62340FA2B6F0B07DC1B7F1C31322B4A04A8DA6AEAA5989A0435E1452B25DD01327ACBDD4C3B026D3D6F2BA30A9E9EDFB1BF75302DB4CF25C7E655CC0126709F8942CE831D8CA3A2BAC6B5C37CA0365C1D3F71106686C6D006168DC829A2C3E3B7B928F5207F3873138699AD8CC4E8841D480488BFBBBE7AC7C69F9F116B866199E5E62329B7F9CD1C52837B959D1DBE17C218F8BAF76D212941D11BFE535B532311CF5F615917C3BA17D4A646432F1909D94CA5A7E17BECDC92A0660AB45798D9C8DCDEC48EB30E6B01A48F9ECF704103FC7337AEA605A42789B9949C6C0531D75CB8BC2506E6863D0239F87361238C28DE14B849F39BB5E13B039B775863C44CE2447827EF3B2C5451148AF11B7FF1B2F6691DC87FC5B079FE13522F60629C77B395724382B022E669E3CF9423338E6D01E0374D007A4BF0713479AAEB6926316D73F2C677392FBF070FB730A4DBA139FA9CC0CE31285DDBF3E7AF26E7D172E3EFDAA3520C3C3EBEADAF1667CD908E0AA8735418512FE4642861FBB0C36AB98DE1FC12590293DDD82312223552565EE890F0F248266481C77806472EF5F454C0ABBD322620904112EF3977E8E7AABBF1FED201D1771179578FF35FD67528C0227AB559D4ADF44008E4591623497D77D3028C487A8E72B4785EF8F3B640ACA0EE3EB1C257FBF7D3E992DDDF58B53384546DC2F2DDBD3941"
"OODEFRAG15.00.00.01PROFESSIONAL"="694954EFFC2BFE83DBB96BA6A676B0054336F1F4323312E58CA4A99EA2EA54CE8F76CC5BAEE4EDE24DFB0265170C0211F04EAD105FD917722CBE8EF3CD5693C562E72429B4A81C699ABAF5939D2FB073CEAA96392F34284E005F8330752CEA719E80519A6F7E11214789AA2AEDE9C040463119C2C7706733F35BA42157D638D5D8A7BB134D3308752B827548CD096A6D15CB9A2564F92A43CA8F033444068F5A77C9C01DD45671B8F241202E181D9956C9E770F9D483FA0099D8227F9F2DB7CDB4D5B2E41FBCF0A19CE669C339FAEE38CAF8E501FC0516D14B1A79B9E082A85F9FBF533BD97D5CC6FC968291B63E4036D0F1BA9CD2356EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A6A0AC4980AC7933C038D530D6EB3452FEBC9E127BECC74C06981770CC8E536E0B23A93363BD2EDAA728194B428E4485C63AA584E56ABFC3F1A9B34E309C6F899F832F897E05B7241BF20A23DA9B0AB4F064B78130B77E8D76004EC219BBEAD259F0A7C5397B8FEC440096872504DC5290F9B052E12A3D9785E725386AE6F255B09B9EDECD1089DE46033E9D56CD51C28F5322674878F0A1F301F70C292E7F530588A6409AC4BB58A78684FAC5113D2240211DA5D5724F267B3E8A900030C940181054C8A432FE6AD468EDAE70793CBFD7E53CE41D77574FB9E8268ABD264EC5115FC1CA9083F25A1CDA0837F3C7AC9B6DF799F3D8FBC77DAF9C18B6D1D94CBE79F60E0FAA7878A23262DE0916CF346E7C035492E40C2442C2C631BF53A84C3E41AC59CEE16237EFAD59068BBE7A36A1E7051177C244B667BC2EC4CAFC059585B82849B9472A17A309EE941BF7C361D4F1D0F64A97D309684B69AC6B2B76B51097E608F3144CC85426232508743B2359448D32282B81ED73FEE3452D61167D8878384392A2553DCA464B551685852E36EA3671A26B27F6EB4D5DEE8D459281CF58C22CA1F0692A041293C8FC25DB7A26D518693EE7317EE9116A8DFD9E2D1D7B9BFD781FA24189B1147726E8ED89C396D958D0F357A09F3A85728B66DD3DEB5386B7E280FD261CBA3CCA97FA1FEE08AC2F6B6431920BB959CDB1D49E14AD4E53458F272A6E79DF375D31CBC61F010ABB729DE3D6151B727EEE3659F5777BEA2DE4FB897903AC1FF5B025F552F3C75350A38D113A000B310ED0658E2EE0B9A94359C34DBAEDC76176CE75CC1CC95E2C28A72DB5A4192FA22643F66C7D4F0E3AB1F7053CB486657570B8C30A1370772636C7441C5148EB36147676F00EE3B20A417BB0A51AC8366DCC52846D1C5CD413212EEC94F21C39205D7F439AFCE4F750F402895A99D1FB20A76102388D25CF89C26D16F12FC3A559385811705C3C3C07800EABAFCFE50FA6D313DAB2B48755662AF7"
"OODLED04.00.00.01PRO"="DB9597F6109B414B8CFE47EF18137E42CCB7E90926CFB11F5447D3F50350CD267E18C302408E73E06AA1E00FBAE79B2463240A2270A80C261C727686A997A4A842CAAB77631C742A5241B5DE9FF0A22DC93E3E2971662A13A485E89CE1305DFEA3CF064E2CD0414CEDF9139A3783B6167CB909B87245F24E54EC80567762C2E198701EC6FE1BAC73DF8C5742A158501B65707E3374E722C405BB271566D678908695536375CEDBCC3A5CF798B70A377B675F483BAB5248E68426DBFCDC9DF0CAC84E1AE9DC23C90C07F1FD2481990B7A56A724B97DEF48A99408FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98085D575E7D6A3B98088EDD5E5BE2F6E6678EDD5E5BE2F6E667674F945FB911D2F83386B16D39FD0A16D270FD341361188E956817BEE904A18461492CBC8701D9BC4A3F8EC0972182A56F221796B04132F52B665DA2ABC3F856951939D5499DC399D17218B0B068A18933EFA0D4B389C7BFA9872A27E8EC7691835E7F0414429D0AFEA06E7FDD5F6173A85C37B95B1CDD75106C3841E94ECBB8C0FA7303555067299A0FE551CF97303AEEABAB73BC56F0C5EF7CF2C5C5B924F3F396C0F3C8AA18B70244053189A5705637E68214BFA1F08472617D736C871A905A1C45DA83B8961C260D870CE42277E6C75A721323E53EA8530AAC679E12BC7D443B15206B66415E8D79DD320BA88F2CFB196B497610B14CDF288AA5F1B612CD9466758FBBA2E82BD0DD2A5AFDDB770E40778AF61E1316ADFB31D395515911BA465561DA02E152D31DD1449C10DF6015990EA63C54E4AAB120DEF982F85F252063048715A21C36CCB3B239F7E9DBEFEE9B3BC52225FD225ED532A39BFA352FFB0DAF4937534CC1AFE920C64C877DC06FF19F2810F0DCA25FBEE9A9F43E4803F4F7DCBD1E1F7196B8A87D6060B676618ADA9FBA576C0348810C0F1A86FB8B6951EBD1B089659049C8EDF22FDC9EF8535BA76424A8A074A23985E9352942741D7DC41B1F9E5731E365CAEE8D4FB3C00D9E40DB3D1BEA3EB31D0609F19E717F4E09F285BBE4FDDDE038631E0BA74208F7379DB790A7FBEAF1E77EBE790AC02BA1A7FAA66EC8B127B30C73776B3E6C8F72AACEEBDF2FD70E4A79702128713A792F3275D3509B2320C1524632A54A241D4DA275329F72573C9A53F38A91C1B9F082A48EAA3190D461E0A1BD49E66A3179D06EC807F819278EB59DB419F949F21C9B1D060711C19B8661B0CEFE8C9FAF70B5FD11AC46AB492563A1712E5ABCEB8A6FE0308E29AAA52E835E0356ABCE8F53AAE7AF289A99911F5E507C7161B2FBCEE45875A7622AEE7C7AAAF7978B411575CFE614C1B9352923553BBF4B7025D27E590ED2FC5C074B1971B95ECEA625D5313DD746869BB40DDA"
"OODEFRAG16.00.00.01PROFESSIONAL"="2DE3F465A7D8002FF0BFCCD9829769D7E657D81A91871E07D5E5A144CD3F6AB72D05AFC94BC8C4BDE187EE3DC59195DDA267643AF5D756F9D543B251BDB8FD4DEC71EC0F9B42BF3300983C0FF598120642E3D71B36338F0542BDC1DF2D1C23FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407A2D97226D213B5558EDD5E5BE2F6E667C038D530D6EB3452204B454BEDEDDF7A4033C1789FB8B8B202A75F4FC8109EFA771DAC40AF5D34D7572E24106F1053B56955E919AE0AD21BFD01956362D75CA2F67495051C36584368739CDAF1EA5B753F4A9E09ED71B21AF81761D1106F7CB775711ABBE0FCC80449549A0297C0514AAE5F10D947D4468B7D6FD50B25019A8434714DD0D9C3F17215A0500E622717B7CEFCB052066FFAC1382144B1570E57479AE1816343ED47588A3CB4BCB9078BB5D51938EC5BCF460079DB459CBE6956333044D24A41B43E758C9D027FE82098B09EBFA1D8DA581E0036DF3659D9BB42ED252F9B8C58244F7C2251367C9F82A6882B12AB787D40006E070235260900C68FCACE7F66759FF81476F4130D711425901F445A6220926AEDA92CA8F51306142896DD62C965D8BC57D7BC9E3F568F0711419E7360022E61917EDB3871A07160B822B1EC5A59DA2056397024D2A7824347FD7C83F047C46C640C224FF3BEBA62382CAF8DEF6A01AD9232E931BE264DD2626550D84779DE96E1F7231E0C5EADD71016D0F49812FBF105FD1A972DF527B5862B9B07C98555F07A119A19FE56E9011E65A49713ADD1FD16F903ED791D996FCB27F86513B9D78D9449537842DF62233445CDAF56015AE927AA3C8D37080304BDD5938EF04DE985093330B88298608699030239883143CC8AB471942B841401DBD6AAE0E65661F3A40A26192000FDF787108AF608490C4606E562674EC853731C6D15822B51E8F728283D9DADFC2CC72B0247ECE3B78AF556AA60A9CEE9196DE40239D628207F3548111510F158AECA2894AA64E050E583AA18D4460EE215071321148C7B06F8552F685C7BE8401CD993A3B9E978469D972463B9EB2295C7DA76F8B50F792CF9807AF65A2FC34661D077B28ED05636805F5B681F8CD3C30806D2DFC215A71D7FE9B8A8E741E35EBE91D2E5D82B5B9E338EDAA5A7DDA015FD2D60CB721441CB5743F011F18961E3C680160959D49C60AFD722BD8A59BA942AF4CBD89146348CA3C31BE2F8228891E0052809E8686144C276A3F794BF06325B0AB3C782ADA295DBA8A5F794EC580CCA8D63F76E4AA6720CA8C53FA2101E41B8192DFB350AE284CAB0EE4E6B8D04D69389948BE91D1EF980306422A99350F9BCD63F7DB56581598F9F4F043CEC745A9DED001EED4AAACD69504FD331521DF5337867F79F88BAF81D3C0D5F"
"OODEFRAG17.00.00.01PROFESSIONAL"="A1F94D1715563FA5641D796AEA68CA53A9B5996AF0D8B67DE326D344B99843B0244E64373C36622ADBB1A8684412AD09F9317ECF37142A78D3CA6E359C01597459F829B609D8269C221253E6C5408F17C242A2F25603B502F9924AE145A2277720FA395C49F1091B7B8EA185B1C88E45CDFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407A2D97226D213B555C038D530D6EB3452C038D530D6EB3452502A027D1A886B1B19EBF742E1E931495E4DE5ED1405F4C9537AE0DFB0E8D270072648AD74829A8307109E0A8512F5CE98E0760DB3EE178F00D9EA41C11C7E2ED351AC04CBABCAC3E47C1B38AFF61C72368FEEC48D1E899082257264575F9EA1D000CEC8ECBCF0971D95E609CDED42F611E8C164D224B23444B800CE822303F4987C6E55EAA167119DB09BCB917F6BF187F0015074485F3537E6C11A168AE129CD06F31797FAEE1557997763F16AFECCFC1FE502AB04C021CD7288F22A6D5592154DE7138F1EA65AC0105E47A99EC8C6D6DF4C04F287E9DCFE97491C9B5659589578F6DCAC921870D145D602B544F76F019432F78834541DC7001C690A85D0F6FBA2759F9315ABB60AE28BB3D832202EE810BD9170215CED284F3E44DA6E003CF9D8581AA6962FE0E9014B109878383C829936997198C12D2299122B35B811CDC41DB99D8FBBD779F731895DBFD51D27446E07EB17192A0E3D67992E05408FA294E55612BCDBB9DCBCF45E77DCC10C5128BDC0F7AF541C1808B67F737B13EF87241D916FDE05CFBB474381CC41E5A9EFADAC96434F3206258EF790B20BF6859B37A07046E975781BA88854E2831E7D8DD551E0654DCCB66467903EBA6DE00A5110C31DB798A576D2F522594E7D7D7207A9B99C8BC3F16358A8589B6C1FFE1B737849667AE6B9EF11C964B63B4CC9580F31E5E67512A5A3586D1E643D5EAE3A9A3C6E3C571791EE55C09538E855F9622A7DC885765C1D758DD6A1F23630844DB82CE0B5AFADBB62F47D71CC2CBBBE27B3204A61F7094338788898C8F3DC489C8F9EC18D7273FC9C97A4A585E96AF82458AF46837644362F6BA82C8BA971F355B96AA69F28754FD4BCE0571C9E10BBB61A468E9E817AC9058D6478049ABC390AA06C1A6FE9075D2332DF9B69D99E5323CE83E584BDE1044559E98F9EA0D37AB006061A23E5B989099E52FD6DBECBBB119F0A832FE2701EDF1D6EF56CA88ECE20FB9A1982606A66657AEE7D4A8491280B0C0094B8BE608829FBA92422360903196914FD7DACB2BD0212ED0E47F430FA81649039613033E35A6C5587985B22953A8D5F9FA537F68B86068E95CE71A652C64EEA858D2B290810B932824D43003A8974EB4FB0FDD90104CC1170706CBDF613C4BF0145B94B7F498204E7E02B8A5971"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3884)
c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\DropboxExt.24.dll
c:\windows\system32\msi.dll
c:\program files\Google\Drive\googledrivesync32.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\acs.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Google\Update\1.3.25.5\GoogleCrashHandler.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\RUNDLL32.EXE
c:\documents and settings\uzivatel\Data aplikací\Dropbox\bin\Dropbox.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Celkový čas: 2014-11-07 12:37:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-11-07 11:36
ComboFix2.txt 2011-08-10 17:35
ComboFix3.txt 2010-04-16 06:46
.
Před spuštěním: Volných bajtů: 248 241 221 632
Po spuštění: Volných bajtů: 248 223 039 488
.
- - End Of File - - 44A8BB439284160E091C47CA9EDE50C8
413FC2A0C716421B3158746D63736515
Jan
Re: YAC - Yet Another Cleaner (PUP)
isiel zmazat lebo sme mu trochu pomohli 
vycisti este registre s CCleanerom a ak nebudu problemy, tak hotovo
vycisti este registre s CCleanerom a ak nebudu problemy, tak hotovo
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: YAC - Yet Another Cleaner (PUP)
Díky za pomoc s odstraněním té houževnaté havěti. Registr jsem vyčistil, zdá se, že je vše v pořádku. Dobrá práce.
Jan
Jan
Re: YAC - Yet Another Cleaner (PUP)
vdaka
Jan
Jan
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?