VIRY.CZ

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:59:42, on 23.3.2015
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal

Running processes:
C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Common Files\Corel\Standby\Standby.exe
C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\USB Safely Remove\USBSafelyRemove.exe
C:\Users\molnar\AppData\Roaming\ICQM\icq.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Users\molnar\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\windows\system32\DllHost.exe
C:\Users\molnar\Desktop\PC údržba\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: Symantec Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\bin\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
O4 - HKLM\..\Run: [acevents] "C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Standby] "c:\Program Files\Common Files\Corel\Standby\Standby.exe" -START
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [USB Safely Remove] C:\Program Files\USB Safely Remove\USBSafelyRemove.exe /startup
O4 - HKCU\..\Run: [ICQ] C:\Users\molnar\AppData\Roaming\ICQM\icq.exe -CU
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - Startup: Dropbox.lnk = molnar\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: AVer HID Receiver.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
O4 - Global Startup: AVerQuick.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\molnar\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\molnar\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = iemcos.emcos.cz
O17 - HKLM\Software\..\Telephony: DomainName = iemcos.emcos.cz
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = iemcos.emcos.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = iemcos.emcos.cz
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: DeviceNP - C:\windows\SYSTEM32\DeviceNP.dll
O23 - Service: Abelssoft Admin-Service (AbAdminService) - Ascora GmbH - C:\Program Files\ToolbarTerminator\AbAdminService.exe
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_499a67a913bde1c7\aestsrv.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Ashampoo HDD Control 2 Service (AHDDC2) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: AVerUpdateServer - AVerMedia TECHNOLOGIES, Inc. - C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - c:\Windows\system32\flcdlock.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard - C:\windows\system32\Hpservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PEUpdateService - ESCS - C:\Program Files\Rittal\PowerEngineering 5.0\Program\UpdateServer.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Symantec Endpoint Protection (SepMasterService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\Smc.exe
O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\snac.exe
O23 - Service: SnugTV Service - AVerMedia Technologies, Inc. - C:\Program Files\SnugTV\SnugTV Station\AMAServer.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_499a67a913bde1c7\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files\Wise\Wise Care 365\BootTime.exe

--
End of file - 13878 bytes

Zdravím, v HJT fixni :

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [ICQ] C:\Users\molnar\AppData\Roaming\ICQM\icq.exe -CU
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - Global Startup: AVer HID Receiver.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
O4 - Global Startup: AVerQuick.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

Fix znamená že spustíš HJT jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Stiskni klávesy Windows + R do okna Spustit >> napiš - services.msc >> Enter. Najdi službu :

AVerUpdateServer
Služba Google Update (gupdate)
Služba Google Update (gupdatem)
LightScribeService Direct Disc Labeling Service
PEUpdateService

dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.


V Naplánovaných úlohách zakaž Google Update bude to tam vícekrát.


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Nakonec mi sem dej log.txt z Rsit, protože je podrobnější než HJT.

Logfile of random's system information tool 1.09 (written by random/random)
Run by molnar at 2015-03-23 19:07:33
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 52 GB (18%) free of 288 GB
Total RAM: 2998 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:07:35, on 23.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal

Running processes:
C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\USB Safely Remove\USBSafelyRemove.exe
C:\Users\molnar\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\windows\system32\DllHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\windows\system32\Macromed\Flash\FlashUtil32_16_0_0_305_ActiveX.exe
C:\windows\System32\MsSpellCheckingFacility.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\windows\system32\taskeng.exe
C:\Instalace\PC_Antiviry, utility\RSIT.exe
C:\Program Files\Common Files\Corel\Standby\Standby.exe
C:\Instalace\PC_Antiviry, utility\RSIT.exe
C:\Program Files\trend micro\molnar.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: Symantec Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\bin\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
O4 - HKLM\..\Run: [acevents] "C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Standby] "c:\Program Files\Common Files\Corel\Standby\Standby.exe" -START
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [USB Safely Remove] C:\Program Files\USB Safely Remove\USBSafelyRemove.exe /startup
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - Startup: Dropbox.lnk = molnar\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\molnar\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\molnar\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = iemcos.emcos.cz
O17 - HKLM\Software\..\Telephony: DomainName = iemcos.emcos.cz
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = iemcos.emcos.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = iemcos.emcos.cz
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: Abelssoft Admin-Service (AbAdminService) - Ascora GmbH - C:\Program Files\ToolbarTerminator\AbAdminService.exe
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_499a67a913bde1c7\aestsrv.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Ashampoo HDD Control 2 Service (AHDDC2) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: AVerUpdateServer - AVerMedia TECHNOLOGIES, Inc. - C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - c:\Windows\system32\flcdlock.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard - C:\windows\system32\Hpservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PEUpdateService - ESCS - C:\Program Files\Rittal\PowerEngineering 5.0\Program\UpdateServer.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Symantec Endpoint Protection (SepMasterService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\Smc.exe
O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\snac.exe
O23 - Service: SnugTV Service - AVerMedia Technologies, Inc. - C:\Program Files\SnugTV\SnugTV Station\AMAServer.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_499a67a913bde1c7\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files\Wise\Wise Care 365\BootTime.exe

--
End of file - 13620 bytes

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\Wise Turbo Checker.job

=========Mozilla firefox=========

ProfilePath - C:\Users\molnar\AppData\Roaming\Mozilla\Firefox\Profiles\n4poslpw.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/|http://aktualne.c ... oogle.com/"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nullsoft.com/winampDetector;version=1]
"Description"=Winamp Detector
"Path"=C:\Program Files\Winamp Detect\npwachk.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2009-11-04 117248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
HP ProtectTools Security Manager Extension - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2009-11-02 1471752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Vulnerability Protection - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\bin\IPS\IPSBHO.DLL [2013-10-20 387040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-06 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-06 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-09-03 288312]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-08-25 186904]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2009-11-18 1690680]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-10-10 1578280]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [2009-10-22 363064]
"acevents"=C:\Program Files\ActivIdentity\ActivClient\acevents.exe [2009-06-04 153640]
"File Sanitizer"=C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2009-11-04 11264000]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2009-11-14 141848]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2009-11-14 175128]
"Persistence"=C:\windows\system32\igfxpers.exe [2009-11-14 166424]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2009-10-12 495708]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2015-01-20 60712]
"Standby"=c:\Program Files\Common Files\Corel\Standby\Standby.exe [2010-05-17 105632]
"Family Tree Builder Update"=C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2014-05-14 2534400]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-01-27 157480]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"USB Safely Remove"=C:\Program Files\USB Safely Remove\USBSafelyRemove.exe [2010-12-25 1794392]
""= []

C:\Users\molnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\molnar\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\DeviceNP]
C:\windows\system32\DeviceNP.dll [2009-10-06 75320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2009-11-06 226304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SepMasterService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmcService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"RunStartupScriptSync"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"msacm.l3pacm"=l3codecp.acm
"msacm.aacacm"=AACACM.acm
"msacm.lameacm"=lameACM.acm
"msacm.ac3acm"=ac3acm.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"VIDC.X264"=x264vfw.dll
"msacm.ac3filter"=ac3filter.acm
"msacm.avis"=ff_acm.acm
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"msacm.dvacm"=c:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"vidc.dvsd"=pdvcodec.dll
"msacm.l3codecp"=l3codecp.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - "C:\windows\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-03-23 19:04:26 ----D---- C:\rsit
2015-03-23 17:49:20 ----A---- C:\windows\system32\FNTCACHE.DAT
2015-03-16 17:14:13 ----D---- C:\Program Files\Microsoft Works
2015-03-11 09:46:04 ----A---- C:\windows\system32\WindowsCodecs.dll
2015-03-11 09:45:14 ----A---- C:\windows\system32\rdpudd.dll
2015-03-11 09:45:14 ----A---- C:\windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 09:45:14 ----A---- C:\windows\system32\rdpcorets.dll
2015-03-11 09:44:11 ----A---- C:\windows\system32\msctf.dll
2015-03-11 09:43:53 ----A---- C:\windows\system32\shell32.dll
2015-03-11 09:43:40 ----A---- C:\windows\system32\win32k.sys
2015-03-11 09:43:13 ----A---- C:\windows\system32\MshtmlDac.dll
2015-03-11 09:43:13 ----A---- C:\windows\system32\iesetup.dll
2015-03-11 09:43:12 ----A---- C:\windows\system32\msrating.dll
2015-03-11 09:43:12 ----A---- C:\windows\system32\jsproxy.dll
2015-03-11 09:43:12 ----A---- C:\windows\system32\ieui.dll
2015-03-11 09:43:12 ----A---- C:\windows\system32\ieetwcollectorres.dll
2015-03-11 09:43:11 ----A---- C:\windows\system32\vbscript.dll
2015-03-11 09:43:11 ----A---- C:\windows\system32\mshtmled.dll
2015-03-11 09:43:11 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 09:43:11 ----A---- C:\windows\system32\ieUnatt.exe
2015-03-11 09:43:11 ----A---- C:\windows\system32\iernonce.dll
2015-03-11 09:43:11 ----A---- C:\windows\system32\ieapfltr.dll
2015-03-11 09:43:11 ----A---- C:\windows\system32\dxtrans.dll
2015-03-11 09:43:11 ----A---- C:\windows\system32\dxtmsft.dll
2015-03-11 09:43:10 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2015-03-11 09:43:10 ----A---- C:\windows\system32\mshtmlmedia.dll
2015-03-11 09:43:10 ----A---- C:\windows\system32\jscript9diag.dll
2015-03-11 09:43:10 ----A---- C:\windows\system32\ieetwproxystub.dll
2015-03-11 09:43:10 ----A---- C:\windows\system32\ieetwcollector.exe
2015-03-11 09:43:09 ----A---- C:\windows\system32\msfeeds.dll
2015-03-11 09:43:09 ----A---- C:\windows\system32\iedkcs32.dll
2015-03-11 09:43:09 ----A---- C:\windows\system32\ie4uinit.exe
2015-03-11 09:43:08 ----A---- C:\windows\system32\wininet.dll
2015-03-11 09:43:07 ----A---- C:\windows\system32\urlmon.dll
2015-03-11 09:43:07 ----A---- C:\windows\system32\jscript9.dll
2015-03-11 09:43:06 ----A---- C:\windows\system32\ieframe.dll
2015-03-11 09:43:05 ----A---- C:\windows\system32\mshtml.dll
2015-03-11 09:43:05 ----A---- C:\windows\system32\iertutil.dll
2015-03-11 09:42:03 ----A---- C:\windows\system32\ubpm.dll
2015-03-11 09:41:44 ----A---- C:\windows\system32\lsass.exe
2015-03-11 09:41:43 ----A---- C:\windows\system32\sspisrv.dll
2015-03-11 09:41:43 ----A---- C:\windows\system32\secur32.dll
2015-03-11 09:41:43 ----A---- C:\windows\system32\msobjs.dll
2015-03-11 09:41:43 ----A---- C:\windows\system32\msaudite.dll
2015-03-11 09:41:43 ----A---- C:\windows\system32\auditpol.exe
2015-03-11 09:41:43 ----A---- C:\windows\system32\adtschema.dll
2015-03-11 09:41:42 ----A---- C:\windows\system32\wdigest.dll
2015-03-11 09:41:42 ----A---- C:\windows\system32\TSpkg.dll
2015-03-11 09:41:42 ----A---- C:\windows\system32\sspicli.dll
2015-03-11 09:41:42 ----A---- C:\windows\system32\schannel.dll
2015-03-11 09:41:42 ----A---- C:\windows\system32\ncrypt.dll
2015-03-11 09:41:42 ----A---- C:\windows\system32\msv1_0.dll
2015-03-11 09:41:42 ----A---- C:\windows\system32\lsasrv.dll
2015-03-11 09:41:42 ----A---- C:\windows\system32\kerberos.dll
2015-03-11 09:41:42 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-03-11 09:41:42 ----A---- C:\windows\system32\drivers\ksecdd.sys
2015-03-11 09:41:42 ----A---- C:\windows\system32\credssp.dll
2015-03-11 09:41:10 ----A---- C:\windows\system32\lpk.dll
2015-03-11 09:41:10 ----A---- C:\windows\system32\fontsub.dll
2015-03-11 09:41:10 ----A---- C:\windows\system32\dciman32.dll
2015-03-11 09:41:10 ----A---- C:\windows\system32\atmlib.dll
2015-03-11 09:41:10 ----A---- C:\windows\system32\atmfd.dll
2015-03-11 09:41:02 ----A---- C:\windows\system32\WMPhoto.dll
2015-03-11 09:38:34 ----A---- C:\windows\system32\pcadm.dll
2015-03-11 09:38:33 ----A---- C:\windows\system32\spwmp.dll
2015-03-11 09:38:33 ----A---- C:\windows\system32\pcasvc.dll
2015-03-11 09:38:33 ----A---- C:\windows\system32\pcaevts.dll
2015-03-11 09:38:33 ----A---- C:\windows\system32\msnetobj.dll
2015-03-11 09:38:33 ----A---- C:\windows\system32\mferror.dll
2015-03-11 09:38:33 ----A---- C:\windows\system32\drivers\mountmgr.sys
2015-03-11 09:38:33 ----A---- C:\windows\system32\cryptui.dll
2015-03-11 09:38:33 ----A---- C:\windows\system32\cryptnet.dll
2015-03-11 09:38:32 ----A---- C:\windows\system32\srclient.dll
2015-03-11 09:38:32 ----A---- C:\windows\system32\smss.exe
2015-03-11 09:38:32 ----A---- C:\windows\system32\rstrui.exe
2015-03-11 09:38:32 ----A---- C:\windows\system32\rrinstaller.exe
2015-03-11 09:38:32 ----A---- C:\windows\system32\pcawrk.exe
2015-03-11 09:38:32 ----A---- C:\windows\system32\pcalua.exe
2015-03-11 09:38:32 ----A---- C:\windows\system32\mfpmp.exe
2015-03-11 09:38:32 ----A---- C:\windows\system32\mfplat.dll
2015-03-11 09:38:32 ----A---- C:\windows\system32\csrsrv.dll
2015-03-11 09:38:32 ----A---- C:\windows\system32\cryptsp.dll
2015-03-11 09:38:32 ----A---- C:\windows\system32\AudioEng.dll
2015-03-11 09:38:31 ----A---- C:\windows\system32\qdvd.dll
2015-03-11 09:38:31 ----A---- C:\windows\system32\msscp.dll
2015-03-11 09:38:31 ----A---- C:\windows\system32\drivers\PEAuth.sys
2015-03-11 09:38:31 ----A---- C:\windows\system32\drivers\appid.sys
2015-03-11 09:38:31 ----A---- C:\windows\system32\AUDIOKSE.dll
2015-03-11 09:38:31 ----A---- C:\windows\system32\appidsvc.dll
2015-03-11 09:38:31 ----A---- C:\windows\system32\appidpolicyconverter.exe
2015-03-11 09:38:31 ----A---- C:\windows\system32\appidcertstorecheck.exe
2015-03-11 09:38:31 ----A---- C:\windows\system32\appidapi.dll
2015-03-11 09:38:30 ----A---- C:\windows\system32\winload.exe
2015-03-11 09:38:30 ----A---- C:\windows\system32\srcore.dll
2015-03-11 09:38:30 ----A---- C:\windows\system32\setbcdlocale.dll
2015-03-11 09:38:30 ----A---- C:\windows\system32\msmmsp.dll
2015-03-11 09:38:30 ----A---- C:\windows\system32\mfps.dll
2015-03-11 09:38:30 ----A---- C:\windows\system32\dxmasf.dll
2015-03-11 09:38:30 ----A---- C:\windows\system32\cryptsvc.dll
2015-03-11 09:38:30 ----A---- C:\windows\system32\apisetschema.dll
2015-03-11 09:38:29 ----A---- C:\windows\system32\wintrust.dll
2015-03-11 09:38:29 ----A---- C:\windows\system32\quartz.dll
2015-03-11 09:38:29 ----A---- C:\windows\system32\evr.dll
2015-03-11 09:38:29 ----A---- C:\windows\system32\crypt32.dll
2015-03-11 09:38:28 ----A---- C:\windows\system32\drmmgrtn.dll
2015-03-11 09:38:28 ----A---- C:\windows\system32\AudioSes.dll
2015-03-11 09:38:28 ----A---- C:\windows\system32\audiodg.exe
2015-03-11 09:38:27 ----A---- C:\windows\system32\wmp.dll
2015-03-11 09:38:27 ----A---- C:\windows\system32\EncDump.dll
2015-03-11 09:38:27 ----A---- C:\windows\system32\drivers\cng.sys
2015-03-11 09:38:27 ----A---- C:\windows\system32\audiosrv.dll
2015-03-11 09:38:26 ----A---- C:\windows\system32\wmdrmsdk.dll
2015-03-11 09:38:26 ----A---- C:\windows\system32\mf.dll
2015-03-11 09:38:26 ----A---- C:\windows\system32\drmv2clt.dll
2015-03-11 09:38:26 ----A---- C:\windows\system32\blackbox.dll
2015-03-11 09:38:25 ----A---- C:\windows\system32\wmploc.DLL
2015-03-11 09:38:25 ----A---- C:\windows\system32\ntkrnlpa.exe
2015-03-11 09:38:24 ----A---- C:\windows\system32\ntoskrnl.exe
2015-03-02 07:21:54 ----D---- C:\ProgramData\XDMessagingv4
2015-03-02 07:21:13 ----D---- C:\Program Files\ToolbarTerminator

======List of files/folders modified in the last 1 month======

2015-03-23 19:07:33 ----D---- C:\windows\Temp
2015-03-23 19:07:33 ----D---- C:\Program Files\trend micro
2015-03-23 18:34:24 ----D---- C:\windows\Prefetch
2015-03-23 18:06:06 ----D---- C:\windows\system32\config
2015-03-23 17:55:59 ----D---- C:\windows\System32
2015-03-23 17:55:59 ----D---- C:\windows\inf
2015-03-23 17:55:59 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-03-23 17:53:48 ----D---- C:\Users\molnar\AppData\Roaming\Wise Care 365
2015-03-23 17:53:43 ----D---- C:\Users\molnar\AppData\Roaming\Dropbox
2015-03-23 17:53:11 ----D---- C:\windows\SoftwareDistribution
2015-03-23 17:52:24 ----D---- C:\Windows
2015-03-23 17:50:18 ----D---- C:\ProgramData\HPQLOG
2015-03-23 17:49:50 ----A---- C:\windows\system32\log.txt
2015-03-23 17:49:26 ----D---- C:\windows\debug
2015-03-23 17:49:05 ----SHD---- C:\System Volume Information
2015-03-23 17:03:18 ----RD---- C:\Program Files
2015-03-23 16:53:56 ----D---- C:\Program Files\Ashampoo
2015-03-23 16:50:44 ----D---- C:\ProgramData
2015-03-23 16:50:11 ----D---- C:\Users\molnar\AppData\Roaming\BitSpirit
2015-03-23 13:46:27 ----D---- C:\Users\molnar\AppData\Roaming\PrimoPDF
2015-03-23 13:14:18 ----D---- C:\ProgramData\Symantec
2015-03-20 09:29:32 ----D---- C:\ProgramData\ashampoo
2015-03-19 10:49:28 ----D---- C:\windows\system32\catroot2
2015-03-19 10:48:00 ----D---- C:\Program Files\NSIS Uninstall Information
2015-03-19 10:44:29 ----D---- C:\ProgramData\SUPPORTDIR
2015-03-19 10:43:42 ----HD---- C:\Program Files\InstallShield Installation Information
2015-03-19 10:43:00 ----D---- C:\ProgramData\CyberLink
2015-03-19 08:51:44 ----D---- C:\Záloha_Tom (2010, 2014)
2015-03-19 08:38:20 ----D---- C:\Data_04 arch
2015-03-19 08:30:05 ----D---- C:\windows\system32\Tasks
2015-03-18 09:11:22 ----SHD---- C:\windows\Installer
2015-03-18 09:11:21 ----D---- C:\ProgramData\Microsoft Help
2015-03-18 09:11:21 ----D---- C:\Config.Msi
2015-03-17 09:32:10 ----RSD---- C:\windows\assembly
2015-03-17 08:33:29 ----D---- C:\windows\Microsoft.NET
2015-03-17 07:21:13 ----SD---- C:\Users\molnar\AppData\Roaming\Microsoft
2015-03-16 17:35:54 ----D---- C:\Program Files\Common Files\microsoft shared
2015-03-16 17:35:49 ----D---- C:\Program Files\Microsoft Office
2015-03-16 17:35:38 ----D---- C:\Program Files\Microsoft.NET
2015-03-16 17:35:34 ----D---- C:\Program Files\Common Files\DESIGNER
2015-03-16 17:34:04 ----D---- C:\windows\ShellNew
2015-03-16 16:45:16 ----A---- C:\windows\win.ini
2015-03-16 16:42:33 ----RSD---- C:\windows\Fonts
2015-03-16 16:41:29 ----SD---- C:\ProgramData\Microsoft
2015-03-13 15:19:25 ----AD---- C:\ProgramData\TEMP
2015-03-13 15:15:30 ----D---- C:\Garmin
2015-03-12 10:02:48 ----D---- C:\Instalace
2015-03-12 07:55:11 ----D---- C:\Users\molnar\AppData\Roaming\Garmin
2015-03-11 10:25:06 ----D---- C:\windows\winsxs
2015-03-11 10:21:53 ----D---- C:\windows\system32\en-US
2015-03-11 10:21:52 ----D---- C:\Program Files\Internet Explorer
2015-03-11 10:21:49 ----D---- C:\windows\system32\cs-CZ
2015-03-11 10:21:48 ----D---- C:\windows\system32\drivers
2015-03-11 10:21:46 ----D---- C:\Program Files\Windows Media Player
2015-03-11 10:21:45 ----D---- C:\windows\system32\Dism
2015-03-11 10:21:43 ----D---- C:\windows\system32\Boot
2015-03-09 07:13:48 ----D---- C:\windows\Tasks
2015-03-02 07:21:50 ----D---- C:\Users\molnar\AppData\Roaming\Abelssoft
2015-02-25 14:54:40 ----D---- C:\Garmin-mapy
2015-02-25 07:29:34 ----D---- C:\Program Files\CCleaner

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 25656]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-08-07 330264]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 SafeBoot;SafeBoot; C:\windows\system32\drivers\SafeBoot.sys [2009-10-15 110520]
R0 SbAlg;SbAlg; C:\windows\system32\drivers\SbAlg.sys [2009-10-15 51800]
R0 SbFsLock;SbFsLock; C:\windows\system32\drivers\SbFsLock.sys [2009-10-15 13256]
R0 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-20 28032]
R0 SymDS;Symantec Data Store; C:\windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\SYMDS.SYS [2013-10-20 367704]
R0 SymEFA;Symantec Extended File Attributes; C:\windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\SYMEFA.SYS [2013-10-20 935512]
R1 BHDrvx86;BHDrvx86; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\BASHDefs\20150307.011\BHDrvx86.sys [2015-02-10 1164504]
R1 ccSettings_{974A0163-23BB-4C9D-A3C2-611667F7A450};Symantec Endpoint Protection 12.1.4013.4013.105 Settings Manager; C:\windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\ccSetx86.sys [2013-10-20 134744]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-19 388096]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2015-03-09 378672]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\IPSDefs\20150320.011\IDSvix86.sys [2015-01-26 479448]
R1 mfetdik;McAfee Inc. mfetdik; C:\windows\system32\drivers\mfetdik.sys [2009-05-16 55336]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2009-10-15 40088]
R1 SRTSP;Symantec Real Time Storage Protection; C:\windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\SRTSP.SYS [2013-10-20 603224]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\SRTSPX.SYS [2013-10-20 32344]
R1 SymIRON;Symantec Iron Driver; C:\windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\Ironx86.SYS [2013-10-20 175192]
R1 SYMNETS;Symantec Network Security WFP Driver; C:\windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\SYMNETS.SYS [2013-10-20 341080]
R1 Teefer2;Symantec Endpoint Protection Firewall; C:\windows\system32\DRIVERS\Teefer.sys [2013-10-20 72880]
R2 EkaProt6;Ekahau User Protocol Driver for NDIS 6; C:\windows\system32\DRIVERS\ekaprot6.sys [2009-04-07 15360]
R2 Hardlock;Hardlock; C:\windows\system32\drivers\hardlock.sys [2006-11-22 693760]
R2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 rimspci;rimspci; C:\windows\system32\DRIVERS\rimspe86.sys [2009-10-26 48640]
R2 risdpcie;risdpcie; C:\windows\system32\DRIVERS\risdpe86.sys [2009-10-29 47616]
R2 rixdpcie;rixdpcie; C:\windows\system32\DRIVERS\rixdpe86.sys [2009-09-28 38912]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 33848]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2009-08-03 1161760]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-09-17 86056]
R3 btwavdt;Bluetooth AVDT; C:\windows\system32\DRIVERS\btwavdt.sys [2009-09-17 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-09-17 29472]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-09-17 18472]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-12-11 111408]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 HECI;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECI.sys [2009-09-17 41088]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-11-07 6229504]
R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 125696]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2009-10-30 209920]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20150322.022\NAVENG.SYS [2015-03-16 95704]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20150322.022\NAVEX15.SYS [2015-03-16 1636696]
R3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit; C:\windows\system32\DRIVERS\NETw5s32.sys [2010-01-13 6755840]
R3 pcouffin;VSO Software pcouffin; C:\windows\System32\Drivers\pcouffin.sys [2010-11-16 47360]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2009-09-18 1765168]
R3 STHDA;IDT High Definition Audio CODEC; C:\windows\system32\DRIVERS\stwrt.sys [2009-10-12 420864]
R3 SymEvent;SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT.SYS [2014-02-17 142936]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-10-10 229424]
R3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 30720]
S2 rimmptsk;rimmptsk; C:\windows\system32\DRIVERS\rimmptsk.sys [2009-06-26 48128]
S2 rimsptsk;rimsptsk; C:\windows\system32\DRIVERS\rimsptsk.sys [2009-06-26 44544]
S2 rismxdp;Ricoh xD-Picture Card Driver; C:\windows\system32\DRIVERS\rixdptsk.sys [2009-06-26 38400]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AVerAF35;AVerMedia A867 USB DVB-T; C:\windows\System32\Drivers\AVerAF35.sys [2010-01-29 477312]
S3 AVerIR;AVerMedia Infrared Receiver; C:\windows\system32\DRIVERS\AVerIR.sys [2010-01-12 88576]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv.sys [2009-09-08 32312]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [2005-08-18 7168]
S3 libusb0;libusb-win32 - Kernel Driver 04/08/2011 1.2.4.0; C:\windows\system32\DRIVERS\libusb0.sys [2011-05-17 35776]
S3 NANMp50;NANMp50 NDIS Protocol Driver; C:\windows\System32\Drivers\NANMp50.sys [2010-03-25 36408]
S3 NANSp50;NANSp50 NDIS Protocol Driver; C:\windows\System32\Drivers\NANSp50.sys [2010-03-25 35384]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmb.sys [2013-01-23 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbo.sys [2013-01-23 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsu.sys [2013-01-23 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\windows\system32\drivers\nmwcdnsuc.sys [2013-01-23 8576]
S3 OlyCamComm;OLYMPUS USB Communication Device; C:\windows\system32\DRIVERS\OlyCamComm.sys [2009-09-10 21648]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-19 84992]
S3 sisagp;Filtr SIS sběrnice AGP; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SWDUMon;SWDUMon; C:\windows\system32\DRIVERS\SWDUMon.sys [2012-12-27 13024]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192]
S3 USBAAPL;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl.sys [2014-07-28 45056]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
R2 ac.sharedstore;ActivIdentity Shared Store Service; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-04 207400]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AESTFilters;Andrea ST Filters Service; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_499a67a913bde1c7\aestsrv.exe [2009-03-02 81920]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-08-03 14336]
R2 AHDDC2;Ashampoo HDD Control 2 Service; C:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [2012-07-30 1518504]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-01-19 60744]
R2 AVerRemote;AVerRemote; C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [2010-04-27 348160]
R2 AVerScheduleService;AVerScheduleService; C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2009-12-06 397312]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-09-04 595232]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2009-11-02 300808]
R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-12-31 451416]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2009-11-18 101944]
R2 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2009-09-11 36864]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2009-10-22 101944]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2009-10-15 277096]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-11-04 297984]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2009-07-08 26168]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-08-25 354840]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-11-04 268824]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2006-10-26 335872]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 SepMasterService;Symantec Endpoint Protection; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe [2013-10-20 144368]
R2 SnugTV Service;SnugTV Service; C:\Program Files\SnugTV\SnugTV Station\AMAServer.exe [2011-01-05 570880]
R2 STacSV;Audio Service; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_499a67a913bde1c7\STacSV.exe [2009-10-12 221266]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-01-27 540968]
R3 SmcService;Symantec Management Client; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\Smc.exe [2013-10-20 1746576]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 20992]
S2 AVerUpdateServer;AVerUpdateServer; C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe [2011-01-06 168448]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-01 116648]
S2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
S2 PEUpdateService;PEUpdateService; C:\Program Files\Rittal\PowerEngineering 5.0\Program\UpdateServer.exe [2010-08-09 49152]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AbAdminService;Abelssoft Admin-Service; C:\Program Files\ToolbarTerminator\AbAdminService.exe [2015-01-22 30984]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-11-11 77944]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\system32\flcdlock.exe [2009-10-06 362040]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-12-15 651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-01 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-02-20 102912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-04-22 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 RoxMediaDB10;RoxMediaDB10; c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-13 1120752]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 SNAC;Symantec Network Access Control; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\snac.exe [2013-10-20 288656]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2009-10-16 74392]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 20992]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@c:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

Roli píše:Stiskni klávesy Windows + R do okna Spustit >> napiš - services.msc >> Enter. Najdi službu :

AVerUpdateServer
Služba Google Update (gupdate)
Služba Google Update (gupdatem)
LightScribeService Direct Disc Labeling Service
PEUpdateService

dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.


V Naplánovaných úlohách zakaž Google Update bude to tam vícekrát.

Není provedeno !


Stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.

# AdwCleaner v4.113 - Logfile created 24/03/2015 at 19:58:13
# Updated 22/03/2015 by Xplode
# Database : 2015-03-23.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x86)
# Username : molnar - PCE-035
# Running from : C:\Users\molnar\Desktop\PC údržba\adwcleaner_4.113.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\YourFileDownloader
File Deleted : C:\END
File Deleted : C:\Users\molnar\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
File Deleted : C:\Users\molnar\AppData\Roaming\Mozilla\Firefox\Profiles\n4poslpw.default\user.js

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v29.0 (cs)


-\\ Comodo Dragon v


*************************

AdwCleaner[R0].txt - [10670 bytes] - [08/04/2014 15:06:19]
AdwCleaner[R1].txt - [4768 bytes] - [01/05/2014 20:35:18]
AdwCleaner[R3].txt - [1427 bytes] - [24/03/2015 19:55:30]
AdwCleaner[S0].txt - [11071 bytes] - [08/04/2014 15:07:38]
AdwCleaner[S1].txt - [4955 bytes] - [01/05/2014 20:36:15]
AdwCleaner[S3].txt - [1364 bytes] - [24/03/2015 19:58:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1423 bytes] ##########

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

ComboFix 15-03-25.01 - molnar 27.03.2015 8:22.2.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2998.1791 [GMT 1:00]
Spuštěný z: c:\users\molnar\Desktop\ComboFix.exe
AV: Symantec Endpoint Protection *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Symantec Endpoint Protection *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Symantec Endpoint Protection *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\DFA520A1B7.sys
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_WiseBootAssistant
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-02-27 do 2015-03-27 )))))))))))))))))))))))))))))))
.
.
2015-03-27 07:35 . 2015-03-27 07:35 -------- d-----w- c:\users\wangzhisong\AppData\Local\temp
2015-03-27 07:35 . 2015-03-27 07:35 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-03-27 07:35 . 2015-03-27 07:35 -------- d-----w- c:\users\Miloš\AppData\Local\temp
2015-03-27 07:35 . 2015-03-27 07:35 -------- d-----w- c:\users\hanzlik\AppData\Local\temp
2015-03-27 07:35 . 2015-03-27 07:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-03-27 07:35 . 2015-03-27 07:35 -------- d-----w- c:\users\administrator\AppData\Local\temp
2015-03-26 11:19 . 2015-03-26 11:20 -------- d-----w- c:\programdata\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-03-26 11:19 . 2015-03-26 11:19 -------- d-----w- c:\program files\iPod
2015-03-26 11:19 . 2015-03-26 11:20 -------- d-----w- c:\program files\iTunes
2015-03-23 18:04 . 2015-03-23 18:04 -------- d-----w- C:\rsit
2015-03-23 14:14 . 2015-03-23 14:14 1409 ----a-w- c:\windows\system32\tmp1D1CE.FOT
2015-03-23 14:14 . 2015-03-23 14:14 1409 ----a-w- c:\windows\system32\tmpBDDBE.FOT
2015-03-23 14:14 . 2015-03-23 14:14 1409 ----a-w- c:\windows\system32\tmp9ABBE.FOT
2015-03-23 14:14 . 2015-03-23 14:14 1409 ----a-w- c:\windows\system32\tmp47CBE.FOT
2015-03-23 14:14 . 2015-03-23 14:14 1409 ----a-w- c:\windows\system32\tmp09ABE.FOT
2015-03-23 14:14 . 2015-03-23 14:14 1409 ----a-w- c:\windows\system32\tmpC66BE.FOT
2015-03-23 14:14 . 2015-03-23 14:14 1409 ----a-w- c:\windows\system32\tmp0B5BE.FOT
2015-03-16 16:14 . 2015-03-16 16:14 -------- d-----w- c:\program files\Microsoft Works
2015-03-11 08:46 . 2015-02-03 03:12 1230848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-03-11 08:45 . 2015-01-31 03:33 2744320 ----a-w- c:\windows\system32\rdpcorets.dll
2015-03-11 08:45 . 2015-01-31 03:33 13824 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 08:45 . 2015-01-31 00:48 221184 ----a-w- c:\windows\system32\rdpudd.dll
2015-03-11 08:44 . 2015-01-17 02:30 828928 ----a-w- c:\windows\system32\msctf.dll
2015-03-11 08:42 . 2015-02-03 03:12 171520 ----a-w- c:\windows\system32\ubpm.dll
2015-03-11 08:38 . 2015-02-03 03:12 28160 ----a-w- c:\windows\system32\pcadm.dll
2015-03-02 06:21 . 2015-03-02 06:24 -------- d-----w- c:\programdata\XDMessagingv4
2015-03-02 06:21 . 2015-03-02 06:21 -------- d-----w- c:\program files\ToolbarTerminator
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-27 07:14 . 2015-02-09 06:21 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B70D5F5E-7F10-4050-A26E-5454DF62DE36}\offreg.dll
2015-03-06 05:10 . 2015-03-11 08:41 248832 ----a-w- c:\windows\system32\schannel.dll
2015-02-06 06:17 . 2013-03-13 08:00 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2015-02-05 10:40 . 2012-04-11 04:54 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-02-05 10:40 . 2011-09-05 06:45 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-01-07 03:01 . 2015-02-11 14:00 14848 ----a-w- c:\windows\system32\drivers\cs-CZ\mup.sys.mui
2015-01-07 02:49 . 2015-02-11 14:00 89528 ----a-w- c:\windows\system32\drivers\mup.sys
2015-01-07 02:44 . 2015-02-11 14:00 597504 ----a-w- c:\windows\system32\gpsvc.dll
2015-01-07 01:35 . 2015-02-11 14:00 225792 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2015-01-07 01:34 . 2015-02-11 14:00 98304 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2015-01-07 01:34 . 2015-02-11 14:00 243200 ----a-w- c:\windows\system32\drivers\rdbss.sys
2015-01-07 01:34 . 2015-02-11 14:00 124416 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2015-01-07 01:34 . 2015-02-11 14:00 81408 ----a-w- c:\windows\system32\drivers\dfsc.sys
2003-11-18 12:46 . 2010-11-27 20:03 442368 ----a-w- c:\program files\scdixpstd.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\molnar\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\molnar\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\molnar\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\molnar\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\molnar\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\molnar\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\molnar\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\molnar\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB Safely Remove"="c:\program files\USB Safely Remove\USBSafelyRemove.exe" [2010-12-25 1794392]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2012-06-26 1516632]
"iCloudServices"="c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe" [2014-11-21 43816]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-09-03 288312]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-08-25 186904]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" [2009-11-18 1690680]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-10-10 1578280]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" [2009-10-22 363064]
"acevents"="c:\program files\ActivIdentity\ActivClient\acevents.exe" [2009-06-04 153640]
"File Sanitizer"="c:\program files\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2009-11-04 11264000]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-11-14 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-11-14 175128]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-11-14 166424]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-10-12 495708]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-02-13 60712]
"Standby"="c:\program files\Common Files\Corel\Standby\Standby.exe" [2010-05-17 105632]
"Family Tree Builder Update"="c:\program files\MyHeritage\Bin\FTBCheckUpdates.exe" [2014-05-14 2534400]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-02-13 157480]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="c:\program files\Garmin\Express Tray\ExpressTray.exe" [2014-12-31 688984]
.
c:\users\molnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\molnar\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-3-4 42560368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2009-10-06 02:43 75320 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer6"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2009-10-06 1639728]
R3 AbAdminService;Abelssoft Admin-Service;c:\program files\ToolbarTerminator\AbAdminService.exe [2015-01-22 30984]
R3 AVerAF35;AVerMedia A867 USB DVB-T;c:\windows\system32\Drivers\AVerAF35.sys [2010-01-29 477312]
R3 AVerIR;AVerMedia Infrared Receiver;c:\windows\system32\DRIVERS\AVerIR.sys [2010-01-12 88576]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv.sys [2009-09-08 32312]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt [2005-08-17 7168]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\system32\flcdlock.exe [2009-10-06 362040]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-02-20 102912]
R3 libusb0;libusb-win32 - Kernel Driver 04/08/2011 1.2.4.0;c:\windows\system32\DRIVERS\libusb0.sys [2011-05-17 35776]
R3 NANMp50;NANMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\NANMp50.sys [2010-03-25 36408]
R3 NANSp50;NANSp50 NDIS Protocol Driver;c:\windows\system32\Drivers\NANSp50.sys [2010-03-25 35384]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2013-01-23 137600]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2013-01-23 8576]
R3 OlyCamComm;OLYMPUS USB Communication Device;c:\windows\system32\DRIVERS\OlyCamComm.sys [2009-09-10 21648]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-13 1120752]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2012-12-27 13024]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-16 1343400]
R3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\system32\drivers\WsAudioDevice_383.sys [2011-11-17 16640]
R3 XHASP;XHASP;c:\windows\system32\drivers\XHASP.sys [2011-05-27 259584]
R4 AVerUpdateServer;AVerUpdateServer;c:\program files\AVerMedia\AVerUpdate\AVerUpdateServer.exe [2011-01-06 168448]
R4 PEUpdateService;PEUpdateService;c:\program files\Rittal\PowerEngineering 5.0\Program\UpdateServer.exe [2010-08-09 49152]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\SYMDS.SYS [2013-10-20 367704]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\SYMEFA.SYS [2013-10-20 935512]
S1 BHDrvx86;BHDrvx86;c:\programdata\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\BASHDefs\20150309.013\BHDrvx86.sys [2015-02-10 1164504]
S1 ccSettings_{974A0163-23BB-4C9D-A3C2-611667F7A450};Symantec Endpoint Protection 12.1.4013.4013.105 Settings Manager;c:\windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\ccSetx86.sys [2013-10-20 134744]
S1 IDSVix86;IDSVix86;c:\programdata\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\IPSDefs\20150325.011\IDSvix86.sys [2015-01-26 479448]
S1 RsvLock;RsvLock; [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\Ironx86.SYS [2013-10-20 175192]
S1 SYMNETS;Symantec Network Security WFP Driver;c:\windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\SYMNETS.SYS [2013-10-20 341080]
S2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
S2 ac.sharedstore;ActivIdentity Shared Store Service;c:\program files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-04 207400]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_499a67a913bde1c7\aestsrv.exe [2009-03-02 81920]
S2 AHDDC2;Ashampoo HDD Control 2 Service;c:\program files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [2012-07-30 1518504]
S2 AVerRemote;AVerRemote;c:\program files\Common Files\AVerMedia\Service\AVerRemote.exe [2010-04-27 348160]
S2 AVerScheduleService;AVerScheduleService;c:\program files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2009-12-06 397312]
S2 EkaProt6;Ekahau User Protocol Driver for NDIS 6;c:\windows\system32\DRIVERS\ekaprot6.sys [2009-04-07 15360]
S2 Garmin Core Update Service;Garmin Core Update Service;c:\program files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-12-31 451416]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2009-11-18 101944]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2009-09-11 36864]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2009-10-22 101944]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2009-10-15 277096]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-11-04 297984]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 26168]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe86.sys [2009-10-26 48640]
S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe86.sys [2009-10-29 47616]
S2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe86.sys [2009-09-28 38912]
S2 SepMasterService;Symantec Endpoint Protection;c:\program files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe [2013-10-20 144368]
S2 SnugTV Service;SnugTV Service;c:\program files\SnugTV\SnugTV Station\AMAServer.exe [2011-01-05 570880]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
S2 yksvc;Marvell Yukon Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-09-17 29472]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-12-11 111408]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 125696]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2009-10-30 209920]
S3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2010-01-13 6755840]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2010-11-16 47360]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-20 313856]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
yksvcs REG_MULTI_SZ yksvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 20:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-03-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 10:40]
.
2015-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-04-01 07:32]
.
2015-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-04-01 07:32]
.
2015-03-25 c:\windows\Tasks\Wise Turbo Checker.job
- c:\program files\Wise\Wise Care 365\WiseTurbo.exe [2014-06-10 13:44]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page =
mLocal Page =
IE: E&xportovat do Microsoft Excelu - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
TCP: DhcpNameServer = 192.168.1.4
FF - ProfilePath - c:\users\molnar\AppData\Roaming\Mozilla\Firefox\Profiles\n4poslpw.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/|http://aktualne.centrum. ... oogle.com/
.
.
------- Asociace souborů -------
.
.scr=AutoCADLTScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Adobe Reader Free Download Packages - c:\users\molnar\AppData\Roaming\1O1L1I1PtF1F1C1N\Adobe Reader Free Download Packages\uninstaller.exe
AddRemove-Google Earth Free Download Packages - c:\users\molnar\AppData\Roaming\1O1L1I1PtF1F1C1N\Google Earth Free Download Packages\uninstaller.exe
AddRemove-Mozilla Firefox Free Download Packages - c:\users\molnar\AppData\Roaming\1O1L1I1PtF1F1C1N\Mozilla Firefox Free Download Packages\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SepMasterService]
"ImagePath"="\"c:\program files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe\" /s \"Symantec Endpoint Protection\" /m \"c:\program files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\sms.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SmcService]
"ImagePath"="\"c:\program files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\Smc.exe\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(656)
c:\windows\system32\DPFPApi.DLL
.
- - - - - - - > 'Explorer.exe'(7384)
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_499a67a913bde1c7\STacSV.exe
c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\Smc.exe
c:\program files\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
c:\windows\system32\conhost.exe
c:\program files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\users\molnar\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Hewlett-Packard\Shared\hpCaslNotification.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\windows\system32\DllHost.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2015-03-27 08:45:43 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-03-27 07:45
.
Před spuštěním: Volných bajtů: 53 828 853 760
Po spuštění: Volných bajtů: 53 745 242 112
.
- - End Of File - - ABE413502E51E52A728891DECD23898A
5C616939100B85E558DA92B899A0FC36

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:
ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

ComboFix 15-03-25.01 - molnar 27.03.2015 18:49:55.3.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2998.1603 [GMT 1:00]
Spuštěný z: c:\users\molnar\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\molnar\Desktop\CFScript.txt
AV: Symantec Endpoint Protection *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Symantec Endpoint Protection *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Symantec Endpoint Protection *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Golden\Golden.exe
c:\programdata\ntuser.pol
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-02-27 do 2015-03-27 )))))))))))))))))))))))))))))))
.
.
2015-03-27 18:03 . 2015-03-27 18:03 -------- d-----w- c:\users\wangzhisong\AppData\Local\temp
2015-03-27 18:03 . 2015-03-27 18:03 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-03-27 18:03 . 2015-03-27 18:03 -------- d-----w- c:\users\Miloš\AppData\Local\temp
2015-03-27 18:03 . 2015-03-27 18:03 -------- d-----w- c:\users\hanzlik\AppData\Local\temp
2015-03-27 18:03 . 2015-03-27 18:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-03-27 18:03 . 2015-03-27 18:03 -------- d-----w- c:\users\administrator\AppData\Local\temp
2015-03-26 11:19 . 2015-03-26 11:20 -------- d-----w- c:\programdata\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-03-26 11:19 . 2015-03-26 11:19 -------- d-----w- c:\program files\iPod
2015-03-26 11:19 . 2015-03-26 11:20 -------- d-----w- c:\program files\iTunes
2015-03-23 18:04 . 2015-03-23 18:04 -------- d-----w- C:\rsit
2015-03-23 14:14 . 2015-03-23 14:14 1409 ----a-w- c:\windows\system32\tmp1D1CE.FOT
2015-03-23 14:14 . 2015-03-23 14:14 1409 ----a-w- c:\windows\system32\tmpBDDBE.FOT
2015-03-23 14:14 . 2015-03-23 14:14 1409 ----a-w- c:\windows\system32\tmp9ABBE.FOT
2015-03-23 14:14 . 2015-03-23 14:14 1409 ----a-w- c:\windows\system32\tmp47CBE.FOT
2015-03-23 14:14 . 2015-03-23 14:14 1409 ----a-w- c:\windows\system32\tmp09ABE.FOT
2015-03-23 14:14 . 2015-03-23 14:14 1409 ----a-w- c:\windows\system32\tmpC66BE.FOT
2015-03-23 14:14 . 2015-03-23 14:14 1409 ----a-w- c:\windows\system32\tmp0B5BE.FOT
2015-03-16 16:14 . 2015-03-16 16:14 -------- d-----w- c:\program files\Microsoft Works
2015-03-11 08:46 . 2015-02-03 03:12 1230848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-03-11 08:45 . 2015-01-31 03:33 2744320 ----a-w- c:\windows\system32\rdpcorets.dll
2015-03-11 08:45 . 2015-01-31 03:33 13824 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 08:45 . 2015-01-31 00:48 221184 ----a-w- c:\windows\system32\rdpudd.dll
2015-03-11 08:44 . 2015-01-17 02:30 828928 ----a-w- c:\windows\system32\msctf.dll
2015-03-11 08:42 . 2015-02-03 03:12 171520 ----a-w- c:\windows\system32\ubpm.dll
2015-03-11 08:38 . 2015-02-03 03:12 28160 ----a-w- c:\windows\system32\pcadm.dll
2015-03-02 06:21 . 2015-03-02 06:24 -------- d-----w- c:\programdata\XDMessagingv4
2015-03-02 06:21 . 2015-03-02 06:21 -------- d-----w- c:\program files\ToolbarTerminator
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-27 07:14 . 2015-02-09 06:21 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B70D5F5E-7F10-4050-A26E-5454DF62DE36}\offreg.dll
2015-03-06 05:10 . 2015-03-11 08:41 248832 ----a-w- c:\windows\system32\schannel.dll
2015-02-06 06:17 . 2013-03-13 08:00 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2015-02-05 10:40 . 2012-04-11 04:54 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-02-05 10:40 . 2011-09-05 06:45 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-01-07 03:01 . 2015-02-11 14:00 14848 ----a-w- c:\windows\system32\drivers\cs-CZ\mup.sys.mui
2015-01-07 02:49 . 2015-02-11 14:00 89528 ----a-w- c:\windows\system32\drivers\mup.sys
2015-01-07 02:44 . 2015-02-11 14:00 597504 ----a-w- c:\windows\system32\gpsvc.dll
2015-01-07 01:35 . 2015-02-11 14:00 225792 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2015-01-07 01:34 . 2015-02-11 14:00 98304 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2015-01-07 01:34 . 2015-02-11 14:00 243200 ----a-w- c:\windows\system32\drivers\rdbss.sys
2015-01-07 01:34 . 2015-02-11 14:00 124416 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2015-01-07 01:34 . 2015-02-11 14:00 81408 ----a-w- c:\windows\system32\drivers\dfsc.sys
2003-11-18 12:46 . 2010-11-27 20:03 442368 ----a-w- c:\program files\scdixpstd.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\molnar\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\molnar\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\molnar\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\molnar\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\molnar\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\molnar\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\molnar\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\molnar\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB Safely Remove"="c:\program files\USB Safely Remove\USBSafelyRemove.exe" [2010-12-25 1794392]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2012-06-26 1516632]
"iCloudServices"="c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe" [2014-11-21 43816]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-09-03 288312]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-08-25 186904]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" [2009-11-18 1690680]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-10-10 1578280]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" [2009-10-22 363064]
"acevents"="c:\program files\ActivIdentity\ActivClient\acevents.exe" [2009-06-04 153640]
"File Sanitizer"="c:\program files\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2009-11-04 11264000]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-11-14 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-11-14 175128]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-11-14 166424]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-10-12 495708]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-02-13 60712]
"Standby"="c:\program files\Common Files\Corel\Standby\Standby.exe" [2010-05-17 105632]
"Family Tree Builder Update"="c:\program files\MyHeritage\Bin\FTBCheckUpdates.exe" [2014-05-14 2534400]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-02-13 157480]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="c:\program files\Garmin\Express Tray\ExpressTray.exe" [2014-12-31 688984]
.
c:\users\molnar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\molnar\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-3-4 42560368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2009-10-06 02:43 75320 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer6"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2009-10-06 1639728]
R3 AbAdminService;Abelssoft Admin-Service;c:\program files\ToolbarTerminator\AbAdminService.exe [2015-01-22 30984]
R3 AVerAF35;AVerMedia A867 USB DVB-T;c:\windows\system32\Drivers\AVerAF35.sys [2010-01-29 477312]
R3 AVerIR;AVerMedia Infrared Receiver;c:\windows\system32\DRIVERS\AVerIR.sys [2010-01-12 88576]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv.sys [2009-09-08 32312]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt [2005-08-17 7168]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\system32\flcdlock.exe [2009-10-06 362040]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-02-20 102912]
R3 libusb0;libusb-win32 - Kernel Driver 04/08/2011 1.2.4.0;c:\windows\system32\DRIVERS\libusb0.sys [2011-05-17 35776]
R3 NANMp50;NANMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\NANMp50.sys [2010-03-25 36408]
R3 NANSp50;NANSp50 NDIS Protocol Driver;c:\windows\system32\Drivers\NANSp50.sys [2010-03-25 35384]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2013-01-23 137600]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2013-01-23 8576]
R3 OlyCamComm;OLYMPUS USB Communication Device;c:\windows\system32\DRIVERS\OlyCamComm.sys [2009-09-10 21648]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-13 1120752]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2012-12-27 13024]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-16 1343400]
R3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\system32\drivers\WsAudioDevice_383.sys [2011-11-17 16640]
R3 XHASP;XHASP;c:\windows\system32\drivers\XHASP.sys [2011-05-27 259584]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-20 313856]
R4 AVerUpdateServer;AVerUpdateServer;c:\program files\AVerMedia\AVerUpdate\AVerUpdateServer.exe [2011-01-06 168448]
R4 PEUpdateService;PEUpdateService;c:\program files\Rittal\PowerEngineering 5.0\Program\UpdateServer.exe [2010-08-09 49152]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\SYMDS.SYS [2013-10-20 367704]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\SYMEFA.SYS [2013-10-20 935512]
S1 BHDrvx86;BHDrvx86;c:\programdata\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\BASHDefs\20150309.013\BHDrvx86.sys [2015-02-10 1164504]
S1 ccSettings_{974A0163-23BB-4C9D-A3C2-611667F7A450};Symantec Endpoint Protection 12.1.4013.4013.105 Settings Manager;c:\windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\ccSetx86.sys [2013-10-20 134744]
S1 IDSVix86;IDSVix86;c:\programdata\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\IPSDefs\20150326.011\IDSvix86.sys [2015-01-26 479448]
S1 RsvLock;RsvLock; [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\Ironx86.SYS [2013-10-20 175192]
S1 SYMNETS;Symantec Network Security WFP Driver;c:\windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\SYMNETS.SYS [2013-10-20 341080]
S2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
S2 ac.sharedstore;ActivIdentity Shared Store Service;c:\program files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-04 207400]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_499a67a913bde1c7\aestsrv.exe [2009-03-02 81920]
S2 AHDDC2;Ashampoo HDD Control 2 Service;c:\program files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [2012-07-30 1518504]
S2 AVerRemote;AVerRemote;c:\program files\Common Files\AVerMedia\Service\AVerRemote.exe [2010-04-27 348160]
S2 AVerScheduleService;AVerScheduleService;c:\program files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2009-12-06 397312]
S2 EkaProt6;Ekahau User Protocol Driver for NDIS 6;c:\windows\system32\DRIVERS\ekaprot6.sys [2009-04-07 15360]
S2 Garmin Core Update Service;Garmin Core Update Service;c:\program files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-12-31 451416]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2009-11-18 101944]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2009-09-11 36864]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2009-10-22 101944]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2009-10-15 277096]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-11-04 297984]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 26168]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe86.sys [2009-10-26 48640]
S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe86.sys [2009-10-29 47616]
S2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe86.sys [2009-09-28 38912]
S2 SepMasterService;Symantec Endpoint Protection;c:\program files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe [2013-10-20 144368]
S2 SnugTV Service;SnugTV Service;c:\program files\SnugTV\SnugTV Station\AMAServer.exe [2011-01-05 570880]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
S2 yksvc;Marvell Yukon Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-09-17 29472]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-12-11 111408]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 125696]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2009-10-30 209920]
S3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2010-01-13 6755840]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2010-11-16 47360]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
yksvcs REG_MULTI_SZ yksvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 20:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-03-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 10:40]
.
2015-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-04-01 07:32]
.
2015-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-04-01 07:32]
.
2015-03-25 c:\windows\Tasks\Wise Turbo Checker.job
- c:\program files\Wise\Wise Care 365\WiseTurbo.exe [2014-06-10 13:44]
.
.
------- Doplňkový sken -------
.
uStart Page = https://www.seznam.cz/
uLocal Page =
mLocal Page =
IE: E&xportovat do Microsoft Excelu - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\molnar\AppData\Roaming\Mozilla\Firefox\Profiles\n4poslpw.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/|http://aktualne.centrum. ... oogle.com/
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SepMasterService]
"ImagePath"="\"c:\program files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe\" /s \"Symantec Endpoint Protection\" /m \"c:\program files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\sms.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SmcService]
"ImagePath"="\"c:\program files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\Smc.exe\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(664)
c:\windows\system32\DPFPApi.DLL
.
Celkový čas: 2015-03-27 19:05:58
ComboFix-quarantined-files.txt 2015-03-27 18:05
ComboFix2.txt 2015-03-27 07:45
.
Před spuštěním: Volných bajtů: 52 325 695 488
Po spuštění: Volných bajtů: 52 026 994 688
.
- - End Of File - - A0C78BABC541AC4CE8DD60E5C66D6DFB
5C616939100B85E558DA92B899A0FC36

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Pak dej vědět jak se PC chová.

Děkuji za pomoc, počítač "ožil", zdá se být vše O.K.

Není zač a