VIRY.CZ

Prosím o kontrolu logu, děkuji:


Logfile of random's system information tool 1.10 (written by random/random)
Run by vitek at 2015-04-18 16:58:31
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 102 GB (35%) free of 288 GB
Total RAM: 2927 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:59:43, on 18.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe
C:\Program Files (x86)\PDF24\pdf24.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
C:\Users\vitek\Desktop\Tor Browser\App\vidalia.exe
C:\Users\vitek\Desktop\Tor Browser\App\vidalia.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\vitek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe /silent
O4 - HKLM\..\Run: [VmbNotifier] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe
O4 - HKLM\..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [StatusAlerts] "C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files (x86)\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.mcafee.com (HKLM)
O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/ ... 4970956357
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = PB-SCOM.cz
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = PB-SCOM.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = PB-SCOM.cz
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~3\Wincert\WIN32C~1.DLL C:\PROGRA~2\MOVIES~1\Datamngr\mgrldr.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: Datamngr Coordinator (DatamngrCoordinator) - Unknown owner - C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe (file missing)
O23 - Service: DEBridge - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FileOpen Manager Service (FileOpenManagerSvc) - FileOpen Systems Inc. - C:\Program Files\FileOpen\Services\FileOpenManagerSvc64.exe
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\system\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: Vodafone Mobile Connect Service (VmbService) - Vodafone - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 17685 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Hpservice.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\FileOpen\Services\FileOpenManagerSvc64.exe"
"C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe"
"c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe"
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\windows\System32\svchost.exe -k HPZ12
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system\uArcCapture.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Motorola\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe"
WLIDSvcM.exe 2908
"taskhost.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\windows\system32\Dwm.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\windows\Explorer.EXE
adb fork-server server
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
"C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe" /silent
"C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe"
"C:\Program Files (x86)\PDF24\pdf24.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
"C:\Program Files (x86)\CCleaner\CCleaner.exe" /MONITOR /uac
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe"
"c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"taskhost.exe"
C:\windows\servicing\TrustedInstaller.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Motorola\Bluetooth\audiosrv.exe"
"C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe" -Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><Title>HP Wireless Assistant</Title><Text>Combo: On</Text><IconPath>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WA_tray_32_on.ico</IconPath><ID>1165279247</ID><Path>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe</Path><Parameters></Parameters></Toast></hpNotification>"
App/vidalia.exe --datadir .\Data\Vidalia\
App/vidalia.exe --datadir .\Data\Vidalia\
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"

"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\windows\system32\sppsvc.exe
"C:\Users\vitek\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA1cf90387d9f3f53.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskMachineUA1d040f3849fb5e2.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3971195940-4199620227-2441741472-1203Core.job - C:\Users\mmika\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3971195940-4199620227-2441741472-1203UA.job - C:\Users\mmika\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\vitek\AppData\Roaming\Mozilla\Firefox\Profiles\tn50ozrr.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
HP ProtectTools Security Manager Extension - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2009-12-03 2187528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2009-12-12 117248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
HP ProtectTools Security Manager Extension - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2009-12-03 1471752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-21 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-21 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D5D47440-0750-463D-BAEF-A47D02414806}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2010-06-19 1691192]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-04-05 8192]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2010-03-24 166424]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-03-24 391192]
"Persistence"=C:\windows\system32\igfxpers.exe [2010-03-24 410648]
"BTMTrayAgent"=C:\Program Files\Motorola\Bluetooth\btmshell.dll [2010-06-11 24783624]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-10-01 5595336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files (x86)\CCleaner\CCleaner64.exe [2015-02-19 7416088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon]
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DTRun]
c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2009-11-19 518656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\File Sanitizer]
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2009-12-12 11265536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GIGABYTEMOUSE]
C:\Program Files (x86)\GIGABYTE\GIGABYTE Sim Series7\Mouse.exe [2009-11-26 1278464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPUsageTracking]
C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [2009-05-11 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileBroadband]
C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [2014-03-03 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
C:\Program Files (x86)\PDF Complete\pdfsty.exe [2009-10-23 563736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VmbNotifier]
C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe [2014-03-03 1893888]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2010-03-01 256056]
"MobileBroadband"=C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [2014-03-03 77824]
"VmbNotifier"=C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe [2014-03-03 1893888]
"PDFPrint"=C:\Program Files (x86)\PDF24\pdf24.exe [2014-11-28 193568]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
""= []
"StatusAlerts"=C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [2012-07-18 313248]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~3\Wincert\WIN64C~1.DLL C:\PROGRA~2\MOVIES~1\Datamngr\x64\mgrldr.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-02-20 269824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-04-18 16:58:31 ----D---- C:\rsit
2015-04-18 16:58:31 ----D---- C:\Program Files\trend micro
2015-04-14 23:15:24 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2015-04-14 23:15:24 ----A---- C:\windows\SYSWOW64\wups.dll
2015-04-14 23:15:24 ----A---- C:\windows\SYSWOW64\wudriver.dll
2015-04-14 23:15:24 ----A---- C:\windows\SYSWOW64\wuapp.exe
2015-04-14 23:15:24 ----A---- C:\windows\SYSWOW64\wuapi.dll
2015-04-14 23:15:24 ----A---- C:\windows\system32\wuauclt.exe
2015-04-14 23:15:24 ----A---- C:\windows\system32\wuapp.exe
2015-04-14 23:15:23 ----A---- C:\windows\system32\wuwebv.dll
2015-04-14 23:15:23 ----A---- C:\windows\system32\wups2.dll
2015-04-14 23:15:23 ----A---- C:\windows\system32\wups.dll
2015-04-14 23:15:23 ----A---- C:\windows\system32\wudriver.dll
2015-04-14 23:15:23 ----A---- C:\windows\system32\wucltux.dll
2015-04-14 23:15:23 ----A---- C:\windows\system32\wuaueng.dll
2015-04-14 23:15:23 ----A---- C:\windows\system32\wuapi.dll
2015-04-14 23:15:23 ----A---- C:\windows\system32\wu.upgrade.ps.dll
2015-04-14 23:15:23 ----A---- C:\windows\system32\WinSetupUI.dll
2015-04-14 23:15:01 ----A---- C:\windows\system32\invagent.dll
2015-04-14 23:15:01 ----A---- C:\windows\system32\generaltel.dll
2015-04-14 23:15:01 ----A---- C:\windows\system32\devinv.dll
2015-04-14 23:15:01 ----A---- C:\windows\system32\appraiser.dll
2015-04-14 23:15:01 ----A---- C:\windows\system32\aeinv.dll
2015-04-14 23:15:01 ----A---- C:\windows\system32\acmigration.dll
2015-04-14 23:15:00 ----A---- C:\windows\system32\aepic.dll
2015-04-14 23:15:00 ----A---- C:\windows\system32\aepdu.dll
2015-04-14 23:14:31 ----A---- C:\windows\system32\ntoskrnl.exe
2015-04-14 23:14:28 ----A---- C:\windows\SYSWOW64\ntdll.dll
2015-04-14 23:14:28 ----A---- C:\windows\system32\ntdll.dll
2015-04-14 23:14:27 ----A---- C:\windows\system32\KernelBase.dll
2015-04-14 23:14:27 ----A---- C:\windows\system32\kernel32.dll
2015-04-14 23:14:26 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2015-04-14 23:14:24 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2015-04-14 23:14:23 ----A---- C:\windows\SYSWOW64\kernel32.dll
2015-04-14 23:14:23 ----A---- C:\windows\system32\wow64win.dll
2015-04-14 23:14:23 ----A---- C:\windows\system32\schannel.dll
2015-04-14 23:14:23 ----A---- C:\windows\system32\lsasrv.dll
2015-04-14 23:14:22 ----A---- C:\windows\SYSWOW64\schannel.dll
2015-04-14 23:14:22 ----A---- C:\windows\SYSWOW64\kerberos.dll
2015-04-14 23:14:22 ----A---- C:\windows\system32\wow64.dll
2015-04-14 23:14:22 ----A---- C:\windows\system32\srcore.dll
2015-04-14 23:14:22 ----A---- C:\windows\system32\conhost.exe
2015-04-14 23:14:21 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2015-04-14 23:14:21 ----A---- C:\windows\system32\winsrv.dll
2015-04-14 23:14:21 ----A---- C:\windows\system32\rstrui.exe
2015-04-14 23:14:21 ----A---- C:\windows\system32\kerberos.dll
2015-04-14 23:14:20 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2015-04-14 23:14:20 ----A---- C:\windows\system32\wdigest.dll
2015-04-14 23:14:20 ----A---- C:\windows\system32\ncrypt.dll
2015-04-14 23:14:20 ----A---- C:\windows\system32\msv1_0.dll
2015-04-14 23:14:20 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-04-14 23:14:20 ----A---- C:\windows\system32\drivers\ksecdd.sys
2015-04-14 23:14:19 ----A---- C:\windows\SYSWOW64\wdigest.dll
2015-04-14 23:14:19 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2015-04-14 23:14:19 ----A---- C:\windows\SYSWOW64\srclient.dll
2015-04-14 23:14:19 ----A---- C:\windows\SYSWOW64\setup16.exe
2015-04-14 23:14:19 ----A---- C:\windows\SYSWOW64\auditpol.exe
2015-04-14 23:14:19 ----A---- C:\windows\system32\TSpkg.dll
2015-04-14 23:14:19 ----A---- C:\windows\system32\sspisrv.dll
2015-04-14 23:14:19 ----A---- C:\windows\system32\sspicli.dll
2015-04-14 23:14:19 ----A---- C:\windows\system32\srclient.dll
2015-04-14 23:14:19 ----A---- C:\windows\system32\smss.exe
2015-04-14 23:14:19 ----A---- C:\windows\system32\ntvdm64.dll
2015-04-14 23:14:19 ----A---- C:\windows\system32\lsass.exe
2015-04-14 23:14:19 ----A---- C:\windows\system32\csrsrv.dll
2015-04-14 23:14:19 ----A---- C:\windows\system32\auditpol.exe
2015-04-14 23:14:18 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 23:14:18 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 23:14:18 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-14 23:14:18 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 23:14:18 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-14 23:14:18 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 23:14:18 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 23:14:18 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 23:14:18 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 23:14:18 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-14 23:14:18 ----A---- C:\windows\SYSWOW64\wow32.dll
2015-04-14 23:14:18 ----A---- C:\windows\SYSWOW64\sspicli.dll
2015-04-14 23:14:18 ----A---- C:\windows\SYSWOW64\secur32.dll
2015-04-14 23:14:18 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2015-04-14 23:14:18 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2015-04-14 23:14:18 ----A---- C:\windows\SYSWOW64\credssp.dll
2015-04-14 23:14:18 ----A---- C:\windows\system32\wow64cpu.dll
2015-04-14 23:14:18 ----A---- C:\windows\system32\secur32.dll
2015-04-14 23:14:18 ----A---- C:\windows\system32\credssp.dll
2015-04-14 23:14:17 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-14 23:14:17 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 23:14:17 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 23:14:17 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 23:14:17 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 23:14:17 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 23:14:17 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 23:14:17 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-14 23:14:17 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 23:14:17 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 23:14:17 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 23:14:17 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 23:14:17 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 23:14:16 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 23:14:16 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 23:14:16 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-14 23:14:16 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 23:14:16 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 23:14:16 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 23:14:16 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 23:14:16 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-14 23:14:16 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 23:14:15 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 23:14:15 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-14 23:14:15 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 23:14:15 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 23:14:15 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 23:14:15 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 23:14:15 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 23:14:15 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 23:14:15 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 23:14:15 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 23:14:15 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-14 23:14:15 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 23:14:15 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 23:14:15 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 23:14:15 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 23:14:15 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 23:14:15 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 23:14:15 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 23:14:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-14 23:14:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 23:14:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 23:14:14 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-14 23:14:14 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 23:14:14 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-14 23:14:13 ----A---- C:\windows\SYSWOW64\instnm.exe
2015-04-14 23:14:13 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2015-04-14 23:14:13 ----A---- C:\windows\system32\apisetschema.dll
2015-04-14 23:14:12 ----A---- C:\windows\SYSWOW64\user.exe
2015-04-14 23:14:12 ----A---- C:\windows\SYSWOW64\adtschema.dll
2015-04-14 23:14:12 ----A---- C:\windows\system32\adtschema.dll
2015-04-14 23:14:11 ----A---- C:\windows\SYSWOW64\msobjs.dll
2015-04-14 23:14:11 ----A---- C:\windows\SYSWOW64\msaudite.dll
2015-04-14 23:14:11 ----A---- C:\windows\system32\msobjs.dll
2015-04-14 23:14:11 ----A---- C:\windows\system32\msaudite.dll
2015-04-14 23:13:23 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2015-04-14 23:13:23 ----A---- C:\windows\SYSWOW64\msxml3.dll
2015-04-14 23:13:23 ----A---- C:\windows\system32\msxml3r.dll
2015-04-14 23:13:23 ----A---- C:\windows\system32\msxml3.dll
2015-04-14 23:13:19 ----A---- C:\windows\system32\gdi32.dll
2015-04-14 23:13:18 ----A---- C:\windows\SYSWOW64\gdi32.dll
2015-04-14 23:13:14 ----A---- C:\windows\system32\drivers\http.sys
2015-04-14 23:13:01 ----A---- C:\windows\SYSWOW64\iernonce.dll
2015-04-14 23:13:01 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2015-04-14 23:13:01 ----A---- C:\windows\system32\ieetwcollector.exe
2015-04-14 23:13:00 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2015-04-14 23:13:00 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2015-04-14 23:13:00 ----A---- C:\windows\system32\ieetwproxystub.dll
2015-04-14 23:12:59 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-04-14 23:12:59 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-14 23:12:59 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2015-04-14 23:12:59 ----A---- C:\windows\system32\iernonce.dll
2015-04-14 23:12:59 ----A---- C:\windows\system32\ie4uinit.exe
2015-04-14 23:12:58 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-04-14 23:12:58 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-04-14 23:12:58 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2015-04-14 23:12:58 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 23:12:57 ----A---- C:\windows\SYSWOW64\iesetup.dll
2015-04-14 23:12:57 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2015-04-14 23:12:56 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2015-04-14 23:12:56 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2015-04-14 23:12:56 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2015-04-14 23:12:56 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-04-14 23:12:56 ----A---- C:\windows\system32\urlmon.dll
2015-04-14 23:12:56 ----A---- C:\windows\system32\ieetwcollectorres.dll
2015-04-14 23:12:56 ----A---- C:\windows\system32\iedkcs32.dll
2015-04-14 23:12:55 ----A---- C:\windows\SYSWOW64\ieui.dll
2015-04-14 23:12:55 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-04-14 23:12:55 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2015-04-14 23:12:55 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2015-04-14 23:12:55 ----A---- C:\windows\system32\msfeeds.dll
2015-04-14 23:12:55 ----A---- C:\windows\system32\dxtrans.dll
2015-04-14 23:12:54 ----A---- C:\windows\system32\iesetup.dll
2015-04-14 23:12:54 ----A---- C:\windows\system32\ieapfltr.dll
2015-04-14 23:12:53 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2015-04-14 23:12:53 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-04-14 23:12:53 ----A---- C:\windows\system32\iertutil.dll
2015-04-14 23:12:52 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-04-14 23:12:52 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-04-14 23:12:51 ----A---- C:\windows\system32\jsproxy.dll
2015-04-14 23:12:51 ----A---- C:\windows\system32\ieUnatt.exe
2015-04-14 23:12:50 ----A---- C:\windows\SYSWOW64\msrating.dll
2015-04-14 23:12:48 ----A---- C:\windows\system32\ieui.dll
2015-04-14 23:12:48 ----A---- C:\windows\system32\ieframe.dll
2015-04-14 23:12:48 ----A---- C:\windows\system32\dxtmsft.dll
2015-04-14 23:12:47 ----A---- C:\windows\system32\mshtmlmedia.dll
2015-04-14 23:12:47 ----A---- C:\windows\system32\mshtmled.dll
2015-04-14 23:12:47 ----A---- C:\windows\system32\jscript9diag.dll
2015-04-14 23:12:47 ----A---- C:\windows\system32\jscript9.dll
2015-04-14 23:12:46 ----A---- C:\windows\system32\wininet.dll
2015-04-14 23:12:46 ----A---- C:\windows\system32\vbscript.dll
2015-04-14 23:12:46 ----A---- C:\windows\system32\MshtmlDac.dll
2015-04-14 23:12:45 ----A---- C:\windows\system32\msrating.dll
2015-04-14 23:12:45 ----A---- C:\windows\system32\mshtml.dll
2015-04-14 23:11:28 ----A---- C:\windows\system32\clfs.sys
2015-04-14 23:11:27 ----A---- C:\windows\SYSWOW64\clfsw32.dll
2015-04-14 23:11:27 ----A---- C:\windows\system32\clfsw32.dll
2015-04-13 22:42:09 ----D---- C:\Users\vitek\AppData\Roaming\MPC-HC
2015-04-13 22:40:31 ----A---- C:\windows\system32\ff_vfw.dll
2015-04-13 22:40:27 ----A---- C:\windows\SYSWOW64\lagarith.dll
2015-04-13 22:40:27 ----A---- C:\windows\system32\lagarith.dll
2015-04-13 22:40:26 ----A---- C:\windows\SYSWOW64\x264vfw.dll
2015-04-13 22:40:26 ----A---- C:\windows\system32\xvidcore.dll
2015-04-13 22:40:26 ----A---- C:\windows\system32\x264vfw64.dll
2015-04-13 22:40:25 ----A---- C:\windows\SYSWOW64\xvidvfw.dll
2015-04-13 22:40:25 ----A---- C:\windows\SYSWOW64\xvidcore.dll
2015-04-13 22:40:25 ----A---- C:\windows\system32\xvidvfw.dll
2015-04-13 22:40:17 ----A---- C:\windows\SYSWOW64\ff_vfw.dll
2015-04-13 22:39:27 ----D---- C:\Users\vitek\AppData\Roaming\Media Player Classic
2015-04-09 22:11:11 ----SD---- C:\windows\SYSWOW64\GWX
2015-04-09 22:11:10 ----SD---- C:\windows\system32\GWX
2015-04-07 22:13:00 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-03-31 04:48:38 ----D---- C:\UpdateChromeLinksLogs
2015-03-31 04:48:28 ----A---- C:\windows\SYSWOW64\mfc71.dll
2015-03-31 04:48:27 ----A---- C:\windows\SYSWOW64\gdiplus.dll

======List of files/folders modified in the last 1 month======

2015-04-18 16:58:35 ----D---- C:\windows\Temp
2015-04-18 16:58:31 ----RD---- C:\Program Files
2015-04-18 16:48:15 ----SHD---- C:\System Volume Information
2015-04-18 16:43:19 ----D---- C:\windows\System32
2015-04-18 16:43:19 ----D---- C:\windows\inf
2015-04-18 16:43:19 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-04-18 16:38:55 ----D---- C:\windows\system32\config
2015-04-18 16:36:11 ----A---- C:\windows\SYSWOW64\log.txt
2015-04-18 16:34:08 ----D---- C:\windows\system32\NDF
2015-04-15 22:48:09 ----D---- C:\windows\Microsoft.NET
2015-04-15 22:47:28 ----RSD---- C:\windows\assembly
2015-04-15 22:23:12 ----D---- C:\windows\AppCompat
2015-04-15 22:21:20 ----D---- C:\windows\SysWOW64
2015-04-15 22:21:11 ----D---- C:\windows\winsxs
2015-04-15 22:21:03 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2015-04-15 22:18:57 ----D---- C:\windows\Prefetch
2015-04-15 03:43:36 ----D---- C:\Windows
2015-04-15 03:43:22 ----HD---- C:\Config.Msi
2015-04-15 03:43:22 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-15 03:39:03 ----SD---- C:\windows\system32\CompatTel
2015-04-15 03:39:03 ----D---- C:\windows\SYSWOW64\cs-CZ
2015-04-15 03:39:03 ----D---- C:\windows\system32\cs-CZ
2015-04-15 03:39:02 ----D---- C:\windows\system32\wbem
2015-04-15 03:39:02 ----D---- C:\windows\system32\appraiser
2015-04-15 03:39:02 ----D---- C:\windows\AppPatch
2015-04-15 03:38:55 ----D---- C:\windows\system32\drivers
2015-04-15 03:38:53 ----D---- C:\Program Files\Internet Explorer
2015-04-15 03:38:52 ----D---- C:\windows\SYSWOW64\en-US
2015-04-15 03:38:50 ----D---- C:\windows\system32\en-US
2015-04-15 03:38:42 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-15 03:19:38 ----SHD---- C:\windows\Installer
2015-04-15 03:19:37 ----D---- C:\ProgramData\Microsoft Help
2015-04-15 03:18:14 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2015-04-15 03:14:27 ----RD---- C:\Program Files (x86)\Skype
2015-04-15 03:14:26 ----D---- C:\Program Files (x86)\Common Files
2015-04-15 03:14:20 ----D---- C:\ProgramData\Skype
2015-04-15 03:13:08 ----D---- C:\windows\system32\MRT
2015-04-15 03:05:52 ----D---- C:\windows\debug
2015-04-15 03:05:48 ----A---- C:\windows\system32\MRT.exe
2015-04-14 23:05:17 ----D---- C:\windows\system32\catroot2
2015-04-14 22:43:40 ----D---- C:\Users\vitek\AppData\Roaming\HpUpdate
2015-04-13 22:41:05 ----D---- C:\windows\system32\Tasks
2015-04-13 22:40:19 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2015-04-12 20:43:38 ----D---- C:\windows\system32\FxsTmp
2015-04-10 00:48:41 ----D---- C:\windows\rescache
2015-04-09 22:11:57 ----D---- C:\windows\Logs
2015-04-08 21:55:02 ----RD---- C:\Program Files (x86)
2015-04-01 21:23:18 ----D---- C:\windows\SYSWOW64\Dism
2015-04-01 21:23:18 ----D---- C:\Program Files\Windows Media Player
2015-04-01 21:23:18 ----D---- C:\Program Files (x86)\Windows Media Player
2015-04-01 21:23:14 ----D---- C:\windows\system32\Dism
2015-04-01 21:23:10 ----D---- C:\windows\system32\CodeIntegrity
2015-04-01 21:23:10 ----D---- C:\windows\system32\Boot
2015-03-31 04:54:59 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar
2015-03-31 04:53:35 ----D---- C:\Program Files (x86)\DsNET Corp
2015-03-31 04:52:59 ----SD---- C:\ProgramData\Microsoft
2015-03-31 04:52:59 ----D---- C:\Program Files (x86)\Microsoft
2015-03-31 04:50:54 ----D---- C:\windows\system32\appmgmt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 30008]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-03-04 540696]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SafeBoot;SafeBoot; C:\windows\system32\drivers\SafeBoot.sys [2009-12-16 56648]
R0 SbAlg;SbAlg; C:\windows\system32\drivers\SbAlg.sys [2009-06-04 60160]
R0 SbFsLock;SbFsLock; C:\windows\system32\drivers\SbFsLock.sys [2009-12-16 15688]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2010-11-05 834544]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2009-12-16 58184]
R2 epfwwfpr;epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [2014-10-10 158968]
R2 lirsgt;lirsgt; C:\windows\system32\DRIVERS\lirsgt.sys [2010-11-05 43168]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 41272]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-11-02 1209856]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2009-12-04 32640]
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-16 25912]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-02-20 10300800]
R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\windows\system32\DRIVERS\netr28x.sys [2010-06-29 931168]
R3 rtsuvc;HP Webcam [2 MP Fixed]; C:\windows\system32\DRIVERS\rtsuvc.sys [2009-12-22 89216]
R3 STHDA;IDT High Definition Audio CODEC; C:\windows\system32\DRIVERS\stwrt64.sys [2010-03-17 505856]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-06-04 1379376]
S2 atksgt;atksgt; C:\windows\system32\DRIVERS\atksgt.sys [2010-11-17 311968]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btmaudio;Motorola Bluetooth Audio Service; C:\windows\system32\drivers\btmaud.sys [2010-05-20 42496]
S3 BTMCOM;Bluetooth Serial Port; C:\windows\System32\Drivers\btmcom.sys [2010-04-10 52736]
S3 BTMUSB;Motorola Bluetooth Radio Service; C:\windows\System32\Drivers\btmusb.sys [2010-06-29 3232768]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2009-10-21 40760]
S3 dot4;MS IEEE-1284.4 Driver; C:\windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\windows\system32\drivers\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 FTDIBUS;USB Serial Converter Driver; C:\windows\system32\drivers\ftdibus.sys [2014-01-31 94704]
S3 FTSER2K;USB Serial Port Driver; C:\windows\system32\drivers\ftser2k.sys [2014-10-21 79872]
S3 GT72NDISIPXP;GT 72 IP NDIS; C:\windows\system32\DRIVERS\Gt51Ip.sys [2009-05-26 124928]
S3 GT72UBUS;GT 72 U BUS; C:\windows\system32\DRIVERS\gt72ubus.sys [2009-05-26 80896]
S3 GTPTSER;GT PT SER; C:\windows\system32\DRIVERS\gtptser.sys [2009-05-26 10624]
S3 HTCAND64;HTC Device Driver; C:\windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\windows\system32\DRIVERS\htcnprot.sys [2012-12-07 36928]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys [2009-07-23 116992]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-11-11 232480]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-01-13 325152]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-29 33280]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 AESTFilters;Andrea ST Filters Service; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [2009-03-03 89600]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-11-02 16896]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2010-05-20 677128]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2009-11-25 462088]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-10-01 1349576]
R2 FileOpenManagerSvc;FileOpen Manager Service; C:\Program Files\FileOpen\Services\FileOpenManagerSvc64.exe [2012-04-30 334720]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-07-01 121344]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2012-05-02 164864]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-06-19 103992]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [2010-05-10 90112]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-06-25 92216]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2009-12-16 281192]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-12-12 297984]
R2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\windows\system32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2009-07-08 30520]
R2 HTCMonitorService;HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2014-08-04 87368]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-11-04 268824]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2009-10-23 635416]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 STacSV;Audio Service; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe [2010-03-17 244736]
R2 uArcCapture;ArcCapture; C:\windows\system\uArcCapture.exe [2009-12-04 506472]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
R3 Bluetooth Device Manager;Bluetooth Device Manager; C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2010-06-29 4181256]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2010-05-20 1096968]
R3 DEBridge;DEBridge; c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [2009-12-16 704512]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-05-16 1432400]
R3 hpqcxs08;hpqcxs08; C:\windows\system32\svchost.exe [2009-07-14 27136]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2010-06-25 665656]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 DatamngrCoordinator;Datamngr Coordinator; C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S2 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2009-11-19 36864]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2009-12-14 2019120]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15 268464]
S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2009-11-17 362040]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-09-10 647680]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-26 194032]
S3 HP DS Service;HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [2011-10-17 13824]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-07 148080]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Zdravím, v Plánovači úloh zakaž Google Update bude to tam vícekrát.


Přes Start >> Všechny programy >> Příslušenství >> Spustit >> napiš - services.msc >> Enter. Najdi službu :

Služba Google Update (gupdate)
Služba Google Update (gupdatem)
Google Software Updater
LightScribeService Direct Disc Labeling Service
NBService - Nero AG
NMIndexingService - Nero AG
Skype Updater

dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.


Stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

# AdwCleaner v4.201 - Log vytvořen 18/04/2015 v 17:54:06
# Aktualizováno 08/04/2015 by Xplode
# Databáze : 2015-04-18.3 [Server]
# Operační system : Windows 7 Professional Service Pack 1 (x64)
# Uživatelské jméno : vitek - NB_MIKA
# Spuštěno z : C:\Users\vitek\Desktop\adwcleaner_4.201.exe
# Nastavení : Čištění

***** [ Služby ] *****

[#] Služba Smazáno : DatamngrCoordinator

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\apn
Složka Smazáno : C:\ProgramData\Ask
Složka Smazáno : C:\Program Files (x86)\DAEMON Tools Toolbar
Složka Smazáno : C:\Program Files (x86)\Movies Toolbar
Složka Smazáno : C:\Program Files\Zrychleni Pocitace
Složka Smazáno : C:\Users\mmika\AppData\LocalLow\ilividmoviestoolbardla
Složka Smazáno : C:\Users\mmika\AppData\Roaming\Mozilla\Firefox\Profiles\d2rivpp9.default\Extensions\{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}
Složka Smazáno : C:\Users\mmika\AppData\Roaming\Mozilla\Firefox\Profiles\d2rivpp9.default\Extensions\DTToolbar@toolbarnet.com
Složka Smazáno : C:\Users\vitek\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
Složka Smazáno : C:\Users\vitek\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aaaalipaokhkccgmgkdglfinfnfhflko
Soubor Smazáno : C:\Users\vitek\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_cmaiofennmphjldldcpphcechfnnohja_0.localstorage
Soubor Smazáno : C:\Users\vitek\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_aaaalipaokhkccgmgkdglfinfnfhflko_0.localstorage
Soubor Smazáno : C:\Users\mmika\AppData\Roaming\Mozilla\Firefox\Profiles\d2rivpp9.default\searchplugins\Ask.xml
Soubor Smazáno : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Ask.xml
Soubor Smazáno : C:\Users\mmika\AppData\Roaming\Mozilla\Firefox\Profiles\d2rivpp9.default\searchplugins\Askcom.xml
Soubor Smazáno : C:\Users\mmika\AppData\Roaming\Mozilla\Firefox\Profiles\d2rivpp9.default\searchplugins\daemon-search.xml

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Hodnota Smazáno : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Hodnota Smazáno : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Hodnota Smazáno : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Hodnota Smazáno : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}
Hodnota Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Klíč Smazáno : HKLM\SOFTWARE\DataMngr
Klíč Smazáno : HKLM\SOFTWARE\DeviceVM
Klíč Smazáno : HKU\.DEFAULT\Software\AskPartnerNetwork
Klíč Smazáno : [x64] HKLM\SOFTWARE\DeviceVM
Data Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\Wincert\WIN32C~1.DLL
Data Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\MOVIES~1\Datamngr\mgrldr.dll
Data Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\Wincert\WIN64C~1.DLL
Data Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\MOVIES~1\Datamngr\x64\mgrldr.dll

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17728


-\\ Mozilla Firefox v37.0.1 (x86 cs)

[d2rivpp9.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.defaultengine", "Ask.com");
[d2rivpp9.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.order.1", "Ask.com");
[d2rivpp9.default\prefs.js] - Řádek Smazáno : user_pref("extensions.enabledAddons", "DivXWebPlayer%40divx.com:2.0.2.039,movableAppButton%40Merci.chao:1.4,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0.3");
[d2rivpp9.default\prefs.js] - Řádek Smazáno : user_pref("extensions.enabledItems", "otis@digitalpersona.com:5.0.0.4191,{3112ca9c-de6d-4884-a869-9855de68056c}:7.1.20101113Wb1,bkmrksync@nokia.com:1.0.0.732,DTToolbar@toolbarnet.com:1.1.2.0185,{CAFEE[...]

-\\ Comodo Dragon v

[C:\Users\vitek\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://search.ask.com/web?o=APN10257&doi=2015-01-06&apn_dtid=%5ECMD011%5EYY%5EUS&apn_ptnrs=%5EAGO&q={searchTerms}
[C:\Users\vitek\AppData\Local\Comodo\Dragon\User Data\Default\Preferences] - Smazáno [Extension] : cmaiofennmphjldldcpphcechfnnohja
[C:\Users\vitek\AppData\Local\Comodo\Dragon\User Data\Default\Preferences] - Smazáno [Extension] : aaaalipaokhkccgmgkdglfinfnfhflko

*************************

AdwCleaner[R0].txt - [5504 bytů] - [18/04/2015 17:51:46]
AdwCleaner[S0].txt - [5227 bytů] - [18/04/2015 17:54:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5285 bytů] ##########

ComboFix se mi bohužel nespustil. Rozbalil se a toť vše...

Už se povedlo...


ComboFix 15-04-16.01 - vitek 18.04.2015 18:09:48.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2927.1183 [GMT 2:00]
Spuštěný z: c:\users\vitek\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET NOD32 Antivirus 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\AB25D1C33C.sys
c:\windows\SysWow64\tmp20BB.tmp
c:\windows\SysWow64\tmp5CB0.tmp
c:\windows\SysWow64\tmp5CC0.tmp
c:\windows\SysWow64\tmpF95D.tmp
c:\windows\SysWow64\tmpF95E.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-03-18 do 2015-04-18 )))))))))))))))))))))))))))))))
.
.
2015-04-18 15:51 . 2015-04-18 15:54 -------- d-----w- C:\AdwCleaner
2015-04-18 14:58 . 2015-04-18 14:59 -------- d-----w- C:\rsit
2015-04-18 14:58 . 2015-04-18 14:59 -------- d-----w- c:\program files\trend micro
2015-04-18 14:48 . 2015-03-14 10:02 12002392 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5DD0F972-7E33-4395-B99B-285A6FD7C272}\mpengine.dll
2015-04-15 01:14 . 2015-04-15 01:14 -------- d-----w- c:\program files (x86)\Common Files\Skype
2015-04-14 21:36 . 2015-04-14 21:36 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2015-04-14 21:14 . 2015-03-17 05:22 5557696 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-04-14 21:13 . 2015-03-10 03:25 1882624 ----a-w- c:\windows\system32\msxml3.dll
2015-04-14 21:11 . 2015-03-04 04:55 367552 ----a-w- c:\windows\system32\clfs.sys
2015-04-14 21:11 . 2015-03-04 04:41 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-04-14 21:11 . 2015-03-04 04:10 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2015-04-13 20:42 . 2015-04-13 20:42 -------- d-----w- c:\users\vitek\AppData\Roaming\MPC-HC
2015-04-13 20:40 . 2015-02-18 18:00 127488 ----a-w- c:\windows\system32\ff_vfw.dll
2015-04-13 20:40 . 2011-12-07 18:37 148992 ----a-w- c:\windows\system32\lagarith.dll
2015-04-13 20:40 . 2011-12-07 18:32 216064 ----a-w- c:\windows\SysWow64\lagarith.dll
2015-04-13 20:40 . 2014-12-21 13:58 3570688 ----a-w- c:\windows\system32\x264vfw64.dll
2015-04-13 20:40 . 2014-12-21 13:57 3588608 ----a-w- c:\windows\SysWow64\x264vfw.dll
2015-04-13 20:40 . 2014-12-04 22:56 729088 ----a-w- c:\windows\system32\xvidcore.dll
2015-04-13 20:40 . 2014-12-04 22:55 655872 ----a-w- c:\windows\SysWow64\xvidcore.dll
2015-04-13 20:40 . 2014-11-14 14:12 254976 ----a-w- c:\windows\system32\xvidvfw.dll
2015-04-13 20:40 . 2014-11-14 14:11 240128 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2015-04-13 20:40 . 2012-07-21 11:55 180736 ----a-w- c:\windows\system32\ac3acm.acm
2015-04-13 20:40 . 2012-07-21 11:54 122880 ----a-w- c:\windows\SysWow64\ac3acm.acm
2015-04-13 20:40 . 2015-02-18 18:00 112640 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2015-04-13 20:39 . 2015-04-13 20:39 -------- d-----w- c:\users\vitek\AppData\Roaming\Media Player Classic
2015-04-11 20:56 . 2015-04-11 20:56 -------- d-----w- c:\users\vitek\AppData\Local\ESET
2015-04-09 20:11 . 2015-04-09 20:11 -------- d-s---w- c:\windows\SysWow64\GWX
2015-04-09 20:11 . 2015-04-09 20:12 -------- d-s---w- c:\windows\system32\GWX
2015-03-31 02:48 . 2015-03-31 02:48 -------- d-----w- C:\UpdateChromeLinksLogs
2015-03-31 02:48 . 2015-03-31 02:48 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2015-03-31 02:48 . 2015-03-31 02:48 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2015-03-30 18:24 . 2015-03-30 18:25 -------- d-----w- c:\users\vitek\Stavby
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-15 20:21 . 2012-04-01 11:05 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-15 20:21 . 2011-05-13 10:26 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-04-15 01:05 . 2010-09-17 10:09 128913832 ----a-w- c:\windows\system32\MRT.exe
2015-03-17 05:16 . 2015-04-14 21:14 341504 ----a-w- c:\windows\system32\schannel.dll
2015-03-17 04:57 . 2015-04-14 21:14 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-03-17 04:56 . 2015-04-14 21:14 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-02-26 03:25 . 2015-03-16 03:56 3204096 ----a-w- c:\windows\system32\win32k.sys
2015-02-24 02:17 . 2010-09-17 10:18 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-02-20 04:41 . 2015-03-16 04:00 41984 ----a-w- c:\windows\system32\lpk.dll
2015-02-20 04:40 . 2015-03-16 04:00 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-02-20 04:40 . 2015-03-16 04:00 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-02-20 04:40 . 2015-03-16 04:00 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-02-20 04:13 . 2015-03-16 04:00 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-02-20 04:13 . 2015-03-16 04:00 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-02-20 04:13 . 2015-03-16 04:00 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-02-20 04:12 . 2015-03-16 04:00 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-02-20 03:29 . 2015-03-16 04:00 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-02-20 03:09 . 2015-03-16 04:00 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-02-17 14:04 . 2015-02-17 14:04 1202848 ----a-w- c:\windows\SysWow64\FM20.DLL
2015-02-13 05:22 . 2015-03-16 03:57 14177280 ----a-w- c:\windows\system32\shell32.dll
2015-02-04 10:23 . 2015-02-04 10:23 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2015-02-04 10:13 . 2015-02-04 10:13 869536 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-02-04 03:16 . 2015-03-16 03:54 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2015-02-04 02:54 . 2015-03-16 03:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2015-02-03 03:34 . 2015-03-16 03:59 693176 ----a-w- c:\windows\system32\winload.efi
2015-02-03 03:34 . 2015-03-16 03:59 94656 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-02-03 03:33 . 2015-03-16 03:59 616360 ----a-w- c:\windows\system32\winresume.efi
2015-02-03 03:31 . 2015-03-16 03:59 14632960 ----a-w- c:\windows\system32\wmp.dll
2015-02-03 03:31 . 2015-03-16 03:59 782848 ----a-w- c:\windows\system32\wmdrmsdk.dll
2015-02-03 03:31 . 2015-03-16 03:59 229376 ----a-w- c:\windows\system32\wintrust.dll
2015-02-03 03:31 . 2015-03-16 03:56 1424896 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-03 03:31 . 2015-03-16 03:57 215552 ----a-w- c:\windows\system32\ubpm.dll
2015-02-03 03:31 . 2015-03-16 03:59 5120 ----a-w- c:\windows\system32\msdxm.ocx
2015-02-03 03:31 . 2015-03-16 03:59 5120 ----a-w- c:\windows\system32\dxmasf.dll
2015-02-03 03:31 . 2015-03-16 03:59 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-02-03 03:31 . 2015-03-16 03:59 1574400 ----a-w- c:\windows\system32\quartz.dll
2015-02-03 03:31 . 2015-03-16 03:59 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
2015-02-03 03:31 . 2015-03-16 03:59 371712 ----a-w- c:\windows\system32\qdvd.dll
2015-02-03 03:31 . 2015-03-16 03:59 188416 ----a-w- c:\windows\system32\pcasvc.dll
2015-02-03 03:31 . 2015-03-16 03:59 37376 ----a-w- c:\windows\system32\pcadm.dll
2015-02-03 03:31 . 2015-03-16 03:59 9728 ----a-w- c:\windows\system32\spwmp.dll
2015-02-03 03:31 . 2015-03-16 03:59 641024 ----a-w- c:\windows\system32\msscp.dll
2015-02-03 03:31 . 2015-03-16 03:59 325632 ----a-w- c:\windows\system32\msnetobj.dll
2015-02-03 03:31 . 2015-03-16 03:59 11264 ----a-w- c:\windows\system32\msmmsp.dll
2015-02-03 03:31 . 2015-03-16 03:59 432128 ----a-w- c:\windows\system32\mfplat.dll
2015-02-03 03:31 . 2015-03-16 03:59 4121600 ----a-w- c:\windows\system32\mf.dll
2015-02-03 03:31 . 2015-03-16 03:59 206848 ----a-w- c:\windows\system32\mfps.dll
2015-02-03 03:30 . 2015-03-16 03:59 631808 ----a-w- c:\windows\system32\evr.dll
2015-02-03 03:30 . 2015-03-16 03:59 284672 ----a-w- c:\windows\system32\EncDump.dll
2015-02-03 03:30 . 2015-03-16 03:59 1202176 ----a-w- c:\windows\system32\drmv2clt.dll
2015-02-03 03:30 . 2015-03-16 03:59 497664 ----a-w- c:\windows\system32\drmmgrtn.dll
2015-02-03 03:30 . 2015-03-16 03:59 1480192 ----a-w- c:\windows\system32\crypt32.dll
2015-02-03 03:30 . 2015-03-16 03:59 1069056 ----a-w- c:\windows\system32\cryptui.dll
2015-02-03 03:30 . 2015-03-16 03:59 82432 ----a-w- c:\windows\system32\cryptsp.dll
2015-02-03 03:30 . 2015-03-16 03:59 140288 ----a-w- c:\windows\system32\cryptnet.dll
2015-02-03 03:30 . 2015-03-16 03:59 187904 ----a-w- c:\windows\system32\cryptsvc.dll
2015-02-03 03:30 . 2015-03-16 03:59 842240 ----a-w- c:\windows\system32\blackbox.dll
2015-02-03 03:30 . 2015-03-16 03:59 680960 ----a-w- c:\windows\system32\audiosrv.dll
2015-02-03 03:30 . 2015-03-16 03:59 296448 ----a-w- c:\windows\system32\AudioSes.dll
2015-02-03 03:30 . 2015-03-16 03:59 440832 ----a-w- c:\windows\system32\AudioEng.dll
2015-02-03 03:30 . 2015-03-16 03:59 32256 ----a-w- c:\windows\system32\appidsvc.dll
2015-02-03 03:30 . 2015-03-16 03:59 58880 ----a-w- c:\windows\system32\appidapi.dll
2015-02-03 03:30 . 2015-03-16 03:59 55808 ----a-w- c:\windows\system32\rrinstaller.exe
2015-02-03 03:30 . 2015-03-16 03:59 9728 ----a-w- c:\windows\system32\pcalua.exe
2015-02-03 03:30 . 2015-03-16 03:59 11264 ----a-w- c:\windows\system32\pcawrk.exe
2015-02-03 03:30 . 2015-03-16 03:59 24576 ----a-w- c:\windows\system32\mfpmp.exe
2015-02-03 03:30 . 2015-03-16 03:59 126464 ----a-w- c:\windows\system32\audiodg.exe
2015-02-03 03:30 . 2015-03-16 03:59 146944 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-02-03 03:30 . 2015-03-16 03:59 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2015-02-03 03:30 . 2015-03-16 03:59 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2015-02-03 03:29 . 2015-03-16 03:59 8704 ----a-w- c:\windows\system32\pcaevts.dll
2015-02-03 03:28 . 2015-03-16 03:59 2048 ----a-w- c:\windows\system32\mferror.dll
2015-02-03 03:19 . 2015-03-16 03:59 663552 ----a-w- c:\windows\system32\drivers\PEAuth.sys
2015-02-03 03:12 . 2015-03-16 03:59 617984 ----a-w- c:\windows\SysWow64\wmdrmsdk.dll
2015-02-03 03:12 . 2015-03-16 03:59 179200 ----a-w- c:\windows\SysWow64\wintrust.dll
2015-02-03 03:12 . 2015-03-16 03:56 1230848 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2015-02-03 03:12 . 2015-03-16 03:57 171520 ----a-w- c:\windows\SysWow64\ubpm.dll
2015-02-03 03:12 . 2015-03-16 03:59 4096 ----a-w- c:\windows\SysWow64\msdxm.ocx
2015-02-03 03:12 . 2015-03-16 03:59 4096 ----a-w- c:\windows\SysWow64\dxmasf.dll
2015-02-03 03:12 . 2015-03-16 03:59 1329664 ----a-w- c:\windows\SysWow64\quartz.dll
2015-02-03 03:12 . 2015-03-16 03:59 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2015-02-03 03:12 . 2015-03-16 03:59 442880 ----a-w- c:\windows\SysWow64\AUDIOKSE.dll
2015-02-03 03:12 . 2015-03-16 03:59 8192 ----a-w- c:\windows\SysWow64\spwmp.dll
2015-02-03 03:12 . 2015-03-16 03:59 504320 ----a-w- c:\windows\SysWow64\msscp.dll
2015-02-03 03:12 . 2015-03-16 03:59 265216 ----a-w- c:\windows\SysWow64\msnetobj.dll
2015-02-03 03:12 . 2015-03-16 03:59 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2015-02-03 03:12 . 2015-03-16 03:59 354816 ----a-w- c:\windows\SysWow64\mfplat.dll
2015-02-03 03:12 . 2015-03-16 03:59 103424 ----a-w- c:\windows\SysWow64\mfps.dll
2015-02-03 03:12 . 2015-03-16 03:59 489984 ----a-w- c:\windows\SysWow64\evr.dll
2015-02-03 03:12 . 2015-03-16 03:59 988160 ----a-w- c:\windows\SysWow64\drmv2clt.dll
2015-02-03 03:12 . 2015-03-16 03:59 406016 ----a-w- c:\windows\SysWow64\drmmgrtn.dll
2015-02-03 03:12 . 2015-03-16 03:59 1174528 ----a-w- c:\windows\SysWow64\crypt32.dll
2015-02-03 03:12 . 2015-03-16 03:59 81408 ----a-w- c:\windows\SysWow64\cryptsp.dll
2015-02-03 03:12 . 2015-03-16 03:59 1005056 ----a-w- c:\windows\SysWow64\cryptui.dll
2015-02-03 03:12 . 2015-03-16 03:59 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2015-02-03 03:12 . 2015-03-16 03:59 143872 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2015-02-03 03:12 . 2015-03-16 03:59 744960 ----a-w- c:\windows\SysWow64\blackbox.dll
2015-02-03 03:12 . 2015-03-16 03:59 374784 ----a-w- c:\windows\SysWow64\AudioEng.dll
2015-02-03 03:12 . 2015-03-16 03:59 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2015-02-03 03:12 . 2015-03-16 03:59 195584 ----a-w- c:\windows\SysWow64\AudioSes.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files (x86)\CCleaner\CCleaner64.exe" [2015-02-19 7416088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-03-01 256056]
"MobileBroadband"="c:\program files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe" [2014-03-03 77824]
"VmbNotifier"="c:\program files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbNotifier.exe" [2014-03-03 1893888]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2014-11-28 193568]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"StatusAlerts"="c:\program files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" [2012-07-18 313248]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
.
c:\users\mmika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Total Commander (2).lnk - c:\totalcmd\TOTALCMD.EXE [2010-9-20 1091768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2009-11-17 21:39 75320 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [x]
R2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
R3 btmaudio;Motorola Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys;c:\windows\SYSNATIVE\Drivers\btmcom.sys [x]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys;c:\windows\SYSNATIVE\Drivers\btmusb.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\DRIVERS\Gt51Ip.sys;c:\windows\SYSNATIVE\DRIVERS\Gt51Ip.sys [x]
R3 GT72UBUS;GT 72 U BUS;c:\windows\system32\DRIVERS\gt72ubus.sys;c:\windows\SYSNATIVE\DRIVERS\gt72ubus.sys [x]
R3 HP DS Service;HP DS Service;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 RsvLock;RsvLock; [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe;c:\program files\Motorola\Bluetooth\obexsrv.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 FileOpenManagerSvc;FileOpen Manager Service;c:\program files\FileOpen\Services\FileOpenManagerSvc64.exe;c:\program files\FileOpen\Services\FileOpenManagerSvc64.exe [x]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe;c:\program files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 uArcCapture;ArcCapture;c:\windows\system\uArcCapture.exe;c:\windows\system\uArcCapture.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VmbService;Vodafone Mobile Connect Service;c:\program files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe;c:\program files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe;c:\program files\Motorola\Bluetooth\audiosrv.exe [x]
S3 DEBridge;DEBridge;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [x]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 rtsuvc;HP Webcam [2 MP Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - FileOpenWebPublisherScreenHookDriver
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 19:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-04-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 20:21]
.
2015-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-30 18:50]
.
2015-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf90387d9f3f53.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-30 18:50]
.
2015-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA1d040f3849fb5e2.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-30 18:50]
.
2015-04-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3971195940-4199620227-2441741472-1203Core.job
- c:\users\mmika\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-30 07:27]
.
2015-04-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3971195940-4199620227-2441741472-1203UA.job
- c:\users\mmika\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-30 07:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" [2010-06-18 1691192]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-05 8192]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-03-24 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-03-24 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-03-24 410648]
"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2010-06-10 24783624]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2014-10-01 5595336]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\vitek\AppData\Roaming\Mozilla\Firefox\Profiles\tn50ozrr.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-{FC17E0A7-EAA9-4902-92F8-C83B9FD02246} - c:\program files (x86)\InstallShield Installation Information\{FC17E0A7-EAA9-4902-92F8-C83B9FD02246}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-04-18 18:24:32
ComboFix-quarantined-files.txt 2015-04-18 16:24
.
Před spuštěním: Volných bajtů: 119 165 743 104
Po spuštění: Volných bajtů: 118 681 071 616
.
- - End Of File - - 7440F6828867C93EF4C7E6A1D6B4010F

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:
ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci


Stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:
klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem zkopíruj obsah logu uloženého na C:\_OTMoveIt\MovedFiles\

Odinstaloval jsem ještě pár zbytečných programů...




ComboFix 15-04-16.01 - vitek 19.04.2015 21:19:37.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2927.1658 [GMT 2:00]
Spuštěný z: c:\users\vitek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\vitek\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET NOD32 Antivirus 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-03-19 do 2015-04-19 )))))))))))))))))))))))))))))))
.
.
2015-04-19 19:28 . 2015-04-19 19:28 -------- d-----w- c:\users\user\AppData\Local\temp
2015-04-19 19:28 . 2015-04-19 19:28 -------- d-----w- c:\users\mmika\AppData\Local\temp
2015-04-19 19:28 . 2015-04-19 19:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-04-19 19:28 . 2015-04-19 19:28 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2015-04-19 19:28 . 2015-04-19 19:28 -------- d-----w- c:\users\administrator.PB-SCOM\AppData\Local\temp
2015-04-18 16:20 . 2015-04-18 16:20 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5DD0F972-7E33-4395-B99B-285A6FD7C272}\offreg.dll
2015-04-18 15:51 . 2015-04-18 15:54 -------- d-----w- C:\AdwCleaner
2015-04-18 14:58 . 2015-04-18 14:59 -------- d-----w- C:\rsit
2015-04-18 14:58 . 2015-04-18 14:59 -------- d-----w- c:\program files\trend micro
2015-04-18 14:48 . 2015-03-14 10:02 12002392 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5DD0F972-7E33-4395-B99B-285A6FD7C272}\mpengine.dll
2015-04-14 21:36 . 2015-04-14 21:36 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2015-04-14 21:14 . 2015-03-17 05:22 5557696 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-04-14 21:13 . 2015-03-10 03:25 1882624 ----a-w- c:\windows\system32\msxml3.dll
2015-04-14 21:11 . 2015-03-04 04:55 367552 ----a-w- c:\windows\system32\clfs.sys
2015-04-14 21:11 . 2015-03-04 04:41 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-04-14 21:11 . 2015-03-04 04:10 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2015-04-13 20:42 . 2015-04-13 20:42 -------- d-----w- c:\users\vitek\AppData\Roaming\MPC-HC
2015-04-13 20:40 . 2015-02-18 18:00 127488 ----a-w- c:\windows\system32\ff_vfw.dll
2015-04-13 20:40 . 2011-12-07 18:37 148992 ----a-w- c:\windows\system32\lagarith.dll
2015-04-13 20:40 . 2011-12-07 18:32 216064 ----a-w- c:\windows\SysWow64\lagarith.dll
2015-04-13 20:40 . 2014-12-21 13:58 3570688 ----a-w- c:\windows\system32\x264vfw64.dll
2015-04-13 20:40 . 2014-12-21 13:57 3588608 ----a-w- c:\windows\SysWow64\x264vfw.dll
2015-04-13 20:40 . 2014-12-04 22:56 729088 ----a-w- c:\windows\system32\xvidcore.dll
2015-04-13 20:40 . 2014-12-04 22:55 655872 ----a-w- c:\windows\SysWow64\xvidcore.dll
2015-04-13 20:40 . 2014-11-14 14:12 254976 ----a-w- c:\windows\system32\xvidvfw.dll
2015-04-13 20:40 . 2014-11-14 14:11 240128 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2015-04-13 20:40 . 2012-07-21 11:55 180736 ----a-w- c:\windows\system32\ac3acm.acm
2015-04-13 20:40 . 2012-07-21 11:54 122880 ----a-w- c:\windows\SysWow64\ac3acm.acm
2015-04-13 20:40 . 2015-02-18 18:00 112640 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2015-04-13 20:39 . 2015-04-13 20:39 -------- d-----w- c:\users\vitek\AppData\Roaming\Media Player Classic
2015-04-11 20:56 . 2015-04-11 20:56 -------- d-----w- c:\users\vitek\AppData\Local\ESET
2015-04-09 20:11 . 2015-04-09 20:11 -------- d-s---w- c:\windows\SysWow64\GWX
2015-04-09 20:11 . 2015-04-09 20:12 -------- d-s---w- c:\windows\system32\GWX
2015-03-31 02:48 . 2015-03-31 02:48 -------- d-----w- C:\UpdateChromeLinksLogs
2015-03-31 02:48 . 2015-03-31 02:48 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2015-03-31 02:48 . 2015-03-31 02:48 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2015-03-30 18:24 . 2015-03-30 18:25 -------- d-----w- c:\users\vitek\Stavby
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-19 11:47 . 2013-05-10 05:48 5 ----a-w- c:\windows\SysWow64\lMMLDeleteUserData42107612FX.tmp
2015-04-15 20:21 . 2012-04-01 11:05 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-15 20:21 . 2011-05-13 10:26 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-04-15 01:05 . 2010-09-17 10:09 128913832 ----a-w- c:\windows\system32\MRT.exe
2015-03-17 05:16 . 2015-04-14 21:14 341504 ----a-w- c:\windows\system32\schannel.dll
2015-03-17 04:57 . 2015-04-14 21:14 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-03-17 04:56 . 2015-04-14 21:14 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-02-26 03:25 . 2015-03-16 03:56 3204096 ----a-w- c:\windows\system32\win32k.sys
2015-02-24 02:17 . 2010-09-17 10:18 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-02-20 04:41 . 2015-03-16 04:00 41984 ----a-w- c:\windows\system32\lpk.dll
2015-02-20 04:40 . 2015-03-16 04:00 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-02-20 04:40 . 2015-03-16 04:00 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-02-20 04:40 . 2015-03-16 04:00 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-02-20 04:13 . 2015-03-16 04:00 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-02-20 04:13 . 2015-03-16 04:00 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-02-20 04:13 . 2015-03-16 04:00 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-02-20 04:12 . 2015-03-16 04:00 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-02-20 03:29 . 2015-03-16 04:00 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-02-20 03:09 . 2015-03-16 04:00 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-02-17 14:04 . 2015-02-17 14:04 1202848 ----a-w- c:\windows\SysWow64\FM20.DLL
2015-02-13 05:22 . 2015-03-16 03:57 14177280 ----a-w- c:\windows\system32\shell32.dll
2015-02-04 10:23 . 2015-02-04 10:23 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2015-02-04 10:13 . 2015-02-04 10:13 869536 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-02-04 03:16 . 2015-03-16 03:54 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2015-02-04 02:54 . 2015-03-16 03:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2015-02-03 03:34 . 2015-03-16 03:59 693176 ----a-w- c:\windows\system32\winload.efi
2015-02-03 03:34 . 2015-03-16 03:59 94656 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-02-03 03:33 . 2015-03-16 03:59 616360 ----a-w- c:\windows\system32\winresume.efi
2015-02-03 03:31 . 2015-03-16 03:59 14632960 ----a-w- c:\windows\system32\wmp.dll
2015-02-03 03:31 . 2015-03-16 03:59 782848 ----a-w- c:\windows\system32\wmdrmsdk.dll
2015-02-03 03:31 . 2015-03-16 03:59 229376 ----a-w- c:\windows\system32\wintrust.dll
2015-02-03 03:31 . 2015-03-16 03:56 1424896 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-03 03:31 . 2015-03-16 03:57 215552 ----a-w- c:\windows\system32\ubpm.dll
2015-02-03 03:31 . 2015-03-16 03:59 5120 ----a-w- c:\windows\system32\msdxm.ocx
2015-02-03 03:31 . 2015-03-16 03:59 5120 ----a-w- c:\windows\system32\dxmasf.dll
2015-02-03 03:31 . 2015-03-16 03:59 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-02-03 03:31 . 2015-03-16 03:59 1574400 ----a-w- c:\windows\system32\quartz.dll
2015-02-03 03:31 . 2015-03-16 03:59 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
2015-02-03 03:31 . 2015-03-16 03:59 371712 ----a-w- c:\windows\system32\qdvd.dll
2015-02-03 03:31 . 2015-03-16 03:59 188416 ----a-w- c:\windows\system32\pcasvc.dll
2015-02-03 03:31 . 2015-03-16 03:59 37376 ----a-w- c:\windows\system32\pcadm.dll
2015-02-03 03:31 . 2015-03-16 03:59 9728 ----a-w- c:\windows\system32\spwmp.dll
2015-02-03 03:31 . 2015-03-16 03:59 641024 ----a-w- c:\windows\system32\msscp.dll
2015-02-03 03:31 . 2015-03-16 03:59 325632 ----a-w- c:\windows\system32\msnetobj.dll
2015-02-03 03:31 . 2015-03-16 03:59 11264 ----a-w- c:\windows\system32\msmmsp.dll
2015-02-03 03:31 . 2015-03-16 03:59 432128 ----a-w- c:\windows\system32\mfplat.dll
2015-02-03 03:31 . 2015-03-16 03:59 4121600 ----a-w- c:\windows\system32\mf.dll
2015-02-03 03:31 . 2015-03-16 03:59 206848 ----a-w- c:\windows\system32\mfps.dll
2015-02-03 03:30 . 2015-03-16 03:59 631808 ----a-w- c:\windows\system32\evr.dll
2015-02-03 03:30 . 2015-03-16 03:59 284672 ----a-w- c:\windows\system32\EncDump.dll
2015-02-03 03:30 . 2015-03-16 03:59 1202176 ----a-w- c:\windows\system32\drmv2clt.dll
2015-02-03 03:30 . 2015-03-16 03:59 497664 ----a-w- c:\windows\system32\drmmgrtn.dll
2015-02-03 03:30 . 2015-03-16 03:59 1480192 ----a-w- c:\windows\system32\crypt32.dll
2015-02-03 03:30 . 2015-03-16 03:59 1069056 ----a-w- c:\windows\system32\cryptui.dll
2015-02-03 03:30 . 2015-03-16 03:59 82432 ----a-w- c:\windows\system32\cryptsp.dll
2015-02-03 03:30 . 2015-03-16 03:59 140288 ----a-w- c:\windows\system32\cryptnet.dll
2015-02-03 03:30 . 2015-03-16 03:59 187904 ----a-w- c:\windows\system32\cryptsvc.dll
2015-02-03 03:30 . 2015-03-16 03:59 842240 ----a-w- c:\windows\system32\blackbox.dll
2015-02-03 03:30 . 2015-03-16 03:59 680960 ----a-w- c:\windows\system32\audiosrv.dll
2015-02-03 03:30 . 2015-03-16 03:59 296448 ----a-w- c:\windows\system32\AudioSes.dll
2015-02-03 03:30 . 2015-03-16 03:59 440832 ----a-w- c:\windows\system32\AudioEng.dll
2015-02-03 03:30 . 2015-03-16 03:59 32256 ----a-w- c:\windows\system32\appidsvc.dll
2015-02-03 03:30 . 2015-03-16 03:59 58880 ----a-w- c:\windows\system32\appidapi.dll
2015-02-03 03:30 . 2015-03-16 03:59 55808 ----a-w- c:\windows\system32\rrinstaller.exe
2015-02-03 03:30 . 2015-03-16 03:59 9728 ----a-w- c:\windows\system32\pcalua.exe
2015-02-03 03:30 . 2015-03-16 03:59 11264 ----a-w- c:\windows\system32\pcawrk.exe
2015-02-03 03:30 . 2015-03-16 03:59 24576 ----a-w- c:\windows\system32\mfpmp.exe
2015-02-03 03:30 . 2015-03-16 03:59 126464 ----a-w- c:\windows\system32\audiodg.exe
2015-02-03 03:30 . 2015-03-16 03:59 146944 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-02-03 03:30 . 2015-03-16 03:59 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2015-02-03 03:30 . 2015-03-16 03:59 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2015-02-03 03:29 . 2015-03-16 03:59 8704 ----a-w- c:\windows\system32\pcaevts.dll
2015-02-03 03:28 . 2015-03-16 03:59 2048 ----a-w- c:\windows\system32\mferror.dll
2015-02-03 03:19 . 2015-03-16 03:59 663552 ----a-w- c:\windows\system32\drivers\PEAuth.sys
2015-02-03 03:12 . 2015-03-16 03:59 617984 ----a-w- c:\windows\SysWow64\wmdrmsdk.dll
2015-02-03 03:12 . 2015-03-16 03:59 179200 ----a-w- c:\windows\SysWow64\wintrust.dll
2015-02-03 03:12 . 2015-03-16 03:56 1230848 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2015-02-03 03:12 . 2015-03-16 03:57 171520 ----a-w- c:\windows\SysWow64\ubpm.dll
2015-02-03 03:12 . 2015-03-16 03:59 4096 ----a-w- c:\windows\SysWow64\msdxm.ocx
2015-02-03 03:12 . 2015-03-16 03:59 4096 ----a-w- c:\windows\SysWow64\dxmasf.dll
2015-02-03 03:12 . 2015-03-16 03:59 1329664 ----a-w- c:\windows\SysWow64\quartz.dll
2015-02-03 03:12 . 2015-03-16 03:59 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2015-02-03 03:12 . 2015-03-16 03:59 442880 ----a-w- c:\windows\SysWow64\AUDIOKSE.dll
2015-02-03 03:12 . 2015-03-16 03:59 8192 ----a-w- c:\windows\SysWow64\spwmp.dll
2015-02-03 03:12 . 2015-03-16 03:59 504320 ----a-w- c:\windows\SysWow64\msscp.dll
2015-02-03 03:12 . 2015-03-16 03:59 265216 ----a-w- c:\windows\SysWow64\msnetobj.dll
2015-02-03 03:12 . 2015-03-16 03:59 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2015-02-03 03:12 . 2015-03-16 03:59 354816 ----a-w- c:\windows\SysWow64\mfplat.dll
2015-02-03 03:12 . 2015-03-16 03:59 103424 ----a-w- c:\windows\SysWow64\mfps.dll
2015-02-03 03:12 . 2015-03-16 03:59 489984 ----a-w- c:\windows\SysWow64\evr.dll
2015-02-03 03:12 . 2015-03-16 03:59 988160 ----a-w- c:\windows\SysWow64\drmv2clt.dll
2015-02-03 03:12 . 2015-03-16 03:59 406016 ----a-w- c:\windows\SysWow64\drmmgrtn.dll
2015-02-03 03:12 . 2015-03-16 03:59 1174528 ----a-w- c:\windows\SysWow64\crypt32.dll
2015-02-03 03:12 . 2015-03-16 03:59 81408 ----a-w- c:\windows\SysWow64\cryptsp.dll
2015-02-03 03:12 . 2015-03-16 03:59 1005056 ----a-w- c:\windows\SysWow64\cryptui.dll
2015-02-03 03:12 . 2015-03-16 03:59 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2015-02-03 03:12 . 2015-03-16 03:59 143872 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2015-02-03 03:12 . 2015-03-16 03:59 744960 ----a-w- c:\windows\SysWow64\blackbox.dll
2015-02-03 03:12 . 2015-03-16 03:59 374784 ----a-w- c:\windows\SysWow64\AudioEng.dll
2015-02-03 03:12 . 2015-03-16 03:59 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-03-01 256056]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"StatusAlerts"="c:\program files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" [2012-07-18 313248]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
.
c:\users\mmika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Total Commander (2).lnk - c:\totalcmd\TOTALCMD.EXE [2010-9-20 1091768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2009-11-17 21:39 75320 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [x]
R2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
R3 btmaudio;Motorola Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys;c:\windows\SYSNATIVE\Drivers\btmcom.sys [x]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys;c:\windows\SYSNATIVE\Drivers\btmusb.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\DRIVERS\Gt51Ip.sys;c:\windows\SYSNATIVE\DRIVERS\Gt51Ip.sys [x]
R3 GT72UBUS;GT 72 U BUS;c:\windows\system32\DRIVERS\gt72ubus.sys;c:\windows\SYSNATIVE\DRIVERS\gt72ubus.sys [x]
R3 HP DS Service;HP DS Service;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 RsvLock;RsvLock; [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe;c:\program files\Motorola\Bluetooth\obexsrv.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 FileOpenManagerSvc;FileOpen Manager Service;c:\program files\FileOpen\Services\FileOpenManagerSvc64.exe;c:\program files\FileOpen\Services\FileOpenManagerSvc64.exe [x]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe;c:\program files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 uArcCapture;ArcCapture;c:\windows\system\uArcCapture.exe;c:\windows\system\uArcCapture.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe;c:\program files\Motorola\Bluetooth\audiosrv.exe [x]
S3 DEBridge;DEBridge;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [x]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 rtsuvc;HP Webcam [2 MP Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - FileOpenWebPublisherScreenHookDriver
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 19:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-04-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 20:21]
.
2015-04-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3971195940-4199620227-2441741472-1203Core.job
- c:\users\mmika\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-30 07:27]
.
2015-04-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3971195940-4199620227-2441741472-1203UA.job
- c:\users\mmika\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-30 07:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" [2010-06-18 1691192]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-05 8192]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-03-24 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-03-24 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-03-24 410648]
"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2010-06-10 24783624]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2014-10-01 5595336]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\vitek\AppData\Roaming\Mozilla\Firefox\Profiles\tn50ozrr.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-{FC17E0A7-EAA9-4902-92F8-C83B9FD02246} - c:\program files (x86)\InstallShield Installation Information\{FC17E0A7-EAA9-4902-92F8-C83B9FD02246}\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2015-04-19 21:33:00
ComboFix-quarantined-files.txt 2015-04-19 19:33
ComboFix2.txt 2015-04-18 16:24
.
Před spuštěním: Volných bajtů: 130 528 014 336
Po spuštění: Volných bajtů: 129 835 167 744
.
- - End Of File - - B0BE08538118733051308D556011F9E0

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder c:\windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
File/Folder c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf90387d9f3f53.job not found.
File/Folder c:\windows\Tasks\GoogleUpdateTaskMachineUA1d040f3849fb5e2.job not found.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3971195940-4199620227-2441741472-1203Core.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3971195940-4199620227-2441741472-1203UA.job moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes

User: administrator.PB-SCOM
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 195 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: mmika
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 151959167 bytes
->Java cache emptied: 8355 bytes
->FireFox cache emptied: 69661955 bytes
->Google Chrome cache emptied: 10544844 bytes
->Flash cache emptied: 553 bytes

User: Public
->Temp folder emptied: 0 bytes

User: user
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 73099576 bytes
->Flash cache emptied: 405 bytes

User: vitek
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1310039 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 60820140 bytes
->Flash cache emptied: 707 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 5 bytes
%systemroot%\System32 (64bit) .tmp files removed: 1017856 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 14175122 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 753 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 95550 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 365.00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 04192015_213637

Files moved on Reboot...
C:\Users\vitek\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Znovu spusť OTMoveIt a nahoře v aplikaci klini na CleanUP!

tímto po sobě uklidí.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Pak dej vědět jak se PC chová.

Rozhodně se to zlepšilo... Děkuji za pomoc...

Není zač a