VIRY.CZ

Zdravím! nedávno jsem si chtěl stáhnout nějaké kodeky do wmp a k tomu se mi stáhl nijak divně pojmenovaný soubor a kodek vyžadoval jeho instalaci a tak když jsem začal instalovat a viděl co všecho se k tomu instaluje hned jsem to zrušil ale stejně se to nějak doinstalovalo tak jsem měl plno toolbaru v chromu nějaký crossbrowse nově jako vých. prohlížeč tak jsem to všechno poodstranil a v odinstalovat programy nebo změnit jsem to zkoušel ale všechno je to v čínštině tak jsem to všechno poklikal a nainstaloval se mi tam nějaký mgr který mám pořád na ploše který ukazuje asi zatížení procesoru... No tak jsem si stáhnul program Revo Uninstaller s kterým jsem to odinstaloval nějak jsem to poklikal no už to zmizlo odstranil jsem i zbytky ale pořád se nic nemění už jsem z toho fakt zoufalý

zde přikládám log z frst

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-06-2015
Ran by NoVaS (administrator) on NOVAS-PC on 25-06-2015 14:20:49
Running from C:\Users\NoVaS\Desktop
Loaded Profiles: NoVaS (Available Profiles: NoVaS)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCRTP.exe
(Beijing Rising Information Technology Co., Ltd.) C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe
(Beijing Rising Information Technology Co., Ltd.) C:\Program Files (x86)\Rising\RAV\ravmond.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Spotify Ltd) C:\Users\NoVaS\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Beijing Rising Information Technology Co., Ltd.) C:\Program Files (x86)\Rising\RSD\popwndexe.exe
(Google Inc.) C:\Users\NoVaS\AppData\Local\Google\Update\GoogleUpdate.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\plugins\QMNetMon\QQPCNetFlow.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\TAOFrame.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCRealTimeSpeedup.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\pmbxcrnmh.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\downloader.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1757520 2014-12-08] (Bitdefender)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1796056 2014-08-19] (NVIDIA Corporation)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCTRAY.EXE [355296 2015-06-25] (Tencent)
HKU\S-1-5-21-670821491-2823255400-4124354169-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-12-08] (Bitdefender)
HKU\S-1-5-21-670821491-2823255400-4124354169-1000\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-08-05] (Bitdefender)
HKU\S-1-5-21-670821491-2823255400-4124354169-1000\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2014-08-05] (Bitdefender)
HKU\S-1-5-21-670821491-2823255400-4124354169-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-670821491-2823255400-4124354169-1000\...\Run: [Spotify Web Helper] => C:\Users\NoVaS\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2023480 2015-06-18] (Spotify Ltd)
HKU\S-1-5-21-670821491-2823255400-4124354169-1000\...\Run: [Spotify] => C:\Users\NoVaS\AppData\Roaming\Spotify\Spotify.exe [7415864 2015-06-18] (Spotify Ltd)
HKU\S-1-5-21-670821491-2823255400-4124354169-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-670821491-2823255400-4124354169-1000\...\Run: [Google Update] => C:\Users\NoVaS\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-02-05] (Google Inc.)
HKU\S-1-5-21-670821491-2823255400-4124354169-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7799576 2015-05-15] (SUPERAntiSpyware)
HKU\S-1-5-21-670821491-2823255400-4124354169-1000\...\MountPoints2: {25038df8-5c4b-11e4-8905-001a4d80d4ee} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-12-08] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-08-05] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2014-08-05] (Bitdefender)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QMGCShellExt64.dll [2015-04-07] (Tencent)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2013-07-08] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2013-07-08] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2013-07-08] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2013-07-08] (Bitdefender)
BootExecute: autocheck autochk * bddel.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=95430989_hao_pg
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-670821491-2823255400-4124354169-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll [2014-08-05] (Bitdefender)
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\TSWebMon64.dat [2015-06-25] (Tencent)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll [2014-08-05] (Bitdefender)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-29] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-29] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-23] ()
FF Plugin: @iqiyi.com/npclient -> C:\IQIYI Video\LStyle\npclient.dll [2015-05-12] ()
FF Plugin: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [2015-04-29] (爱奇艺公司)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-23] ()
FF Plugin-x32: @iqiyi.com/npclient -> C:\IQIYI Video\LStyle\npclient.dll [2015-05-12] ()
FF Plugin-x32: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [2015-04-29] (爱奇艺公司)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\npQMExtensionsMozilla.dll [2015-06-25] (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: @rising.com.cn/nprising -> C:\Program Files (x86)\Rising\RAV\nprising.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-670821491-2823255400-4124354169-1000: @iqiyi.com/npWebPlayer -> C:\IQIYI Video\LStyle\npWebPlayer.dll [2015-04-29] (爱奇艺公司)
FF Plugin HKU\S-1-5-21-670821491-2823255400-4124354169-1000: @rising.com.cn/nprising -> C:\Program Files (x86)\Rising\RAV\nprising.dll No File
FF Plugin HKU\S-1-5-21-670821491-2823255400-4124354169-1000: @tools.google.com/Google Update;version=3 -> C:\Users\NoVaS\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-670821491-2823255400-4124354169-1000: @tools.google.com/Google Update;version=9 -> C:\Users\NoVaS\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-670821491-2823255400-4124354169-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\NoVaS\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-27] (Unity Technologies ApS)
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-10-21]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman [2014-10-21]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext

Chrome:
=======
CHR Profile: C:\Users\NoVaS\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\NoVaS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-20]
CHR Extension: (Google Docs) - C:\Users\NoVaS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-20]
CHR Extension: (Google Drive) - C:\Users\NoVaS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-20]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\NoVaS\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2015-06-21]
CHR Extension: (YouTube) - C:\Users\NoVaS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-20]
CHR Extension: (Bitdefender Wallet) - C:\Users\NoVaS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-10-21]
CHR Extension: (Google Search) - C:\Users\NoVaS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-20]
CHR Extension: (Tampermonkey) - C:\Users\NoVaS\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-10-30]
CHR Extension: (Google Sheets) - C:\Users\NoVaS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-20]
CHR Extension: (AdBlock) - C:\Users\NoVaS\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-21]
CHR Extension: (Google Wallet) - C:\Users\NoVaS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-20]
CHR Extension: (Gmail) - C:\Users\NoVaS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-20]
CHR HKU\S-1-5-21-670821491-2823255400-4124354169-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-12-08]
CHR HKLM-x32\...\Chrome\Extension: [ooebklgpfnbcnpokahmdidgbmlcdepkm] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2014-08-05] (Bitdefender)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-30] (Electronic Arts)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCRTP.exe [297608 2015-06-25] (Tencent)
R2 RsMgrSvc; C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe [179992 2014-09-02] (Beijing Rising Information Technology Co., Ltd.)
R2 RsRavMon; C:\Program Files (x86)\Rising\RAV\ravmond.exe [277552 2014-05-15] (Beijing Rising Information Technology Co., Ltd.)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
S2 sfrem01; C:\Windows\system32\sfrem01.exe [584824 2006-05-10] (Protection Technology (StarForce))
R3 TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\TAOFrame.exe [293728 2015-06-25] (Tencent)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2014-08-05] (Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1538672 2014-12-08] (Bitdefender)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2014-12-08] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [263032 2014-12-08] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-05-16] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2015-01-31] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-28] (Disc Soft Ltd)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QMUdisk64.sys [62264 2015-04-17] (Tencent)
R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQSysMonX64.sys [127800 2015-06-25] (电脑管家)
R1 rsutils; C:\Windows\System32\DRIVERS\rsutils.sys [71056 2015-03-11] (Beijing Rising Information Technology Co., Ltd.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S4 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [69120 2006-05-10] (Protection Technology (StarForce)) [File not signed]
S4 sfhlp02; C:\Windows\System32\drivers\sfhlp02.sys [7168 2006-05-10] (Protection Technology (StarForce)) [File not signed]
R0 sysmon; C:\Windows\System32\DRIVERS\sysmon.sys [121072 2015-02-11] (Beijing Rising Information Technology Co., Ltd.)
R2 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator64.sys [99640 2015-06-25] (Tencent)
R1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [174392 2015-06-25] (Tencent Technology(Shenzhen) Company Limited)
R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-06-25] (电脑管家)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-12-08] (BitDefender S.R.L.)
R3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\TS888x64.sys [28984 2015-06-25] (Tencent)
R1 TSCPM; C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\tscpm64.sys [42296 2015-06-25] (电脑管家)
R1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\TSDefenseBT64.sys [28472 2015-06-25] (Tencent)
R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\TSSysKit64.sys [87352 2015-06-25] (电脑管家)
R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
S0 sfsync04; system32\drivers\sfsync04.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-25 14:20 - 2015-06-25 14:22 - 00022158 _____ C:\Users\NoVaS\Desktop\FRST.txt
2015-06-25 14:18 - 2015-06-25 14:18 - 02112512 _____ (Farbar) C:\Users\NoVaS\Desktop\FRST64.exe
2015-06-25 13:58 - 2015-06-25 13:58 - 00027624 _____ C:\Windows\system32\bddel.exe
2015-06-25 13:58 - 2015-06-25 13:58 - 00001810 _____ C:\Windows\system32\bddel.dat
2015-06-25 13:41 - 2015-06-25 13:41 - 00001149 _____ C:\Users\NoVaS\Desktop\ZSoft Uninstaller.lnk
2015-06-25 13:41 - 2015-06-25 13:41 - 00000000 ____D C:\Users\NoVaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZSoft
2015-06-25 13:41 - 2015-06-25 13:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZSoft
2015-06-25 13:41 - 2015-06-25 13:41 - 00000000 ____D C:\Program Files (x86)\ZSoft
2015-06-25 13:40 - 2015-06-25 13:40 - 01231522 _____ C:\Users\NoVaS\Desktop\ZSoft_Uninstaller_2.5.exe
2015-06-25 13:09 - 2015-06-25 13:09 - 00001264 _____ C:\Users\NoVaS\Desktop\Revo Uninstaller.lnk
2015-06-25 13:09 - 2015-06-25 13:09 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-06-25 13:08 - 2015-06-25 13:08 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\NoVaS\Desktop\revosetup.exe
2015-06-25 13:07 - 2015-06-25 13:07 - 00110080 _____ (Thomas Hoen - T-Tools) C:\Users\NoVaS\Desktop\BitRemover.exe
2015-06-25 13:05 - 2015-06-25 13:05 - 01236320 _____ (Microsoft Corporation) C:\Users\NoVaS\Desktop\BitDefender_Uninstall_Tool.EXE
2015-06-25 12:59 - 2015-06-25 12:59 - 00000000 ____D C:\Qiyi
2015-06-25 12:53 - 2015-06-25 13:02 - 00000000 ____D C:\ProgramData\LocalStorage
2015-06-25 12:48 - 2015-06-25 12:49 - 00000000 ____D C:\Users\NoVaS\AppData\Roaming\ppslog
2015-06-25 12:47 - 2015-06-25 13:52 - 00028984 _____ (Tencent) C:\Windows\SysWOW64\Drivers\TS888x64.sys
2015-06-25 12:46 - 2015-06-25 12:46 - 00000000 ____D C:\ProgramData\TXQMPC
2015-06-25 12:42 - 2015-06-25 12:42 - 00000000 ____D C:\Program Files (x86)\Internet Speed Checker
2015-06-25 12:42 - 2015-06-25 12:42 - 00000000 ____D C:\Program Files (x86)\9df54471-c67c-4c9e-9507-46e55ef5bb65
2015-06-25 12:38 - 2015-06-25 12:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-06-25 12:38 - 2015-06-25 12:38 - 00000000 ____D C:\ProgramData\KingSoft
2015-06-25 12:37 - 2015-06-25 13:40 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-06-25 12:37 - 2015-06-25 12:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-06-25 12:35 - 2015-06-25 13:42 - 00000000 ____D C:\Users\NoVaS\AppData\Roaming\Seznam.cz
2015-06-25 12:34 - 2015-06-25 12:34 - 00000000 ____D C:\Program Files\Common Files\Tencent
2015-06-25 12:34 - 2015-06-25 12:33 - 00099640 _____ (Tencent) C:\Windows\system32\Drivers\TAOAccelerator64.sys
2015-06-25 12:33 - 2015-06-25 12:33 - 00174392 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernel64.sys
2015-06-25 12:33 - 2015-06-25 12:33 - 00087864 _____ (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
2015-06-25 12:33 - 2015-06-25 12:33 - 00000000 ____D C:\Users\NoVaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2015-06-25 12:32 - 2015-06-25 12:59 - 00000000 ____D C:\ProgramData\Tencent
2015-06-25 12:32 - 2015-06-25 12:40 - 00000000 ____D C:\Users\NoVaS\AppData\Roaming\Tencent
2015-06-25 12:32 - 2015-06-25 12:32 - 00000000 ____D C:\Users\NoVaS\AppData\Local\SysassistByHotWheel
2015-06-25 12:32 - 2015-06-25 12:32 - 00000000 ____D C:\Users\NoVaS\AppData\Local\2930D7DA-3A14-481B-8E21-D87C4F1A64E3
2015-06-25 12:32 - 2015-06-25 12:32 - 00000000 ____D C:\Program Files (x86)\Tencent
2015-06-25 12:31 - 2015-06-25 13:28 - 00000000 ____D C:\Users\NoVaS\AppData\Roaming\IQIYI Video
2015-06-25 12:31 - 2015-06-25 13:21 - 00000000 ____D C:\ProgramData\IQIYI Video
2015-06-25 12:31 - 2015-06-25 12:58 - 00000000 ____D C:\qycache
2015-06-25 12:31 - 2015-06-25 12:31 - 00001706 _____ C:\Users\NoVaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\爱奇艺PPS影音.lnk
2015-06-25 12:31 - 2015-06-25 12:31 - 00000000 ____D C:\Users\Public\QiYi
2015-06-25 12:31 - 2015-06-25 12:31 - 00000000 ____D C:\Users\NoVaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\爱奇艺
2015-06-25 12:31 - 2015-06-25 12:31 - 00000000 ____D C:\ppsfile
2015-06-25 12:31 - 2015-06-25 12:31 - 00000000 ____D C:\IQIYI Video
2015-06-25 12:30 - 2015-06-25 13:58 - 00000000 ____D C:\Program Files (x86)\Rising
2015-06-25 12:30 - 2015-06-25 12:30 - 00000150 __RSH C:\rising.ini
2015-06-25 12:30 - 2015-06-25 12:30 - 00000000 ____D C:\ProgramData\Rising
2015-06-25 12:30 - 2015-06-25 12:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rising Software Deployment System
2015-06-25 12:30 - 2015-03-11 07:00 - 00071056 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\Drivers\rsutils.sys
2015-06-25 12:30 - 2015-02-11 07:00 - 00121072 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\Drivers\sysmon.sys
2015-06-25 12:30 - 2012-02-29 09:49 - 00011888 ____N (Beijing Rising Information Technology Co., Ltd.) C:\Windows\system32\Drivers\rsndisp.sys
2015-06-25 12:27 - 2015-06-25 12:27 - 00511323 _____ C:\Users\NoVaS\Desktop\Hackinstaller June2015 V3 1 Downloader.zip
2015-06-24 20:28 - 2015-06-24 22:56 - 00012534 _____ C:\Users\NoVaS\Desktop\Nový Textový dokument OpenDocument.odt
2015-06-23 23:46 - 2015-06-24 01:15 - 1599428752 _____ C:\Users\NoVaS\Desktop\Vzpoura---Uprising--2001,-CZ-tit.avi
2015-06-23 23:40 - 2015-06-23 23:40 - 00014618 _____ C:\Users\NoVaS\Desktop\[CzT]Vzpoura_Uprising_2001_.torrent
2015-06-23 12:05 - 2015-06-23 12:05 - 00000000 ____D C:\Users\NoVaS\Desktop\Majk Spirit - Y Black (2015)
2015-06-22 14:34 - 2015-06-22 14:34 - 00695296 _____ (AnjoCaido) C:\Users\NoVaS\Desktop\MinecraftSP.exe
2015-06-21 20:11 - 2015-06-21 20:11 - 00003794 _____ C:\Windows\System32\Tasks\klcp_update
2015-06-21 20:10 - 2015-06-21 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-06-21 20:09 - 2015-06-21 20:09 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-06-21 20:01 - 2015-06-21 20:01 - 00000084 _____ C:\Windows\wininit.ini
2015-06-14 20:45 - 2015-06-14 20:45 - 00002031 _____ C:\Users\Public\Desktop\HTC Sync Manager.lnk
2015-06-14 20:43 - 2015-06-14 20:44 - 00031310 _____ C:\Windows\DPINST.LOG
2015-06-09 16:49 - 2015-06-23 23:41 - 00000000 ____D C:\Users\NoVaS\Downloads\Okresni prebor POSLEDNI ZAPAS PEPIKA HNATKA DVDRip.XviD.AC3.CZ[lightfenix]
2015-06-09 16:49 - 2015-06-09 16:49 - 00014058 _____ C:\Users\NoVaS\Desktop\[CzT]Okresni_prebor_Posledni_zapas_Pepika_Hnatka_2012_.torrent
2015-06-09 14:04 - 2015-06-09 14:05 - 00001853 _____ C:\Windows\system32\bdsandbox.txt
2015-06-07 20:47 - 2013-12-27 11:27 - 53806061 ____N C:\Users\NoVaS\Desktop\Best Dance Music 2013 New Electro House Music House 2013 Music 2013 (Summer Love @12) Dj D3evice.m4a
2015-06-01 22:23 - 2015-06-02 19:24 - 00033699 _____ C:\Users\NoVaS\Desktop\novák automobily.odt
2015-06-01 18:38 - 2015-06-01 20:36 - 04135375 _____ C:\Users\NoVaS\Desktop\novák-evz.odp
2015-06-01 12:29 - 2015-06-01 12:29 - 00018376 _____ C:\Users\NoVaS\Downloads\[CzT]Nymfomanka_cast_I_II_Nymph_maniac_Volume_1_2_Director_s_Cut_2013_.torrent
2015-05-31 07:52 - 2015-06-25 12:58 - 00065192 _____ C:\Users\NoVaS\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-31 07:50 - 2015-06-25 13:50 - 00008166 _____ C:\Windows\setupact.log
2015-05-31 07:50 - 2015-05-31 07:50 - 00000000 _____ C:\Windows\setuperr.log
2015-05-31 07:48 - 2015-06-25 13:49 - 00038722 _____ C:\Windows\PFRO.log
2015-05-31 07:48 - 2015-06-25 12:45 - 00297704 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-30 11:44 - 2015-06-02 14:49 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-05-30 11:44 - 2015-05-30 11:44 - 00001808 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-05-30 11:44 - 2015-05-30 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-05-30 11:42 - 2015-05-30 11:42 - 00000005 _____ C:\Windows\SysWOW64\lMMLDeleteUserData42107612FX.tmp
2015-05-29 19:41 - 2015-05-29 19:42 - 232910594 _____ C:\Users\NoVaS\Downloads\[CNT]_Naruto_Shippuuden_414_[50240973].mkv
2015-05-29 06:55 - 2015-05-29 06:55 - 131865684 _____ C:\Users\NoVaS\Desktop\Deep House 2015 Summer Mixtape 2015 New Music.mp4
2015-05-27 11:14 - 2015-05-27 11:16 - 1419146012 _____ C:\Users\NoVaS\Downloads\Kráľovsto Nebeské DVDrip.CZ - WarDog.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-25 14:20 - 2014-10-20 19:42 - 01555880 _____ C:\Windows\WindowsUpdate.log
2015-06-25 14:20 - 2014-10-16 15:09 - 00000000 ____D C:\FRST
2015-06-25 14:00 - 2009-07-14 06:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-25 14:00 - 2009-07-14 06:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-25 13:55 - 2015-02-09 00:10 - 00000000 ____D C:\Users\NoVaS\AppData\Local\Spotify
2015-06-25 13:53 - 2015-02-09 00:09 - 00000000 ____D C:\Users\NoVaS\AppData\Roaming\Spotify
2015-06-25 13:51 - 2015-01-02 20:22 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-25 13:51 - 2014-10-25 16:40 - 00000000 ____D C:\Users\NoVaS\AppData\Local\HTC MediaHub
2015-06-25 13:50 - 2014-10-28 00:40 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-25 13:50 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-25 13:44 - 2014-11-27 11:34 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-25 13:38 - 2015-01-02 20:22 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-25 12:48 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-25 12:46 - 2014-10-20 21:21 - 00001393 _____ C:\Users\NoVaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-25 12:37 - 2014-10-21 13:48 - 00000000 ____D C:\Users\NoVaS\AppData\Roaming\Skype
2015-06-25 12:34 - 2014-10-20 21:20 - 00000000 ____D C:\Users\NoVaS\AppData\Local\VirtualStore
2015-06-25 12:33 - 2015-01-02 20:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-25 01:11 - 2014-10-21 12:01 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-24 14:07 - 2015-02-05 19:56 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-670821491-2823255400-4124354169-1000Core.job
2015-06-23 23:58 - 2014-10-20 22:41 - 00000000 ____D C:\Users\NoVaS\AppData\Roaming\uTorrent
2015-06-23 20:40 - 2014-11-27 11:34 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-23 20:40 - 2014-11-27 11:34 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-23 20:40 - 2014-11-27 11:34 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-23 20:40 - 2014-11-27 11:33 - 00000000 ____D C:\Users\NoVaS\AppData\Local\Adobe
2015-06-23 12:07 - 2013-08-29 10:13 - 00000000 ____D C:\Users\NoVaS\Desktop\fotky
2015-06-22 14:44 - 2015-01-22 14:14 - 00000000 ____D C:\Users\NoVaS\AppData\Roaming\.minecraft
2015-06-21 20:40 - 2010-10-23 10:35 - 00000000 ____D C:\Users\NoVaS\Desktop\Mp3(legal)
2015-06-21 20:00 - 2015-04-06 20:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codec Pack
2015-06-17 16:33 - 2014-12-11 16:43 - 00000000 ____D C:\Users\NoVaS\AppData\Roaming\Mozilla
2015-06-17 16:33 - 2014-12-09 08:36 - 00000000 ____D C:\Users\NoVaS\AppData\Local\Mozilla
2015-06-14 20:51 - 2015-03-13 09:01 - 00737050 _____ C:\Windows\system32\perfh00A.dat
2015-06-14 20:51 - 2015-03-13 09:01 - 00675348 _____ C:\Windows\system32\perfh00E.dat
2015-06-14 20:51 - 2015-03-13 09:01 - 00473096 _____ C:\Windows\system32\perfh00B.dat
2015-06-14 20:51 - 2015-03-13 09:01 - 00383938 _____ C:\Windows\system32\perfh00D.dat
2015-06-14 20:51 - 2015-03-13 09:01 - 00170932 _____ C:\Windows\system32\perfc00E.dat
2015-06-14 20:51 - 2015-03-13 09:01 - 00158132 _____ C:\Windows\system32\perfc00A.dat
2015-06-14 20:51 - 2015-03-13 09:01 - 00101178 _____ C:\Windows\system32\perfc00B.dat
2015-06-14 20:51 - 2015-03-13 09:01 - 00084416 _____ C:\Windows\system32\perfc00D.dat
2015-06-14 20:51 - 2015-03-12 19:09 - 00731640 _____ C:\Windows\system32\perfh010.dat
2015-06-14 20:51 - 2015-03-12 19:09 - 00146504 _____ C:\Windows\system32\perfc010.dat
2015-06-14 20:51 - 2015-03-12 18:54 - 00682218 _____ C:\Windows\system32\perfh00C.dat
2015-06-14 20:51 - 2015-03-12 18:54 - 00470608 _____ C:\Windows\system32\perfh001.dat
2015-06-14 20:51 - 2015-03-12 18:54 - 00129890 _____ C:\Windows\system32\perfc00C.dat
2015-06-14 20:51 - 2015-03-12 18:54 - 00094430 _____ C:\Windows\system32\perfc001.dat
2015-06-14 20:51 - 2015-03-12 18:25 - 00688802 _____ C:\Windows\system32\perfh007.dat
2015-06-14 20:51 - 2015-03-12 18:25 - 00148774 _____ C:\Windows\system32\perfc007.dat
2015-06-14 20:51 - 2009-07-14 17:18 - 00668542 _____ C:\Windows\system32\perfh005.dat
2015-06-14 20:51 - 2009-07-14 17:18 - 00141202 _____ C:\Windows\system32\perfc005.dat
2015-06-14 20:50 - 2009-07-14 07:13 - 07451798 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-14 20:46 - 2014-10-25 16:41 - 00000000 ____D C:\Users\NoVaS\AppData\Roaming\HTC
2015-06-14 20:45 - 2014-10-25 16:40 - 00000000 ____D C:\ProgramData\HTC
2015-06-14 20:45 - 2014-10-25 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2015-06-14 20:44 - 2014-08-19 21:32 - 00000000 ____D C:\Program Files (x86)\HTC
2015-06-14 20:43 - 2014-10-25 16:37 - 00000000 ____D C:\Users\NoVaS\AppData\Local\Downloaded Installations
2015-05-30 11:40 - 2014-11-28 23:20 - 00000000 ____D C:\Users\NoVaS\AppData\Roaming\DAEMON Tools Lite
2015-05-28 19:18 - 2014-10-21 13:48 - 00000000 ____D C:\ProgramData\Skype

==================== Files in the root of some directories =======

2014-11-25 17:32 - 2014-11-25 17:32 - 0003335 _____ () C:\Users\NoVaS\AppData\Local\recently-used.xbel
2015-03-16 18:49 - 2015-03-16 18:49 - 0000379 ____H () C:\ProgramData\1-0-0-0.txt
2014-10-21 13:50 - 2014-10-21 14:09 - 0001090 _____ () C:\ProgramData\1413892192.1132.bin
2014-10-21 14:06 - 2014-10-21 14:09 - 0082504 _____ () C:\ProgramData\1413892192.3096.bin
2014-10-21 13:49 - 2014-10-21 14:09 - 0123786 _____ () C:\ProgramData\1413892192.3192.bin
2014-10-21 13:50 - 2014-10-21 14:09 - 0003735 _____ () C:\ProgramData\1413892192.3272.bin
2014-10-21 13:50 - 2014-10-21 14:09 - 0012181 _____ () C:\ProgramData\1413892192.3596.bin
2014-10-21 13:50 - 2014-10-21 14:09 - 0017887 _____ () C:\ProgramData\1413892192.3712.bin
2014-10-21 13:50 - 2014-10-21 13:50 - 0001090 _____ () C:\ProgramData\1413892192.4072.bin
2014-10-21 13:50 - 2014-10-21 14:09 - 0000991 _____ () C:\ProgramData\1413892192.4260.bin
2014-10-21 13:51 - 2014-10-21 13:52 - 0001451 _____ () C:\ProgramData\1413892192.4820.bin
2014-10-21 13:50 - 2014-10-21 14:09 - 0010651 _____ () C:\ProgramData\1413892192.5676.bin
2014-10-21 13:49 - 2014-10-21 14:09 - 0024852 _____ () C:\ProgramData\1413892192.6024.bin
2014-10-21 13:49 - 2014-10-21 14:09 - 0033751 _____ () C:\ProgramData\1413892192.6028.bin
2014-10-21 14:11 - 2014-10-21 14:11 - 0063086 _____ () C:\ProgramData\1413893417.bdinstall.bin
2014-10-21 14:18 - 2014-10-21 14:49 - 0033751 _____ () C:\ProgramData\1413893886.1500.bin
2014-10-21 14:19 - 2014-10-21 14:20 - 0001545 _____ () C:\ProgramData\1413893886.1936.bin
2014-10-21 14:49 - 2014-10-21 14:49 - 0082504 _____ () C:\ProgramData\1413893886.2676.bin
2014-10-21 14:18 - 2014-10-21 14:18 - 0017887 _____ () C:\ProgramData\1413893886.2704.bin
2014-10-21 14:18 - 2014-10-21 14:49 - 0125519 _____ () C:\ProgramData\1413893886.2964.bin
2014-10-21 14:18 - 2014-10-21 14:57 - 0003735 _____ () C:\ProgramData\1413893886.3016.bin
2014-10-21 14:18 - 2014-10-21 14:19 - 0012181 _____ () C:\ProgramData\1413893886.3168.bin
2014-10-21 14:18 - 2014-10-21 14:57 - 0001090 _____ () C:\ProgramData\1413893886.5056.bin
2014-10-21 14:18 - 2014-10-21 14:57 - 0001090 _____ () C:\ProgramData\1413893886.5060.bin
2014-10-21 14:18 - 2014-10-21 14:57 - 0010536 _____ () C:\ProgramData\1413893886.5084.bin
2014-10-21 14:18 - 2014-10-21 14:49 - 0000991 _____ () C:\ProgramData\1413893886.5096.bin
2014-10-21 14:18 - 2014-10-21 14:49 - 0031737 _____ () C:\ProgramData\1413893886.688.bin
2014-10-21 14:57 - 2014-10-21 14:57 - 0062717 _____ () C:\ProgramData\1413896154.bdinstall.bin
2014-10-21 14:59 - 2014-10-21 14:59 - 0063086 _____ () C:\ProgramData\1413896341.bdinstall.bin
2014-10-21 15:04 - 2014-10-21 15:31 - 0001090 _____ () C:\ProgramData\1413896641.1044.bin
2014-10-21 15:04 - 2014-10-21 15:31 - 0000991 _____ () C:\ProgramData\1413896641.1524.bin
2014-10-21 15:04 - 2014-10-21 15:31 - 0021701 _____ () C:\ProgramData\1413896641.1832.bin
2014-10-21 15:04 - 2014-10-21 15:31 - 0033751 _____ () C:\ProgramData\1413896641.2012.bin
2014-10-21 15:04 - 2014-10-21 15:31 - 0001090 _____ () C:\ProgramData\1413896641.2164.bin
2014-10-21 15:05 - 2014-10-21 15:06 - 0001545 _____ () C:\ProgramData\1413896641.2588.bin
2014-10-21 15:04 - 2014-10-21 15:31 - 0003735 _____ () C:\ProgramData\1413896641.2848.bin
2014-10-21 15:31 - 2014-10-21 15:31 - 0082501 _____ () C:\ProgramData\1413896641.340.bin
2014-10-21 15:04 - 2014-10-21 15:31 - 0017882 _____ () C:\ProgramData\1413896641.3576.bin
2014-10-21 15:04 - 2014-10-21 15:31 - 0124717 _____ () C:\ProgramData\1413896641.3872.bin
2014-10-21 15:04 - 2014-10-21 15:05 - 0012180 _____ () C:\ProgramData\1413896641.676.bin
2014-10-21 15:04 - 2014-10-21 15:31 - 0010536 _____ () C:\ProgramData\1413896641.736.bin
2014-10-21 15:52 - 2014-10-21 15:52 - 0532120 _____ () C:\ProgramData\1413898579.bdinstall.bin

Some files in TEMP:
====================
C:\Users\NoVaS\AppData\Local\Temp\i4jdel0.exe
C:\Users\NoVaS\AppData\Local\Temp\masauto_runxx.dl.dll
C:\Users\NoVaS\AppData\Local\Temp\masblog_runxx.dl.dll
C:\Users\NoVaS\AppData\Local\Temp\masflag_runxx.dl.dll
C:\Users\NoVaS\AppData\Local\Temp\PCMgr_AndroidServer.exe
C:\Users\NoVaS\AppData\Local\Temp\QYAgent_runxx.dl.dll
C:\Users\NoVaS\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-06-14 13:29

==================== End of log ============================

Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version:24-06-2015
Ran by NoVaS at 2015-06-25 14:24:01
Running from C:\Users\NoVaS\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-670821491-2823255400-4124354169-500 - Administrator - Disabled)
Guest (S-1-5-21-670821491-2823255400-4124354169-501 - Limited - Disabled)
NoVaS (S-1-5-21-670821491-2823255400-4124354169-1000 - Administrator - Enabled) => C:\Users\NoVaS

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
AV: Rising Software Deployment System (Enabled - Up to date) {DBC966C2-BD90-87CD-5A01-4DFB1D2EC867}
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
AS: Rising Software Deployment System (Enabled - Up to date) {60A88726-9BAA-8843-60B1-768966A982DA}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-670821491-2823255400-4124354169-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Aktualizace NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 17.30.0.1275 - Bitdefender)
Car Mechanic Simulator verze 1.0.0.0 (HKLM-x32\...\Car Mechanic Simulator_is1) (Version: 1.0.0.0 - Repacky)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
FlatOut2 (HKLM-x32\...\{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
Free WMA to MP3 Converter 1.16 (HKLM-x32\...\Free WMA to MP3 Converter_is1) (Version: - Jodix Technologies Ltd.)
GameRanger (HKU\S-1-5-21-670821491-2823255400-4124354169-1000\...\GameRanger) (Version: - GameRanger Technologies)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
GTA2 (HKLM-x32\...\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}) (Version: 1.00.001 - )
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.46.0 - HTC)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
K-Lite Codec Pack 11.2.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.2.0 - )
Malwarebytes Anti-Malware verze 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Manager (HKU\S-1-5-21-670821491-2823255400-4124354169-1000\...\MusicManager) (Version: - Google, Inc.)
Need for Speed™ Carbon (HKLM-x32\...\{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}) (Version: - )
NVIDIA Ovladač 3D Vision 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{C560D6E7-E40A-435D-8B71-62CBCF1701B2}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 341.44 (Version: 341.44 - NVIDIA Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - Atari)
RollerCoaster Tycoon Deluxe (HKLM-x32\...\RollerCoaster Tycoon Deluxe_is1) (Version: - GOG.com)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Spotify (HKU\S-1-5-21-670821491-2823255400-4124354169-1000\...\Spotify) (Version: 1.0.7.157.g2a6526f9 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold Crusader (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1194 - SUPERAntiSpyware.com)
Unity Web Player (HKU\S-1-5-21-670821491-2823255400-4124354169-1000\...\UnityWebPlayer) (Version: 5.0.1f1 - Unity Technologies ApS)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-670821491-2823255400-4124354169-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
ZSoft Uninstaller 2.5 (HKLM-x32\...\ZSoft Uninstaller) (Version: 2.5 - ZSoft Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-670821491-2823255400-4124354169-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\NoVaS\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-670821491-2823255400-4124354169-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\NoVaS\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)

==================== Restore Points =========================

25-06-2015 13:13:45 Revo Uninstaller's restore point - HTC Driver Installer
25-06-2015 13:20:01 Revo Uninstaller's restore point - 爱奇艺影音
25-06-2015 13:29:23 Revo Uninstaller's restore point - IBot 4.30
25-06-2015 13:34:21 Revo Uninstaller's restore point - SpeedFan (remove only)
25-06-2015 13:37:48 Revo Uninstaller's restore point - Seznam Software

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {18A24C13-0DC0-4EA9-8DEF-CFC7AA247A55} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-670821491-2823255400-4124354169-1000Core => C:\Users\NoVaS\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-05] (Google Inc.)
Task: {37C4230D-3DC3-45E1-BE46-34E62B76FF33} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-05-31] ()
Task: {422A098D-D44D-4AFF-A747-1DBD21FB1AE1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {74C2A116-C03F-4464-BC83-586BAFDE893D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-02] (Google Inc.)
Task: {79A2B043-35A7-443D-80B1-4CEF0C987353} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-23] (Adobe Systems Incorporated)
Task: {C134DA43-16FE-4078-A214-2ED774083F68} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-02] (Google Inc.)
Task: {F72A332E-1029-4A90-9020-34D8820353B6} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2014-10-30] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job =>
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job =>
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job =>
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-670821491-2823255400-4124354169-1000Core.job =>

==================== Loaded Modules (Whitelisted) ==============

2014-10-21 15:41 - 2014-09-01 11:00 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2014-10-21 15:41 - 2014-10-13 15:21 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\accessl.ui
2014-10-21 15:41 - 2011-11-14 19:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender\bdfwcore.dll
2014-10-21 15:41 - 2014-10-13 15:21 - 00004608 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\IMSecurityAL.ui
2015-05-06 13:50 - 2015-05-06 13:51 - 00790368 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00350_005\ashttpbr.mdl
2015-05-06 13:50 - 2015-05-06 13:51 - 00711064 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00350_005\ashttpdsp.mdl
2015-05-06 13:50 - 2015-05-06 13:51 - 02683520 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00350_005\ashttpph.mdl
2015-05-06 13:50 - 2015-05-06 13:51 - 01326504 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00350_005\ashttprbl.mdl
2014-10-28 00:39 - 2015-02-04 04:21 - 00115400 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-10-21 15:41 - 2013-03-25 15:16 - 01117920 _____ () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll
2015-04-13 15:44 - 2015-04-13 15:44 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2014-09-25 20:44 - 2014-09-25 20:44 - 00043008 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00481632 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\sqlite.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00100704 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\tinyxml.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00088416 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\zlib.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00063840 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00051552 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00203104 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQFileFlt.dll
2015-06-25 12:40 - 2015-04-17 12:02 - 00018784 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\oDayProtect.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00117088 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\TavPedc.dll
2015-04-13 15:43 - 2015-04-13 15:43 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2015-04-13 15:43 - 2015-04-13 15:43 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2015-04-13 15:44 - 2015-04-13 15:44 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2015-04-13 15:44 - 2015-04-13 15:44 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2015-04-13 15:44 - 2015-04-13 15:44 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2015-04-13 15:45 - 2015-04-13 15:45 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2015-04-13 15:47 - 2015-04-13 15:47 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00137568 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\libexpatw.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00092184 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\xGraphic32.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00342040 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\arkGraphic.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00045920 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\jgImage.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00158048 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\libpng.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00285024 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\libjpegturbo.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00014176 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\jgIOStub.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00194912 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\xImage.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00076128 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\MemDefrag.dll
2015-03-03 05:35 - 2015-03-03 05:35 - 00295264 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QMAndroidServer\1.0.0.1\Log4cplus.dll
2015-06-25 12:33 - 2015-05-07 13:04 - 00571800 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QMLoader\QQPCDetector.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00268640 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\plugins\StartupMgr\SoftMon.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00235872 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QMWlanMacDll.dll
2014-10-21 15:41 - 2014-09-01 10:59 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender\antispam32\txmlutil.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00088416 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\plugins\QMNetMon\zlib.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00137568 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\plugins\QMNetMon\libexpatw.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00100704 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\plugins\QMNetMon\tinyxml.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00092184 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\plugins\QMNetMon\xGraphic32.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00342040 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\plugins\QMNetMon\arkGraphic.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00045920 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\plugins\QMNetMon\jgImage.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00158048 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\plugins\QMNetMon\libpng.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00285024 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\plugins\QMNetMon\libjpegturbo.dll
2015-06-25 12:33 - 2015-06-25 12:33 - 00014176 _____ () C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\plugins\QMNetMon\jgIOStub.dll
2015-06-22 20:40 - 2015-06-20 07:46 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libglesv2.dll
2015-06-22 20:40 - 2015-06-20 07:46 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libegl.dll
2015-06-22 20:40 - 2015-06-20 07:46 - 15003976 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\NoVaS\Desktop\BitDefender_Uninstall_Tool.EXE:BDU
AlternateDataStreams: C:\Users\NoVaS\Desktop\BitRemover.exe:BDU
AlternateDataStreams: C:\Users\NoVaS\Desktop\FRST64.exe:BDU
AlternateDataStreams: C:\Users\NoVaS\Desktop\MinecraftSP.exe:BDU
AlternateDataStreams: C:\Users\NoVaS\Desktop\revosetup.exe:BDU
AlternateDataStreams: C:\Users\NoVaS\Desktop\ZSoft_Uninstaller_2.5.exe:BDU

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-670821491-2823255400-4124354169-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\NoVaS\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Google Update => "C:\Users\NoVaS\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Spotify => "C:\Users\NoVaS\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\NoVaS\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E6C01E46-168B-4F45-AA9F-7C0FD025F10F}] => (Allow) C:\Users\NoVaS\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{20EC90DD-2E79-419B-8811-A8B5B03B7D58}] => (Allow) C:\Users\NoVaS\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{30F18FAC-1B1C-43B6-B18E-B04EFC62E943}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{BFB34579-DFC7-437C-8D1E-5FA6F1A10962}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{D9705876-60AA-4F8F-9F51-5ED61C564C30}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DC40A6E3-70E4-4DC9-9258-4654152477C0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B6D16169-3C56-4203-B137-264AF0BF54A5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{17E4B863-48F4-4EF3-933C-8486E16EE5E6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7491B12B-FA7C-40F7-868F-1E2AE12A3230}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{8246451B-A2B6-42EA-9B28-4CC95D776D7A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{EB407C0C-23D6-4987-9F24-CA301E740485}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{1D720B05-6B58-4AA6-B717-546AA4AD3B14}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{C8AF11C9-908A-40D5-86CE-BF6AC419B4CE}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{4AF22C1A-EB1E-47E4-AA55-D3236AD24B8B}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{5A1FBD41-3FEF-475E-9548-5DD9320C15AD}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{0FBA5031-F099-40B7-B271-9B136C8A76E0}C:\users\novas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\novas\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{446E8409-C2F0-4213-BF96-D86DAE8B4920}C:\users\novas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\novas\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{22414BBA-0148-45B5-8FB2-E465B9D8D079}C:\users\novas\downloads\dayz standalone v0.46\dayzserver.exe] => (Allow) C:\users\novas\downloads\dayz standalone v0.46\dayzserver.exe
FirewallRules: [UDP Query User{C5B21F1A-591D-42BD-AA97-BE8AE8A9D7DE}C:\users\novas\downloads\dayz standalone v0.46\dayzserver.exe] => (Allow) C:\users\novas\downloads\dayz standalone v0.46\dayzserver.exe
FirewallRules: [TCP Query User{1DF28EA4-EAC7-4534-A7EE-568F757243CA}C:\users\novas\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\novas\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [UDP Query User{9D130F42-30F0-4E61-A41E-0FC1CD54FE53}C:\users\novas\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\novas\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [TCP Query User{772CF86B-CD28-4CA3-98DA-C667F6268E7A}C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe
FirewallRules: [UDP Query User{FED139FB-D652-4595-B23A-8C61C2940122}C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe] => (Allow) C:\program files (x86)\firefly studios\stronghold crusader\stronghold crusader.exe
FirewallRules: [TCP Query User{E23E8AAB-3E18-4FDD-B404-4520B529C830}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{80E7393E-93CE-4A6F-9A6D-4B8D5F395BC2}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{918C9861-A986-4574-8B27-A728F7B81F3F}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [TCP Query User{57CA87B8-D24D-4C83-A87E-843B49E74678}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{65F13604-38EE-403B-B5AD-8399AD014C9E}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{EDA3D1C5-C279-48E7-9B83-488A059BF0DD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{53C94ACA-D966-4FE3-8081-3F02AF347D0E}] => (Allow) C:\Program Files (x86)\Rising\RAV\ravmond.exe
FirewallRules: [{DF021DF9-AC2E-443C-AD72-D03FFA06966A}] => (Allow) C:\Program Files (x86)\Rising\RAV\ravmond.exe
FirewallRules: [{723B7BB4-F08D-4900-BBD3-70CDB2A1D6F9}] => (Allow) C:\IQIYI Video\GeePlayer\GeePlayer.exe
FirewallRules: [{6CCFB823-EE36-4701-A196-57D48119413B}] => (Allow) C:\IQIYI Video\LStyle\QyClient.exe
FirewallRules: [{45C943DC-FECD-4FE9-A315-86C2998C494F}] => (Allow) C:\IQIYI Video\LStyle\QyWebPlayer.exe
FirewallRules: [{30B46761-8B49-4F0D-8431-975B5981A521}] => (Allow) C:\IQIYI Video\LStyle\QyPlayer.exe
FirewallRules: [{7E526627-A5DE-4997-B8B1-DECE00A76E4C}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCmgrInstallGuide.exe
FirewallRules: [{541DCB4F-8EC4-410A-AEE3-40BFED717FE1}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCTray.exe
FirewallRules: [{682A9E99-5320-4B13-ADC4-AE30419F4B94}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCMgr.exe
FirewallRules: [{D8981550-5A65-4C4D-9A3E-291F44C455AA}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCRTP.exe
FirewallRules: [{10248CFD-F529-4908-9E52-B47EF9228516}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QMDL.exe
FirewallRules: [{C0BB4899-8C90-4744-926C-EA5C611F47B4}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\bugreport.exe
FirewallRules: [{981F071D-4DAA-454C-B407-F93978135766}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCFileOpen.exe
FirewallRules: [{55D0E746-57BB-4C2C-B6C1-1DE24FA8ACE5}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCLeakScan.exe
FirewallRules: [{8C12E46F-5628-4242-A387-E6C0FE2FC568}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPConfig.exe
FirewallRules: [{C5B1FAC2-8FBE-4875-85B8-453844B0A657}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCSoftMgr.exe
FirewallRules: [{683480F5-A1DC-419C-987D-A2668E29F74F}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\plugins\QMNetMon\QQPCNetFlow.exe
FirewallRules: [{D1EC5F9C-0F88-4321-A796-BB4B037046EA}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCBTU.exe
FirewallRules: [{8CA81627-0AFB-44D7-B34E-7F9D0C093AB4}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCClinic.exe
FirewallRules: [{C3C2B2EE-38EB-425A-BDDE-ED02166F1443}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCLaunch.exe
FirewallRules: [{D82D02C9-CC62-45D0-A79C-52C1DE0F64BB}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QMUpdate\QQPCMgrUpdate.exe
FirewallRules: [{9E510DB4-E439-4708-B2B1-F721E7B839F5}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCSoftGame.exe
FirewallRules: [{495257D7-DFAE-4776-8E0D-5BEFA1931E64}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCSysOptimize.exe
FirewallRules: [{5AC615CB-F8D9-4B24-9707-ED43CE2CD883}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCUpdateAVLib.exe
FirewallRules: [{DBA56899-761C-4D13-AAB9-324EC43958BE}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQRepair.exe
FirewallRules: [{C269C4EE-14D6-4614-B934-FC8CBC9CCE62}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\Uninst.exe
FirewallRules: [{B950E643-EE0A-432F-A9FD-11681D40BF79}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QQPCPatch.exe
FirewallRules: [{EF4A70AB-C9F0-48CC-9F88-058A3B1A949D}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\TpkUpdate.exe
FirewallRules: [{1765D6A2-0DC9-4BCB-BF6C-4107C29EB999}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QMRouterMgr.exe
FirewallRules: [{030830CA-3346-4071-B398-6D7892AB269F}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\10.7.16066.216\QMAccountProtection.exe
FirewallRules: [{13C3E964-0128-4470-AAA3-2464884F29FD}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{F5DDB4BA-6A21-435A-BF57-D96F431830A8}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (06/25/2015 00:47:15 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (3816) WindowsMail0: Zálohování bylo ukončeno, protože bylo zastaveno klientem nebo protože se nezdařilo připojení ke klientovi.

Error: (06/19/2015 09:57:06 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=43.0.2357.124;lang=;guid=5FE2D3A9276B4C54AF294C48AE65BE34;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\0a183f52-42d1-4d30-a126-5ec1d33456ba.dmp

Error: (06/09/2015 02:04:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: Služba Šifrování neinicializovala záložní objekt System Writer systému VSS.

Details:
Could not open the EventSystem service for query.

System Error:
Prvek nebyl nalezen.
.

Error: (05/18/2015 07:50:16 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=42.0.2311.152;lang=;guid=5FE2D3A9276B4C54AF294C48AE65BE34;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\8a90e025-b937-4f46-b519-f615fa6559ee.dmp

Error: (05/14/2015 11:32:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... E70F0E.crt>. Došlo k chybě Zvolený server nemůže provést požadovanou operaci.
.

Error: (05/14/2015 11:32:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... E70F0E.crt>. Došlo k chybě Daná operace se vrátila, protože vypršel časový limit.
.

Error: (04/26/2015 02:31:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RCT3plus.exe, verze: 3.2.8.13, časové razítko: 0x00000000
Název chybujícího modulu: RCT3plus.exe, verze: 3.2.8.13, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000f1263
ID chybujícího procesu: 0x1760
Čas spuštění chybující aplikace: 0xRCT3plus.exe0
Cesta k chybující aplikaci: RCT3plus.exe1
Cesta k chybujícímu modulu: RCT3plus.exe2
ID zprávy: RCT3plus.exe3

Error: (04/18/2015 02:22:43 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=42.0.2311.90;lang=;guid=5FE2D3A9276B4C54AF294C48AE65BE34;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\1bec340a-f1d9-4126-86c4-94f14b9585db.dmp

Error: (04/14/2015 10:33:00 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=41.0.2272.118;lang=;guid=5FE2D3A9276B4C54AF294C48AE65BE34;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\6e5cbd88-941f-44f6-8fe2-e89217425ff9.dmp

Error: (04/12/2015 00:13:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Golem.exe, verze: 0.0.0.0, časové razítko: 0x552159e8
Název chybujícího modulu: 2.bin, verze: 3.1750.1805.0, časové razítko: 0x54332c26
Kód výjimky: 0xc0000005
Posun chyby: 0x00d37766
ID chybujícího procesu: 0x1260
Čas spuštění chybující aplikace: 0xGolem.exe0
Cesta k chybující aplikaci: Golem.exe1
Cesta k chybujícímu modulu: Golem.exe2
ID zprávy: Golem.exe3

System errors:
=============
Error: (06/25/2015 01:57:07 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.

Error: (06/25/2015 01:50:50 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sfsync04

Error: (06/25/2015 00:53:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (06/25/2015 00:46:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sfsync04

Error: (06/25/2015 00:33:43 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba QQPCMgr RTP Service je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/25/2015 00:30:28 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba Rav Service je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/25/2015 00:30:20 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba Rsd Service je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/25/2015 11:42:04 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sfsync04

Error: (06/24/2015 10:57:08 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sfsync04

Error: (06/23/2015 08:20:23 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
sfsync04

Microsoft Office:
=========================
Error: (06/25/2015 00:47:15 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail3816WindowsMail0:

Error: (06/19/2015 09:57:06 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=43.0.2357.124;lang=;guid=5FE2D3A9276B4C54AF294C48AE65BE34;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\0a183f52-42d1-4d30-a126-5ec1d33456ba.dmp

Error: (06/09/2015 02:04:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description:
Details:
Could not open the EventSystem service for query.

System Error:
Prvek nebyl nalezen.

Error: (05/18/2015 07:50:16 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=42.0.2311.152;lang=;guid=5FE2D3A9276B4C54AF294C48AE65BE34;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\8a90e025-b937-4f46-b519-f615fa6559ee.dmp

Error: (05/14/2015 11:32:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windowsupdate.com/msdownlo ... crtZvolený server nemůže provést požadovanou operaci.

Error: (05/14/2015 11:32:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windowsupdate.com/msdownlo ... 0E.crtDaná operace se vrátila, protože vypršel časový limit.

Error: (04/26/2015 02:31:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: RCT3plus.exe3.2.8.1300000000RCT3plus.exe3.2.8.1300000000c0000005000f1263176001d0800f7f04e66eC:\Program Files (x86)\Atari\RollerCoaster Tycoon 3 Platinum\RCT3plus.exeC:\Program Files (x86)\Atari\RollerCoaster Tycoon 3 Platinum\RCT3plus.exe35c7d0d9-ec10-11e4-93b1-001a4d80d4ee

Error: (04/18/2015 02:22:43 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=42.0.2311.90;lang=;guid=5FE2D3A9276B4C54AF294C48AE65BE34;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\1bec340a-f1d9-4126-86c4-94f14b9585db.dmp

Error: (04/14/2015 10:33:00 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=41.0.2272.118;lang=;guid=5FE2D3A9276B4C54AF294C48AE65BE34;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\6e5cbd88-941f-44f6-8fe2-e89217425ff9.dmp

Error: (04/12/2015 00:13:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Golem.exe0.0.0.0552159e82.bin3.1750.1805.054332c26c000000500d37766126001d074a3b66433f4C:\Users\NoVaS\AppData\Local\Temp\Rar$EXa0.428\Golem.exeC:\Users\NoVaS\AppData\Local\Temp\Rar$EXa0.428\data\2.bineba5a572-e097-11e4-a257-001a4d80d4ee

CodeIntegrity Errors:
===================================
Date: 2014-10-21 05:33:52.475
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old.001\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7601.17514_none_36e20fd4506111dd\fveapibase.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-10-21 05:33:52.464
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old.001\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7601.17514_none_36e20fd4506111dd\fveapibase.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-10-21 05:33:52.448
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old.001\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7601.17514_none_36e20fd4506111dd\fveapibase.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-10-21 05:33:52.400
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old.001\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7600.16385_none_34b0fc0c53728e43\fveapibase.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-10-21 05:33:52.389
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old.001\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7600.16385_none_34b0fc0c53728e43\fveapibase.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-10-21 05:33:52.377
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old.001\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7600.16385_none_34b0fc0c53728e43\fveapibase.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-10-21 05:33:47.371
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old.001\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-10-21 05:33:47.359
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old.001\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-10-21 05:33:47.350
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old.001\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-10-21 05:33:45.187
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows.old.001\Windows\winsxs\x86_microsoft-windows-s..rics-storageadapter_31bf3856ad364e35_6.1.7600.16385_none_d67ca3c3b6af653e\winbiostorageadapter.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4400+
Percentage of memory in use: 62%
Total physical RAM: 4095.55 MB
Available physical RAM: 1534.31 MB
Total Pagefile: 8189.3 MB
Available Pagefile: 5090.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:298.08 GB) (Free:31.55 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (COD_MW_3_DVD2) (CDROM) (Total:6.04 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

==================== End of log ============================

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Po spusteni probehne stazeni databaze
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

# AdwCleaner v4.207 - Log vytvořen 25/06/2015 v 15:28:15
# Aktualizováno 21/06/2015 by Xplode
# Databáze : 2015-06-23.1 [Server]
# Operační system : Windows 7 Ultimate Service Pack 1 (x64)
# Uživatelské jméno : NoVaS - NOVAS-PC
# Spuštěno z : C:\Users\NoVaS\Desktop\adwcleaner_4.207.exe
# Nastavení : Čištění

***** [ Služby ] *****

[#] Služba Smazáno : QMUdisk
[#] Služba Smazáno : TS888x64

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\IQIYI Video
Složka Smazáno : C:\ProgramData\IQIYI Video
Složka Smazáno : C:\ProgramData\tencent
Složka Smazáno : C:\ProgramData\KingSoft
Složka Smazáno : C:\ProgramData\TXQMPC
Složka Smazáno : C:\Program Files (x86)\Internet Speed Checker
Složka Smazáno : C:\Program Files (x86)\tencent
Složka Smazáno : C:\Program Files (x86)\Common Files\tencent
Složka Smazáno : C:\Users\NoVaS\AppData\Local\Temp\tencent
Složka Smazáno : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\tencent
Složka Smazáno : C:\Program Files\Common Files\tencent
Složka Smazáno : C:\Users\NoVaS\AppData\Roaming\IQIYI Video
Složka Smazáno : C:\Users\NoVaS\AppData\Roaming\tencent
Složka Smazáno : C:\Users\NoVaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDvidCodec.com
Soubor Smazáno : C:\Users\NoVaS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\???PPS??.LNK
Soubor Smazáno : C:\Users\NoVaS\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\???PPS??.LNK
Soubor Smazáno : C:\Users\NoVaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\???PPS??.LNK

***** [ Naplánované úlohy ] *****

***** [ Zástupci ] *****

***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Klíč Smazáno : HKLM\SOFTWARE\CLASSES\METNSD
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{085CB97F-6D0B-487D-B94C-E11A736C38CE}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{CF3CDEFB-31BE-43AE-B064-B9C62C883259}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{D96C1D26-5CDF-4506-9244-57233C3984DF}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{D96C1D26-5CDF-4506-9244-57233C3984DF}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{B6360BD3-5CD0-40D3-BD87-DAFF37889F50}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{E6F928E4-B672-4F3A-8CA2-53C4259235DE}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6A8DA1-1731-465B-B036-B9E16EF26CAC}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6BE0FB-8B18-4DFC-959F-233651CC4D7F}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E6A8DA1-2731-465B-B036-B9E16EF26CAC}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAC94FEE-45B4-4FD4-9EEA-D8978EC96C6E}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{085CB97F-6D0B-487D-B94C-E11A736C38CE}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{D96C1D26-5CDF-4506-9244-57233C3984DF}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6A8DA1-1731-465B-B036-B9E16EF26CAC}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E6A8DA1-2731-465B-B036-B9E16EF26CAC}
Klíč Smazáno : HKCU\Software\Conduit
Klíč Smazáno : HKCU\Software\InstalledBrowserExtensions
Klíč Smazáno : HKCU\Software\CrossBrowser
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Crossrider
Klíč Smazáno : HKLM\SOFTWARE\GlobalUpdate
Klíč Smazáno : HKLM\SOFTWARE\InstalledBrowserExtensions
Klíč Smazáno : HKLM\SOFTWARE\Internet Speed Checker
Klíč Smazáno : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17689

Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v43.0.2357.130

*************************

AdwCleaner[R0].txt - [5899 bytů] - [25/06/2015 15:25:41]
AdwCleaner[S0].txt - [5376 bytů] - [25/06/2015 15:28:15]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5434 bytů] ##########

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

ComboFix 15-06-24.02 - NoVaS 25.06.2015 17:44:36.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4096.1555 [GMT 2:00]
Spuštěný z: c:\users\NoVaS\Desktop\ComboFix.exe
AV: Bitdefender Antivirus *Disabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
FW: Bitdefender Firewall *Disabled* {A23392FD-84B9-F933-2C71-81E751F6EF46}
SP: Bitdefender Antispyware *Disabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1413892192.1132.bin
c:\programdata\1413892192.3096.bin
c:\programdata\1413892192.3192.bin
c:\programdata\1413892192.3272.bin
c:\programdata\1413892192.3596.bin
c:\programdata\1413892192.3712.bin
c:\programdata\1413892192.4072.bin
c:\programdata\1413892192.4260.bin
c:\programdata\1413892192.4820.bin
c:\programdata\1413892192.5676.bin
c:\programdata\1413892192.6024.bin
c:\programdata\1413892192.6028.bin
c:\programdata\1413893417.bdinstall.bin
c:\programdata\1413893886.1500.bin
c:\programdata\1413893886.1936.bin
c:\programdata\1413893886.2676.bin
c:\programdata\1413893886.2704.bin
c:\programdata\1413893886.2964.bin
c:\programdata\1413893886.3016.bin
c:\programdata\1413893886.3168.bin
c:\programdata\1413893886.5056.bin
c:\programdata\1413893886.5060.bin
c:\programdata\1413893886.5084.bin
c:\programdata\1413893886.5096.bin
c:\programdata\1413893886.688.bin
c:\programdata\1413896154.bdinstall.bin
c:\programdata\1413896341.bdinstall.bin
c:\programdata\1413896641.1044.bin
c:\programdata\1413896641.1524.bin
c:\programdata\1413896641.1832.bin
c:\programdata\1413896641.2012.bin
c:\programdata\1413896641.2164.bin
c:\programdata\1413896641.2588.bin
c:\programdata\1413896641.2848.bin
c:\programdata\1413896641.340.bin
c:\programdata\1413896641.3576.bin
c:\programdata\1413896641.3872.bin
c:\programdata\1413896641.676.bin
c:\programdata\1413896641.736.bin
c:\programdata\1413898579.bdinstall.bin
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-05-25 do 2015-06-25 )))))))))))))))))))))))))))))))
.
.
2015-06-25 15:58 . 2015-06-25 15:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-06-25 15:28 . 2015-06-25 15:28 -------- d-----w- c:\programdata\Innovative Solutions
2015-06-25 15:28 . 2015-06-25 15:28 -------- d-----w- c:\users\NoVaS\AppData\Local\Innovative Solutions
2015-06-25 15:28 . 2015-06-25 15:28 -------- d-----w- c:\program files (x86)\Common Files\Innovative Solutions
2015-06-25 15:28 . 2014-03-07 08:25 42496 ----a-w- c:\windows\SysWow64\AdvUninstCPL.cpl
2015-06-25 15:28 . 2015-06-25 15:28 -------- d-----w- c:\program files (x86)\Innovative Solutions
2015-06-25 13:25 . 2015-06-25 13:28 -------- d-----w- C:\AdwCleaner
2015-06-25 11:41 . 2015-06-25 11:41 -------- d-----w- c:\program files (x86)\ZSoft
2015-06-25 11:09 . 2015-06-25 11:09 -------- d-----w- c:\program files (x86)\VS Revo Group
2015-06-25 10:59 . 2015-06-25 10:59 -------- d-----w- C:\Qiyi
2015-06-25 10:53 . 2015-06-25 11:02 -------- d-----w- c:\programdata\LocalStorage
2015-06-25 10:48 . 2015-06-25 10:49 -------- d-----w- c:\users\NoVaS\AppData\Roaming\ppslog
2015-06-25 10:47 . 2015-06-25 12:58 28984 ----a-w- c:\windows\SysWow64\drivers\TS888x64.sys
2015-06-25 10:42 . 2015-06-25 10:42 -------- d-----w- c:\program files (x86)\9df54471-c67c-4c9e-9507-46e55ef5bb65
2015-06-25 10:37 . 2015-06-25 10:37 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2015-06-25 10:37 . 2015-06-25 11:40 -------- d-----w- c:\program files (x86)\Seznam.cz
2015-06-25 10:35 . 2015-06-25 11:42 -------- d-----w- c:\users\NoVaS\AppData\Roaming\Seznam.cz
2015-06-25 10:33 . 2015-06-25 10:33 87864 ----a-w- c:\windows\system32\drivers\TFsFltX64.sys
2015-06-25 10:32 . 2015-06-25 10:32 -------- d-----w- c:\users\NoVaS\AppData\Local\2930D7DA-3A14-481B-8E21-D87C4F1A64E3
2015-06-25 10:32 . 2015-06-25 10:32 -------- d-----w- c:\users\NoVaS\AppData\Local\SysassistByHotWheel
2015-06-25 10:31 . 2015-06-25 10:58 -------- d-----w- C:\qycache
2015-06-25 10:31 . 2015-06-25 10:31 -------- d-----w- C:\ppsfile
2015-06-25 10:31 . 2015-06-25 10:31 -------- d-----w- c:\users\Public\QiYi
2015-06-25 10:30 . 2015-06-25 15:33 -------- d-----w- c:\programdata\Rising
2015-06-25 10:30 . 2015-06-25 15:33 -------- d-----w- c:\program files (x86)\Rising
2015-06-21 18:09 . 2015-06-21 18:09 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
2015-06-14 18:45 . 2015-06-14 18:45 -------- d-----w- c:\program files (x86)\Common Files\Nero
2015-05-30 09:44 . 2015-06-02 12:49 -------- d-----w- c:\program files\SUPERAntiSpyware
2015-05-30 09:42 . 2015-05-30 09:42 5 ----a-w- c:\windows\SysWow64\lMMLDeleteUserData42107612FX.tmp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-06-23 18:40 . 2014-11-27 09:34 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-06-23 18:40 . 2014-11-27 09:34 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-04-26 07:10 . 2014-10-20 22:14 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-06 18:11 . 2015-04-06 18:12 737280 ----a-w- c:\windows\iun6002.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender Wallet Agent"="c:\program files\Bitdefender\Bitdefender\pmbxag.exe" [2014-12-08 568400]
"Bitdefender Wallet Application Agent"="c:\program files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" [2014-08-05 615256]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"Spotify Web Helper"="c:\users\NoVaS\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-06-18 2023480]
"Spotify"="c:\users\NoVaS\AppData\Roaming\Spotify\Spotify.exe" [2015-06-18 7415864]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-09-26 6482200]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2015-05-15 7799576]
"Bitdefender Wallet"="c:\program files\Bitdefender\Bitdefender\pwdmanui.exe" [2014-08-05 1002048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-12-17 508800]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender Wallet Agent"="c:\program files\Bitdefender\Bitdefender\pmbxag.exe" [2014-12-08 568400]
"Bitdefender Wallet"="c:\program files\Bitdefender\Bitdefender\pwdmanui.exe" [2014-08-05 1002048]
"Bitdefender Wallet Application Agent"="c:\program files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" [2014-08-05 615256]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
R3 bdfwfpf_pc;bdfwfpf_pc;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [x]
R3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys;c:\windows\SYSNATIVE\drivers\bdsandbox.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 HtcVCom32;HTC Diagnostic Port;c:\windows\system32\DRIVERS\HtcVComV64.sys;c:\windows\SYSNATIVE\DRIVERS\HtcVComV64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\Bitdefender\Bitdefender\bdparentalservice.exe;c:\program files\Bitdefender\Bitdefender\bdparentalservice.exe [x]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [x]
S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys;c:\windows\SYSNATIVE\DRIVERS\bdvedisk.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 RsMgrSvc;Rsd Service;c:\program files (x86)\Rising\RSD\RsMgrSvc.exe;c:\program files (x86)\Rising\RSD\RsMgrSvc.exe [x]
S2 SafeBox;SafeBox;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender\updatesrv.exe;c:\program files\Bitdefender\Bitdefender\updatesrv.exe [x]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys;c:\windows\SYSNATIVE\DRIVERS\avchv.sys [x]
S3 InnovativeSolutions_monitor;Innovative Solutions Service Monitor;c:\program files (x86)\Common Files\Innovative Solutions\Advanced Uninstaller\InnovativeSolutions_monitor_Svr.exe;c:\program files (x86)\Common Files\Innovative Solutions\Advanced Uninstaller\InnovativeSolutions_monitor_Svr.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 t_mouse.sys;HID-compliand device;c:\windows\system32\DRIVERS\t_mouse.sys;c:\windows\SYSNATIVE\DRIVERS\t_mouse.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2015-06-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-27 18:40]
.
2015-06-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-01-02 18:22]
.
2015-06-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-01-02 18:22]
.
2015-06-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-670821491-2823255400-4124354169-1000Core.job
- c:\users\NoVaS\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-05 17:56]
.
2015-06-25 c:\windows\Tasks\Health-Check-auto.job
- c:\program files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe [2015-06-25 09:57]
.
2015-06-25 c:\windows\Tasks\Health-Check-deep.job
- c:\program files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe [2015-06-25 09:57]
.
2015-06-25 c:\windows\Tasks\Health-Check.job
- c:\program files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe [2015-06-25 09:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1]
@="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}"
[HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}]
2013-07-08 13:59 206352 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2]
@="{342DAA0B-D796-460D-8566-901E08A1CCAD}"
[HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}]
2013-07-08 13:59 206352 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3]
@="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}"
[HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}]
2013-07-08 13:59 206352 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4]
@="{33816773-98AE-4723-ADE0-EBE54C8B5A67}"
[HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}]
2013-07-08 13:59 206352 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bdagent"="c:\program files\Bitdefender\Bitdefender\bdagent.exe" [2014-12-08 1757520]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-08-19 1796056]
"MouseDriver"="TiltWheelMouse.exe" [2012-12-19 241152]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
.
------- Asociace souborů -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-PPStream - c:\iqiyi video\LStyle\QyUninst.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\ErrorThresholds]
@DACL=(02 0000)
"406"=dword:00000200
"405"=dword:00000100
"501"=dword:00000200
"404"=dword:00000200
"500"=dword:00000200
"403"=dword:00000100
"409"=dword:00000200
"505"=dword:00000200
"408"=dword:00000200
"400"=dword:00000200
"410"=dword:00000100
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION]
@DACL=(02 0000)
"PresentationHost.exe"=dword:00000001
"sllauncher.exe"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_IMG]
@DACL=(02 0000)
"PresentationHost.exe"=dword:00000001
"sllauncher.exe"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]
@DACL=(02 0000)
"PresentationHost.exe"=dword:00000001
"sllauncher.exe"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]
@DACL=(02 0000)
"PresentationHost.exe"=dword:00000001
"sllauncher.exe"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DISABLE_ISO_2022_JP_SNIFFING]
@DACL=(02 0000)
"iexplore.exe"=dword:00000001
"*"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION]
@DACL=(02 0000)
"PresentationHost.exe"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL]
@DACL=(02 0000)
"PresentationHost.exe"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_FEEDS]
@DACL=(02 0000)
"msfeedssync.exe"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_HIGH_CONTRAST_BACKGROUND_IMAGES]
@DACL=(02 0000)
"sidebar.exe"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]
@DACL=(02 0000)
"wmplayer.exe"=dword:00000001
"ehexthost32.exe"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_IMAGING_USE_ART]
@DACL=(02 0000)
"wm.exe"=dword:00000001
"cs.exe"=dword:00000001
"waol.exe"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS]
@DACL=(02 0000)
"iexplore.exe"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_LEGACY_DISPPARAMS]
@DACL=(02 0000)
"helppane.exe"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS]
@DACL=(02 0000)
"wlmail.exe"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE]
@DACL=(02 0000)
"PresentationHost.exe"=dword:00000001
"sllauncher.exe"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG]
@DACL=(02 0000)
"PresentationHost.exe"=dword:00000001
"sllauncher.exe"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SSLUX]
@DACL=(02 0000)
"PresentationHost.exe"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]
@DACL=(02 0000)
"winmail.exe"=dword:00000001
"msimn.exe"=dword:00000001
"outlook.exe"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]
@DACL=(02 0000)
"wmplayer.exe"=dword:00000001
"ehexthost32.exe"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]
@DACL=(02 0000)
"infopath.exe"=dword:00000001
"winword.exe"=dword:00000001
"excel.exe"=dword:00000001
"powerpnt.exe"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\UrlTemplate]
@DACL=(02 0000)
"1"="www.%s.com"
"3"="www.%s.net"
"2"="www.%s.org"
"4"="www.%s.edu"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-06-25 18:01:58
ComboFix-quarantined-files.txt 2015-06-25 16:01
ComboFix2.txt 2014-10-13 11:54
.
Před spuštěním: Volných bajtů: 39 637 331 968
Po spuštění: Volných bajtů: 39 592 710 144
.
- - End Of File - - A44CB06C6083D50819627D2AF0B02362
A36C5E4F47E84449FF07ED3517B43A31

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Folder::
C:\Qiyi
c:\users\Public\QiYi
c:\programdata\Rising
c:\program files (x86)\Rising
c:\program files (x86)\9df54471-c67c-4c9e-9507-46e55ef5bb65
c:\users\NoVaS\AppData\Local\2930D7DA-3A14-481B-8E21-D87C4F1A64E3
c:\users\NoVaS\AppData\Local\SysassistByHotWheel

File::
c:\windows\SysWow64\drivers\TS888x64.sys
c:\windows\system32\drivers\TFsFltX64.sys
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-670821491-2823255400-4124354169-1000Core.job
c:\windows\Tasks\Health-Check-auto.job
c:\windows\Tasks\Health-Check-deep.job
c:\windows\Tasks\Health-Check.job

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"=-
"Spotify"=-
"CCleaner Monitoring"=-
"SUPERAntiSpyware"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

Driver::
RsMgrSvc

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\ErrorThresholds]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\UrlTemplate]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

ClearJavaCache::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

ComboFix 15-06-24.02 - NoVaS 25.06.2015 19:19:13.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4096.1995 [GMT 2:00]
Spuštěný z: c:\users\NoVaS\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\NoVaS\Desktop\CFScript.txt
AV: Bitdefender Antivirus *Disabled/Updated* {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
FW: Bitdefender Firewall *Enabled* {A23392FD-84B9-F933-2C71-81E751F6EF46}
SP: Bitdefender Antispyware *Disabled/Updated* {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\drivers\TFsFltX64.sys"
"c:\windows\SysWow64\drivers\TS888x64.sys"
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-670821491-2823255400-4124354169-1000Core.job"
"c:\windows\Tasks\Health-Check-auto.job"
"c:\windows\Tasks\Health-Check-deep.job"
"c:\windows\Tasks\Health-Check.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\9df54471-c67c-4c9e-9507-46e55ef5bb65
c:\program files (x86)\Rising
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\CfgDll.dll
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\comx3.dll
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\localopt.dll
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\os.xml
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\popwndexe.exe
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\protreg.sys
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\RsAppMgr.dll
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\RsBackup.exe
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\RSD1252\Eng.lag
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\RSD932\Jpn.lag
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\RSD936\CHS.lag
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\RSD950\CHT.lag
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\rsdinfo.dll
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\rsdk.dll
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\rslang.dll
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\rsmginfo.dll
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\RsMgrSvc.exe
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\RSSetup.xml
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\RsStub.exe
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\RstoreDll.dll
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\setup.dat
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\Setup.exe
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\syslay.dll
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\ui\snin.htm
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\update.xml
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\updater.exe
c:\program files (x86)\Rising\RSD\Backup\RSD\RSSetup\Updater.exe.log
c:\program files (x86)\Rising\RSD\CfgDll.dll
c:\program files (x86)\Rising\RSD\CldRsd.dll
c:\program files (x86)\Rising\RSD\comx3.dll
c:\program files (x86)\Rising\RSD\localopt.dll
c:\program files (x86)\Rising\RSD\os.xml
c:\program files (x86)\Rising\RSD\popwndexe.exe
c:\program files (x86)\Rising\RSD\restorelog.txt
c:\program files (x86)\Rising\RSD\RsAppMgr.dll
c:\program files (x86)\Rising\RSD\RsBackup.exe
c:\program files (x86)\Rising\RSD\RSD1252\Eng.lag
c:\program files (x86)\Rising\RSD\RSD932\Jpn.lag
c:\program files (x86)\Rising\RSD\RSD936\CHS.lag
c:\program files (x86)\Rising\RSD\RSD950\CHT.lag
c:\program files (x86)\Rising\RSD\rsdinfo.dll
c:\program files (x86)\Rising\RSD\rsdk.dll
c:\program files (x86)\Rising\RSD\rslang.dll
c:\program files (x86)\Rising\RSD\rsmginfo.dll
c:\program files (x86)\Rising\RSD\RsMgrSvc.dat
c:\program files (x86)\Rising\RSD\RsMgrSvc.exe
c:\program files (x86)\Rising\RSD\RsMgrSvc.exe.log
c:\program files (x86)\Rising\RSD\RsMgrsvc.ini
c:\program files (x86)\Rising\RSD\RsStub.exe
c:\program files (x86)\Rising\RSD\RstoreDll.dll
c:\program files (x86)\Rising\RSD\setup.dat
c:\program files (x86)\Rising\RSD\Setup.exe
c:\program files (x86)\Rising\RSD\Setup.exe.log
c:\program files (x86)\Rising\RSD\syslay.dll
c:\program files (x86)\Rising\RSD\ui\snin.htm
c:\program files (x86)\Rising\RSD\update.xml
c:\program files (x86)\Rising\RSD\updater.exe
c:\program files (x86)\Rising\RSD\updater.exe.log
c:\program files (x86)\Rising\RSD\updater2.exe
c:\program files (x86)\Rising\RSD\XMLS\RSSetup.xml
c:\program files (x86)\Rising\Settings\RAV\24\NetConfig.ini
c:\program files (x86)\Rising\Settings\RAV\24\Ravcfg.xml
c:\program files (x86)\Rising\Settings\RAV\24\rsmon.db
c:\program files (x86)\Rising\Settings\RAV\24\rstasku.xml
c:\program files (x86)\Rising\Settings\RAV\24\rsuser.db
c:\programdata\Rising
c:\programdata\Rising\RSD\rsmsgcache.ini
c:\programdata\Rising\RSD\rsmsginfo.ini
C:\Qiyi
c:\qiyi\Cache\Cache_QyPlayer\ADCache\cache_index.db
c:\qiyi\Cache\Cache_QyPlayer\ADCache\dns_cache.data
c:\users\NoVaS\AppData\Local\2930D7DA-3A14-481B-8E21-D87C4F1A64E3
c:\users\NoVaS\AppData\Local\2930D7DA-3A14-481B-8E21-D87C4F1A64E3\2930D7DA-3A14-481B-8E21-D87C4F1A64E3.exe
c:\users\NoVaS\AppData\Local\SysassistByHotWheel
c:\users\NoVaS\AppData\Local\SysassistByHotWheel\conditions.xml
c:\users\NoVaS\AppData\Local\SysassistByHotWheel\config.ini
c:\users\NoVaS\AppData\Local\SysassistByHotWheel\lobby.xml
c:\users\NoVaS\AppData\Local\SysassistByHotWheel\log\Chrome
c:\users\Public\QiYi
c:\users\Public\QiYi\QiyiHCDN\Config\FDSCache\vodservercfg.blf
c:\users\Public\QiYi\QiyiHCDN\Config\PowerPlayer.ini
c:\users\Public\QiYi\QiyiHCDN\Config\PSNetwork.ini
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_RsMgrSvc
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-05-25 do 2015-06-25 )))))))))))))))))))))))))))))))
.
.
2015-06-25 17:28 . 2015-06-25 17:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-06-25 15:28 . 2015-06-25 15:28 -------- d-----w- c:\programdata\Innovative Solutions
2015-06-25 15:28 . 2015-06-25 15:28 -------- d-----w- c:\users\NoVaS\AppData\Local\Innovative Solutions
2015-06-25 15:28 . 2015-06-25 15:28 -------- d-----w- c:\program files (x86)\Common Files\Innovative Solutions
2015-06-25 15:28 . 2014-03-07 08:25 42496 ----a-w- c:\windows\SysWow64\AdvUninstCPL.cpl
2015-06-25 15:28 . 2015-06-25 15:28 -------- d-----w- c:\program files (x86)\Innovative Solutions
2015-06-25 13:25 . 2015-06-25 13:28 -------- d-----w- C:\AdwCleaner
2015-06-25 11:41 . 2015-06-25 11:41 -------- d-----w- c:\program files (x86)\ZSoft
2015-06-25 11:09 . 2015-06-25 11:09 -------- d-----w- c:\program files (x86)\VS Revo Group
2015-06-25 10:53 . 2015-06-25 11:02 -------- d-----w- c:\programdata\LocalStorage
2015-06-25 10:48 . 2015-06-25 10:49 -------- d-----w- c:\users\NoVaS\AppData\Roaming\ppslog
2015-06-25 10:47 . 2015-06-25 12:58 28984 ----a-w- c:\windows\SysWow64\drivers\TS888x64.sys
2015-06-25 10:37 . 2015-06-25 10:37 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2015-06-25 10:37 . 2015-06-25 11:40 -------- d-----w- c:\program files (x86)\Seznam.cz
2015-06-25 10:35 . 2015-06-25 11:42 -------- d-----w- c:\users\NoVaS\AppData\Roaming\Seznam.cz
2015-06-25 10:33 . 2015-06-25 10:33 87864 ----a-w- c:\windows\system32\drivers\TFsFltX64.sys
2015-06-25 10:31 . 2015-06-25 10:58 -------- d-----w- C:\qycache
2015-06-25 10:31 . 2015-06-25 10:31 -------- d-----w- C:\ppsfile
2015-06-21 18:09 . 2015-06-21 18:09 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
2015-06-14 18:45 . 2015-06-14 18:45 -------- d-----w- c:\program files (x86)\Common Files\Nero
2015-05-30 09:44 . 2015-06-02 12:49 -------- d-----w- c:\program files\SUPERAntiSpyware
2015-05-30 09:42 . 2015-05-30 09:42 5 ----a-w- c:\windows\SysWow64\lMMLDeleteUserData42107612FX.tmp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-06-23 18:40 . 2014-11-27 09:34 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-06-23 18:40 . 2014-11-27 09:34 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-04-26 07:10 . 2014-10-20 22:14 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-06 18:11 . 2015-04-06 18:12 737280 ----a-w- c:\windows\iun6002.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender Wallet Agent"="c:\program files\Bitdefender\Bitdefender\pmbxag.exe" [2014-12-08 568400]
"Bitdefender Wallet Application Agent"="c:\program files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" [2014-08-05 615256]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"Bitdefender Wallet"="c:\program files\Bitdefender\Bitdefender\pwdmanui.exe" [2014-08-05 1002048]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender Wallet Agent"="c:\program files\Bitdefender\Bitdefender\pmbxag.exe" [2014-12-08 568400]
"Bitdefender Wallet"="c:\program files\Bitdefender\Bitdefender\pwdmanui.exe" [2014-08-05 1002048]
"Bitdefender Wallet Application Agent"="c:\program files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" [2014-08-05 615256]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
R3 bdfwfpf_pc;bdfwfpf_pc;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [x]
R3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys;c:\windows\SYSNATIVE\drivers\bdsandbox.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 HtcVCom32;HTC Diagnostic Port;c:\windows\system32\DRIVERS\HtcVComV64.sys;c:\windows\SYSNATIVE\DRIVERS\HtcVComV64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\Bitdefender\Bitdefender\bdparentalservice.exe;c:\program files\Bitdefender\Bitdefender\bdparentalservice.exe [x]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [x]
S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys;c:\windows\SYSNATIVE\DRIVERS\bdvedisk.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 SafeBox;SafeBox;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender\updatesrv.exe;c:\program files\Bitdefender\Bitdefender\updatesrv.exe [x]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys;c:\windows\SYSNATIVE\DRIVERS\avchv.sys [x]
S3 InnovativeSolutions_monitor;Innovative Solutions Service Monitor;c:\program files (x86)\Common Files\Innovative Solutions\Advanced Uninstaller\InnovativeSolutions_monitor_Svr.exe;c:\program files (x86)\Common Files\Innovative Solutions\Advanced Uninstaller\InnovativeSolutions_monitor_Svr.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 t_mouse.sys;HID-compliand device;c:\windows\system32\DRIVERS\t_mouse.sys;c:\windows\SYSNATIVE\DRIVERS\t_mouse.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2015-06-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-27 18:40]
.
2015-06-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-01-02 18:22]
.
2015-06-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-01-02 18:22]
.
2015-06-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-670821491-2823255400-4124354169-1000Core.job
- c:\users\NoVaS\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-05 17:56]
.
2015-06-25 c:\windows\Tasks\Health-Check-auto.job
- c:\program files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe [2015-06-25 09:57]
.
2015-06-25 c:\windows\Tasks\Health-Check-deep.job
- c:\program files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe [2015-06-25 09:57]
.
2015-06-25 c:\windows\Tasks\Health-Check.job
- c:\program files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe [2015-06-25 09:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1]
@="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}"
[HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}]
2013-07-08 13:59 206352 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2]
@="{342DAA0B-D796-460D-8566-901E08A1CCAD}"
[HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}]
2013-07-08 13:59 206352 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3]
@="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}"
[HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}]
2013-07-08 13:59 206352 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4]
@="{33816773-98AE-4723-ADE0-EBE54C8B5A67}"
[HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}]
2013-07-08 13:59 206352 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bdagent"="c:\program files\Bitdefender\Bitdefender\bdagent.exe" [2014-12-08 1757520]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-08-19 1796056]
"MouseDriver"="TiltWheelMouse.exe" [2012-12-19 241152]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-PPStream - c:\iqiyi video\LStyle\QyUninst.exe
AddRemove-RSD - c:\program files (x86)\Rising\RSD\Setup.exe
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
c:\program files (x86)\Innovative Solutions\Advanced Uninstaller PRO\Uninstaller.exe
c:\program files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
.
**************************************************************************
.
Celkový čas: 2015-06-25 19:45:32 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-06-25 17:45
ComboFix2.txt 2015-06-25 16:01
ComboFix3.txt 2014-10-13 11:54
.
Před spuštěním: Volných bajtů: 39 665 893 376
Po spuštění: Volných bajtů: 39 339 634 688
.
- - End Of File - - B878059B6F4C5459AE7F0C112A7EA2F5
A36C5E4F47E84449FF07ED3517B43A31

Jak se chova PC??

No už to tady není jsem moc rád díky! Je všechno uklizeno? nerad bych na to časem narazil znova

Tak jeste uklidime

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

DelFix https://toolslib.net/downloads/finish/2/

Stahnete a spustte
Ponechte zatrzitkou pouze u volby Remove disinfection tools
Kliknete na Run

Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Zdravím, stejný problém. níže posílám adwcleaner log. Díky za pomoc

# AdwCleaner v5.033 - Logfile created 12/02/2016 at 17:57:46
# Updated 07/02/2016 by Xplode
# Database : 2016-02-07.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Karolina - KAROLINA-PC
# Running from : C:\Users\Karolina\Desktop\adwcleaner_5.033.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : QQPCRTP
[-] Service Deleted : TAOAccelerator
[-] Service Deleted : TSDefenseBt
[-] Service Deleted : TSSysKit
[-] Service Deleted : QMUdisk
[-] Service Deleted : QQSysMonX64
[-] Service Deleted : TFsFlt
[-] Service Deleted : TAOKernelDriver
[-] Service Deleted : TSSKX64
[-] Service Deleted : SPS

***** [ Folders ] *****

[-] Folder Deleted : C:\Genius
[#] Folder Deleted : C:\Program Files (x86)\tencent
[-] Folder Deleted : C:\Program Files (x86)\Common Files\tencent
[#] Folder Deleted : C:\Program Files\Common Files\tencent
[#] Folder Deleted : C:\ProgramData\tencent
[-] Folder Deleted : C:\ProgramData\TXQMPC
[-] Folder Deleted : C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm
[-] Folder Deleted : C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl
[-] Folder Deleted : C:\Users\Karolina\AppData\Roaming\tencent
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\tencent

***** [ Files ] *****

[-] File Deleted : C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nafaimnnclfjfedmmabolbppcngeolgf_0.localstorage
[-] File Deleted : C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nonjdcjchghhkdoolnlbekcfllmednbl_0.localstorage
[-] File Deleted : C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File Deleted : C:\Users\Karolina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\ç”µč„‘ç®ˇĺ®¶.lnk
[-] File Deleted : C:\Windows\SysNative\drivers\TAOAccelerator64.sys
[-] File Deleted : C:\Windows\SysNative\drivers\TSSKX64.sys
[-] File Deleted : C:\Windows\SysNative\drivers\TAOKernel64.sys
[-] File Deleted : C:\Windows\SysNative\drivers\TFsFltX64.sys
[-] File Deleted : C:\Windows\SysWOW64\SearchProtectService.exe
[-] File Deleted : C:\Windows\SysWOW64\drivers\TsFltMgr.sys
[-] File Deleted : C:\Windows\SysWOW64\drivers\TS888x64.sys

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@qq.com/QQPCMgr
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
[-] Key Deleted : HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\QMContextUninstall
[-] Key Deleted : HKEY_CLASSES_ROOT\Folder\ShellEx\ContextMenuHandlers\QMContextUninstall
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [Plus-HD-7.6-bg.exe]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16EE6530-8649-4F42-A9E4-F6A3295AF975}
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{B7667919-3765-4815-A66D-98A09BE662D6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CBDECEF7-7A29-4CBF-A009-2673D82C7BF9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{63332668-8CE1-445D-A5EE-25929176714E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{D4801E96-E7A1-45F6-B124-7A36DFB40B81}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
[-] Key Deleted : HKCU\Software\IM
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2AEF02C3-5159-4C81-A688-8D954F0DEE56}_NewSearch
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QQPCMgr
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tab]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3C}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3D}

***** [ Web browsers ] *****

[-] [C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : websearch.ask.com
[-] [C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : microsoft-office-2010.softonic.com
[-] [C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : kindle-to-pdf-converter.en.softonic.com
[-] [C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : journey-to-the-center-of-the-earth.en.softonic.com
[-] [C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : >
[-] [C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : nafaimnnclfjfedmmabolbppcngeolgf
[-] [C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : nonjdcjchghhkdoolnlbekcfllmednbl
[-] [C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ooebklgpfnbcnpokahmdidgbmlcdepkm

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7762 bytes] ##########

Log z Combofix. Prosím o pomoc. Děkuji.

ComboFix 16-02-09.01 - Karolina 13.02.2016 14:30:49.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4063.1977 [GMT 1:00]
Spuštěný z: c:\users\Karolina\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Karolina\AppData\Local\assembly\tmp
c:\users\Karolina\AppData\Local\assembly\tmp\OXA3633N\__AssemblyInfo__.ini
c:\users\Karolina\AppData\Local\assembly\tmp\OXA3633N\Microsoft.Office.Tools.Common.v4.0.Utilities.DLL
c:\windows\IsUn0405.exe
c:\windows\msdownld.tmp
c:\windows\SysWow64\tmp144F.tmp
c:\windows\SysWow64\tmp145F.tmp
c:\windows\SysWow64\tmp6F2B.tmp
c:\windows\SysWow64\tmp6F3B.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-01-13 do 2016-02-13 )))))))))))))))))))))))))))))))
.
.
2016-02-13 13:44 . 2016-02-13 13:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-02-12 16:59 . 2016-02-12 16:59 -------- d-----w- c:\programdata\TXQMPC
2016-02-10 22:10 . 2016-02-10 22:10 210432 ----a-w- c:\windows\system32\aepic.dll
2016-02-10 22:10 . 2016-02-10 22:10 1164800 ----a-w- c:\windows\system32\aeinv.dll
2016-02-10 21:57 . 2016-02-10 21:57 62464 ----a-w- c:\windows\system32\drivers\appid.sys
2016-02-10 21:54 . 2016-02-10 21:54 879616 ----a-w- c:\windows\system32\advapi32.dll
2016-02-10 21:54 . 2016-02-10 21:54 643072 ----a-w- c:\windows\SysWow64\advapi32.dll
2016-02-10 21:52 . 2016-02-10 21:52 76288 ----a-w- c:\windows\system32\devenum.dll
2016-02-10 21:52 . 2016-02-10 21:52 67584 ----a-w- c:\windows\SysWow64\devenum.dll
2016-02-10 21:52 . 2016-02-10 21:52 624640 ----a-w- c:\windows\system32\qedit.dll
2016-02-10 21:52 . 2016-02-10 21:52 509952 ----a-w- c:\windows\SysWow64\qedit.dll
2016-02-10 21:52 . 2016-02-10 21:52 91648 ----a-w- c:\windows\system32\mapi32.dll
2016-02-10 21:52 . 2016-02-10 21:52 76800 ----a-w- c:\windows\SysWow64\mapistub.dll
2016-02-10 21:52 . 2016-02-10 21:52 14336 ----a-w- c:\windows\SysWow64\fixmapi.exe
2016-02-10 21:52 . 2016-02-10 21:52 91648 ----a-w- c:\windows\system32\mapistub.dll
2016-02-10 21:52 . 2016-02-10 21:52 17920 ----a-w- c:\windows\system32\fixmapi.exe
2016-02-10 21:51 . 2016-02-10 21:51 3211264 ----a-w- c:\windows\system32\win32k.sys
2016-02-10 21:25 . 2016-02-10 21:25 87864 ------w- c:\windows\system32\drivers\TFsFltX64.sys
2016-02-10 21:24 . 2016-02-12 17:00 -------- d-----w- c:\programdata\Tencent
2016-02-10 09:37 . 2016-02-10 09:37 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B2259791-36CE-43F6-A778-7F540B49C3CE}\offreg.3656.dll
2016-02-09 17:53 . 2016-02-09 17:53 -------- d-----w- c:\users\Karolina\AppData\Roaming\GameMill Entertainment
2016-02-09 17:16 . 2016-02-09 17:16 -------- d-----w- c:\programdata\Big Fish
2016-02-09 17:14 . 2016-02-09 17:16 -------- d-----w- c:\users\Karolina\AppData\Local\Big Fish
2016-02-09 09:05 . 2016-02-09 09:05 398152 ----a-w- c:\windows\system32\aswBoot.exe
2016-02-09 09:05 . 2016-02-09 09:05 52184 ----a-w- c:\windows\avastSS.scr
2016-02-03 11:01 . 2016-02-03 11:01 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B2259791-36CE-43F6-A778-7F540B49C3CE}\offreg.4380.dll
2016-02-03 10:53 . 2015-12-16 09:15 11154520 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B2259791-36CE-43F6-A778-7F540B49C3CE}\mpengine.dll
2016-02-03 10:53 . 2016-02-03 10:53 -------- d-----w- C:\4b07b6a08b1f5c3eab3c975b
2016-02-03 10:50 . 2016-02-03 10:50 7168 ----a-w- c:\windows\system32\kbdgeoqw.dll
2016-02-03 10:50 . 2016-02-03 10:50 7168 ----a-w- c:\windows\system32\KBDAZEL.DLL
2016-02-03 10:50 . 2016-02-03 10:50 7168 ----a-w- c:\windows\system32\KBDAZE.DLL
2016-02-03 10:50 . 2016-02-03 10:50 6656 ----a-w- c:\windows\SysWow64\kbdgeoqw.dll
2016-02-03 10:50 . 2016-02-03 10:50 6656 ----a-w- c:\windows\SysWow64\KBDAZEL.DLL
2016-02-03 10:50 . 2016-02-03 10:50 69120 ----a-w- c:\windows\SysWow64\nlsbres.dll
2016-02-03 10:50 . 2016-02-03 10:50 69120 ----a-w- c:\windows\system32\nlsbres.dll
2016-02-03 10:47 . 2016-02-03 10:47 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2016-02-03 10:47 . 2016-02-03 10:47 2048 ----a-w- c:\windows\system32\tzres.dll
2016-02-03 10:42 . 2016-02-03 10:42 1251328 ----a-w- c:\windows\SysWow64\DWrite.dll
2016-02-03 10:42 . 2016-02-03 10:42 1180160 ----a-w- c:\windows\system32\FntCache.dll
2016-02-03 10:42 . 2016-02-03 10:42 833024 ----a-w- c:\windows\SysWow64\user32.dll
2016-02-03 10:42 . 2016-02-03 10:42 1648128 ----a-w- c:\windows\system32\DWrite.dll
2016-02-03 10:42 . 2016-02-03 10:42 1008640 ----a-w- c:\windows\system32\user32.dll
2016-02-03 10:41 . 2016-02-03 10:41 241664 ----a-w- c:\windows\system32\els.dll
2016-02-03 10:41 . 2016-02-03 10:41 179712 ----a-w- c:\windows\SysWow64\els.dll
2016-02-03 10:39 . 2016-02-03 10:39 17408 ----a-w- c:\windows\system32\wshrm.dll
2016-02-03 10:39 . 2016-02-03 10:39 14848 ----a-w- c:\windows\SysWow64\wshrm.dll
2016-02-03 10:39 . 2016-02-03 10:39 146944 ----a-w- c:\windows\system32\drivers\rmcast.sys
2016-02-03 10:38 . 2016-02-03 10:38 802304 ----a-w- c:\windows\system32\usp10.dll
2016-02-03 10:38 . 2016-02-03 10:38 627712 ----a-w- c:\windows\SysWow64\usp10.dll
2016-02-03 10:37 . 2016-02-03 10:37 487936 ----a-w- c:\windows\SysWow64\catsrvut.dll
2016-02-03 10:37 . 2016-02-03 10:37 1242624 ----a-w- c:\windows\SysWow64\comsvcs.dll
2016-02-03 10:37 . 2016-02-03 10:37 525312 ----a-w- c:\windows\system32\catsrvut.dll
2016-02-03 10:37 . 2016-02-03 10:37 1735680 ----a-w- c:\windows\system32\comsvcs.dll
2016-02-03 10:18 . 2016-02-03 10:18 497664 ----a-w- c:\windows\system32\drivers\afd.sys
2016-02-03 10:18 . 2016-02-03 10:18 118272 ----a-w- c:\windows\system32\drivers\tdx.sys
2016-02-03 10:16 . 2016-02-03 10:16 950720 ----a-w- c:\windows\system32\drivers\ndis.sys
2016-02-03 10:11 . 2016-02-03 10:11 939520 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2016-02-03 10:11 . 2016-02-03 10:11 274944 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\InkDiv.dll
2016-02-03 10:11 . 2016-02-03 10:11 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
2016-02-03 10:11 . 2016-02-03 10:11 1415168 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\InkObj.dll
2016-02-03 10:11 . 2016-02-03 10:11 126464 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\rtscom.dll
2016-02-03 10:11 . 2016-02-03 10:11 353280 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkDiv.dll
2016-02-03 10:11 . 2016-02-03 10:11 275456 ----a-w- c:\windows\system32\InkEd.dll
2016-02-03 10:11 . 2016-02-03 10:11 2103296 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2016-02-03 10:11 . 2016-02-03 10:11 169984 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\rtscom.dll
2016-02-03 10:11 . 2016-02-03 10:11 1372160 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2016-02-03 10:08 . 2016-02-03 10:08 459344 ----a-w- c:\windows\system32\drivers\cng.sys
2016-02-03 10:08 . 2016-02-03 10:08 298192 ----a-w- c:\windows\system32\bcryptprimitives.dll
2016-02-03 10:08 . 2016-02-03 10:08 251000 ----a-w- c:\windows\SysWow64\bcryptprimitives.dll
2016-02-03 10:06 . 2016-02-03 10:06 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2016-02-03 10:06 . 2016-02-03 10:06 6656 ----a-w- c:\windows\system32\shimeng.dll
2016-02-03 10:06 . 2016-02-03 10:06 342016 ----a-w- c:\windows\system32\apphelp.dll
2016-02-03 10:06 . 2016-02-03 10:06 23552 ----a-w- c:\windows\system32\sdbinst.exe
2016-02-03 10:06 . 2016-02-03 10:06 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2016-02-03 10:06 . 2016-02-03 10:06 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2016-02-03 10:06 . 2016-02-03 10:06 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2016-02-03 10:02 . 2016-02-03 10:02 634432 ----a-w- c:\windows\system32\winload.exe
2016-02-03 09:56 . 2016-02-03 09:56 1866752 ----a-w- c:\windows\system32\ExplorerFrame.dll
2016-02-03 09:56 . 2016-02-03 09:56 1498624 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2016-02-03 09:56 . 2016-02-03 09:56 14176768 ----a-w- c:\windows\system32\shell32.dll
2016-02-03 09:53 . 2016-02-03 09:53 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2016-02-03 09:53 . 2016-02-03 09:53 22528 ----a-w- c:\windows\system32\icaapi.dll
2016-02-03 09:51 . 2016-02-03 09:51 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2016-02-03 09:51 . 2016-02-03 09:51 46080 ----a-w- c:\windows\system32\atmlib.dll
2016-02-03 09:51 . 2016-02-03 09:51 41984 ----a-w- c:\windows\system32\lpk.dll
2016-02-03 09:51 . 2016-02-03 09:51 372736 ----a-w- c:\windows\system32\atmfd.dll
2016-02-03 09:51 . 2016-02-03 09:51 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2016-02-03 09:51 . 2016-02-03 09:51 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2016-02-03 09:51 . 2016-02-03 09:51 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2016-02-03 09:51 . 2016-02-03 09:51 14336 ----a-w- c:\windows\system32\dciman32.dll
2016-02-03 09:51 . 2016-02-03 09:51 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2016-02-03 09:51 . 2016-02-03 09:51 100864 ----a-w- c:\windows\system32\fontsub.dll
2016-02-03 09:47 . 2016-02-03 09:47 41984 ----a-w- c:\windows\system32\UtcResources.dll
2016-02-03 09:47 . 2016-02-03 09:47 1390592 ----a-w- c:\windows\system32\diagtrack.dll
2016-02-03 09:47 . 2016-02-03 09:47 879104 ----a-w- c:\windows\system32\tdh.dll
2016-02-03 09:47 . 2016-02-03 09:47 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2016-02-03 09:45 . 2016-02-03 09:45 82944 ----a-w- c:\windows\system32\dwmapi.dll
2016-02-03 09:45 . 2016-02-03 09:45 67584 ----a-w- c:\windows\SysWow64\dwmapi.dll
2016-02-03 09:45 . 2016-02-03 09:45 1632256 ----a-w- c:\windows\system32\dwmcore.dll
2016-02-03 09:45 . 2016-02-03 09:45 1372160 ----a-w- c:\windows\SysWow64\dwmcore.dll
2016-02-03 09:44 . 2016-02-03 09:44 1941504 ----a-w- c:\windows\system32\authui.dll
2016-02-03 09:44 . 2016-02-03 09:44 1805824 ----a-w- c:\windows\SysWow64\authui.dll
2016-02-03 09:44 . 2016-02-03 09:44 70656 ----a-w- c:\windows\system32\appinfo.dll
2016-02-03 09:44 . 2016-02-03 09:44 115136 ----a-w- c:\windows\system32\consent.exe
2016-02-03 09:39 . 2016-02-03 09:39 1241088 ----a-w- c:\windows\SysWow64\msxml3.dll
2016-02-03 09:39 . 2016-02-03 09:39 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2016-02-03 09:39 . 2016-02-03 09:39 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2016-02-03 09:39 . 2016-02-03 09:39 2048 ----a-w- c:\windows\system32\msxml6r.dll
2016-02-03 09:39 . 2016-02-03 09:39 2048 ----a-w- c:\windows\system32\msxml3r.dll
2016-02-03 09:39 . 2016-02-03 09:39 2004480 ----a-w- c:\windows\system32\msxml6.dll
2016-02-03 09:39 . 2016-02-03 09:39 1887232 ----a-w- c:\windows\system32\msxml3.dll
2016-02-03 09:39 . 2016-02-03 09:39 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
2016-02-03 09:39 . 2016-02-03 09:39 1110016 ----a-w- c:\windows\system32\schedsvc.dll
2016-02-03 09:38 . 2016-02-03 09:38 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2016-02-03 09:38 . 2016-02-03 09:38 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2016-02-03 09:37 . 2016-02-03 09:37 82432 ----a-w- c:\windows\SysWow64\davclnt.dll
2016-02-03 09:37 . 2016-02-03 09:37 260096 ----a-w- c:\windows\system32\WebClnt.dll
2016-02-03 09:37 . 2016-02-03 09:37 206848 ----a-w- c:\windows\SysWow64\WebClnt.dll
2016-02-03 09:37 . 2016-02-03 09:37 102912 ----a-w- c:\windows\system32\davclnt.dll
2016-02-03 09:34 . 2016-02-03 09:34 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\mountmgr.sys.mui
2016-02-03 09:34 . 2016-02-03 09:34 94656 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2016-02-03 09:34 . 2016-02-03 09:34 11264 ----a-w- c:\windows\system32\msmmsp.dll
2016-02-03 09:34 . 2016-02-03 09:34 1743360 ----a-w- c:\windows\system32\sysmain.dll
2016-02-03 09:27 . 2016-02-03 09:27 52736 ----a-w- c:\windows\system32\basesrv.dll
2016-02-03 09:23 . 2016-02-03 09:23 193536 ----a-w- c:\windows\system32\notepad.exe
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-02-10 21:58 . 2016-02-10 21:58 344064 ----a-w- c:\windows\system32\schannel.dll
2016-02-10 21:58 . 2016-02-10 21:58 190464 ----a-w- c:\windows\system32\rpchttp.dll
2016-02-10 21:57 . 2016-02-10 21:57 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-02-10 21:57 . 2016-02-10 21:57 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-02-10 21:57 . 2016-02-10 21:57 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-02-10 21:53 . 2009-07-14 00:22 1393152 ----a-w- c:\windows\system32\WMALFXGFXDSP.dll
2016-02-10 21:06 . 2013-03-01 13:47 287016 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-02-09 09:05 . 2013-12-18 16:31 165344 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-02-09 09:05 . 2014-04-18 14:08 37656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-02-09 09:05 . 2013-03-01 13:47 74544 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-02-09 09:05 . 2012-02-24 13:42 103064 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-02-09 09:05 . 2010-05-11 15:30 463744 ----a-w- c:\windows\system32\drivers\aswSP.sys
2016-02-09 09:05 . 2010-05-11 15:30 107792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-02-09 09:04 . 2011-03-26 21:32 1065720 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2016-02-03 10:35 . 2016-02-03 10:35 230400 ----a-w- c:\windows\SysWow64\webcheck.dll
2016-02-03 10:35 . 2016-02-03 10:35 262144 ----a-w- c:\windows\system32\webcheck.dll
2016-02-03 10:06 . 2016-02-03 10:06 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
2016-02-03 10:06 . 2016-02-03 10:06 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2016-02-03 10:06 . 2016-02-03 10:06 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2016-02-03 10:06 . 2016-02-03 10:06 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2016-02-03 10:06 . 2016-02-03 10:06 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2016-02-03 10:06 . 2016-02-03 10:06 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2016-02-03 10:06 . 2016-02-03 10:06 211968 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2016-02-03 10:06 . 2016-02-03 10:06 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2016-02-03 10:06 . 2016-02-03 10:06 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2016-02-03 09:39 . 2016-02-03 09:39 1110016 ----a-w- c:\windows\system32\schedsvc.dll
2016-01-17 22:46 . 2016-01-07 16:10 3571488 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2015-12-30 15:05 . 2015-12-30 15:05 0 ---ha-w- c:\users\Karolina\AppData\Local\BITF621.tmp
2015-12-02 12:18 . 2010-05-11 15:58 301728 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2016-01-07 16:18 329376 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2016-01-07 16:18 329376 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2016-01-07 16:18 329376 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2016-01-07 16:18 329376 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2016-01-07 16:18 329376 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-01-17 22:01 1536296 ----a-w- c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-01-17 22:01 1536296 ----a-w- c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-01-17 22:01 1536296 ----a-w- c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 9"="c:\program files (x86)\IObit\Advanced SystemCare\ASCTray.exe" [2015-11-06 2010912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-02 98304]
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2016-02-09 7139768]
"Magic Desktop for HP notification"="c:\programdata\Easybits Magic Desktop for HP\mdhpSUN.exe" [2015-11-22 1444880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 athsgt;athsgt;c:\windows\system32\DRIVERS\athsgt.sys;c:\windows\SYSNATIVE\DRIVERS\athsgt.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 limsgt;limsgt;c:\windows\system32\DRIVERS\limsgt.sys;c:\windows\SYSNATIVE\DRIVERS\limsgt.sys [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 QQPCRTP;QQPCMgr RTP Service;c:\program files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCRtp.exe;c:\program files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCRtp.exe [x]
R3 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [x]
R3 cmshusbser;Mobile Connector USB Device for Legacy Serial Communication IN ANDROID DEVICE;c:\windows\system32\DRIVERS\cmshusbser.sys;c:\windows\SYSNATIVE\DRIVERS\cmshusbser.sys [x]
R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
R3 GGSAFERDriver;GGSAFER Driver; [x]
R3 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe;c:\program files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe [x]
R3 TVSched;TV Task Scheduler (TVTS);c:\program files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVSched.exe;c:\program files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVSched.exe [x]
R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 AdvancedSystemCareService9;Advanced SystemCare Service 9;c:\program files (x86)\IObit\Advanced SystemCare\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare\ASCService.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 ClickToRunSvc;Microsoft Office Click-to-Run Service;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [x]
S2 vfsFPService;Validity Fingerprint Service;c:\windows\system32\vfsFPService.exe;c:\windows\SYSNATIVE\vfsFPService.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 AVerAF15;HP DVB-T TV Tuner;c:\windows\system32\Drivers\AVerAF15.sys;c:\windows\SYSNATIVE\Drivers\AVerAF15.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys;c:\windows\SYSNATIVE\DRIVERS\enecir.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 johci;JMicron 1394 Filter Driver;c:\windows\system32\DRIVERS\johci.sys;c:\windows\SYSNATIVE\DRIVERS\johci.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 11:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-02-09 20:45 1090376 ----a-w- c:\program files (x86)\Google\Chrome\Application\48.0.2564.109\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2016-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-24 09:17]
.
2016-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-24 09:17]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2016-01-07 16:19 358064 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2016-01-07 16:19 358064 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2016-01-07 16:19 358064 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2016-01-07 16:19 358064 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2016-01-07 16:19 358064 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-01-17 23:08 2093360 ----a-w- c:\program files\Microsoft Office\root\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-01-17 23:08 2093360 ----a-w- c:\program files\Microsoft Office\root\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-01-17 23:08 2093360 ----a-w- c:\program files\Microsoft Office\root\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-02-09 09:05 905248 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.Google.com/
uCustomizeSearch = hxxp://www.Google.com/
mCustomizeSearch = hxxp://www.google.com
mSearchAssistant = hxxp://www.google.com
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Se&nd to OneNote - c:\program files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-QQPCTray - c:\program files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCTRAY.EXE
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{95080B13-AA71-4EE8-B951-7E98221E1ED5} - (no file)
ShellIconOverlayIdentifiers-{B7667919-3765-4815-A66D-98A09BE662D6} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-CodInstl - c:\windows\system32\CDUninst.isu
AddRemove-QQPCMgr - c:\program files (x86)\Tencent\QQPCMgr\11.1.16923.222\Uninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
" QQPCTray"="\"c:\\Program Files (x86)\\Tencent\\QQPCMgr\\11.1.16923.222\\QQPCTRAY.EXE\" /regrun /qqrepair"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,82,80,41,4b,da,7c,15,4b,8e,74,d4,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,82,80,41,4b,da,7c,15,4b,8e,74,d4,\
.
[HKEY_USERS\S-1-5-21-417890151-1962072562-667573049-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:ac,ba,2f,57,c4,3d,3c,4d,b7,4e,f0,28,c9,05,a3,75,4c,df,80,02,6c,cf,14,
e4,17,c1,82,17,16,6a,4a,c6,2e,05,58,2c,e6,b3,c2,4d,88,91,81,74,d2,9a,c7,bf,\
"??"=hex:d8,90,4b,a3,73,2d,6c,95,da,79,42,27,2f,a3,90,1c
.
[HKEY_USERS\S-1-5-21-417890151-1962072562-667573049-1000\Software\SecuROM\License information*]
"datasecu"=hex:c1,15,d3,e7,d1,15,1e,fd,a3,87,d5,4c,34,ca,7e,5b,85,0f,7c,3d,bc,
3d,01,64,a0,8b,6a,e6,f5,e5,39,fa,08,91,21,8d,e8,0a,a3,ab,1a,29,53,e5,5b,86,\
"rkeysecu"=hex:e2,1c,9c,ff,e4,ff,7d,03,23,9a,e2,72,39,73,4a,a3
.
[HKEY_USERS\S-1-5-21-417890151-1962072562-667573049-1000_Classes\.*MSWIM*]
@Allowed: (Read) (RestrictedCode)
@="ExtractNow"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_188_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_188_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_188_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_188_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\DigitalPersona\Bin\DpHostW.exe
c:\program files (x86)\IObit\Advanced SystemCare\Monitor.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\program files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
.
**************************************************************************
.
Celkový čas: 2016-02-13 14:58:28 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-02-13 13:58
.
Před spuštěním: Volných bajtů: 176 704 249 856
Po spuštění: Volných bajtů: 176 011 694 080
.
- - End Of File - - 234C3C3338667905295849FD57660DEE
E6317055AD057D25F3037CDC5F95CCAC

Log z Combofix. Prosím o pomoc. Děkuji.

ComboFix 16-02-09.01 - Karolina 13.02.2016 14:30:49.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4063.1977 [GMT 1:00]
Spuštěný z: c:\users\Karolina\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Karolina\AppData\Local\assembly\tmp
c:\users\Karolina\AppData\Local\assembly\tmp\OXA3633N\__AssemblyInfo__.ini
c:\users\Karolina\AppData\Local\assembly\tmp\OXA3633N\Microsoft.Office.Tools.Common.v4.0.Utilities.DLL
c:\windows\IsUn0405.exe
c:\windows\msdownld.tmp
c:\windows\SysWow64\tmp144F.tmp
c:\windows\SysWow64\tmp145F.tmp
c:\windows\SysWow64\tmp6F2B.tmp
c:\windows\SysWow64\tmp6F3B.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-01-13 do 2016-02-13 )))))))))))))))))))))))))))))))
.
.
2016-02-13 13:44 . 2016-02-13 13:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-02-12 16:59 . 2016-02-12 16:59 -------- d-----w- c:\programdata\TXQMPC
2016-02-10 22:10 . 2016-02-10 22:10 210432 ----a-w- c:\windows\system32\aepic.dll
2016-02-10 22:10 . 2016-02-10 22:10 1164800 ----a-w- c:\windows\system32\aeinv.dll
2016-02-10 21:57 . 2016-02-10 21:57 62464 ----a-w- c:\windows\system32\drivers\appid.sys
2016-02-10 21:54 . 2016-02-10 21:54 879616 ----a-w- c:\windows\system32\advapi32.dll
2016-02-10 21:54 . 2016-02-10 21:54 643072 ----a-w- c:\windows\SysWow64\advapi32.dll
2016-02-10 21:52 . 2016-02-10 21:52 76288 ----a-w- c:\windows\system32\devenum.dll
2016-02-10 21:52 . 2016-02-10 21:52 67584 ----a-w- c:\windows\SysWow64\devenum.dll
2016-02-10 21:52 . 2016-02-10 21:52 624640 ----a-w- c:\windows\system32\qedit.dll
2016-02-10 21:52 . 2016-02-10 21:52 509952 ----a-w- c:\windows\SysWow64\qedit.dll
2016-02-10 21:52 . 2016-02-10 21:52 91648 ----a-w- c:\windows\system32\mapi32.dll
2016-02-10 21:52 . 2016-02-10 21:52 76800 ----a-w- c:\windows\SysWow64\mapistub.dll
2016-02-10 21:52 . 2016-02-10 21:52 14336 ----a-w- c:\windows\SysWow64\fixmapi.exe
2016-02-10 21:52 . 2016-02-10 21:52 91648 ----a-w- c:\windows\system32\mapistub.dll
2016-02-10 21:52 . 2016-02-10 21:52 17920 ----a-w- c:\windows\system32\fixmapi.exe
2016-02-10 21:51 . 2016-02-10 21:51 3211264 ----a-w- c:\windows\system32\win32k.sys
2016-02-10 21:25 . 2016-02-10 21:25 87864 ------w- c:\windows\system32\drivers\TFsFltX64.sys
2016-02-10 21:24 . 2016-02-12 17:00 -------- d-----w- c:\programdata\Tencent
2016-02-10 09:37 . 2016-02-10 09:37 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B2259791-36CE-43F6-A778-7F540B49C3CE}\offreg.3656.dll
2016-02-09 17:53 . 2016-02-09 17:53 -------- d-----w- c:\users\Karolina\AppData\Roaming\GameMill Entertainment
2016-02-09 17:16 . 2016-02-09 17:16 -------- d-----w- c:\programdata\Big Fish
2016-02-09 17:14 . 2016-02-09 17:16 -------- d-----w- c:\users\Karolina\AppData\Local\Big Fish
2016-02-09 09:05 . 2016-02-09 09:05 398152 ----a-w- c:\windows\system32\aswBoot.exe
2016-02-09 09:05 . 2016-02-09 09:05 52184 ----a-w- c:\windows\avastSS.scr
2016-02-03 11:01 . 2016-02-03 11:01 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B2259791-36CE-43F6-A778-7F540B49C3CE}\offreg.4380.dll
2016-02-03 10:53 . 2015-12-16 09:15 11154520 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B2259791-36CE-43F6-A778-7F540B49C3CE}\mpengine.dll
2016-02-03 10:53 . 2016-02-03 10:53 -------- d-----w- C:\4b07b6a08b1f5c3eab3c975b
2016-02-03 10:50 . 2016-02-03 10:50 7168 ----a-w- c:\windows\system32\kbdgeoqw.dll
2016-02-03 10:50 . 2016-02-03 10:50 7168 ----a-w- c:\windows\system32\KBDAZEL.DLL
2016-02-03 10:50 . 2016-02-03 10:50 7168 ----a-w- c:\windows\system32\KBDAZE.DLL
2016-02-03 10:50 . 2016-02-03 10:50 6656 ----a-w- c:\windows\SysWow64\kbdgeoqw.dll
2016-02-03 10:50 . 2016-02-03 10:50 6656 ----a-w- c:\windows\SysWow64\KBDAZEL.DLL
2016-02-03 10:50 . 2016-02-03 10:50 69120 ----a-w- c:\windows\SysWow64\nlsbres.dll
2016-02-03 10:50 . 2016-02-03 10:50 69120 ----a-w- c:\windows\system32\nlsbres.dll
2016-02-03 10:47 . 2016-02-03 10:47 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2016-02-03 10:47 . 2016-02-03 10:47 2048 ----a-w- c:\windows\system32\tzres.dll
2016-02-03 10:42 . 2016-02-03 10:42 1251328 ----a-w- c:\windows\SysWow64\DWrite.dll
2016-02-03 10:42 . 2016-02-03 10:42 1180160 ----a-w- c:\windows\system32\FntCache.dll
2016-02-03 10:42 . 2016-02-03 10:42 833024 ----a-w- c:\windows\SysWow64\user32.dll
2016-02-03 10:42 . 2016-02-03 10:42 1648128 ----a-w- c:\windows\system32\DWrite.dll
2016-02-03 10:42 . 2016-02-03 10:42 1008640 ----a-w- c:\windows\system32\user32.dll
2016-02-03 10:41 . 2016-02-03 10:41 241664 ----a-w- c:\windows\system32\els.dll
2016-02-03 10:41 . 2016-02-03 10:41 179712 ----a-w- c:\windows\SysWow64\els.dll
2016-02-03 10:39 . 2016-02-03 10:39 17408 ----a-w- c:\windows\system32\wshrm.dll
2016-02-03 10:39 . 2016-02-03 10:39 14848 ----a-w- c:\windows\SysWow64\wshrm.dll
2016-02-03 10:39 . 2016-02-03 10:39 146944 ----a-w- c:\windows\system32\drivers\rmcast.sys
2016-02-03 10:38 . 2016-02-03 10:38 802304 ----a-w- c:\windows\system32\usp10.dll
2016-02-03 10:38 . 2016-02-03 10:38 627712 ----a-w- c:\windows\SysWow64\usp10.dll
2016-02-03 10:37 . 2016-02-03 10:37 487936 ----a-w- c:\windows\SysWow64\catsrvut.dll
2016-02-03 10:37 . 2016-02-03 10:37 1242624 ----a-w- c:\windows\SysWow64\comsvcs.dll
2016-02-03 10:37 . 2016-02-03 10:37 525312 ----a-w- c:\windows\system32\catsrvut.dll
2016-02-03 10:37 . 2016-02-03 10:37 1735680 ----a-w- c:\windows\system32\comsvcs.dll
2016-02-03 10:18 . 2016-02-03 10:18 497664 ----a-w- c:\windows\system32\drivers\afd.sys
2016-02-03 10:18 . 2016-02-03 10:18 118272 ----a-w- c:\windows\system32\drivers\tdx.sys
2016-02-03 10:16 . 2016-02-03 10:16 950720 ----a-w- c:\windows\system32\drivers\ndis.sys
2016-02-03 10:11 . 2016-02-03 10:11 939520 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2016-02-03 10:11 . 2016-02-03 10:11 274944 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\InkDiv.dll
2016-02-03 10:11 . 2016-02-03 10:11 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
2016-02-03 10:11 . 2016-02-03 10:11 1415168 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\InkObj.dll
2016-02-03 10:11 . 2016-02-03 10:11 126464 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\rtscom.dll
2016-02-03 10:11 . 2016-02-03 10:11 353280 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkDiv.dll
2016-02-03 10:11 . 2016-02-03 10:11 275456 ----a-w- c:\windows\system32\InkEd.dll
2016-02-03 10:11 . 2016-02-03 10:11 2103296 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2016-02-03 10:11 . 2016-02-03 10:11 169984 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\rtscom.dll
2016-02-03 10:11 . 2016-02-03 10:11 1372160 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2016-02-03 10:08 . 2016-02-03 10:08 459344 ----a-w- c:\windows\system32\drivers\cng.sys
2016-02-03 10:08 . 2016-02-03 10:08 298192 ----a-w- c:\windows\system32\bcryptprimitives.dll
2016-02-03 10:08 . 2016-02-03 10:08 251000 ----a-w- c:\windows\SysWow64\bcryptprimitives.dll
2016-02-03 10:06 . 2016-02-03 10:06 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2016-02-03 10:06 . 2016-02-03 10:06 6656 ----a-w- c:\windows\system32\shimeng.dll
2016-02-03 10:06 . 2016-02-03 10:06 342016 ----a-w- c:\windows\system32\apphelp.dll
2016-02-03 10:06 . 2016-02-03 10:06 23552 ----a-w- c:\windows\system32\sdbinst.exe
2016-02-03 10:06 . 2016-02-03 10:06 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2016-02-03 10:06 . 2016-02-03 10:06 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2016-02-03 10:06 . 2016-02-03 10:06 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2016-02-03 10:02 . 2016-02-03 10:02 634432 ----a-w- c:\windows\system32\winload.exe
2016-02-03 09:56 . 2016-02-03 09:56 1866752 ----a-w- c:\windows\system32\ExplorerFrame.dll
2016-02-03 09:56 . 2016-02-03 09:56 1498624 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2016-02-03 09:56 . 2016-02-03 09:56 14176768 ----a-w- c:\windows\system32\shell32.dll
2016-02-03 09:53 . 2016-02-03 09:53 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2016-02-03 09:53 . 2016-02-03 09:53 22528 ----a-w- c:\windows\system32\icaapi.dll
2016-02-03 09:51 . 2016-02-03 09:51 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2016-02-03 09:51 . 2016-02-03 09:51 46080 ----a-w- c:\windows\system32\atmlib.dll
2016-02-03 09:51 . 2016-02-03 09:51 41984 ----a-w- c:\windows\system32\lpk.dll
2016-02-03 09:51 . 2016-02-03 09:51 372736 ----a-w- c:\windows\system32\atmfd.dll
2016-02-03 09:51 . 2016-02-03 09:51 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2016-02-03 09:51 . 2016-02-03 09:51 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2016-02-03 09:51 . 2016-02-03 09:51 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2016-02-03 09:51 . 2016-02-03 09:51 14336 ----a-w- c:\windows\system32\dciman32.dll
2016-02-03 09:51 . 2016-02-03 09:51 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2016-02-03 09:51 . 2016-02-03 09:51 100864 ----a-w- c:\windows\system32\fontsub.dll
2016-02-03 09:47 . 2016-02-03 09:47 41984 ----a-w- c:\windows\system32\UtcResources.dll
2016-02-03 09:47 . 2016-02-03 09:47 1390592 ----a-w- c:\windows\system32\diagtrack.dll
2016-02-03 09:47 . 2016-02-03 09:47 879104 ----a-w- c:\windows\system32\tdh.dll
2016-02-03 09:47 . 2016-02-03 09:47 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2016-02-03 09:45 . 2016-02-03 09:45 82944 ----a-w- c:\windows\system32\dwmapi.dll
2016-02-03 09:45 . 2016-02-03 09:45 67584 ----a-w- c:\windows\SysWow64\dwmapi.dll
2016-02-03 09:45 . 2016-02-03 09:45 1632256 ----a-w- c:\windows\system32\dwmcore.dll
2016-02-03 09:45 . 2016-02-03 09:45 1372160 ----a-w- c:\windows\SysWow64\dwmcore.dll
2016-02-03 09:44 . 2016-02-03 09:44 1941504 ----a-w- c:\windows\system32\authui.dll
2016-02-03 09:44 . 2016-02-03 09:44 1805824 ----a-w- c:\windows\SysWow64\authui.dll
2016-02-03 09:44 . 2016-02-03 09:44 70656 ----a-w- c:\windows\system32\appinfo.dll
2016-02-03 09:44 . 2016-02-03 09:44 115136 ----a-w- c:\windows\system32\consent.exe
2016-02-03 09:39 . 2016-02-03 09:39 1241088 ----a-w- c:\windows\SysWow64\msxml3.dll
2016-02-03 09:39 . 2016-02-03 09:39 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2016-02-03 09:39 . 2016-02-03 09:39 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2016-02-03 09:39 . 2016-02-03 09:39 2048 ----a-w- c:\windows\system32\msxml6r.dll
2016-02-03 09:39 . 2016-02-03 09:39 2048 ----a-w- c:\windows\system32\msxml3r.dll
2016-02-03 09:39 . 2016-02-03 09:39 2004480 ----a-w- c:\windows\system32\msxml6.dll
2016-02-03 09:39 . 2016-02-03 09:39 1887232 ----a-w- c:\windows\system32\msxml3.dll
2016-02-03 09:39 . 2016-02-03 09:39 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
2016-02-03 09:39 . 2016-02-03 09:39 1110016 ----a-w- c:\windows\system32\schedsvc.dll
2016-02-03 09:38 . 2016-02-03 09:38 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2016-02-03 09:38 . 2016-02-03 09:38 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2016-02-03 09:37 . 2016-02-03 09:37 82432 ----a-w- c:\windows\SysWow64\davclnt.dll
2016-02-03 09:37 . 2016-02-03 09:37 260096 ----a-w- c:\windows\system32\WebClnt.dll
2016-02-03 09:37 . 2016-02-03 09:37 206848 ----a-w- c:\windows\SysWow64\WebClnt.dll
2016-02-03 09:37 . 2016-02-03 09:37 102912 ----a-w- c:\windows\system32\davclnt.dll
2016-02-03 09:34 . 2016-02-03 09:34 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\mountmgr.sys.mui
2016-02-03 09:34 . 2016-02-03 09:34 94656 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2016-02-03 09:34 . 2016-02-03 09:34 11264 ----a-w- c:\windows\system32\msmmsp.dll
2016-02-03 09:34 . 2016-02-03 09:34 1743360 ----a-w- c:\windows\system32\sysmain.dll
2016-02-03 09:27 . 2016-02-03 09:27 52736 ----a-w- c:\windows\system32\basesrv.dll
2016-02-03 09:23 . 2016-02-03 09:23 193536 ----a-w- c:\windows\system32\notepad.exe
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-02-10 21:58 . 2016-02-10 21:58 344064 ----a-w- c:\windows\system32\schannel.dll
2016-02-10 21:58 . 2016-02-10 21:58 190464 ----a-w- c:\windows\system32\rpchttp.dll
2016-02-10 21:57 . 2016-02-10 21:57 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-02-10 21:57 . 2016-02-10 21:57 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-02-10 21:57 . 2016-02-10 21:57 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-02-10 21:53 . 2009-07-14 00:22 1393152 ----a-w- c:\windows\system32\WMALFXGFXDSP.dll
2016-02-10 21:06 . 2013-03-01 13:47 287016 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-02-09 09:05 . 2013-12-18 16:31 165344 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-02-09 09:05 . 2014-04-18 14:08 37656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-02-09 09:05 . 2013-03-01 13:47 74544 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-02-09 09:05 . 2012-02-24 13:42 103064 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-02-09 09:05 . 2010-05-11 15:30 463744 ----a-w- c:\windows\system32\drivers\aswSP.sys
2016-02-09 09:05 . 2010-05-11 15:30 107792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-02-09 09:04 . 2011-03-26 21:32 1065720 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2016-02-03 10:35 . 2016-02-03 10:35 230400 ----a-w- c:\windows\SysWow64\webcheck.dll
2016-02-03 10:35 . 2016-02-03 10:35 262144 ----a-w- c:\windows\system32\webcheck.dll
2016-02-03 10:06 . 2016-02-03 10:06 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
2016-02-03 10:06 . 2016-02-03 10:06 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2016-02-03 10:06 . 2016-02-03 10:06 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2016-02-03 10:06 . 2016-02-03 10:06 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2016-02-03 10:06 . 2016-02-03 10:06 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2016-02-03 10:06 . 2016-02-03 10:06 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2016-02-03 10:06 . 2016-02-03 10:06 211968 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2016-02-03 10:06 . 2016-02-03 10:06 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2016-02-03 10:06 . 2016-02-03 10:06 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2016-02-03 09:39 . 2016-02-03 09:39 1110016 ----a-w- c:\windows\system32\schedsvc.dll
2016-01-17 22:46 . 2016-01-07 16:10 3571488 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2015-12-30 15:05 . 2015-12-30 15:05 0 ---ha-w- c:\users\Karolina\AppData\Local\BITF621.tmp
2015-12-02 12:18 . 2010-05-11 15:58 301728 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2016-01-07 16:18 329376 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2016-01-07 16:18 329376 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2016-01-07 16:18 329376 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2016-01-07 16:18 329376 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2016-01-07 16:18 329376 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-01-17 22:01 1536296 ----a-w- c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-01-17 22:01 1536296 ----a-w- c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-01-17 22:01 1536296 ----a-w- c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 9"="c:\program files (x86)\IObit\Advanced SystemCare\ASCTray.exe" [2015-11-06 2010912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-02 98304]
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2016-02-09 7139768]
"Magic Desktop for HP notification"="c:\programdata\Easybits Magic Desktop for HP\mdhpSUN.exe" [2015-11-22 1444880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 athsgt;athsgt;c:\windows\system32\DRIVERS\athsgt.sys;c:\windows\SYSNATIVE\DRIVERS\athsgt.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 limsgt;limsgt;c:\windows\system32\DRIVERS\limsgt.sys;c:\windows\SYSNATIVE\DRIVERS\limsgt.sys [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 QQPCRTP;QQPCMgr RTP Service;c:\program files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCRtp.exe;c:\program files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCRtp.exe [x]
R3 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [x]
R3 cmshusbser;Mobile Connector USB Device for Legacy Serial Communication IN ANDROID DEVICE;c:\windows\system32\DRIVERS\cmshusbser.sys;c:\windows\SYSNATIVE\DRIVERS\cmshusbser.sys [x]
R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
R3 GGSAFERDriver;GGSAFER Driver; [x]
R3 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe;c:\program files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe [x]
R3 TVSched;TV Task Scheduler (TVTS);c:\program files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVSched.exe;c:\program files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVSched.exe [x]
R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 AdvancedSystemCareService9;Advanced SystemCare Service 9;c:\program files (x86)\IObit\Advanced SystemCare\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare\ASCService.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 ClickToRunSvc;Microsoft Office Click-to-Run Service;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [x]
S2 vfsFPService;Validity Fingerprint Service;c:\windows\system32\vfsFPService.exe;c:\windows\SYSNATIVE\vfsFPService.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 AVerAF15;HP DVB-T TV Tuner;c:\windows\system32\Drivers\AVerAF15.sys;c:\windows\SYSNATIVE\Drivers\AVerAF15.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys;c:\windows\SYSNATIVE\DRIVERS\enecir.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 johci;JMicron 1394 Filter Driver;c:\windows\system32\DRIVERS\johci.sys;c:\windows\SYSNATIVE\DRIVERS\johci.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 11:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-02-09 20:45 1090376 ----a-w- c:\program files (x86)\Google\Chrome\Application\48.0.2564.109\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2016-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-24 09:17]
.
2016-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-24 09:17]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2016-01-07 16:19 358064 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2016-01-07 16:19 358064 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2016-01-07 16:19 358064 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2016-01-07 16:19 358064 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2016-01-07 16:19 358064 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-01-17 23:08 2093360 ----a-w- c:\program files\Microsoft Office\root\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-01-17 23:08 2093360 ----a-w- c:\program files\Microsoft Office\root\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-01-17 23:08 2093360 ----a-w- c:\program files\Microsoft Office\root\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-02-09 09:05 905248 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.Google.com/
uCustomizeSearch = hxxp://www.Google.com/
mCustomizeSearch = hxxp://www.google.com
mSearchAssistant = hxxp://www.google.com
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Se&nd to OneNote - c:\program files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-QQPCTray - c:\program files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCTRAY.EXE
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{95080B13-AA71-4EE8-B951-7E98221E1ED5} - (no file)
ShellIconOverlayIdentifiers-{B7667919-3765-4815-A66D-98A09BE662D6} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-CodInstl - c:\windows\system32\CDUninst.isu
AddRemove-QQPCMgr - c:\program files (x86)\Tencent\QQPCMgr\11.1.16923.222\Uninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
" QQPCTray"="\"c:\\Program Files (x86)\\Tencent\\QQPCMgr\\11.1.16923.222\\QQPCTRAY.EXE\" /regrun /qqrepair"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,82,80,41,4b,da,7c,15,4b,8e,74,d4,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,82,80,41,4b,da,7c,15,4b,8e,74,d4,\
.
[HKEY_USERS\S-1-5-21-417890151-1962072562-667573049-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:ac,ba,2f,57,c4,3d,3c,4d,b7,4e,f0,28,c9,05,a3,75,4c,df,80,02,6c,cf,14,
e4,17,c1,82,17,16,6a,4a,c6,2e,05,58,2c,e6,b3,c2,4d,88,91,81,74,d2,9a,c7,bf,\
"??"=hex:d8,90,4b,a3,73,2d,6c,95,da,79,42,27,2f,a3,90,1c
.
[HKEY_USERS\S-1-5-21-417890151-1962072562-667573049-1000\Software\SecuROM\License information*]
"datasecu"=hex:c1,15,d3,e7,d1,15,1e,fd,a3,87,d5,4c,34,ca,7e,5b,85,0f,7c,3d,bc,
3d,01,64,a0,8b,6a,e6,f5,e5,39,fa,08,91,21,8d,e8,0a,a3,ab,1a,29,53,e5,5b,86,\
"rkeysecu"=hex:e2,1c,9c,ff,e4,ff,7d,03,23,9a,e2,72,39,73,4a,a3
.
[HKEY_USERS\S-1-5-21-417890151-1962072562-667573049-1000_Classes\.*MSWIM*]
@Allowed: (Read) (RestrictedCode)
@="ExtractNow"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_188_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_188_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_188_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_188_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\DigitalPersona\Bin\DpHostW.exe
c:\program files (x86)\IObit\Advanced SystemCare\Monitor.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\program files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
.
**************************************************************************
.
Celkový čas: 2016-02-13 14:58:28 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-02-13 13:58
.
Před spuštěním: Volných bajtů: 176 704 249 856
Po spuštění: Volných bajtů: 176 011 694 080
.
- - End Of File - - 234C3C3338667905295849FD57660DEE
E6317055AD057D25F3037CDC5F95CCAC

Dobry den, skorpo,

zalozte si prosim nove tema. Puvodni tema bylo vyresene, proto jej nyni zamykam.

Dekuji za pochopeni.

VIRY.CZ

čínský šmejd iqiyi-nejde odinstalovat

čínský šmejd iqiyi-nejde odinstalovat

Re: čínský šmejd iqiyi-nejde odinstalovat

Re: čínský šmejd iqiyi-nejde odinstalovat

Re: čínský šmejd iqiyi-nejde odinstalovat

Re: čínský šmejd iqiyi-nejde odinstalovat

Re: čínský šmejd iqiyi-nejde odinstalovat

Re: čínský šmejd iqiyi-nejde odinstalovat

Re: čínský šmejd iqiyi-nejde odinstalovat

Re: čínský šmejd iqiyi-nejde odinstalovat

Re: čínský šmejd iqiyi-nejde odinstalovat

Re: čínský šmejd iqiyi-nejde odinstalovat

Re: čínský šmejd iqiyi-nejde odinstalovat

Re: čínský šmejd iqiyi-nejde odinstalovat

Re: čínský šmejd iqiyi-nejde odinstalovat