VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Nakažený NTB (odpojení od banky)

https://forum.viry.cz:443/viewtopic.php?t=145180

Stránka 1 z 2

Nakažený NTB (odpojení od banky)

Napsal: 11 črc 2015 23:18
od Kopecký Josef
Dobrý den.

Dovoluji si Vás kontaktovat. Mám na ntb nejspíše nějakou havěť - dlouhodobě se mi choval podivně (dlouhé nabíhání jak po přihlášení, tak i při spuštění např. IE). No a vrcholem bylo vyrozumění z Komerční banky, že zablokovali můj certifikát a tedy i přístup do "mojebanka" z důvodu ohrožení na mém ntb.

- provedl jsem odstranění všech nedůležitých a často nechtěných aplikaci a programů
- vyčistil všechny možné pluginy, a další otravnosti.
- provedl čištění ccleanerem
- provedl jsem instalaci nového "placeného" Eset Endpoint Security a provedl hloubkový test (41 infekcí)
- no po několikátém testu už ESET hlásí OK, ale přeci jenom bych rád měl jistotu

proto prosím o Vaši pomoc a zhlédnutí - přikládám log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:11-07-2015
Ran by Clarrien (administrator) on CLARRIEN-PC on 12-07-2015 00:03:52
Running from C:\Users\Clarrien\Desktop
Loaded Profiles: Clarrien (Available Profiles: Clarrien & Pájinka & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Security\egui.exe
(Dell Computer Corporation) C:\dell\DBRM\Reminder\DbrmTrayicon.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
() C:\Users\Clarrien\AppData\Local\Viber\Viber.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(forum.viry.cz) C:\Users\Clarrien\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6561384 2010-12-14] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Endpoint Security\egui.exe [4124360 2014-09-24] (ESET)
HKLM\...\Run: [DBRMTray] => C:\Dell\DBRM\Reminder\DbrmTrayIcon.exe [227328 2011-03-08] (Dell Computer Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2320752 2009-11-05] (Microsoft Corporation)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [2345848 2009-11-05] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [487562 2010-08-20] (Creative Technology Ltd)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Print2PDF Print Monitor] => C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [220992 2011-10-04] (Software602)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\...\Run: [Viber] => C:\Users\Clarrien\AppData\Local\Viber\Viber.exe [80035536 2015-06-10] ()
HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\...\MountPoints2: E - E:\Autorun.exe
HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\...\MountPoints2: {1acec923-6ecb-11e1-bc86-bc77376b217c} - E:\Autorun.exe
HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\...\MountPoints2: {a994792b-6c41-11e3-b4b7-bc77376b217c} - F:\Autorun.exe
HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\...\MountPoints2: {c8725bfa-4495-11e3-9091-bc77376b217c} - F:\Autorun.exe
HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\...\MountPoints2: {c8725c0e-4495-11e3-9091-bc77376b217c} - F:\Autorun.exe
HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\...\MountPoints2: {d2b16c33-cb5f-11e1-be1d-bc77376b217c} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\...\MountPoints2: {d2b16ce7-cb5f-11e1-be1d-bc77376b217c} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\...\MountPoints2: {e6ad675e-a297-11e0-ad89-bc77376b217c} - E:\Autorun.exe
HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\...\MountPoints2: {e6ad676b-a297-11e0-ad89-bc77376b217c} - F:\Autorun.exe
HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\...\MountPoints2: {e6ad677c-a297-11e0-ad89-bc77376b217c} - E:\Autorun.exe
HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\...\MountPoints2: {f7a57293-fa3b-11e3-8320-bc77376b217c} - F:\Autorun.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176904 2015-06-17] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155280 2015-06-17] (NVIDIA Corporation)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor technologie Intel(R) Turbo Boost 2.0.lnk [2012-02-20]
ShortcutTarget: Monitor technologie Intel(R) Turbo Boost 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type ... earchTerms}
HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts= ... XX5WS0SJRV
HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type ... earchTerms}
URLSearchHook: HKU\S-1-5-21-3420416177-1627521652-3136778559-1001 - (No Name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {5AC01746-3F0D-41DE-BD67-39973EB94A32} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {239C5695-98CB-4979-9A31-6880330AB1A2} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 77376B217C}
SearchScopes: HKU\S-1-5-21-3420416177-1627521652-3136778559-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://do-search.com/web/?utm_source=b& ... earchTerms}
SearchScopes: HKU\S-1-5-21-3420416177-1627521652-3136778559-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3420416177-1627521652-3136778559-1001 -> {239C5695-98CB-4979-9A31-6880330AB1A2} URL = http://do-search.com/web/?utm_source=b& ... earchTerms}
SearchScopes: HKU\S-1-5-21-3420416177-1627521652-3136778559-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-3420416177-1627521652-3136778559-1001 -> {5AC01746-3F0D-41DE-BD67-39973EB94A32} URL =
SearchScopes: HKU\S-1-5-21-3420416177-1627521652-3136778559-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://do-search.com/web/?utm_source=b& ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-07-11] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-11] (Oracle Corporation)
BHO-x32: qualitink -> {73ad5d47-66e5-4127-80ca-c0eedabafbcc} -> No File
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Toolbar: HKU\S-1-5-21-3420416177-1627521652-3136778559-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.)
Toolbar: HKU\S-1-5-21-3420416177-1627521652-3136778559-1001 -> No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.10.111
Tcpip\..\Interfaces\{356E1E27-04B6-457F-93E3-0CC75551617B}: [DhcpNameServer] 192.168.10.111

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_191.dll [2015-07-11] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-11] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_191.dll [2015-07-11] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2011-11-24] (Software602 a.s.)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2011-05-21]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-26]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird
FF Extension: ESET Endpoint Security Extension - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird [2015-07-10]
FF HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR Profile: C:\Users\Clarrien\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Clarrien\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-17]
CHR Extension: (Google Search) - C:\Users\Clarrien\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-17]
CHR Extension: (Google Wallet) - C:\Users\Clarrien\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-18]
CHR Extension: (Gmail) - C:\Users\Clarrien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-17]
CHR HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bicnnkjibmphdeigoodpjlcklcnaobdj] - C:\Program Files (x86)\TornTV.com\torntv10.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [hfimjncgpflkpkhbnnblhblobjjjhjhd] - C:\Program Files (x86)\qualitink\hfimjncgpflkpkhbnnblhblobjjjhjhd.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [ljkcijnbckdflhifmbnfnkjacokloacf] - C:\Program Files (x86)\qualitink\ljkcijnbckdflhifmbnfnkjacokloacf.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [mdipponmnbnnclmkmnnddnbecckhbjdj] - C:\Program Files (x86)\qualitink\mdipponmnbnnclmkmnnddnbecckhbjdj.crx [Not Found]

Opera:
=======
OPR Extension: (GoHD) - C:\Users\Clarrien\AppData\Roaming\Opera Software\Opera Stable\Extensions\bokijhalndhhhikpnaniimagniglonke [2014-09-19]
OPR Extension: (ejpepffjfmamnambagiibghpglaidiec) - C:\Users\Clarrien\AppData\Roaming\Opera Software\Opera Stable\Extensions\ejpepffjfmamnambagiibghpglaidiec [2015-04-02]
OPR Extension: (gomekmidlodglbbmalcneegieacbdmki) - C:\Users\Clarrien\AppData\Roaming\Opera Software\Opera Stable\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-05-28]
OPR Extension: (new game) - C:\Users\Clarrien\AppData\Roaming\Opera Software\Opera Stable\Extensions\jlinpflaifheoeohbdffhfnnpghdnlel [2015-04-02]
OPR Extension: (Games for you and me) - C:\Users\Clarrien\AppData\Roaming\Opera Software\Opera Stable\Extensions\monpennifgclhopkmgdbcnaagkgdemch [2015-05-28]
OPR Extension: (nbkekaeindpfpcoldfckljplboolgkfm) - C:\Users\Clarrien\AppData\Roaming\Opera Software\Opera Stable\Extensions\nbkekaeindpfpcoldfckljplboolgkfm [2015-04-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [901184 2010-12-14] (Intel Corporation) [File not signed]
R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2010-12-14] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [974912 2010-12-14] (Intel Corporation) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-05-20] (Creative Technology Ltd) [File not signed]
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [232152 2015-05-20] (Dell Inc.)
S3 EhttpSrv; C:\Program Files\ESET\ESET Endpoint Security\EHttpSrv.exe [41672 2014-09-24] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe [1029704 2014-09-24] (ESET)
S3 ESHASRV; C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe [190152 2014-09-24] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-17] (NVIDIA Corporation)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-17] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-02-26] (Dell Computer Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [219696 2014-08-19] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [155896 2014-08-19] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [198096 2014-08-19] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [59064 2014-09-10] (ESET)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [299664 2015-06-17] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-06-17] (NVIDIA Corporation)
S3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
S3 cpuz134; \??\C:\Users\Clarrien\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-11 23:41 - 2015-07-11 23:41 - 00000000 ____D C:\rsit
2015-07-11 23:41 - 2015-07-11 23:41 - 00000000 ____D C:\Program Files\trend micro
2015-07-11 23:39 - 2015-07-11 23:41 - 01222144 _____ C:\Users\Clarrien\Downloads\RSITx64.exe
2015-07-11 23:38 - 2015-07-12 00:04 - 00027830 _____ C:\Users\Clarrien\Desktop\FRST.txt
2015-07-11 23:38 - 2015-07-11 23:38 - 00000000 ____D C:\Users\Clarrien\AppData\Local\NVIDIA Corporation
2015-07-11 23:37 - 2015-07-12 00:03 - 00000000 ____D C:\FRST
2015-07-11 23:37 - 2015-07-11 23:37 - 00000000 ____D C:\Users\Clarrien\AppData\Local\NVIDIA
2015-07-11 23:34 - 2015-06-17 11:10 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-11 23:34 - 2015-06-17 11:10 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-07-11 23:34 - 2015-06-17 11:10 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-07-11 23:34 - 2015-06-17 11:10 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-11 23:33 - 2015-07-11 23:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-07-11 23:32 - 2015-07-11 23:32 - 00000000 ____D C:\Windows\SysWOW64\NV
2015-07-11 23:32 - 2015-07-11 23:32 - 00000000 ____D C:\Windows\system32\NV
2015-07-11 23:32 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-07-11 23:31 - 2015-07-11 23:31 - 00000000 ____D C:\Windows\LastGood
2015-07-11 23:29 - 2015-07-11 23:29 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-11 23:29 - 2015-06-17 11:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll
2015-07-11 23:29 - 2015-06-17 11:10 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-07-11 23:29 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-07-11 23:29 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-07-11 23:29 - 2015-06-17 11:10 - 17724600 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-07-11 23:29 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-07-11 23:29 - 2015-06-17 11:10 - 15866992 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-07-11 23:29 - 2015-06-17 11:10 - 15224784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-07-11 23:29 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-07-11 23:29 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-07-11 23:29 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-07-11 23:29 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-07-11 23:29 - 2015-06-17 11:10 - 02997544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-07-11 23:29 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-07-11 23:29 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-07-11 23:29 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll
2015-07-11 23:29 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll
2015-07-11 23:29 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-07-11 23:29 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-07-11 23:29 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-07-11 23:29 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-07-11 23:29 - 2015-06-17 11:10 - 00299664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvkflt.sys
2015-07-11 23:29 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-07-11 23:29 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-07-11 23:29 - 2015-06-17 11:10 - 00061616 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-07-11 23:29 - 2015-06-17 11:10 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-11 23:29 - 2015-06-17 11:10 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-11 23:29 - 2015-06-17 11:10 - 00031376 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2015-07-11 23:27 - 2015-07-11 23:27 - 00112640 _____ (forum.viry.cz) C:\Users\Clarrien\Desktop\FRSTLauncher.exe
2015-07-11 23:27 - 2015-07-11 23:27 - 00000000 ____D C:\NVIDIA
2015-07-11 23:26 - 2015-07-11 23:27 - 02130944 _____ (Farbar) C:\Users\Clarrien\Desktop\FRST64.exe
2015-07-11 23:16 - 2015-07-11 23:27 - 292264080 _____ (NVIDIA Corporation) C:\Users\Clarrien\Downloads\353.30-notebook-win8-win7-64bit-international-whql.exe
2015-07-11 16:52 - 2015-07-11 16:52 - 00000000 ____D C:\Users\Clarrien\AppData\Roaming\Oracle
2015-07-11 16:51 - 2015-07-11 16:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-11 16:51 - 2015-07-11 16:50 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-07-11 16:50 - 2015-07-11 16:50 - 00000000 ____D C:\Program Files\Java
2015-07-11 16:47 - 2015-07-11 16:50 - 43189344 _____ (Oracle Corporation) C:\Users\Clarrien\Downloads\jre-8u45-windows-x64.exe
2015-07-11 16:40 - 2015-07-11 16:41 - 38624400 _____ (Adobe Systems Incorporated) C:\Users\Clarrien\Downloads\AdbeRdr11000_cs_CZ.exe
2015-07-11 14:09 - 2015-07-11 14:09 - 00000000 ____D C:\ProgramData\PCDr
2015-07-10 23:02 - 2015-07-10 23:02 - 00002731 _____ C:\Users\Public\Desktop\Skype.lnk
2015-07-10 23:02 - 2015-07-10 23:02 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-10 23:02 - 2015-07-10 23:02 - 00000000 ____D C:\Users\Clarrien\AppData\Local\Skype
2015-07-10 23:02 - 2015-07-10 23:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-07-10 23:01 - 2015-07-10 23:02 - 00000000 ____D C:\ProgramData\Skype
2015-07-10 22:59 - 2014-09-05 04:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-10 22:59 - 2014-09-05 03:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-07-10 22:58 - 2014-12-11 19:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-07-10 22:40 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-07-10 22:40 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-07-10 22:40 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-07-10 22:40 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-07-10 22:40 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-07-10 22:40 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-10 22:40 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-07-10 22:40 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-10 22:40 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-07-10 22:40 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-07-10 22:40 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-10 22:40 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-07-10 22:40 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-07-10 22:40 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-10 22:40 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-07-10 22:31 - 2015-06-29 20:01 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-10 22:31 - 2015-06-29 19:59 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-10 22:31 - 2015-06-29 19:59 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-10 22:31 - 2015-06-29 19:59 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-10 22:31 - 2015-06-29 19:59 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-10 22:31 - 2015-06-29 19:59 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-10 22:31 - 2015-06-29 19:59 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-10 22:31 - 2015-06-29 19:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-10 22:31 - 2015-06-27 00:07 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-10 22:31 - 2015-06-27 00:07 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-10 22:31 - 2015-06-27 00:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-10 22:31 - 2015-06-27 00:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-10 22:31 - 2015-06-27 00:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-10 22:31 - 2015-06-27 00:07 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-10 22:31 - 2015-06-27 00:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-10 22:31 - 2015-06-27 00:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-10 22:31 - 2015-06-27 00:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-10 22:31 - 2015-06-27 00:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-10 22:31 - 2015-06-27 00:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-10 22:31 - 2015-06-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-10 22:31 - 2015-06-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-10 22:31 - 2015-06-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-10 22:31 - 2015-06-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-10 22:31 - 2015-06-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-10 22:31 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-10 22:31 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-10 22:31 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-10 22:31 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-10 22:31 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-10 22:31 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-10 22:31 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-10 22:31 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-10 22:31 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-10 22:31 - 2015-03-14 05:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-07-10 22:31 - 2015-03-14 05:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-07-10 22:31 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-07-10 22:31 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-07-10 18:25 - 2015-07-10 18:25 - 00000000 ____D C:\ProgramData\WinZip
2015-07-10 17:42 - 2015-07-10 17:42 - 00000000 ____D C:\Users\Clarrien\AppData\Roaming\ESET
2015-07-10 17:42 - 2015-07-10 17:42 - 00000000 ____D C:\Users\Clarrien\AppData\Local\ESET
2015-07-10 17:40 - 2015-07-10 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-07-10 17:40 - 2015-07-10 17:40 - 00000000 ____D C:\ProgramData\ESET
2015-07-10 17:40 - 2015-07-10 17:40 - 00000000 ____D C:\Program Files\ESET
2015-07-10 16:42 - 2015-07-10 16:42 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-10 16:40 - 2015-07-11 23:34 - 00000887 _____ C:\Windows\setupact.log
2015-07-10 16:40 - 2015-07-10 16:40 - 00000000 ____D C:\ProgramData\Validity
2015-07-10 16:40 - 2015-07-10 16:40 - 00000000 _____ C:\Windows\setuperr.log
2015-07-10 16:25 - 2015-07-11 12:41 - 00000000 ____D C:\ProgramData\GoluKfid
2015-07-02 20:28 - 2015-07-02 20:28 - 00001168 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2015-07-02 20:26 - 2015-07-02 20:26 - 00093896 _____ C:\Users\Clarrien\Documents\cc_20150702_202621.reg
2015-07-02 19:47 - 2015-07-11 13:50 - 00000000 ____D C:\Windows\pss
2015-07-02 19:41 - 2015-07-02 19:44 - 04718584 _____ (Avira Operations GmbH & Co. KG) C:\Users\Clarrien\Downloads\avira_en_av_559575ec52e1e__ws1.exe
2015-07-02 19:30 - 2015-07-02 19:30 - 00464026 _____ C:\Users\Clarrien\Documents\cc_20150702_193024.reg
2015-07-02 19:26 - 2015-07-02 19:26 - 00002802 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-07-02 19:26 - 2015-07-02 19:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-07-02 19:26 - 2015-07-02 19:26 - 00000000 ____D C:\Program Files\CCleaner
2015-07-02 18:12 - 2015-07-02 18:12 - 00000000 ____D C:\Users\Clarrien\AppData\Roaming\Roxio Log Files
2015-06-28 16:39 - 2015-06-28 16:39 - 00001789 _____ C:\Users\Clarrien\Desktop\googleearth – zástupce.lnk
2015-06-28 14:20 - 2015-07-11 14:09 - 00003484 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-06-28 14:20 - 2015-06-28 14:20 - 00004040 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-06-28 14:20 - 2015-06-28 14:20 - 00003230 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-06-28 14:19 - 2015-06-28 14:19 - 00000000 ____D C:\Program Files\Dell Support Center
2015-06-27 15:57 - 2015-06-27 15:57 - 00009448 _____ C:\Users\Clarrien\Desktop\KASA.xlsx
2015-06-27 14:41 - 2015-06-27 14:41 - 00000928 _____ C:\Users\Clarrien\Desktop\Stažené soubory – zástupce.lnk
2015-06-27 14:30 - 2015-06-27 14:43 - 712729020 _____ C:\Users\Clarrien\Downloads\nepřítel před branami.avi
2015-06-26 10:40 - 2015-06-26 10:42 - 00000000 ____D C:\Users\Clarrien\Desktop\Poruchy
2015-06-26 10:39 - 2015-06-26 10:42 - 00000000 ____D C:\Users\Clarrien\Desktop\Smlouvy
2015-06-26 10:36 - 2015-06-26 10:37 - 00000000 ____D C:\Users\Clarrien\Desktop\Nabídky 2015
2015-06-26 10:35 - 2015-06-26 10:42 - 00000000 ____D C:\Users\Clarrien\Desktop\Povrchy
2015-06-25 14:21 - 2010-04-08 00:38 - 00000693 _____ C:\Users\Clarrien\Downloads\gadget.xml
2015-06-25 14:09 - 2015-06-25 14:09 - 00001267 _____ C:\Users\Pájinka\Desktop\Display Stix 2.1.1.lnk
2015-06-25 14:09 - 2015-06-25 14:09 - 00001267 _____ C:\Users\Administrator\Desktop\Display Stix 2.1.1.lnk
2015-06-25 14:01 - 2015-07-11 16:32 - 18174128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-06-25 12:58 - 2015-06-25 13:06 - 00000000 ____D C:\Users\Clarrien\AppData\Roaming\7 Sticky Notes
2015-06-25 12:41 - 2012-10-13 22:20 - 00805376 ____N C:\Windows\SysWOW64\EditCtlsU.ocx
2015-06-25 12:41 - 2011-08-13 21:06 - 01031168 ____N C:\Windows\SysWOW64\ExLVwU.ocx
2015-06-25 12:41 - 2011-05-21 00:02 - 00604672 ____N C:\Windows\SysWOW64\ExTVwU.ocx
2015-06-25 12:41 - 2008-01-19 11:34 - 00554008 ____N (Microsoft Corporation) C:\Windows\SysWOW64\dao360.dll
2015-06-25 12:41 - 2004-03-09 14:45 - 00212240 ____N (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2015-06-25 12:41 - 1998-06-24 01:00 - 00198456 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MCI32.OCX
2015-06-25 10:07 - 2006-08-16 12:22 - 00331438 _____ C:\Users\Clarrien\Downloads\Help.chm
2015-06-25 10:07 - 2006-08-16 12:22 - 00000157 _____ C:\Users\Clarrien\Downloads\index.url
2015-06-25 10:03 - 2015-06-25 14:38 - 00000233 _____ C:\Users\Clarrien\Desktop\MARUSHKA.url
2015-06-25 09:30 - 2015-06-25 10:10 - 00000282 _____ C:\Users\Clarrien\Desktop\Bus Nbk-Pdy.url
2015-06-24 15:08 - 2015-06-27 17:48 - 00000000 ____D C:\Users\Clarrien\Desktop\Potvrzenky - KAMAT
2015-06-24 15:08 - 2015-06-25 09:51 - 00000000 ____D C:\Users\Clarrien\Desktop\Potvrzenky - AZ
2015-06-24 12:54 - 2015-06-24 12:54 - 00001001 _____ C:\Users\Clarrien\Desktop\CELEX – zástupce.lnk
2015-06-23 17:08 - 2014-12-17 18:39 - 00000000 ____D C:\Users\Clarrien\Desktop\pdf2image
2015-06-23 17:02 - 2015-06-23 17:02 - 00001890 _____ C:\Users\Clarrien\Desktop\burningstudio – zástupce.lnk
2015-06-23 10:34 - 2015-06-23 10:34 - 02602496 _____ C:\Users\Clarrien\Desktop\cenik-elco-nymburk-5-2015-115.xls
2015-06-22 19:41 - 2015-06-26 11:00 - 00000000 ___RD C:\Users\Clarrien\Desktop\Práce
2015-06-22 19:08 - 2015-06-25 10:19 - 00001384 _____ C:\Users\Clarrien\Desktop\WRRT50 – zástupce.lnk
2015-06-22 17:45 - 2015-06-22 19:52 - 00000000 ____D C:\Users\Clarrien\Desktop\sešity
2015-06-22 17:44 - 2015-06-22 18:19 - 00170636 _____ C:\Users\Clarrien\Desktop\Objednávkový košík AZ (v150309).xlsm
2015-06-22 17:43 - 2015-07-01 07:16 - 00000000 ____D C:\Users\Clarrien\Desktop\Faktury, smlouvy, DL
2015-06-22 17:42 - 2015-07-02 18:23 - 00000000 ____D C:\Users\Clarrien\Desktop\Objednávky opravy
2015-06-22 17:42 - 2015-07-02 18:23 - 00000000 ____D C:\Users\Clarrien\Desktop\Objednávky materiálu
2015-06-22 17:42 - 2015-06-22 17:42 - 00000000 ____D C:\Users\Clarrien\Desktop\Předávací protokoly 2015
2015-06-22 17:40 - 2015-06-23 16:42 - 00000000 ____D C:\Users\Clarrien\Desktop\ARCHIV STAVEB
2015-06-22 14:32 - 2015-06-22 14:32 - 04924246 _____ C:\Users\Clarrien\Desktop\sch. zn..bmp
2015-06-20 16:32 - 2015-07-02 14:13 - 00000000 ____D C:\Users\Clarrien\Documents\Soubory aplikace Outlook
2015-06-20 15:04 - 2015-06-13 12:08 - 933451776 _____ C:\Users\Clarrien\Desktop\Návrat blbýho a blbějšího.avi
2015-06-16 10:19 - 2015-07-01 06:56 - 00028265 _____ C:\Windows\system32\ScanResults.xml
2015-06-16 10:06 - 2015-07-01 06:48 - 00000464 _____ C:\Windows\system32\ScannerSettings
2015-06-14 09:21 - 2015-06-29 14:19 - 00000165 _____ C:\Windows\Reimage.ini
2015-06-12 16:20 - 2015-06-12 16:20 - 00000000 ____D C:\Program Files (x86)\Dell Update
2015-06-12 09:22 - 2015-07-02 17:37 - 00000000 ____D C:\Users\Clarrien\AppData\Everything

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-11 23:43 - 2014-09-19 15:43 - 00003442 _____ C:\Windows\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-6.job
2015-07-11 23:42 - 2011-06-21 19:34 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-11 23:38 - 2011-05-21 04:01 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-11 23:34 - 2011-05-21 04:02 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-11 23:34 - 2011-05-21 04:01 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-11 23:34 - 2011-05-21 04:01 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-07-11 23:33 - 2012-07-11 16:09 - 00000000 ____D C:\Temp
2015-07-11 23:32 - 2012-04-02 17:32 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-11 23:15 - 2015-04-02 16:15 - 00001308 _____ C:\Windows\Tasks\new_game_notification_service.job
2015-07-11 21:44 - 2014-09-19 15:44 - 00002762 _____ C:\Windows\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-5_user.job
2015-07-11 21:44 - 2014-09-19 15:44 - 00002762 _____ C:\Windows\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-5.job
2015-07-11 21:43 - 2014-09-19 15:43 - 00004468 _____ C:\Windows\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-11.job
2015-07-11 21:43 - 2014-09-19 15:43 - 00003442 _____ C:\Windows\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-7.job
2015-07-11 21:43 - 2014-09-19 15:43 - 00003442 _____ C:\Windows\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-4.job
2015-07-11 21:43 - 2014-09-19 15:43 - 00002724 _____ C:\Windows\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-1.job
2015-07-11 21:43 - 2014-09-19 15:43 - 00002082 _____ C:\Windows\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-2.job
2015-07-11 17:03 - 2009-07-14 06:45 - 00025424 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-11 17:03 - 2009-07-14 06:45 - 00025424 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-11 16:55 - 2014-08-31 16:57 - 00000000 ____D C:\Users\Clarrien\AppData\Roaming\ViberPC
2015-07-11 16:54 - 2012-04-02 17:32 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-11 16:54 - 2011-06-21 19:34 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-11 16:53 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-11 16:52 - 2009-07-14 07:10 - 01735506 _____ C:\Windows\WindowsUpdate.log
2015-07-11 16:32 - 2012-04-02 17:32 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-11 16:32 - 2011-06-23 20:29 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-11 16:30 - 2011-06-24 18:39 - 00000000 ____D C:\Users\Clarrien\AppData\Local\Adobe
2015-07-11 14:11 - 2011-07-03 16:04 - 00000000 ____D C:\Users\Clarrien\AppData\Roaming\PCDr
2015-07-11 14:03 - 2009-07-14 17:18 - 00681226 _____ C:\Windows\system32\perfh005.dat
2015-07-11 14:03 - 2009-07-14 17:18 - 00148048 _____ C:\Windows\system32\perfc005.dat
2015-07-11 14:03 - 2009-07-14 07:13 - 01621092 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-11 12:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-10 23:03 - 2011-06-21 18:56 - 00000000 ____D C:\Users\Clarrien\AppData\Roaming\Skype
2015-07-10 22:46 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-10 22:43 - 2014-12-11 16:39 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-10 22:43 - 2014-05-07 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-10 22:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-10 22:38 - 2011-06-23 19:47 - 01596742 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-07-10 17:17 - 2011-07-13 14:19 - 00000000 ____D C:\Users\Pájinka\AppData\Local\CrashDumps
2015-07-10 17:14 - 2011-06-28 20:46 - 00110352 _____ C:\Users\Pájinka\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-10 17:05 - 2013-01-12 15:12 - 00002261 _____ C:\Users\Pájinka\Desktop\Google Chrome.lnk
2015-07-10 16:30 - 2011-06-24 18:24 - 00000000 ____D C:\ProgramData\VirtualizedApplications
2015-07-10 16:30 - 2011-05-21 11:35 - 00000000 ____D C:\ProgramData\Temp
2015-07-03 11:22 - 2011-06-21 18:04 - 00001399 _____ C:\Users\Clarrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-03 11:04 - 2011-06-21 19:34 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-02 20:28 - 2012-11-04 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-02 20:28 - 2012-11-04 16:50 - 00000000 ____D C:\Program Files (x86)\Avira
2015-07-02 20:00 - 2011-11-16 18:25 - 00000000 ____D C:\Users\Clarrien\AppData\Roaming\ObviousIdea
2015-07-02 19:29 - 2012-06-13 17:15 - 00000000 ____D C:\Users\Clarrien\AppData\Roaming\TeamViewer
2015-07-02 19:29 - 2011-08-28 18:22 - 00000000 ____D C:\Users\Clarrien\AppData\Roaming\DAEMON Tools Lite
2015-07-02 19:28 - 2011-07-09 14:05 - 00000000 ____D C:\Users\Clarrien\AppData\Local\CrashDumps
2015-07-02 19:28 - 2011-05-21 13:28 - 00000000 ____D C:\Windows\Panther
2015-07-02 19:05 - 2011-05-21 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-07-02 19:01 - 2009-07-14 06:45 - 00410880 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-02 18:56 - 2011-05-21 13:13 - 00000000 ____D C:\dell
2015-07-02 18:41 - 2012-02-06 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2015-07-02 18:41 - 2011-05-21 11:37 - 00000000 ____D C:\Program Files (x86)\Creative
2015-07-02 18:40 - 2011-05-21 11:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-02 18:35 - 2011-06-21 18:01 - 00110352 _____ C:\Users\Clarrien\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-02 18:24 - 2011-05-21 11:50 - 00000000 ____D C:\Program Files (x86)\Windows Live
2015-07-02 18:21 - 2014-02-23 13:09 - 00000000 ____D C:\Windows\SysWOW64\FoxPDF
2015-07-02 18:20 - 2011-09-12 09:52 - 00000000 ____D C:\Program Files\Tracker Software
2015-07-02 18:19 - 2011-05-21 11:25 - 00000000 ____D C:\Program Files\Dell
2015-07-02 18:13 - 2011-06-21 18:04 - 00000000 ____D C:\Users\Clarrien\AppData\Roaming\Roxio
2015-07-02 18:12 - 2011-05-21 11:41 - 00000000 ____D C:\Program Files (x86)\Roxio
2015-07-02 18:11 - 2014-09-19 15:42 - 00000000 ____D C:\Users\Clarrien\AppData\Roaming\systweak
2015-07-02 18:10 - 2013-03-27 17:39 - 00000000 ____D C:\Users\Clarrien\AppData\Roaming\Seznam.cz
2015-07-02 18:09 - 2013-02-26 15:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-07-02 18:09 - 2011-07-10 14:37 - 00000000 ____D C:\Program Files (x86)\HP
2015-07-02 18:05 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-02 17:45 - 2011-05-21 11:18 - 00002437 _____ C:\freefallprotection.log
2015-07-02 14:13 - 2015-01-19 12:43 - 00015531 _____ C:\Users\Clarrien\Desktop\Potvrzenky materiálu.xlsx
2015-06-25 14:08 - 2014-09-19 15:35 - 00720896 _____ (Indigo Rose Corporation) C:\Windows\iun6002.exe
2015-06-25 10:16 - 2011-07-04 09:32 - 00000539 _____ C:\Users\Clarrien\Desktop\Mojebanka.url
2015-06-25 08:11 - 2012-10-21 21:37 - 00058663 _____ C:\Users\Clarrien\Desktop\STAVBY.xlsx
2015-06-24 13:04 - 2011-09-13 14:03 - 00000000 ____D C:\celektro
2015-06-23 13:30 - 2011-06-21 18:14 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-23 10:27 - 2014-05-10 11:04 - 00012898 _____ C:\Users\Clarrien\Desktop\Termíny odstávek.xlsx
2015-06-22 16:44 - 2014-12-24 12:02 - 00000000 ____D C:\Users\Clarrien\AppData\Roaming\mystartsearch
2015-06-22 16:43 - 2014-12-24 12:03 - 00000000 ____D C:\Program Files (x86)\SupTab
2015-06-22 12:17 - 2015-04-02 17:15 - 00000004 ____N C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-06-20 14:59 - 2014-08-31 16:57 - 00001010 _____ C:\Users\Clarrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk
2015-06-20 14:59 - 2014-08-31 16:57 - 00001002 _____ C:\Users\Clarrien\Desktop\Viber.lnk
2015-06-20 14:59 - 2014-08-31 16:57 - 00000000 ____D C:\Users\Clarrien\AppData\Local\Viber
2015-06-17 11:10 - 2011-05-21 13:33 - 12855416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-06-17 11:10 - 2011-05-21 13:33 - 03395648 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-06-17 11:10 - 2011-05-21 13:33 - 01099992 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-17 11:10 - 2011-05-21 13:33 - 00938752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-17 11:10 - 2011-05-21 13:33 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-17 11:10 - 2011-05-21 13:33 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-17 11:10 - 2011-05-21 13:33 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-06-17 08:48 - 2011-02-18 19:19 - 06873232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-06-17 08:48 - 2011-02-18 19:19 - 03492168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-06-17 08:48 - 2011-02-18 19:19 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-06-17 08:48 - 2011-02-18 19:19 - 01059472 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2015-06-17 08:48 - 2011-02-18 19:19 - 00937616 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-06-17 08:48 - 2011-02-18 19:19 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-06-17 08:48 - 2011-02-18 19:19 - 00074896 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2015-06-17 08:48 - 2011-02-18 12:19 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-06-15 09:56 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-14 08:09 - 2015-01-11 15:18 - 00000000 __SHD C:\Users\Pájinka\AppData\Local\EmieBrowserModeList
2015-06-14 08:09 - 2014-04-18 17:59 - 00000000 __SHD C:\Users\Pájinka\AppData\Local\EmieUserList
2015-06-14 08:09 - 2014-04-18 17:59 - 00000000 __SHD C:\Users\Pájinka\AppData\Local\EmieSiteList
2015-06-13 13:58 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-06-12 12:08 - 2011-05-21 11:25 - 00000000 ____D C:\ProgramData\Dell
2015-06-12 10:11 - 2014-11-15 11:54 - 00000000 __SHD C:\Users\Clarrien\AppData\Local\EmieBrowserModeList
2015-06-12 10:11 - 2014-04-11 08:28 - 00000000 __SHD C:\Users\Clarrien\AppData\Local\EmieUserList
2015-06-12 10:11 - 2014-04-11 08:28 - 00000000 __SHD C:\Users\Clarrien\AppData\Local\EmieSiteList

==================== Files in the root of some directories =======

2013-09-16 10:47 - 2013-09-16 10:47 - 1029383 _____ () C:\Users\Clarrien\AppData\Roaming\2433f433
2014-04-16 15:57 - 2014-08-06 08:33 - 0000066 _____ () C:\Users\Clarrien\AppData\Roaming\WB.CFG
2013-09-16 10:47 - 2013-09-16 10:47 - 1029446 _____ () C:\Users\Clarrien\AppData\Local\2433f433
2011-06-22 21:56 - 2013-06-14 17:02 - 0005120 _____ () C:\Users\Clarrien\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-10-23 11:40 - 2011-10-23 11:40 - 0000096 _____ () C:\Users\Clarrien\AppData\Local\fusioncache.dat
2011-07-02 09:44 - 2011-07-02 09:44 - 0001567 _____ () C:\Users\Clarrien\AppData\Local\PDLSetup.20110702.094404.txt
2011-07-15 17:25 - 2011-07-15 17:25 - 0001544 _____ () C:\Users\Clarrien\AppData\Local\PDLSetup.20110715.172509.txt
2014-05-16 12:12 - 2014-05-16 12:12 - 0002125 _____ () C:\Users\Clarrien\AppData\Local\recently-used.xbel
2012-02-20 21:25 - 2012-02-20 21:25 - 0000017 _____ () C:\Users\Clarrien\AppData\Local\resmon.resmoncfg
2011-10-16 22:08 - 2014-04-13 20:11 - 0013432 _____ () C:\Users\Clarrien\AppData\Local\SRDownloader.err
2011-10-16 18:46 - 2014-04-13 20:11 - 0001120 _____ () C:\Users\Clarrien\AppData\Local\SRDownloader.nast

Some files in TEMP:
====================
C:\Users\Clarrien\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-1.job => C:\Program Files (x86)\GoHD\GoHD-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-11.job => C:\Program Files (x86)\GoHD\100545cf-1dd6-406b-bbf5-a8c687ac7eff-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-2.job => C:\Program Files (x86)\GoHD\100545cf-1dd6-406b-bbf5-a8c687ac7eff-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-4.job => C:\Program Files (x86)\GoHD\100545cf-1dd6-406b-bbf5-a8c687ac7eff-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-5.job => C:\Program Files (x86)\GoHD\100545cf-1dd6-406b-bbf5-a8c687ac7eff-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-5_user.job => C:\Program Files (x86)\GoHD\100545cf-1dd6-406b-bbf5-a8c687ac7eff-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-6.job => C:\Program Files (x86)\GoHD\100545cf-1dd6-406b-bbf5-a8c687ac7eff-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-7.job => C:\Program Files (x86)\GoHD\100545cf-1dd6-406b-bbf5-a8c687ac7eff-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\new_game_notification_service.job => C:\Program Files (x86)\new game\new_game_notification_service.exeǤ/url='http:/cdn.selectbestopt.com/notf_sys/index.html' /crregname='new game' /appid='73143' /srcid='2913' /bic='0edca9529b3c5561889aeadd10f3b799' /verifier='9934a51cb16c4746fea34eb4c4b9d3e7' /installerversion='1.50.3.10' /statsdomain='http:/stats.buildomserv.com/data.gif?' /errorsdomain='http:/stats.buildomserv.com/data.gif?' /monetizationdomain='http:/logs.buildomserv.com/monetization.gif <==== ATTENTION

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Clarrien\Desktop" je 2630 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelTBRunOnce
wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Prosím o Vaše odborné zhlédnutí.

Děkuji Josef K.

Re: Nakažený NTB (odpojení od banky)

Napsal: 11 črc 2015 23:24
od Kopecký Josef
....ještě přikládám log "adition.txt":

Additional scan result of Farbar Recovery Scan Tool (x64) Version:11-07-2015
Ran by Clarrien at 2015-07-12 00:04:41
Running from C:\Users\Clarrien\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3420416177-1627521652-3136778559-500 - Administrator - Disabled) => C:\Users\Administrator
ASPNET (S-1-5-21-3420416177-1627521652-3136778559-1007 - Limited - Enabled)
Clarrien (S-1-5-21-3420416177-1627521652-3136778559-1001 - Administrator - Enabled) => C:\Users\Clarrien
Guest (S-1-5-21-3420416177-1627521652-3136778559-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3420416177-1627521652-3136778559-1009 - Limited - Enabled)
Pájinka (S-1-5-21-3420416177-1627521652-3136778559-1004 - Limited - Enabled) => C:\Users\Pájinka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4500_G510nz_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.191 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.4.5.44 (Version: 2.4.5.44 - NVIDIA Corporation) Hidden
Bentley View V8i (SELECTseries 2) 08.11.07.446 (HKLM-x32\...\{ED98991E-E69D-44E1-828F-3F1C23FD95E0}) (Version: 8.11.7.446 - Bentley Systems, Incorporated)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
BusinessCards MX (HKLM-x32\...\{0D5B5ED2-3E38-4585-B1F3-64B2A9EA95D6}_is1) (Version: 4.6 - MOJOSOFT)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.3.60494 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.225 - ALPS ELECTRIC CO., LTD.)
Dell Update (HKLM-x32\...\{3FB000F3-7444-41C1-A0A6-53E8FD0B7D9C}) (Version: 1.6.1007.0 - Dell Inc.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.35 - Creative Technology Ltd)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DigitalPersona Fingerprint Software 5.20 (HKLM\...\{C0C2D40A-1231-46FA-8F02-B45E6BF2036A}) (Version: 5.20.230 - DigitalPersona, Inc.)
DocMgr (x32 Version: 130.0.000.000 - Název společnosti:) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
ESET Endpoint Security (HKLM\...\{990F90A3-CE27-47C8-8794-363048315104}) (Version: 5.0.2237.1 - ESET, spol. s r.o.)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
GIMP 2.8.8 (HKLM\...\GIMP-2_is1) (Version: 2.8.8 - The GIMP Team)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510n-z (HKLM\...\{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{5A80B0BA-79AF-4B11-B851-CCB9F7977AC0}) (Version: 1.0.1.0489 - Intel Corporation)
Intel(R) Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
Internet Explorer Toolbar 4.8 by SweetPacks (x32 Version: 4.8.0000 - SweetIM Technologies Ltd.) Hidden
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft IntelliPoint 7.1 (HKLM\...\{5EBE0F1F-45DF-4298-AC6B-E8E54EAEC834}) (Version: 7.10.344.0 - Microsoft)
Microsoft IntelliType Pro 7.1 (HKLM\...\{E6B7BD80-A921-4C72-A68B-44A9EB438BE4}) (Version: 7.10.344.0 - Microsoft)
Microsoft Office FrontPage 2003 (HKLM-x32\...\{90170405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Monitor technologie Intel(R) Turbo Boost 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Network64 (Version: 130.0.550.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NVIDIA GeForce Experience 2.4.5.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.44 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.1.13.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.1.13.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Ovládací panel NVIDIA 353.30 (Version: 353.30 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6267 - Realtek Semiconductor Corp.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.44 - NVIDIA Corporation) Hidden
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sniper Elite (HKLM-x32\...\{A979B2D8-E3EE-4523-A26C-4AF0A6809280}) (Version: - )
Software Intel(R) PROSet/Wireless WiFi (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Software602 Form Filler (HKLM-x32\...\{C6E36857-F622-4DF5-B458-05752A4D13F0}) (Version: 4.13 - Software602 a.s.)
Software602 Print2PDF (HKLM-x32\...\{32C74893-0243-4235-A6F3-201F0E5D2C03}) (Version: 9.1.11.0421 - Software602 a.s.)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sound Blaster Tactic(3D) Alpha (HKLM-x32\...\{2226247D-9846-4370-A1EF-FAA6958F7632}) (Version: 1.0 - Creative Technology Limited)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Validity Sensors DDK (HKLM\...\{10AAF056-7792-497A-ACAF-3BF002196574}) (Version: 4.3.33.0 - Validity Sensors, Inc.)
Viber (HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\...\Viber) (Version: 5.1.2.24 - Viber Media Inc)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DB}) (Version: 17.5.10480 - WinZip Computing, S.L. )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3420416177-1627521652-3136778559-1001_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()

==================== Restore Points =========================

10-07-2015 16:13:59 Naplánovaný kontrolní bod
10-07-2015 16:55:00 Windows Update
10-07-2015 17:39:59 Nainstalováno: ESET Endpoint Security
10-07-2015 22:32:06 Windows Update
10-07-2015 23:01:16 Windows Update
11-07-2015 16:38:40 Removed Java 8 Update 31
11-07-2015 23:33:11 Removed NVIDIA PhysX

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A50E28E-F754-49F9-AE00-6DF34C213DD5} - System32\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-7 => C:\Program Files (x86)\GoHD\100545cf-1dd6-406b-bbf5-a8c687ac7eff-7.exe <==== ATTENTION
Task: {0F35CCF8-90A6-492F-AC25-004298CC4567} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {18538C28-4BF9-40DC-A077-53B25FFF7244} - System32\Tasks\new_game_notification_service => C:\Program Files (x86)\new game\new_game_notification_service.exe <==== ATTENTION
Task: {2AA3559E-3752-46CD-AB07-550B3A5004B3} - System32\Tasks\{DBF57A46-E1C3-485E-8BD7-A2FE28BD3968} => C:\Program Files (x86)\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe
Task: {35D1583B-97AD-41E1-BCCC-F2F7F2AE8050} - System32\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-1 => C:\Program Files (x86)\GoHD\GoHD-codedownloader.exe <==== ATTENTION
Task: {404439A2-F40E-45D9-AD54-7F99F33DB29A} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {46BF3F5B-750E-4BB4-8BE2-BD59F91375C8} - System32\Tasks\ASP => C:\Program Files (x86)\RCP\systweakasp.exe
Task: {497BC8BF-5D15-4FC1-945B-683E3843DBC4} - System32\Tasks\{F1A43AFA-858C-4FD9-831B-8A6F96438353} => pcalua.exe -a C:\Users\Clarrien\Desktop\setup.exe -d C:\Users\Clarrien\Desktop
Task: {4C4804E8-46F2-4261-8A5C-B41DE741506A} - System32\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-2 => C:\Program Files (x86)\GoHD\100545cf-1dd6-406b-bbf5-a8c687ac7eff-2.exe <==== ATTENTION
Task: {4CA69B0A-B081-45F2-BAF3-546134B8347B} - System32\Tasks\Online aktualizační program HP => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08] (Hewlett-Packard)
Task: {50CF7DA0-1A2D-4C49-8EA2-83A5A96AB422} - System32\Tasks\{D9EF1DED-3ECC-4B0B-99C7-5C0DC798E4D2} => pcalua.exe -a D:\install\INSTALL.EXE -d D:\ -c \install\
Task: {527D9B35-9DD8-4551-ADDD-F10984437E69} - System32\Tasks\{B123A56B-2145-4BE6-86AE-BAB5A6722854} => pcalua.exe -a "C:\Users\Clarrien\Desktop\doom 3 + doom 3 resurecition of evil\doom 3 crack v 1.3\DOOM3 1.3 crack.exe" -d "C:\Users\Clarrien\Desktop\doom 3 + doom 3 resurecition of evil\doom 3 crack v 1.3"
Task: {57C1E243-2636-4078-B325-F7DD0EFCE1F7} - System32\Tasks\{72BA750E-C209-468D-A401-4128D2897171} => pcalua.exe -a "C:\Users\Clarrien\Desktop\doom 3 + doom 3 resurecition of evil\doom 3\čeština\Doom3_cz.exe" -d "C:\Users\Clarrien\Desktop\doom 3 + doom 3 resurecition of evil\doom 3\čeština"
Task: {5DAE4247-440B-48D5-9947-0026F727F405} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: {5DD16D22-770F-4270-A4B3-7960A41F65A1} - System32\Tasks\{2B26755A-34CD-4421-B35F-A4E11CA12420} => pcalua.exe -a E:\Razor1911_Installer.exe -d C:\Windows\system32
Task: {660A6D3F-D6B1-48E2-B841-A361D451126B} - System32\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-11 => C:\Program Files (x86)\GoHD\100545cf-1dd6-406b-bbf5-a8c687ac7eff-11.exe <==== ATTENTION
Task: {667EC73B-A4B4-42B7-919B-1431C0D1C956} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {72129B8C-1C1C-4B52-907F-133367DAB8D2} - System32\Tasks\{ADBCA801-E8AC-4873-A8A7-403A72FFA063} => C:\Program Files (x86)\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe
Task: {784EECB8-3C52-4395-8096-8CF7A71A8588} - System32\Tasks\{C7BC65DF-30FF-48D8-9586-A69AB70D07ED} => pcalua.exe -a D:\SNO_Inst.exe -d D:\
Task: {80DDB068-CC7F-478C-AF72-4771BF0F3AF1} - System32\Tasks\{54200F2C-CDD9-4125-8B93-506F4E856B0F} => pcalua.exe -a "C:\Users\Clarrien\Desktop\Strip Poker Exclusive 4 CZ.part1.exe" -d C:\Users\Clarrien\Desktop
Task: {82C7E27E-0E03-426F-A978-D27898CEA565} - System32\Tasks\{C25AF208-EA95-4CD1-8D26-B06DD585197E} => C:\Program Files (x86)\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe
Task: {85C09CBA-C7FA-4C41-9FE3-CA619B9A8042} - System32\Tasks\{B5B62D14-2734-4DB0-93DB-DADD59AB69B5} => pcalua.exe -a C:\Users\Clarrien\Desktop\WinSplit-Revolution-v11.04.exe -d C:\Users\Clarrien\Desktop
Task: {8A8DE13E-B4B5-48B0-93D2-18BC8433B0E6} - System32\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-6 => C:\Program Files (x86)\GoHD\100545cf-1dd6-406b-bbf5-a8c687ac7eff-6.exe <==== ATTENTION
Task: {8B8B0CF8-EB92-416C-9982-3B84525A00F8} - System32\Tasks\{50AC0F51-37A4-4149-846C-70F33F8ED418} => pcalua.exe -a "C:\Program Files (x86)\WinSplit Revolution\Uninstall.exe"
Task: {A352C960-361F-4B42-BE85-A095E5645FFD} - System32\Tasks\{05457728-2645-4096-91F4-5BF8ED20C074} => pcalua.exe -a "C:\Users\Clarrien\Desktop\doom 3 + doom 3 resurecition of evil\doom 3 resurecition of evil\čeština\Doom3_RoE_cz.exe" -d "C:\Users\Clarrien\Desktop\doom 3 + doom 3 resurecition of evil\doom 3 resurecition of evil\čeština"
Task: {AF3E6760-402F-41BB-96B9-D0B24E71E461} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {AFEDCB45-FAB4-4E8F-85B5-DF791ACB3D1E} - System32\Tasks\{06CCBD7D-F19A-4971-AB1F-972BB6A65E43} => pcalua.exe -a C:\Users\Clarrien\Desktop\Crysis\setup.exe -d C:\Users\Clarrien\Desktop\Crysis
Task: {C37E3DF1-B452-4565-B526-40FCC465E7E7} - System32\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-4 => C:\Program Files (x86)\GoHD\100545cf-1dd6-406b-bbf5-a8c687ac7eff-4.exe <==== ATTENTION
Task: {C4B4AC7B-5150-48FB-85DE-1F4CD9E974FD} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2009-11-05] (Microsoft Corporation)
Task: {C4C030E1-A668-4D24-864D-66A8AA4A5062} - System32\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-5 => C:\Program Files (x86)\GoHD\100545cf-1dd6-406b-bbf5-a8c687ac7eff-5.exe <==== ATTENTION
Task: {C5BE8B55-85AA-41D4-84EC-C1EDE9119420} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2009-11-05] (Microsoft Corporation)
Task: {C6FE99C5-1FD0-42E3-8FA3-C98F168A5FAC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: {CAE1040B-F95D-4F10-A8DE-CF2D6E3B432A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-11] (Adobe Systems Incorporated)
Task: {CB254212-D19B-4F57-A0F9-A89F7B07A7A9} - System32\Tasks\{60018332-7C5C-4AB8-AAF3-4107F9E126FF} => pcalua.exe -a C:\Users\Clarrien\Desktop\OEZ_Sichr_12.01.exe -d C:\Users\Clarrien\Desktop
Task: {D8539E75-E1BD-4365-AF29-2CC70CA3FDA6} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe
Task: {E157EE34-DAF0-40A8-8750-D90A3762FBC1} - System32\Tasks\{EECE48E3-430C-441A-BD9D-A7EA7EEB7E24} => pcalua.exe -a C:\Users\Clarrien\Desktop\SetupDWGTrueView2014_ENU_32bit.sfx.exe -d C:\Users\Clarrien\Desktop
Task: {E7EE75EF-9DA3-46C3-90A0-4DA993891882} - System32\Tasks\{93957CC2-CA8E-4A68-9BD8-A0AC85481E62} => pcalua.exe -a C:\Users\Clarrien\Desktop\SetupDWGTrueView2012_32bit.exe -d C:\Users\Clarrien\Desktop
Task: {ECD0994A-55A6-4FDF-9381-DBF4E4668F8C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {EEEFB9EA-471F-433C-837E-8C16726C433F} - System32\Tasks\DealPly => C:\Users\Clarrien\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {F2298343-6367-423D-B02A-8474F90081C7} - System32\Tasks\{52FAF623-C434-4CD4-9EB1-562FA39B2396} => pcalua.exe -a D:\Setup\rsrc\Autorun.exe -d D:\
Task: {FD5798A4-78E0-4371-BACD-C0C19EBE9A00} - System32\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-5_user => C:\Program Files (x86)\GoHD\100545cf-1dd6-406b-bbf5-a8c687ac7eff-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-1.job => C:\Program Files (x86)\GoHD\GoHD-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-11.job => C:\Program Files (x86)\GoHD\100545cf-1dd6-406b-bbf5-a8c687ac7eff-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-2.job => C:\Program Files (x86)\GoHD\100545cf-1dd6-406b-bbf5-a8c687ac7eff-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-4.job => C:\Program Files (x86)\GoHD\100545cf-1dd6-406b-bbf5-a8c687ac7eff-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-5.job => C:\Program Files (x86)\GoHD\100545cf-1dd6-406b-bbf5-a8c687ac7eff-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-5_user.job => C:\Program Files (x86)\GoHD\100545cf-1dd6-406b-bbf5-a8c687ac7eff-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-6.job => C:\Program Files (x86)\GoHD\100545cf-1dd6-406b-bbf5-a8c687ac7eff-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\100545cf-1dd6-406b-bbf5-a8c687ac7eff-7.job => C:\Program Files (x86)\GoHD\100545cf-1dd6-406b-bbf5-a8c687ac7eff-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\new_game_notification_service.job => C:\Program Files (x86)\new game\new_game_notification_service.exeǤ/url='http:/cdn.selectbestopt.com/notf_sys/index.html' /crregname='new game' /appid='73143' /srcid='2913' /bic='0edca9529b3c5561889aeadd10f3b799' /verifier='9934a51cb16c4746fea34eb4c4b9d3e7' /installerversion='1.50.3.10' /statsdomain='http:/stats.buildomserv.com/data.gif?' /errorsdomain='http:/stats.buildomserv.com/data.gif?' /monetizationdomain='http:/logs.buildomserv.com/monetization.gif <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

Pokud by bolo cokoliv ještě potřeba - ihned provedu nebo doplním.

Předem děkuji..

Re: Nakažený NTB (odpojení od banky)

Napsal: 11 črc 2015 23:36
od Márty84
Zdravim :)

Haveti je tam spooousta :boxed:

:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

:arrow: Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Re: Nakažený NTB (odpojení od banky)

Napsal: 12 črc 2015 09:12
od Kopecký Josef
Dobrý den.

Děkuji za radu - provedl jsem a zde je log z AdwCleaner:

# AdwCleaner v4.208 - Log vytvořen 12/07/2015 v 10:02:37
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-11.1 [Server]
# Operační system : Windows 7 Professional Service Pack 1 (x64)
# Uživatelské jméno : Clarrien - CLARRIEN-PC
# Spuštěno z : C:\Users\Clarrien\Desktop\adwcleaner_4.208.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
Složka Smazáno : C:\Program Files (x86)\SupTab
Složka Smazáno : C:\Users\Administrator\AppData\LocalLow\AskToolbar
Složka Smazáno : C:\Users\Clarrien\AppData\Local\globalUpdate
Složka Smazáno : C:\Users\Clarrien\AppData\Local\OpenCandy
Složka Smazáno : C:\Users\Clarrien\AppData\LocalLow\HPAppData
Složka Smazáno : C:\Users\Clarrien\AppData\LocalLow\Mail.Ru
Složka Smazáno : C:\Users\Clarrien\AppData\LocalLow\GoHD
Složka Smazáno : C:\Users\Clarrien\AppData\Roaming\Babylon
Složka Smazáno : C:\Users\Clarrien\AppData\Roaming\DealPly
Složka Smazáno : C:\Users\Clarrien\AppData\Roaming\OpenCandy
Složka Smazáno : C:\Users\Clarrien\AppData\Roaming\Systweak
Složka Smazáno : C:\Users\Clarrien\AppData\Roaming\mystartsearch
Složka Smazáno : C:\Users\Pájinka\AppData\LocalLow\AskToolbar
Složka Smazáno : C:\Users\Pájinka\AppData\LocalLow\HPAppData
Složka Smazáno : C:\Users\Pájinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda
Složka Smazáno : C:\Users\Pájinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Složka Smazáno : C:\Users\Clarrien\AppData\Roaming\Opera Software\Opera Stable\Extensions\bokijhalndhhhikpnaniimagniglonke
Soubor Smazáno : C:\Users\Clarrien\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_bokijhalndhhhikpnaniimagniglonke_0.localstorage
Soubor Smazáno : C:\Users\Clarrien\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_bokijhalndhhhikpnaniimagniglonke_0
Soubor Smazáno : C:\Users\Clarrien\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\bokijhalndhhhikpnaniimagniglonke
Soubor Smazáno : C:\Windows\Reimage.ini
Soubor Smazáno : C:\Users\Clarrien\AppData\LocalLow\SkwConfig.bin
Soubor Smazáno : C:\Users\Pájinka\AppData\LocalLow\SkwConfig.bin

***** [ Naplánované úlohy ] *****

Úloha Smazáno : ASP
Úloha Smazáno : Dealply
Úloha Smazáno : 100545cf-1dd6-406b-bbf5-a8c687ac7eff-1
Úloha Smazáno : 100545cf-1dd6-406b-bbf5-a8c687ac7eff-11
Úloha Smazáno : 100545cf-1dd6-406b-bbf5-a8c687ac7eff-2
Úloha Smazáno : 100545cf-1dd6-406b-bbf5-a8c687ac7eff-4
Úloha Smazáno : 100545cf-1dd6-406b-bbf5-a8c687ac7eff-5
Úloha Smazáno : 100545cf-1dd6-406b-bbf5-a8c687ac7eff-5_user
Úloha Smazáno : 100545cf-1dd6-406b-bbf5-a8c687ac7eff-6
Úloha Smazáno : 100545cf-1dd6-406b-bbf5-a8c687ac7eff-7

***** [ Zástupci ] *****

Zástupce Vyléčeno : C:\Users\Clarrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Zástupce Vyléčeno : C:\Users\Clarrien\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Zástupce Vyléčeno : C:\Users\Clarrien\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Zástupce Vyléčeno : C:\Users\Clarrien\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk

***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj
Klíč Smazáno : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíč Smazáno : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Klíč Smazáno : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Klíč Smazáno : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Klíč Smazáno : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Klíč Smazáno : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Klíč Smazáno : HKCU\Software\Classes\keepmysearch
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Klíč Smazáno : HKLM\SOFTWARE\30f83d13-08c9-464f-a7bd-2ab0bd43402c
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611211180}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655215580}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666216680}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644214480}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611211180}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611211180}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611211180}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655215580}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666216680}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{239C5695-98CB-4979-9A31-6880330AB1A2}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíč Smazáno : HKCU\Software\1ClickDownload
Klíč Smazáno : HKCU\Software\BI
Klíč Smazáno : HKCU\Software\GlobalUpdate
Klíč Smazáno : HKCU\Software\IM
Klíč Smazáno : HKCU\Software\ImInstaller
Klíč Smazáno : HKCU\Software\InstalledBrowserExtensions
Klíč Smazáno : HKCU\Software\powerpack
Klíč Smazáno : HKCU\Software\SweetIM
Klíč Smazáno : HKCU\Software\systweak
Klíč Smazáno : HKCU\Software\YahooPartnerToolbar
Klíč Smazáno : HKCU\Software\Reimage
Klíč Smazáno : HKCU\Software\reimagerepair
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Crossrider
Klíč Smazáno : HKCU\Software\AppDataLow\Software\GoHD
Klíč Smazáno : HKLM\SOFTWARE\delta-homesSoftware
Klíč Smazáno : HKLM\SOFTWARE\GlobalUpdate
Klíč Smazáno : HKLM\SOFTWARE\InstalledBrowserExtensions
Klíč Smazáno : HKLM\SOFTWARE\InstallIQ
Klíč Smazáno : HKLM\SOFTWARE\SupDp
Klíč Smazáno : HKLM\SOFTWARE\SupTab
Klíč Smazáno : HKLM\SOFTWARE\SweetIM
Klíč Smazáno : HKLM\SOFTWARE\systweak
Klíč Smazáno : HKLM\SOFTWARE\Uniblue
Klíč Smazáno : HKLM\SOFTWARE\GoHD
Klíč Smazáno : HKLM\SOFTWARE\mystartsearchSoftware
Klíč Smazáno : HKLM\SOFTWARE\IHProtect
Klíč Smazáno : HKU\.DEFAULT\Software\AskPartnerNetwork
Klíč Smazáno : HKU\.DEFAULT\Software\ImInstaller
Klíč Smazáno : HKU\.DEFAULT\Software\SweetIM
Klíč Smazáno : HKU\.DEFAULT\Software\WNLT
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DD85D6BF-4787-4A93-99A5-3F0CF0AE8834}
Klíč Smazáno : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Klíč Smazáno : [x64] HKLM\SOFTWARE\Reimage
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840

Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]

-\\ Mozilla Firefox v


-\\ Google Chrome v43.0.2357.132

[C:\Users\Clarrien\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Homepage] : hxxp://www.delta-homes.com/?type=hp&ts=1434093 ... XX5WS0SJRV
[C:\Users\Clarrien\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Startup_URLs] : E484F0F4B6929C70841A699A36007FB1476A0E8F5CEF7406CB8C532E5D380640"},"software_reporter":{"prompt_reason":"C018E4EBAB9CCA0D88C06AA1B85B534DA80D7B55E8E581CE34E52D400CF2E3EB","prompt_seed":"D229250BC273348BEC5A4477E766F7CC69E48F24EA01E317C4D68D44727064AF","prompt_version":"4C22B27DBF65E9363CDAE9D5DB5928662E053C4BC91011D2D954147E4E0640DA"},"sync":{"remaining_rollback_tries":"83F78AF46D39E9C747382058E4FADD2EFF605584A9EC7F590EF0953215AE0FE5"}},"super_mac":"55A7899FEDD5852CE2A86D33AEDEF8D2F69D9A186739C3CD4E891816CB00544D"},"session":{"restore_on_startup":1,"startup_urls":["hxxp://www.delta-homes.com/?type=hp&ts=1434093 ... XX5WS0SJRV
[C:\Users\Pájinka\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Smazáno [Extension] : dlfienamagdnkekbbbocojppncdambda
[C:\Users\Pájinka\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Smazáno [Extension] : gaiilaahiahdejapggenmdmafpmbipje

-\\ Opera v0.0.0.0

[C:\Users\Clarrien\AppData\Roaming\Opera Software\Opera Stable\Preferences] - Smazáno [Extension] : bokijhalndhhhikpnaniimagniglonke

*************************

AdwCleaner[R0].txt - [23390 bytů] - [12/07/2015 10:00:32]
AdwCleaner[S0].txt - [21133 bytů] - [12/07/2015 10:02:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [21192 bytů] ##########


Jaké jsou další instrukce prosím (nebo už je to čisté??)??

Děkuji Josef K.

Re: Nakažený NTB (odpojení od banky)

Napsal: 12 črc 2015 11:20
od Márty84
Kopecký Josef píše:Jaké jsou další instrukce prosím (nebo už je to čisté??)??
Je potreba pozorne cist :)
Márty84 píše:Zdravim :)

Haveti je tam spooousta :boxed:

:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

:arrow: Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Re: Nakažený NTB (odpojení od banky)

Napsal: 12 črc 2015 14:46
od Kopecký Josef
...jasné. jen ten SCAN trval nějak dlouho => zde je výsledek testu:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 12.7.2015
Čas skenování: 10:20
Protokol: mbam_result.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.12.01
Databáze rootkitů: v2015.07.10.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Clarrien

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 637420
Uplynulý čas: 2 hod, 10 min, 15 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 39
Adware.Superweb, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{73ad5d47-66e5-4127-80ca-c0eedabafbcc}, , [c61b7f61ddad13230a731ba0e61cb64a],
Adware.Superweb, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{73AD5D47-66E5-4127-80CA-C0EEDABAFBCC}, , [c61b7f61ddad13230a731ba0e61cb64a],
Adware.Superweb, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{73AD5D47-66E5-4127-80CA-C0EEDABAFBCC}, , [c61b7f61ddad13230a731ba0e61cb64a],
PUP.Optional.LuckyTab.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, , [637ee6fadbaf3204e166b7c642c0ac54],
PUP.Optional.LuckyTab.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, , [637ee6fadbaf3204e166b7c642c0ac54],
PUP.Optional.SweetPacks.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{EEE6C35B-6118-11DC-9C72-001320C79847}, , [ecf5ba26f4967db959576d11d62c27d9],
PUP.Optional.SweetPacks.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{EEE6C35B-6118-11DC-9C72-001320C79847}, , [ecf5ba26f4967db959576d11d62c27d9],
PUP.Optional.SweetPacks, HKU\S-1-5-21-3420416177-1627521652-3136778559-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{EEE6C35C-6118-11DC-9C72-001320C79847}, , [be23449c2c5e3105acf6fa8d15ed55ab],
PUP.Optional.SweetPacks, HKU\S-1-5-21-3420416177-1627521652-3136778559-1004\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{EEE6C35C-6118-11DC-9C72-001320C79847}, , [be23449c2c5e3105acf6fa8d15ed55ab],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0B6C1F25-E9D8-4A62-8B24-A73D9BAAE15E}, , [d110815fcac02214deadc3c854b033cd],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2AAD53ED-A527-4842-BD52-9C696D11235A}, , [23be8f5128620c2a98f5e7a49a6af010],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5A7C7AA0-3BCB-48D8-97D7-FEA5F37FF96C}, , [6b76fee2c6c4f343ed9fb9d26a9ab34d],
PUP.Optional.GoHD.A, HKLM\SOFTWARE\WOW6432NODE\GoHD-nv, , [bb26598704866ec88b896ba0679c867a],
PUP.Optional.Qualitink.A, HKLM\SOFTWARE\WOW6432NODE\qualitink, , [c61b0bd568221224a3f9ef83887c48b8],
PUP.Optional.Qualitink.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\hfimjncgpflkpkhbnnblhblobjjjhjhd, , [4a9702de563464d24b9eb1d208fc1be5],
PUP.Optional.Qualitink.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ljkcijnbckdflhifmbnfnkjacokloacf, , [a63b4b95177339fd87e0f23d000317e9],
PUP.Optional.Qualitink.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mdipponmnbnnclmkmnnddnbecckhbjdj, , [e5fc1dc3bfcbf640a8529d91996a54ac],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0B6C1F25-E9D8-4A62-8B24-A73D9BAAE15E}, , [657c419f5e2cdb5bec9f8ffcba4a2ed2],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2AAD53ED-A527-4842-BD52-9C696D11235A}, , [786923bd404abe782e5f96f5986c926e],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5A7C7AA0-3BCB-48D8-97D7-FEA5F37FF96C}, , [8b56ac343357999def9db0db3fc515eb],
PUP.Optional.GoHD.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\GoHD, , [f3ee32ae395105311d2a709d679c46ba],
PUP.Optional.Qualitink.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\SOFTWARE\qualitink, , [746d469a0288ec4ac7d43c3653b1b44c],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0B6C1F25-E9D8-4A62-8B24-A73D9BAAE15E}, , [0cd599474347e056e5a3404b4aba42be],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{25F5E9AC-D5F9-4D36-BFBC-292942D1999F}, , [19c8af31cac09f97fb8fee9d4cb8c739],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2AAD53ED-A527-4842-BD52-9C696D11235A}, , [0fd2af31a9e1e74f2f5b93f88f75cc34],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{31FB3AD5-1501-4726-8770-BEBD80AF689E}, , [34ad12ce9febdf5796f3e1aad92b1ee2],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5A7C7AA0-3BCB-48D8-97D7-FEA5F37FF96C}, , [657cf3ed276343f38ffa5932c4407f81],
PUP.Optional.DealPly.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\gaiilaahiahdejapggenmdmafpmbipje, , [f3ee2fb198f274c247cc46f0ad569a66],
PUP.Optional.Qualitink.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-1004\SOFTWARE\qualitink, , [d20fde02b8d261d5d6c58ce624e0966a],
PUP.Optional.SweetIM.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-1004\SOFTWARE\SweetIM, , [eef3ce125832033382d5bb5ac83b8779],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-1004\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [8d54c61ad8b2c670a2ef5719c83c827e],
PUP.Optional.GoHD.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-1004\SOFTWARE\APPDATALOW\SOFTWARE\GoHD, , [6b760fd11c6ec472232461ac649f2bd5],
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-3420416177-1627521652-3136778559-1004\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY, , [da07726e9bef979fa8697e8743c032ce],
PUP.Optional.Ask.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6755DC02-0C7C-4C9D-BFFF-F27D8E435A51}, , [a839e9f71a70e650e413a0ee26de3fc1],
PUP.Optional.Qualitink.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-500\SOFTWARE\qualitink, , [ae33f1effe8c95a12e6df28025dfd927],
PUP.Optional.Ask.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-500\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6755DC02-0C7C-4C9D-BFFF-F27D8E435A51}, , [ac35924eddadfb3bfdfa2f5f5aaa39c7],
PUP.Optional.Qualitink.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{73ad5d47-66e5-4127-80ca-c0eedabafbcc}, , [8160ebf518729e98d2c0191848bd20e0],
PUP.Optional.Qualitink.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{73AD5D47-66E5-4127-80CA-C0EEDABAFBCC}, , [8160ebf518729e98d2c0191848bd20e0],
PUP.Optional.Qualitink.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{73AD5D47-66E5-4127-80CA-C0EEDABAFBCC}, , [8160ebf518729e98d2c0191848bd20e0],

Hodnoty registru: 18
PUP.Optional.InboxToolBar.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}, , [dc05f4ece9a16bcba8c5eecde61c8977],
PUP.Optional.InboxToolBar.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{D7E97865-918F-41E4-9CD0-25AB1C574CE8}, exé׏‘äAśĐ%« WLč, , [dc05f4ece9a16bcba8c5eecde61c8977]
PUP.Optional.InboxToolBar.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-500\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{D7E97865-918F-41E4-9CD0-25AB1C574CE8}, exé׏‘äAśĐ%« WLč, , [dc05f4ece9a16bcba8c5eecde61c8977]
PUP.Optional.InboxToolBar.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-500\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}, , [d20f835d672352e4571662598c764eb2],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0b6c1f25-e9d8-4a62-8b24-a73d9baae15e}|AppName, GoHD-bg.exe, , [d110815fcac02214deadc3c854b033cd]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2aad53ed-a527-4842-bd52-9c696d11235a}|AppName, GoHD-codedownloader.exe, , [23be8f5128620c2a98f5e7a49a6af010]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5a7c7aa0-3bcb-48d8-97d7-fea5f37ff96c}|AppName, GoHD-buttonutil.exe, , [6b76fee2c6c4f343ed9fb9d26a9ab34d]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0b6c1f25-e9d8-4a62-8b24-a73d9baae15e}|AppName, GoHD-bg.exe, , [657c419f5e2cdb5bec9f8ffcba4a2ed2]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2aad53ed-a527-4842-bd52-9c696d11235a}|AppName, GoHD-codedownloader.exe, , [786923bd404abe782e5f96f5986c926e]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5a7c7aa0-3bcb-48d8-97d7-fea5f37ff96c}|AppName, GoHD-buttonutil.exe, , [8b56ac343357999def9db0db3fc515eb]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0b6c1f25-e9d8-4a62-8b24-a73d9baae15e}|AppName, GoHD-bg.exe, , [0cd599474347e056e5a3404b4aba42be]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{25F5E9AC-D5F9-4D36-BFBC-292942D1999F}|AppName, 100545cf-1dd6-406b-bbf5-a8c687ac7eff-2.exe-codedownloader.exe, , [19c8af31cac09f97fb8fee9d4cb8c739]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2aad53ed-a527-4842-bd52-9c696d11235a}|AppName, GoHD-codedownloader.exe, , [0fd2af31a9e1e74f2f5b93f88f75cc34]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{31FB3AD5-1501-4726-8770-BEBD80AF689E}|AppName, 100545cf-1dd6-406b-bbf5-a8c687ac7eff-2.exe-buttonutil.exe, , [34ad12ce9febdf5796f3e1aad92b1ee2]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5a7c7aa0-3bcb-48d8-97d7-fea5f37ff96c}|AppName, GoHD-buttonutil.exe, , [657cf3ed276343f38ffa5932c4407f81]
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-3420416177-1627521652-3136778559-1004\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY|source, direct, , [da07726e9bef979fa8697e8743c032ce]
PUP.Optional.Ask.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6755DC02-0C7C-4C9D-BFFF-F27D8E435A51}|URL, http://websearch.ask.com/redirect?clien ... B23F690091&, , [a839e9f71a70e650e413a0ee26de3fc1]
PUP.Optional.Ask.A, HKU\S-1-5-21-3420416177-1627521652-3136778559-500\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6755DC02-0C7C-4C9D-BFFF-F27D8E435A51}|URL, http://websearch.ask.com/redirect?clien ... 3951B3E7B8, , [ac35924eddadfb3bfdfa2f5f5aaa39c7]

Data registru: 2
Hijack.StartPage, HKU\S-1-5-21-3420416177-1627521652-3136778559-500\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://toolbar.inbox.com/search/dispatc ... &%language, Dobré: (www.google.com), Špatné: (http://toolbar.inbox.com/search/dispatc ... &%language),,[3aa79947a7e396a078f3de4ea85dbc44]
Hijack.SearchBar, HKU\S-1-5-21-3420416177-1627521652-3136778559-500\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://toolbar.inbox.com/search/dispatc ... &%language, Dobré: (www.google.com/), Špatné: (http://toolbar.inbox.com/search/dispatc ... &%language),,[f9e835abc6c4d36375f88aa2ea1b1fe1]

Složky: 9
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\net_search, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\skin, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Qualitink.A, C:\Users\Pájinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdipponmnbnnclmkmnnddnbecckhbjdj, , [2bb64c945436e84e9894c112db27a858],
PUP.Optional.Qualitink.A, C:\Users\Pájinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdipponmnbnnclmkmnnddnbecckhbjdj\1.0.0_0, , [2bb64c945436e84e9894c112db27a858],
PUP.Optional.NewGame.A, C:\Users\Pájinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlinpflaifheoeohbdffhfnnpghdnlel\10717.1394.4250_0, , [657c5a860288ce682bb569f92dd8a65a],
PUP.Optional.NewGame.A, C:\Users\Pájinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlinpflaifheoeohbdffhfnnpghdnlel\10717.1394.4250_0\chrome, , [657c5a860288ce682bb569f92dd8a65a],
PUP.Optional.NewGame.A, C:\Users\Pájinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlinpflaifheoeohbdffhfnnpghdnlel\10717.1394.4250_0\chrome\content, , [657c5a860288ce682bb569f92dd8a65a],
PUP.Optional.NewGame.A, C:\Users\Pájinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlinpflaifheoeohbdffhfnnpghdnlel, , [657c5a860288ce682bb569f92dd8a65a],

Soubory: 36
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\uninst.exe, , [0dd4716f513948eea8c1654eb24f14ec],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\config.ini, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\everything.exe, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\SearchBase.db, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\SearchBase.exe, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\SFKEX.dll, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\net_search\bing.png, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\net_search\google.png, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\net_search\search_config.ini, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\net_search\SFK.ini, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\net_search\SFKEX.ini, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\net_search\yahoo.png, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\skin\bing.png, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\skin\caret.png, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\skin\FileListItem.xml, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\skin\FileListItem_bing.xml, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\skin\FileListItem_google.xml, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\skin\frame.png, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\skin\frame2.png, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\skin\google.png, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\skin\guide.png, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\skin\icon_search.png, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\skin\mainpanel.png, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\skin\MainPannel.xml, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\skin\panel_base.xml, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\skin\search_content_list.png, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\skin\WndMask.xml, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Everything.A, C:\Users\Clarrien\AppData\Everything\skin\yahoo.png, , [0dd4756bb0dab77fa9eea65a7192857b],
PUP.Optional.Notification.A, C:\Windows\Tasks\new_game_notification_service.job, , [746d47997515ec4a6255d92ae61d6e92],
PUP.Optional.Notification.A, C:\Windows\System32\Tasks\new_game_notification_service, , [d0112cb4503a24126c4c748f7e8534cc],
Trojan.Agent.TPL, C:\Users\Clarrien\AppData\Roaming\2433f433, , [a23f09d7e8a24cea2c5f27292ada60a0],
Trojan.Agent.TPL, C:\Users\Clarrien\AppData\Local\2433f433, , [09d87a66f1990b2bf19b8cc4e61e29d7],
PUP.Optional.Qualitink.A, C:\Users\Pájinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdipponmnbnnclmkmnnddnbecckhbjdj\1.0.0_0\icon.png, , [2bb64c945436e84e9894c112db27a858],
PUP.Optional.Qualitink.A, C:\Users\Pájinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdipponmnbnnclmkmnnddnbecckhbjdj\1.0.0_0\manifest.json, , [2bb64c945436e84e9894c112db27a858],
PUP.Optional.NewGame.A, C:\Users\Pájinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlinpflaifheoeohbdffhfnnpghdnlel\10717.1394.4250_0\manifest.json, , [657c5a860288ce682bb569f92dd8a65a],
PUP.Optional.NewGame.A, C:\Users\Pájinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlinpflaifheoeohbdffhfnnpghdnlel\10717.1394.4250_0\chrome\content\main.js, , [657c5a860288ce682bb569f92dd8a65a],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Jaké jsou další instrukce.

Děkuji Josef K.

Re: Nakažený NTB (odpojení od banky)

Napsal: 12 črc 2015 16:12
od Márty84
Sken je dlouhy, ale dukladny a vidite, ze nalezu je fakt dost :boxed:


:arrow: Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

Re: Nakažený NTB (odpojení od banky)

Napsal: 13 črc 2015 10:15
od Kopecký Josef
Dobrý den.

Nechal jsem odstranit, provedl restart. Znovu spustil test a výsledk => žádná havěť!!! (mužu se už radovat??? :| )

(dnes jsem ráno ntb znovu spustil a ještě jednou pustil test v MBAM a opět 0 detekovaných objektů)

Jaké jsou další instrukce (mohu si již dojít do banky pro nový certifikát a vklidu používat banku a další věci???)

Děkuji Josef K.

Re: Nakažený NTB (odpojení od banky)

Napsal: 13 črc 2015 17:28
od Márty84
Jeste bych pockal. Je potreba to docistit poradne, jinak to bude brzy zpet :boxed:


:!: Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.) :!:

:!: Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

:arrow: Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

:!: Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
:!: Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Re: Nakažený NTB (odpojení od banky)

Napsal: 13 črc 2015 18:00
od Kopecký Josef
Mám problém - ComboFix hlásí, že jsou stále aktivní antivirus a antispyware Avira Desktop.

Jedná se o předchozí nešťastný antivir, který hlásil stále nějakou chybu a ani se mi nedařilo ho opravit nebo jednoduše odstranit a tak jsem použil remover, ale i tak tam pořád někde byla služba atd. Nakonec jsem dal na nějakou radu a provedl odstranění přes regedit a další fyzické odmazání. Ale jak je vidět stále tam někde je, i když v procesech ani jinde neběží nic pod podobným názvem.

Co radíte - pokračovat v ComboFixu?? Nebo...??

(ach jo - začínám být skeptický...)

Děkuji Josef K.

Re: Nakažený NTB (odpojení od banky)

Napsal: 13 črc 2015 18:36
od Márty84
Kopecký Josef píše:Co radíte - pokračovat v ComboFixu??
Ano, pokracovat.

Re: Nakažený NTB (odpojení od banky)

Napsal: 14 črc 2015 11:09
od Kopecký Josef
Dobrý den.

Doběhl ComboFix (opět docela dlouho - asi dost náročné). Každopádně zde je log:

ComboFix 15-07-12.01 - Clarrien 14.07.2015 9:50.1.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.6058.3656 [GMT 2:00]
Spuštěný z: c:\users\Clarrien\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6664\AddOnDownloaded\0124e21d-018c-4ce0-92a3-b9e205a76bc0.dll
c:\programdata\PCDr\6664\AddOnDownloaded\073fb38f-0e69-479d-bca1-4f81ec9dcbf6.dll
c:\programdata\PCDr\6664\AddOnDownloaded\0d461521-7dbf-4cec-a29e-936c88cdf8c9.dll
c:\programdata\PCDr\6664\AddOnDownloaded\100c3865-0c76-461b-b2fd-042d6d5fa7f6.dll
c:\programdata\PCDr\6664\AddOnDownloaded\173c4dd2-e93c-4725-b006-db1d8f465192.dll
c:\programdata\PCDr\6664\AddOnDownloaded\1b0b3c38-2b97-4f8d-954b-06296209b73d.dll
c:\programdata\PCDr\6664\AddOnDownloaded\1e0aaf9a-9947-4a7b-b1ae-8a89919438ed.dll
c:\programdata\PCDr\6664\AddOnDownloaded\263d6ac9-4f87-466c-947c-bd9af71d7035.dll
c:\programdata\PCDr\6664\AddOnDownloaded\2a6b5d0b-a2fc-4bdd-b3fe-6bbefb85b7e4.dll
c:\programdata\PCDr\6664\AddOnDownloaded\2c507aa3-5c72-4011-b9e1-3928beb6f336.dll
c:\programdata\PCDr\6664\AddOnDownloaded\2eccd5d6-e118-4f76-97b6-ba56fb6c597a.dll
c:\programdata\PCDr\6664\AddOnDownloaded\2ed4ce9e-0dff-4595-a0aa-f3e3b671fddc.dll
c:\programdata\PCDr\6664\AddOnDownloaded\3324fb70-b482-4ff5-9d0e-102981046ff0.dll
c:\programdata\PCDr\6664\AddOnDownloaded\3410f47b-5e8c-47c6-bf2c-234af4121d4c.dll
c:\programdata\PCDr\6664\AddOnDownloaded\378deb7f-049e-4a5e-83b2-5381dcd9e928.dll
c:\programdata\PCDr\6664\AddOnDownloaded\3972fea3-214c-4935-a7d1-96bf66115683.dll
c:\programdata\PCDr\6664\AddOnDownloaded\3a79f062-8f3e-464f-9815-2c45840494ee.dll
c:\programdata\PCDr\6664\AddOnDownloaded\3b1c7acd-5e3e-4459-ab98-5109117e2341.dll
c:\programdata\PCDr\6664\AddOnDownloaded\4546f2bc-b9d9-4667-abe7-b0bacc90279e.dll
c:\programdata\PCDr\6664\AddOnDownloaded\459715e4-d2b9-4b1d-9abd-b72ddc2c69b1.dll
c:\programdata\PCDr\6664\AddOnDownloaded\4628ddf8-b4cb-4445-b869-56cb92eae20b.dll
c:\programdata\PCDr\6664\AddOnDownloaded\4804ced5-915b-48a3-a465-b8a5e02714bf.dll
c:\programdata\PCDr\6664\AddOnDownloaded\4818e109-9489-4cd8-9044-44defd8ec187.dll
c:\programdata\PCDr\6664\AddOnDownloaded\48db0c93-e691-44fc-9c6b-a61e60525cfe.dll
c:\programdata\PCDr\6664\AddOnDownloaded\4cb05034-365d-4b59-a070-5750405458b0.dll
c:\programdata\PCDr\6664\AddOnDownloaded\4e3bd962-072e-42a0-8ffb-faf4fbf06230.dll
c:\programdata\PCDr\6664\AddOnDownloaded\50441041-9037-4c34-842c-4a8523e700da.dll
c:\programdata\PCDr\6664\AddOnDownloaded\51fdf16e-ecb9-4fa4-8469-76fc9a22293b.dll
c:\programdata\PCDr\6664\AddOnDownloaded\526d8043-c04a-458e-b41c-9f0b037eb5ab.dll
c:\programdata\PCDr\6664\AddOnDownloaded\57d7325c-8462-4866-a9ca-3f9228775fed.dll
c:\programdata\PCDr\6664\AddOnDownloaded\62d1f0b0-bc9a-4f6c-bad7-93b19a91276a.dll
c:\programdata\PCDr\6664\AddOnDownloaded\649574c7-1acb-458c-a846-1bc04bfcdb93.dll
c:\programdata\PCDr\6664\AddOnDownloaded\67c3d4fe-b638-467a-9fe2-c5813ade3330.dll
c:\programdata\PCDr\6664\AddOnDownloaded\6820b110-e483-4f1e-9b48-438f7916f078.dll
c:\programdata\PCDr\6664\AddOnDownloaded\6b56d7e1-5ac6-46da-8615-10fbe2919ac8.dll
c:\programdata\PCDr\6664\AddOnDownloaded\6b5978fa-48d7-4309-a523-7e157768c0d8.dll
c:\programdata\PCDr\6664\AddOnDownloaded\6f4fb483-ce30-493a-8cb4-3e530ab1be5b.dll
c:\programdata\PCDr\6664\AddOnDownloaded\6f9e83ca-5216-40db-863d-61ffff2a1563.dll
c:\programdata\PCDr\6664\AddOnDownloaded\739db3eb-d3cd-4c86-a6ea-01a49984fa3b.dll
c:\programdata\PCDr\6664\AddOnDownloaded\7bd83798-7a02-4f50-83a2-b91cabcbd1f9.dll
c:\programdata\PCDr\6664\AddOnDownloaded\7c5b1d75-4145-4f69-b184-a8fb559fd417.dll
c:\programdata\PCDr\6664\AddOnDownloaded\7dbfef1a-6148-4748-a1b3-71627763a45a.dll
c:\programdata\PCDr\6664\AddOnDownloaded\812fed95-c1fb-4695-be1a-fd6265302cf9.dll
c:\programdata\PCDr\6664\AddOnDownloaded\813755dc-2229-47a2-b85b-19d0aaa641c9.dll
c:\programdata\PCDr\6664\AddOnDownloaded\872965c7-08b7-47fc-a74c-ff167590b71a.dll
c:\programdata\PCDr\6664\AddOnDownloaded\873c94c8-114d-4d39-a36a-14d636c6e7f3.dll
c:\programdata\PCDr\6664\AddOnDownloaded\8d357f17-07ad-4392-ba06-fb67564c98cd.dll
c:\programdata\PCDr\6664\AddOnDownloaded\909c2f24-5974-42a7-a041-bbc7c1411046.dll
c:\programdata\PCDr\6664\AddOnDownloaded\934f6059-2d35-4bd9-a130-a17cb5563507.dll
c:\programdata\PCDr\6664\AddOnDownloaded\943fb1bd-a66d-43d4-943d-6261ebf98050.dll
c:\programdata\PCDr\6664\AddOnDownloaded\95863b84-2a1c-4539-bd21-ffbef3ea7fd9.dll
c:\programdata\PCDr\6664\AddOnDownloaded\964840d8-cf70-45c0-a3db-802e021f9658.dll
c:\programdata\PCDr\6664\AddOnDownloaded\9afbb1e4-1951-4d6e-bd32-2e0e5254786f.dll
c:\programdata\PCDr\6664\AddOnDownloaded\9b664440-a1fb-457f-a208-c519fea54f87.dll
c:\programdata\PCDr\6664\AddOnDownloaded\9b6e4d67-f75b-40b4-bfb0-bc8d902f62eb.dll
c:\programdata\PCDr\6664\AddOnDownloaded\9bf708b5-617d-4352-8ecd-ff95912dcb95.dll
c:\programdata\PCDr\6664\AddOnDownloaded\a61f44a8-21a3-4c4a-a04b-993dfb73bf96.dll
c:\programdata\PCDr\6664\AddOnDownloaded\a7a4f473-8998-4029-be3e-f4280478bd6b.dll
c:\programdata\PCDr\6664\AddOnDownloaded\a9de0c84-9a7c-4638-9653-13aa8cf56e80.dll
c:\programdata\PCDr\6664\AddOnDownloaded\ac83e4d3-2f37-4679-a3b4-b7f5aa568264.dll
c:\programdata\PCDr\6664\AddOnDownloaded\ae67b364-b69e-471e-b177-2459120b84d4.dll
c:\programdata\PCDr\6664\AddOnDownloaded\b2152f30-7380-4987-8fcf-e4c06952615d.dll
c:\programdata\PCDr\6664\AddOnDownloaded\b4cc2a4a-87f5-49cd-935c-18f1a80e65b7.dll
c:\programdata\PCDr\6664\AddOnDownloaded\b4e7e391-8ff3-4363-bb72-f41a243749b1.dll
c:\programdata\PCDr\6664\AddOnDownloaded\b9ce760f-6209-48f2-a4a3-695324591c45.dll
c:\programdata\PCDr\6664\AddOnDownloaded\b9f9154e-1581-4a2a-a195-eeb46e9e239b.dll
c:\programdata\PCDr\6664\AddOnDownloaded\ba005e12-3139-4327-9f7a-9f2ea6a6c841.dll
c:\programdata\PCDr\6664\AddOnDownloaded\bb97e28d-bdfb-4fa4-902d-264275c5cb1b.dll
c:\programdata\PCDr\6664\AddOnDownloaded\bc6fc708-5b6b-4a72-b336-09b3089baa7a.dll
c:\programdata\PCDr\6664\AddOnDownloaded\bea3f575-677a-4c92-89ca-7be8480c11a9.dll
c:\programdata\PCDr\6664\AddOnDownloaded\bf647bd7-dfb5-4746-a6b4-b7c2fdbbf3b1.dll
c:\programdata\PCDr\6664\AddOnDownloaded\c4211805-b43b-471d-81af-4e0589f8607b.dll
c:\programdata\PCDr\6664\AddOnDownloaded\c6528f35-d623-4e84-a9b2-58ecb22dabd4.dll
c:\programdata\PCDr\6664\AddOnDownloaded\c6bf01ba-05a7-4930-b8dd-7c5fd03e97ac.dll
c:\programdata\PCDr\6664\AddOnDownloaded\c746a3b1-ed0c-4bff-941c-d5e6f0583ce7.dll
c:\programdata\PCDr\6664\AddOnDownloaded\c749e834-df0f-483e-9946-33435f37c240.dll
c:\programdata\PCDr\6664\AddOnDownloaded\caac49ab-d9d8-4f29-a409-2a9a30ae62af.dll
c:\programdata\PCDr\6664\AddOnDownloaded\cdda52ec-6ccd-425a-8c72-b7bbdc8b3acd.dll
c:\programdata\PCDr\6664\AddOnDownloaded\d1f4dc82-bc4c-4916-b37c-3ab9c30ae468.dll
c:\programdata\PCDr\6664\AddOnDownloaded\d34c0cf7-889f-43dd-9283-b2b6f442aae3.dll
c:\programdata\PCDr\6664\AddOnDownloaded\ddb9fe5d-525c-4d5d-ac37-0bd10f2864f8.dll
c:\programdata\PCDr\6664\AddOnDownloaded\dfc97e68-74cd-4807-807f-ac146d81ec5d.dll
c:\programdata\PCDr\6664\AddOnDownloaded\e45cd45a-4d7c-4802-881f-74582b847e5c.dll
c:\programdata\PCDr\6664\AddOnDownloaded\e5a71f43-c979-4b3d-a544-9ed1dc6dc4c8.dll
c:\programdata\PCDr\6664\AddOnDownloaded\edb10714-8498-4679-a667-4c4c359de017.dll
c:\programdata\PCDr\6664\AddOnDownloaded\ee4747a4-1d1b-42c1-8a8c-1de04bbb2379.dll
c:\programdata\PCDr\6664\AddOnDownloaded\ef32b2f9-e518-400c-8172-d1a06ae9d208.dll
c:\programdata\PCDr\6664\AddOnDownloaded\ef78c3e8-1d94-4219-8070-7617e119bba4.dll
c:\programdata\PCDr\6664\AddOnDownloaded\f04a4d58-1eb6-4e35-b4b4-db6bab11e49b.dll
c:\programdata\PCDr\6664\AddOnDownloaded\f06c5597-1a85-4d1f-ac16-a6fdd2a6bedc.dll
c:\programdata\PCDr\6664\AddOnDownloaded\f12de547-df4d-4236-9129-baac054f90ab.dll
c:\programdata\PCDr\6664\AddOnDownloaded\f9dc840b-c6f7-42a5-acec-50cc7a2827fd.dll
c:\programdata\PCDr\6664\AddOnDownloaded\fbd50850-4122-4fe3-a72e-fcbe58a0f196.dll
c:\programdata\PCDr\6664\AddOnDownloaded\ff34f184-7b2d-4b07-9131-b1349888b6e5.dll
c:\users\Clarrien\AppData\Local\assembly\tmp
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-06-14 do 2015-07-14 )))))))))))))))))))))))))))))))
.
.
2015-07-14 10:00 . 2015-07-14 10:00 -------- d-----w- c:\users\Pájinka\AppData\Local\temp
2015-07-14 10:00 . 2015-07-14 10:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-07-14 10:00 . 2015-07-14 10:00 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2015-07-13 17:30 . 2015-07-13 17:30 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{70809C3F-E295-4DEE-ABFC-B9646486EAFC}\offreg.6572.dll
2015-07-12 08:15 . 2015-07-12 08:15 -------- d-----w- c:\programdata\Malwarebytes
2015-07-12 08:00 . 2015-07-12 08:02 -------- d-----w- C:\AdwCleaner
2015-07-11 21:41 . 2015-07-11 21:41 -------- d-----w- C:\rsit
2015-07-11 21:41 . 2015-07-11 21:41 -------- d-----w- c:\program files\trend micro
2015-07-11 21:38 . 2015-07-11 21:38 -------- d-----w- c:\users\Clarrien\AppData\Local\NVIDIA Corporation
2015-07-11 21:37 . 2015-07-11 22:03 -------- d-----w- C:\FRST
2015-07-11 21:37 . 2015-07-11 21:37 -------- d-----w- c:\users\Clarrien\AppData\Local\NVIDIA
2015-07-11 21:34 . 2015-06-17 09:10 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-07-11 21:34 . 2015-06-17 09:10 1571696 ----a-w- c:\windows\system32\nvspcap64.dll
2015-07-11 21:34 . 2015-06-17 09:10 1320304 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-07-11 21:34 . 2015-06-17 09:10 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-07-11 21:32 . 2015-06-17 06:03 571024 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-07-11 21:32 . 2015-07-11 21:32 -------- d-----w- c:\windows\SysWow64\NV
2015-07-11 21:32 . 2015-07-11 21:32 -------- d-----w- c:\windows\system32\NV
2015-07-11 21:27 . 2015-07-11 21:27 -------- d-----w- C:\NVIDIA
2015-07-11 14:52 . 2015-07-11 14:52 -------- d-----w- c:\users\Clarrien\AppData\Roaming\Oracle
2015-07-11 14:51 . 2015-07-11 14:51 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-07-11 14:51 . 2015-07-11 14:50 110688 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2015-07-11 14:50 . 2015-07-11 14:50 -------- d-----w- c:\program files\Java
2015-07-11 12:09 . 2015-07-11 12:09 -------- d-----w- c:\programdata\PCDr
2015-07-10 21:02 . 2015-07-10 21:02 -------- d-----w- c:\users\Clarrien\AppData\Local\Skype
2015-07-10 21:02 . 2015-07-10 21:02 -------- d-----w- c:\program files (x86)\Common Files\Skype
2015-07-10 21:02 . 2015-07-10 21:02 -------- d-----r- c:\program files (x86)\Skype
2015-07-10 21:01 . 2015-07-10 21:02 -------- d-----w- c:\programdata\Skype
2015-07-10 20:59 . 2014-09-05 02:11 6584320 ----a-w- c:\windows\system32\mstscax.dll
2015-07-10 20:59 . 2014-09-05 01:52 5703168 ----a-w- c:\windows\SysWow64\mstscax.dll
2015-07-10 20:58 . 2014-12-11 17:47 87040 ----a-w- c:\windows\system32\TSWbPrxy.exe
2015-07-10 20:31 . 2015-06-26 22:07 98304 ----a-w- c:\windows\system32\wudriver.dll
2015-07-10 16:25 . 2015-07-10 16:25 -------- d-----w- c:\programdata\WinZip
2015-07-10 15:42 . 2015-07-10 15:42 -------- d-----w- c:\users\Clarrien\AppData\Local\ESET
2015-07-10 15:40 . 2015-07-10 15:40 -------- d-----w- c:\program files\ESET
2015-07-10 14:55 . 2015-06-12 07:50 12221144 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{70809C3F-E295-4DEE-ABFC-B9646486EAFC}\mpengine.dll
2015-07-10 14:40 . 2015-07-10 14:40 -------- d-----w- c:\programdata\Validity
2015-07-10 14:25 . 2015-07-11 10:41 -------- d-----w- c:\programdata\GoluKfid
2015-07-02 17:26 . 2015-07-02 17:26 -------- d-----w- c:\program files\CCleaner
2015-07-02 16:12 . 2015-07-02 16:12 -------- d-----w- c:\users\Clarrien\AppData\Roaming\Roxio Log Files
2015-06-28 12:19 . 2015-06-28 12:19 -------- d-----w- c:\program files\Dell Support Center
2015-06-25 12:01 . 2015-07-11 14:32 18174128 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2015-06-25 10:58 . 2015-06-25 11:06 -------- d-----w- c:\users\Clarrien\AppData\Roaming\7 Sticky Notes
2015-06-25 10:41 . 2011-08-13 19:06 1031168 ------w- c:\windows\SysWow64\ExLVwU.ocx
2015-06-25 10:41 . 2012-10-13 20:20 805376 ------w- c:\windows\SysWow64\EditCtlsU.ocx
2015-06-25 10:41 . 2011-05-20 22:02 604672 ------w- c:\windows\SysWow64\ExTVwU.ocx
2015-06-25 10:41 . 2008-01-19 09:34 554008 ------w- c:\windows\SysWow64\dao360.dll
2015-06-25 10:41 . 2004-03-09 12:45 212240 ------w- c:\windows\SysWow64\richtx32.ocx
2015-06-25 10:41 . 1998-06-23 23:00 198456 ------w- c:\windows\SysWow64\MCI32.OCX
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-11 14:32 . 2012-04-02 15:32 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-11 14:32 . 2011-06-23 18:29 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-06-25 12:08 . 2014-09-19 13:35 720896 ----a-w- c:\windows\iun6002.exe
2015-06-23 11:30 . 2011-06-21 16:14 300704 ------w- c:\windows\system32\MpSigStub.exe
2015-06-17 09:10 . 2011-05-21 11:33 938752 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2015-06-17 09:10 . 2011-05-21 11:33 1099992 ----a-w- c:\windows\system32\nvumdshimx.dll
2015-06-17 09:10 . 2011-05-21 11:33 176904 ----a-w- c:\windows\system32\nvinitx.dll
2015-06-17 09:10 . 2011-05-21 11:33 155280 ----a-w- c:\windows\SysWow64\nvinit.dll
2015-06-17 09:10 . 2011-05-21 11:33 12855416 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-06-17 09:10 . 2011-05-21 11:33 3395648 ----a-w- c:\windows\system32\nvapi64.dll
2015-06-17 06:48 . 2011-02-18 17:19 937616 ----a-w- c:\windows\system32\nvvsvc.exe
2015-06-17 06:48 . 2011-02-18 17:19 74896 ----a-w- c:\windows\system32\nv3dappshextr.dll
2015-06-17 06:48 . 2011-02-18 17:19 385168 ----a-w- c:\windows\system32\nvmctray.dll
2015-06-17 06:48 . 2011-02-18 17:19 2558792 ----a-w- c:\windows\system32\nvsvcr.dll
2015-06-17 06:48 . 2011-02-18 17:19 1059472 ----a-w- c:\windows\system32\nv3dappshext.dll
2015-06-17 06:48 . 2011-02-18 10:19 62792 ----a-w- c:\windows\system32\nvshext.dll
2015-06-17 06:48 . 2011-02-18 17:19 6873232 ----a-w- c:\windows\system32\nvcpl.dll
2015-06-17 06:48 . 2011-02-18 17:19 3492168 ----a-w- c:\windows\system32\nvsvc64.dll
2015-06-11 01:04 . 2011-06-26 18:49 140135120 ----a-w- c:\windows\system32\MRT.exe
2015-06-02 14:11 . 2011-02-18 10:19 4421614 ----a-w- c:\windows\system32\nvcoproc.bin
2015-06-01 19:16 . 2015-06-10 06:44 389840 ----a-w- c:\windows\system32\iedkcs32.dll
2015-05-27 14:35 . 2015-06-10 06:44 24917504 ----a-w- c:\windows\system32\mshtml.dll
2015-05-25 18:24 . 2015-06-10 06:45 5569984 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-05-25 18:23 . 2015-06-10 06:45 155584 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2015-05-25 18:23 . 2015-06-10 06:45 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-05-25 18:21 . 2015-06-10 06:45 1728960 ----a-w- c:\windows\system32\ntdll.dll
2015-05-25 18:19 . 2015-06-10 06:45 243712 ----a-w- c:\windows\system32\wow64.dll
2015-05-25 18:19 . 2015-06-10 06:45 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-05-25 18:19 . 2015-06-10 06:45 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2015-05-25 18:19 . 2015-06-10 06:45 215040 ----a-w- c:\windows\system32\winsrv.dll
2015-05-25 18:19 . 2015-06-10 06:45 1255424 ----a-w- c:\windows\system32\diagtrack.dll
2015-05-25 18:19 . 2015-06-10 06:45 210944 ----a-w- c:\windows\system32\wdigest.dll
2015-05-25 18:19 . 2015-06-10 06:45 879104 ----a-w- c:\windows\system32\tdh.dll
2015-05-25 18:19 . 2015-06-10 06:45 86528 ----a-w- c:\windows\system32\TSpkg.dll
2015-05-25 18:19 . 2015-06-10 06:45 29184 ----a-w- c:\windows\system32\sspisrv.dll
2015-05-25 18:19 . 2015-06-10 06:45 136192 ----a-w- c:\windows\system32\sspicli.dll
2015-05-25 18:19 . 2015-06-10 06:45 503808 ----a-w- c:\windows\system32\srcore.dll
2015-05-25 18:19 . 2015-06-10 06:45 50176 ----a-w- c:\windows\system32\srclient.dll
2015-05-25 18:19 . 2015-06-10 06:45 28160 ----a-w- c:\windows\system32\secur32.dll
2015-05-25 18:19 . 2015-06-10 06:45 113664 ----a-w- c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-10 06:45 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-25 18:19 . 2015-06-10 06:45 314880 ----a-w- c:\windows\system32\msv1_0.dll
2015-05-25 18:19 . 2015-06-10 06:45 309760 ----a-w- c:\windows\system32\ncrypt.dll
2015-05-25 18:19 . 2015-06-10 06:45 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2015-05-25 18:19 . 2015-06-10 06:45 728576 ----a-w- c:\windows\system32\kerberos.dll
2015-05-25 18:19 . 2015-06-10 06:45 424960 ----a-w- c:\windows\system32\KernelBase.dll
2015-05-25 18:19 . 2015-06-10 06:45 1461760 ----a-w- c:\windows\system32\lsasrv.dll
2015-05-25 18:19 . 2015-06-10 06:45 1162752 ----a-w- c:\windows\system32\kernel32.dll
2015-05-25 18:18 . 2015-06-10 06:45 43520 ----a-w- c:\windows\system32\csrsrv.dll
2015-05-25 18:18 . 2015-06-10 06:45 22016 ----a-w- c:\windows\system32\credssp.dll
2015-05-25 18:18 . 2015-06-10 06:45 879104 ----a-w- c:\windows\system32\advapi32.dll
2015-05-25 18:18 . 2015-06-10 06:45 47104 ----a-w- c:\windows\system32\typeperf.exe
2015-05-25 18:18 . 2015-06-10 06:45 404992 ----a-w- c:\windows\system32\tracerpt.exe
2015-05-25 18:18 . 2015-06-10 06:45 112640 ----a-w- c:\windows\system32\smss.exe
2015-05-25 18:18 . 2015-06-10 06:45 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-05-25 18:18 . 2015-06-10 06:45 43008 ----a-w- c:\windows\system32\relog.exe
2015-05-25 18:18 . 2015-06-10 06:45 31232 ----a-w- c:\windows\system32\lsass.exe
2015-05-25 18:18 . 2015-06-10 06:45 104448 ----a-w- c:\windows\system32\logman.exe
2015-05-25 18:18 . 2015-06-10 06:45 19456 ----a-w- c:\windows\system32\diskperf.exe
2015-05-25 18:18 . 2015-06-10 06:45 338432 ----a-w- c:\windows\system32\conhost.exe
2015-05-25 18:18 . 2015-06-10 06:45 64000 ----a-w- c:\windows\system32\auditpol.exe
2015-05-25 18:14 . 2015-06-10 06:45 60416 ----a-w- c:\windows\system32\msobjs.dll
2015-05-25 18:14 . 2015-06-10 06:45 146432 ----a-w- c:\windows\system32\msaudite.dll
2015-05-25 18:11 . 2015-06-10 06:45 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-05-25 18:11 . 2015-06-10 06:45 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 686080 ----a-w- c:\windows\system32\adtschema.dll
2015-05-25 18:07 . 2015-06-10 06:45 3989440 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-05-25 18:07 . 2015-06-10 06:45 3934144 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-05-25 18:04 . 2015-06-10 06:45 1310744 ----a-w- c:\windows\SysWow64\ntdll.dll
2015-05-25 18:01 . 2015-06-10 06:45 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2015-05-25 18:01 . 2015-06-10 06:45 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2015-05-25 18:01 . 2015-06-10 06:45 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2015-05-25 18:01 . 2015-06-10 06:45 43008 ----a-w- c:\windows\SysWow64\srclient.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Viber"="c:\users\Clarrien\AppData\Local\Viber\Viber.exe" [2015-06-10 80035536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-08-19 487562]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"Print2PDF Print Monitor"="c:\program files (x86)\Software602\Print2PDF\Print2PDF.exe" [2011-10-04 220992]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-04-30 334896]
.
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Monitor technologie Intel(R) Turbo Boost 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
.
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvany.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 cpuz134;cpuz134;c:\users\Clarrien\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\Clarrien\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 ESHASRV;ESET SHA Service;c:\program files\ESET\ESET Endpoint Security\EShaSrv.exe;c:\program files\ESET\ESET Endpoint Security\EShaSrv.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64k.sys;c:\windows\SYSNATIVE\DRIVERS\point64k.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 XENfiltv;XENfiltv;c:\windows\system32\drivers\XENfiltv.sys;c:\windows\SYSNATIVE\drivers\XENfiltv.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvkflt.sys [x]
S2 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 DellDataVault;Dell Data Vault;c:\program files\Dell\DellDataVault\DellDataVault.exe ;c:\program files\Dell\DellDataVault\DellDataVault.exe [x]
S2 DellDataVaultWiz;Dell Data Vault Wizard;c:\program files\Dell\DellDataVault\DellDataVaultWiz.exe;c:\program files\Dell\DellDataVault\DellDataVaultWiz.exe [x]
S2 DellUpdate;Dell Update Service;c:\program files (x86)\Dell Update\DellUpService.exe;c:\program files (x86)\Dell Update\DellUpService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Endpoint Security\x86\ekrn.exe;c:\program files\ESET\ESET Endpoint Security\x86\ekrn.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 DDDriver;DDDriver;c:\windows\system32\drivers\DDDriver64Dcsa.sys;c:\windows\SYSNATIVE\drivers\DDDriver64Dcsa.sys [x]
S3 DellProf;DellProf;c:\windows\system32\drivers\DellProf.sys;c:\windows\SYSNATIVE\drivers\DellProf.sys [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys;c:\windows\SYSNATIVE\DRIVERS\WDKMD.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-07-10 14:43 991048 ----a-w- c:\program files (x86)\Google\Chrome\Application\43.0.2357.132\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-07-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 14:32]
.
2015-07-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-21 11:49]
.
2015-07-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-21 11:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2010-12-14 6561384]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-30 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-30 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-30 418840]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-03-29 608112]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-17 1933584]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2010-12-14 10222080]
"egui"="c:\program files\ESET\ESET Endpoint Security\egui.exe" [2014-09-24 4124360]
"DBRMTray"="c:\dell\DBRM\Reminder\DbrmTrayIcon.exe" [2011-03-08 227328]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-11-05 2320752]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-11-05 2345848]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-06-17 2754704]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-06-17 1571696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.cz/
uDefault_Search_URL = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
TCP: DhcpNameServer = 10.0.0.138
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
AddRemove-{2E55EEFD-2162-4A7D-9158-EDB0305603A6} - c:\programdata\{6AACA38B-2810-4B47-BDEC-D7A1F38B1531}\DDV.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_203_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_203_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_203_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_203_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_203.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_203.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_203.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_203.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-07-14 12:02:34
ComboFix-quarantined-files.txt 2015-07-14 10:02
.
Před spuštěním: Volných bajtů: 603 646 103 552
Po spuštění: Volných bajtů: 603 498 106 880
.
- - End Of File - - 32E6DDBEC322A9EA2551D602EB6CCD23


Co dále? Ještě nemám jásat :?:

Děkuji Josef K.

Re: Nakažený NTB (odpojení od banky)

Napsal: 14 črc 2015 11:53
od Márty84
:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=-
"SunJavaUpdateSched"=-
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Software Update"=-

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

DDS::
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*

Driver::
SkypeUpdate

Reboot::
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

:!: Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
:!: Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Re: Nakažený NTB (odpojení od banky)

Napsal: 14 črc 2015 14:59
od Kopecký Josef
Dobrý den.

Provedl jsem => pro jistotu - uložil jsem Vámi zaslaný scriptik do souboru s názvem CFScript bez přípony (Bylo to správně??)

Ntb se restartoval a pak ještě něco vytvářel ComboFix.

Zde je log:

ComboFix 15-07-12.01 - Clarrien 14.07.2015 15:32:52.3.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.6058.3631 [GMT 2:00]
Spuštěný z: c:\users\Clarrien\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Clarrien\Desktop\CFScript
AV: ESET Endpoint Security 5.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET personal firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Endpoint Security 5.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6664\AddOnDownloaded\0124e21d-018c-4ce0-92a3-b9e205a76bc0.dll
c:\programdata\PCDr\6664\AddOnDownloaded\073fb38f-0e69-479d-bca1-4f81ec9dcbf6.dll
c:\programdata\PCDr\6664\AddOnDownloaded\0d461521-7dbf-4cec-a29e-936c88cdf8c9.dll
c:\programdata\PCDr\6664\AddOnDownloaded\100c3865-0c76-461b-b2fd-042d6d5fa7f6.dll
c:\programdata\PCDr\6664\AddOnDownloaded\173c4dd2-e93c-4725-b006-db1d8f465192.dll
c:\programdata\PCDr\6664\AddOnDownloaded\1b0b3c38-2b97-4f8d-954b-06296209b73d.dll
c:\programdata\PCDr\6664\AddOnDownloaded\1e0aaf9a-9947-4a7b-b1ae-8a89919438ed.dll
c:\programdata\PCDr\6664\AddOnDownloaded\263d6ac9-4f87-466c-947c-bd9af71d7035.dll
c:\programdata\PCDr\6664\AddOnDownloaded\2a6b5d0b-a2fc-4bdd-b3fe-6bbefb85b7e4.dll
c:\programdata\PCDr\6664\AddOnDownloaded\2c507aa3-5c72-4011-b9e1-3928beb6f336.dll
c:\programdata\PCDr\6664\AddOnDownloaded\2eccd5d6-e118-4f76-97b6-ba56fb6c597a.dll
c:\programdata\PCDr\6664\AddOnDownloaded\2ed4ce9e-0dff-4595-a0aa-f3e3b671fddc.dll
c:\programdata\PCDr\6664\AddOnDownloaded\3324fb70-b482-4ff5-9d0e-102981046ff0.dll
c:\programdata\PCDr\6664\AddOnDownloaded\3410f47b-5e8c-47c6-bf2c-234af4121d4c.dll
c:\programdata\PCDr\6664\AddOnDownloaded\378deb7f-049e-4a5e-83b2-5381dcd9e928.dll
c:\programdata\PCDr\6664\AddOnDownloaded\3972fea3-214c-4935-a7d1-96bf66115683.dll
c:\programdata\PCDr\6664\AddOnDownloaded\3a79f062-8f3e-464f-9815-2c45840494ee.dll
c:\programdata\PCDr\6664\AddOnDownloaded\3b1c7acd-5e3e-4459-ab98-5109117e2341.dll
c:\programdata\PCDr\6664\AddOnDownloaded\4546f2bc-b9d9-4667-abe7-b0bacc90279e.dll
c:\programdata\PCDr\6664\AddOnDownloaded\459715e4-d2b9-4b1d-9abd-b72ddc2c69b1.dll
c:\programdata\PCDr\6664\AddOnDownloaded\4628ddf8-b4cb-4445-b869-56cb92eae20b.dll
c:\programdata\PCDr\6664\AddOnDownloaded\4804ced5-915b-48a3-a465-b8a5e02714bf.dll
c:\programdata\PCDr\6664\AddOnDownloaded\4818e109-9489-4cd8-9044-44defd8ec187.dll
c:\programdata\PCDr\6664\AddOnDownloaded\48db0c93-e691-44fc-9c6b-a61e60525cfe.dll
c:\programdata\PCDr\6664\AddOnDownloaded\4cb05034-365d-4b59-a070-5750405458b0.dll
c:\programdata\PCDr\6664\AddOnDownloaded\4e3bd962-072e-42a0-8ffb-faf4fbf06230.dll
c:\programdata\PCDr\6664\AddOnDownloaded\50441041-9037-4c34-842c-4a8523e700da.dll
c:\programdata\PCDr\6664\AddOnDownloaded\51fdf16e-ecb9-4fa4-8469-76fc9a22293b.dll
c:\programdata\PCDr\6664\AddOnDownloaded\526d8043-c04a-458e-b41c-9f0b037eb5ab.dll
c:\programdata\PCDr\6664\AddOnDownloaded\57d7325c-8462-4866-a9ca-3f9228775fed.dll
c:\programdata\PCDr\6664\AddOnDownloaded\62d1f0b0-bc9a-4f6c-bad7-93b19a91276a.dll
c:\programdata\PCDr\6664\AddOnDownloaded\649574c7-1acb-458c-a846-1bc04bfcdb93.dll
c:\programdata\PCDr\6664\AddOnDownloaded\67c3d4fe-b638-467a-9fe2-c5813ade3330.dll
c:\programdata\PCDr\6664\AddOnDownloaded\6820b110-e483-4f1e-9b48-438f7916f078.dll
c:\programdata\PCDr\6664\AddOnDownloaded\6b56d7e1-5ac6-46da-8615-10fbe2919ac8.dll
c:\programdata\PCDr\6664\AddOnDownloaded\6b5978fa-48d7-4309-a523-7e157768c0d8.dll
c:\programdata\PCDr\6664\AddOnDownloaded\6f4fb483-ce30-493a-8cb4-3e530ab1be5b.dll
c:\programdata\PCDr\6664\AddOnDownloaded\6f9e83ca-5216-40db-863d-61ffff2a1563.dll
c:\programdata\PCDr\6664\AddOnDownloaded\739db3eb-d3cd-4c86-a6ea-01a49984fa3b.dll
c:\programdata\PCDr\6664\AddOnDownloaded\7bd83798-7a02-4f50-83a2-b91cabcbd1f9.dll
c:\programdata\PCDr\6664\AddOnDownloaded\7c5b1d75-4145-4f69-b184-a8fb559fd417.dll
c:\programdata\PCDr\6664\AddOnDownloaded\7dbfef1a-6148-4748-a1b3-71627763a45a.dll
c:\programdata\PCDr\6664\AddOnDownloaded\812fed95-c1fb-4695-be1a-fd6265302cf9.dll
c:\programdata\PCDr\6664\AddOnDownloaded\813755dc-2229-47a2-b85b-19d0aaa641c9.dll
c:\programdata\PCDr\6664\AddOnDownloaded\872965c7-08b7-47fc-a74c-ff167590b71a.dll
c:\programdata\PCDr\6664\AddOnDownloaded\873c94c8-114d-4d39-a36a-14d636c6e7f3.dll
c:\programdata\PCDr\6664\AddOnDownloaded\8d357f17-07ad-4392-ba06-fb67564c98cd.dll
c:\programdata\PCDr\6664\AddOnDownloaded\909c2f24-5974-42a7-a041-bbc7c1411046.dll
c:\programdata\PCDr\6664\AddOnDownloaded\934f6059-2d35-4bd9-a130-a17cb5563507.dll
c:\programdata\PCDr\6664\AddOnDownloaded\943fb1bd-a66d-43d4-943d-6261ebf98050.dll
c:\programdata\PCDr\6664\AddOnDownloaded\95863b84-2a1c-4539-bd21-ffbef3ea7fd9.dll
c:\programdata\PCDr\6664\AddOnDownloaded\964840d8-cf70-45c0-a3db-802e021f9658.dll
c:\programdata\PCDr\6664\AddOnDownloaded\9afbb1e4-1951-4d6e-bd32-2e0e5254786f.dll
c:\programdata\PCDr\6664\AddOnDownloaded\9b664440-a1fb-457f-a208-c519fea54f87.dll
c:\programdata\PCDr\6664\AddOnDownloaded\9b6e4d67-f75b-40b4-bfb0-bc8d902f62eb.dll
c:\programdata\PCDr\6664\AddOnDownloaded\9bf708b5-617d-4352-8ecd-ff95912dcb95.dll
c:\programdata\PCDr\6664\AddOnDownloaded\a61f44a8-21a3-4c4a-a04b-993dfb73bf96.dll
c:\programdata\PCDr\6664\AddOnDownloaded\a7a4f473-8998-4029-be3e-f4280478bd6b.dll
c:\programdata\PCDr\6664\AddOnDownloaded\a9de0c84-9a7c-4638-9653-13aa8cf56e80.dll
c:\programdata\PCDr\6664\AddOnDownloaded\ac83e4d3-2f37-4679-a3b4-b7f5aa568264.dll
c:\programdata\PCDr\6664\AddOnDownloaded\ae67b364-b69e-471e-b177-2459120b84d4.dll
c:\programdata\PCDr\6664\AddOnDownloaded\b2152f30-7380-4987-8fcf-e4c06952615d.dll
c:\programdata\PCDr\6664\AddOnDownloaded\b4cc2a4a-87f5-49cd-935c-18f1a80e65b7.dll
c:\programdata\PCDr\6664\AddOnDownloaded\b4e7e391-8ff3-4363-bb72-f41a243749b1.dll
c:\programdata\PCDr\6664\AddOnDownloaded\b9ce760f-6209-48f2-a4a3-695324591c45.dll
c:\programdata\PCDr\6664\AddOnDownloaded\b9f9154e-1581-4a2a-a195-eeb46e9e239b.dll
c:\programdata\PCDr\6664\AddOnDownloaded\ba005e12-3139-4327-9f7a-9f2ea6a6c841.dll
c:\programdata\PCDr\6664\AddOnDownloaded\bb97e28d-bdfb-4fa4-902d-264275c5cb1b.dll
c:\programdata\PCDr\6664\AddOnDownloaded\bc6fc708-5b6b-4a72-b336-09b3089baa7a.dll
c:\programdata\PCDr\6664\AddOnDownloaded\bea3f575-677a-4c92-89ca-7be8480c11a9.dll
c:\programdata\PCDr\6664\AddOnDownloaded\bf647bd7-dfb5-4746-a6b4-b7c2fdbbf3b1.dll
c:\programdata\PCDr\6664\AddOnDownloaded\c4211805-b43b-471d-81af-4e0589f8607b.dll
c:\programdata\PCDr\6664\AddOnDownloaded\c6528f35-d623-4e84-a9b2-58ecb22dabd4.dll
c:\programdata\PCDr\6664\AddOnDownloaded\c6bf01ba-05a7-4930-b8dd-7c5fd03e97ac.dll
c:\programdata\PCDr\6664\AddOnDownloaded\c746a3b1-ed0c-4bff-941c-d5e6f0583ce7.dll
c:\programdata\PCDr\6664\AddOnDownloaded\c749e834-df0f-483e-9946-33435f37c240.dll
c:\programdata\PCDr\6664\AddOnDownloaded\caac49ab-d9d8-4f29-a409-2a9a30ae62af.dll
c:\programdata\PCDr\6664\AddOnDownloaded\cdda52ec-6ccd-425a-8c72-b7bbdc8b3acd.dll
c:\programdata\PCDr\6664\AddOnDownloaded\d1f4dc82-bc4c-4916-b37c-3ab9c30ae468.dll
c:\programdata\PCDr\6664\AddOnDownloaded\d34c0cf7-889f-43dd-9283-b2b6f442aae3.dll
c:\programdata\PCDr\6664\AddOnDownloaded\ddb9fe5d-525c-4d5d-ac37-0bd10f2864f8.dll
c:\programdata\PCDr\6664\AddOnDownloaded\dfc97e68-74cd-4807-807f-ac146d81ec5d.dll
c:\programdata\PCDr\6664\AddOnDownloaded\e45cd45a-4d7c-4802-881f-74582b847e5c.dll
c:\programdata\PCDr\6664\AddOnDownloaded\e5a71f43-c979-4b3d-a544-9ed1dc6dc4c8.dll
c:\programdata\PCDr\6664\AddOnDownloaded\edb10714-8498-4679-a667-4c4c359de017.dll
c:\programdata\PCDr\6664\AddOnDownloaded\ee4747a4-1d1b-42c1-8a8c-1de04bbb2379.dll
c:\programdata\PCDr\6664\AddOnDownloaded\ef32b2f9-e518-400c-8172-d1a06ae9d208.dll
c:\programdata\PCDr\6664\AddOnDownloaded\ef78c3e8-1d94-4219-8070-7617e119bba4.dll
c:\programdata\PCDr\6664\AddOnDownloaded\f04a4d58-1eb6-4e35-b4b4-db6bab11e49b.dll
c:\programdata\PCDr\6664\AddOnDownloaded\f06c5597-1a85-4d1f-ac16-a6fdd2a6bedc.dll
c:\programdata\PCDr\6664\AddOnDownloaded\f12de547-df4d-4236-9129-baac054f90ab.dll
c:\programdata\PCDr\6664\AddOnDownloaded\f9dc840b-c6f7-42a5-acec-50cc7a2827fd.dll
c:\programdata\PCDr\6664\AddOnDownloaded\fbd50850-4122-4fe3-a72e-fcbe58a0f196.dll
c:\programdata\PCDr\6664\AddOnDownloaded\ff34f184-7b2d-4b07-9131-b1349888b6e5.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-06-14 do 2015-07-14 )))))))))))))))))))))))))))))))
.
.
2015-07-14 13:38 . 2015-07-14 13:38 -------- d-----w- c:\users\Pájinka\AppData\Local\temp
2015-07-14 13:38 . 2015-07-14 13:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-07-12 08:15 . 2015-07-12 08:15 -------- d-----w- c:\programdata\Malwarebytes
2015-07-12 08:00 . 2015-07-12 08:02 -------- d-----w- C:\AdwCleaner
2015-07-11 21:41 . 2015-07-11 21:41 -------- d-----w- C:\rsit
2015-07-11 21:41 . 2015-07-11 21:41 -------- d-----w- c:\program files\trend micro
2015-07-11 21:38 . 2015-07-11 21:38 -------- d-----w- c:\users\Clarrien\AppData\Local\NVIDIA Corporation
2015-07-11 21:37 . 2015-07-11 22:03 -------- d-----w- C:\FRST
2015-07-11 21:37 . 2015-07-11 21:37 -------- d-----w- c:\users\Clarrien\AppData\Local\NVIDIA
2015-07-11 21:34 . 2015-06-17 09:10 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-07-11 21:34 . 2015-06-17 09:10 1571696 ----a-w- c:\windows\system32\nvspcap64.dll
2015-07-11 21:34 . 2015-06-17 09:10 1320304 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-07-11 21:34 . 2015-06-17 09:10 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-07-11 21:32 . 2015-06-17 06:03 571024 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-07-11 21:32 . 2015-07-11 21:32 -------- d-----w- c:\windows\SysWow64\NV
2015-07-11 21:32 . 2015-07-11 21:32 -------- d-----w- c:\windows\system32\NV
2015-07-11 14:52 . 2015-07-11 14:52 -------- d-----w- c:\users\Clarrien\AppData\Roaming\Oracle
2015-07-11 14:51 . 2015-07-11 14:51 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-07-11 14:51 . 2015-07-11 14:50 110688 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2015-07-11 14:50 . 2015-07-11 14:50 -------- d-----w- c:\program files\Java
2015-07-11 12:09 . 2015-07-11 12:09 -------- d-----w- c:\programdata\PCDr
2015-07-10 21:02 . 2015-07-10 21:02 -------- d-----w- c:\users\Clarrien\AppData\Local\Skype
2015-07-10 21:02 . 2015-07-10 21:02 -------- d-----w- c:\program files (x86)\Common Files\Skype
2015-07-10 21:02 . 2015-07-10 21:02 -------- d-----r- c:\program files (x86)\Skype
2015-07-10 21:01 . 2015-07-10 21:02 -------- d-----w- c:\programdata\Skype
2015-07-10 20:59 . 2014-09-05 02:11 6584320 ----a-w- c:\windows\system32\mstscax.dll
2015-07-10 20:59 . 2014-09-05 01:52 5703168 ----a-w- c:\windows\SysWow64\mstscax.dll
2015-07-10 20:58 . 2014-12-11 17:47 87040 ----a-w- c:\windows\system32\TSWbPrxy.exe
2015-07-10 20:31 . 2015-06-26 22:07 98304 ----a-w- c:\windows\system32\wudriver.dll
2015-07-10 16:25 . 2015-07-10 16:25 -------- d-----w- c:\programdata\WinZip
2015-07-10 15:42 . 2015-07-10 15:42 -------- d-----w- c:\users\Clarrien\AppData\Local\ESET
2015-07-10 15:40 . 2015-07-10 15:40 -------- d-----w- c:\program files\ESET
2015-07-10 14:55 . 2015-06-12 07:50 12221144 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{70809C3F-E295-4DEE-ABFC-B9646486EAFC}\mpengine.dll
2015-07-10 14:40 . 2015-07-10 14:40 -------- d-----w- c:\programdata\Validity
2015-07-10 14:25 . 2015-07-11 10:41 -------- d-----w- c:\programdata\GoluKfid
2015-07-02 17:26 . 2015-07-02 17:26 -------- d-----w- c:\program files\CCleaner
2015-07-02 16:12 . 2015-07-02 16:12 -------- d-----w- c:\users\Clarrien\AppData\Roaming\Roxio Log Files
2015-06-28 12:19 . 2015-06-28 12:19 -------- d-----w- c:\program files\Dell Support Center
2015-06-25 12:01 . 2015-07-11 14:32 18174128 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2015-06-25 10:58 . 2015-06-25 11:06 -------- d-----w- c:\users\Clarrien\AppData\Roaming\7 Sticky Notes
2015-06-25 10:41 . 2011-08-13 19:06 1031168 ------w- c:\windows\SysWow64\ExLVwU.ocx
2015-06-25 10:41 . 2012-10-13 20:20 805376 ------w- c:\windows\SysWow64\EditCtlsU.ocx
2015-06-25 10:41 . 2011-05-20 22:02 604672 ------w- c:\windows\SysWow64\ExTVwU.ocx
2015-06-25 10:41 . 2008-01-19 09:34 554008 ------w- c:\windows\SysWow64\dao360.dll
2015-06-25 10:41 . 2004-03-09 12:45 212240 ------w- c:\windows\SysWow64\richtx32.ocx
2015-06-25 10:41 . 1998-06-23 23:00 198456 ------w- c:\windows\SysWow64\MCI32.OCX
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-11 14:32 . 2012-04-02 15:32 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-11 14:32 . 2011-06-23 18:29 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-06-25 12:08 . 2014-09-19 13:35 720896 ----a-w- c:\windows\iun6002.exe
2015-06-23 11:30 . 2011-06-21 16:14 300704 ------w- c:\windows\system32\MpSigStub.exe
2015-06-17 09:10 . 2011-05-21 11:33 938752 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2015-06-17 09:10 . 2011-05-21 11:33 1099992 ----a-w- c:\windows\system32\nvumdshimx.dll
2015-06-17 09:10 . 2011-05-21 11:33 176904 ----a-w- c:\windows\system32\nvinitx.dll
2015-06-17 09:10 . 2011-05-21 11:33 155280 ----a-w- c:\windows\SysWow64\nvinit.dll
2015-06-17 09:10 . 2011-05-21 11:33 12855416 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-06-17 09:10 . 2011-05-21 11:33 3395648 ----a-w- c:\windows\system32\nvapi64.dll
2015-06-17 06:48 . 2011-02-18 17:19 937616 ----a-w- c:\windows\system32\nvvsvc.exe
2015-06-17 06:48 . 2011-02-18 17:19 74896 ----a-w- c:\windows\system32\nv3dappshextr.dll
2015-06-17 06:48 . 2011-02-18 17:19 385168 ----a-w- c:\windows\system32\nvmctray.dll
2015-06-17 06:48 . 2011-02-18 17:19 2558792 ----a-w- c:\windows\system32\nvsvcr.dll
2015-06-17 06:48 . 2011-02-18 17:19 1059472 ----a-w- c:\windows\system32\nv3dappshext.dll
2015-06-17 06:48 . 2011-02-18 10:19 62792 ----a-w- c:\windows\system32\nvshext.dll
2015-06-17 06:48 . 2011-02-18 17:19 6873232 ----a-w- c:\windows\system32\nvcpl.dll
2015-06-17 06:48 . 2011-02-18 17:19 3492168 ----a-w- c:\windows\system32\nvsvc64.dll
2015-06-11 01:04 . 2011-06-26 18:49 140135120 ----a-w- c:\windows\system32\MRT.exe
2015-06-02 14:11 . 2011-02-18 10:19 4421614 ----a-w- c:\windows\system32\nvcoproc.bin
2015-06-01 19:16 . 2015-06-10 06:44 389840 ----a-w- c:\windows\system32\iedkcs32.dll
2015-05-27 14:35 . 2015-06-10 06:44 24917504 ----a-w- c:\windows\system32\mshtml.dll
2015-05-25 18:24 . 2015-06-10 06:45 5569984 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-05-25 18:23 . 2015-06-10 06:45 155584 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2015-05-25 18:23 . 2015-06-10 06:45 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-05-25 18:21 . 2015-06-10 06:45 1728960 ----a-w- c:\windows\system32\ntdll.dll
2015-05-25 18:19 . 2015-06-10 06:45 243712 ----a-w- c:\windows\system32\wow64.dll
2015-05-25 18:19 . 2015-06-10 06:45 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-05-25 18:19 . 2015-06-10 06:45 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2015-05-25 18:19 . 2015-06-10 06:45 215040 ----a-w- c:\windows\system32\winsrv.dll
2015-05-25 18:19 . 2015-06-10 06:45 1255424 ----a-w- c:\windows\system32\diagtrack.dll
2015-05-25 18:19 . 2015-06-10 06:45 210944 ----a-w- c:\windows\system32\wdigest.dll
2015-05-25 18:19 . 2015-06-10 06:45 879104 ----a-w- c:\windows\system32\tdh.dll
2015-05-25 18:19 . 2015-06-10 06:45 86528 ----a-w- c:\windows\system32\TSpkg.dll
2015-05-25 18:19 . 2015-06-10 06:45 29184 ----a-w- c:\windows\system32\sspisrv.dll
2015-05-25 18:19 . 2015-06-10 06:45 136192 ----a-w- c:\windows\system32\sspicli.dll
2015-05-25 18:19 . 2015-06-10 06:45 503808 ----a-w- c:\windows\system32\srcore.dll
2015-05-25 18:19 . 2015-06-10 06:45 50176 ----a-w- c:\windows\system32\srclient.dll
2015-05-25 18:19 . 2015-06-10 06:45 28160 ----a-w- c:\windows\system32\secur32.dll
2015-05-25 18:19 . 2015-06-10 06:45 113664 ----a-w- c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-10 06:45 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-25 18:19 . 2015-06-10 06:45 314880 ----a-w- c:\windows\system32\msv1_0.dll
2015-05-25 18:19 . 2015-06-10 06:45 309760 ----a-w- c:\windows\system32\ncrypt.dll
2015-05-25 18:19 . 2015-06-10 06:45 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2015-05-25 18:19 . 2015-06-10 06:45 728576 ----a-w- c:\windows\system32\kerberos.dll
2015-05-25 18:19 . 2015-06-10 06:45 424960 ----a-w- c:\windows\system32\KernelBase.dll
2015-05-25 18:19 . 2015-06-10 06:45 1461760 ----a-w- c:\windows\system32\lsasrv.dll
2015-05-25 18:19 . 2015-06-10 06:45 1162752 ----a-w- c:\windows\system32\kernel32.dll
2015-05-25 18:18 . 2015-06-10 06:45 43520 ----a-w- c:\windows\system32\csrsrv.dll
2015-05-25 18:18 . 2015-06-10 06:45 22016 ----a-w- c:\windows\system32\credssp.dll
2015-05-25 18:18 . 2015-06-10 06:45 879104 ----a-w- c:\windows\system32\advapi32.dll
2015-05-25 18:18 . 2015-06-10 06:45 47104 ----a-w- c:\windows\system32\typeperf.exe
2015-05-25 18:18 . 2015-06-10 06:45 404992 ----a-w- c:\windows\system32\tracerpt.exe
2015-05-25 18:18 . 2015-06-10 06:45 112640 ----a-w- c:\windows\system32\smss.exe
2015-05-25 18:18 . 2015-06-10 06:45 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-05-25 18:18 . 2015-06-10 06:45 43008 ----a-w- c:\windows\system32\relog.exe
2015-05-25 18:18 . 2015-06-10 06:45 31232 ----a-w- c:\windows\system32\lsass.exe
2015-05-25 18:18 . 2015-06-10 06:45 104448 ----a-w- c:\windows\system32\logman.exe
2015-05-25 18:18 . 2015-06-10 06:45 19456 ----a-w- c:\windows\system32\diskperf.exe
2015-05-25 18:18 . 2015-06-10 06:45 338432 ----a-w- c:\windows\system32\conhost.exe
2015-05-25 18:18 . 2015-06-10 06:45 64000 ----a-w- c:\windows\system32\auditpol.exe
2015-05-25 18:14 . 2015-06-10 06:45 60416 ----a-w- c:\windows\system32\msobjs.dll
2015-05-25 18:14 . 2015-06-10 06:45 146432 ----a-w- c:\windows\system32\msaudite.dll
2015-05-25 18:11 . 2015-06-10 06:45 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-05-25 18:11 . 2015-06-10 06:45 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-25 18:11 . 2015-06-10 06:45 686080 ----a-w- c:\windows\system32\adtschema.dll
2015-05-25 18:07 . 2015-06-10 06:45 3989440 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-05-25 18:07 . 2015-06-10 06:45 3934144 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-05-25 18:04 . 2015-06-10 06:45 1310744 ----a-w- c:\windows\SysWow64\ntdll.dll
2015-05-25 18:01 . 2015-06-10 06:45 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2015-05-25 18:01 . 2015-06-10 06:45 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2015-05-25 18:01 . 2015-06-10 06:45 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2015-05-25 18:01 . 2015-06-10 06:45 43008 ----a-w- c:\windows\SysWow64\srclient.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Viber"="c:\users\Clarrien\AppData\Local\Viber\Viber.exe" [2015-06-10 80035536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-08-19 487562]
"Print2PDF Print Monitor"="c:\program files (x86)\Software602\Print2PDF\Print2PDF.exe" [2011-10-04 220992]
.
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Monitor technologie Intel(R) Turbo Boost 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvany.exe [x]
R3 cpuz134;cpuz134;c:\users\Clarrien\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\Clarrien\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 ESHASRV;ESET SHA Service;c:\program files\ESET\ESET Endpoint Security\EShaSrv.exe;c:\program files\ESET\ESET Endpoint Security\EShaSrv.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64k.sys;c:\windows\SYSNATIVE\DRIVERS\point64k.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 XENfiltv;XENfiltv;c:\windows\system32\drivers\XENfiltv.sys;c:\windows\SYSNATIVE\drivers\XENfiltv.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvkflt.sys [x]
S2 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 DellDataVault;Dell Data Vault;c:\program files\Dell\DellDataVault\DellDataVault.exe ;c:\program files\Dell\DellDataVault\DellDataVault.exe [x]
S2 DellDataVaultWiz;Dell Data Vault Wizard;c:\program files\Dell\DellDataVault\DellDataVaultWiz.exe;c:\program files\Dell\DellDataVault\DellDataVaultWiz.exe [x]
S2 DellUpdate;Dell Update Service;c:\program files (x86)\Dell Update\DellUpService.exe;c:\program files (x86)\Dell Update\DellUpService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Endpoint Security\x86\ekrn.exe;c:\program files\ESET\ESET Endpoint Security\x86\ekrn.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 DDDriver;DDDriver;c:\windows\system32\drivers\DDDriver64Dcsa.sys;c:\windows\SYSNATIVE\drivers\DDDriver64Dcsa.sys [x]
S3 DellProf;DellProf;c:\windows\system32\drivers\DellProf.sys;c:\windows\SYSNATIVE\drivers\DellProf.sys [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys;c:\windows\SYSNATIVE\DRIVERS\WDKMD.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-07-10 14:43 991048 ----a-w- c:\program files (x86)\Google\Chrome\Application\43.0.2357.132\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-07-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 14:32]
.
2015-07-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-21 11:49]
.
2015-07-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-21 11:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2010-12-14 6561384]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-30 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-30 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-30 418840]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-03-29 608112]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-17 1933584]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2010-12-14 10222080]
"egui"="c:\program files\ESET\ESET Endpoint Security\egui.exe" [2014-09-24 4124360]
"DBRMTray"="c:\dell\DBRM\Reminder\DbrmTrayIcon.exe" [2011-03-08 227328]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-11-05 2320752]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-11-05 2345848]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-06-17 2754704]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-06-17 1571696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.cz/
uDefault_Search_URL = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
Trusted Zone: mojebanka.cz\*
TCP: DhcpNameServer = 10.0.0.138
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_203_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_203_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Dell Update\DellUpTray.exe
.
**************************************************************************
.
Celkový čas: 2015-07-14 15:47:09 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-07-14 13:47
ComboFix2.txt 2015-07-14 10:02
.
Před spuštěním: Volných bajtů: 604 036 038 656
Po spuštění: Volných bajtů: 603 644 850 176
.
- - End Of File - - A0A6AE1C036942E42B275B705676669F


Jaký je další...

(mimochodem se celkem zrychlilo nabíhání OS - nezvykle svižnější)


Děkuji Josef

Re: Nakažený NTB (odpojení od banky)

Napsal: 14 črc 2015 18:19
od Márty84
Blizime se do finale. Jen skoda, ze se vzdycky casove mineme. Jsem vecne v praci a tam se k pc nedostanu.


:arrow: Vypnete trvale Windows Defender.

:arrow: Dejte log z RSITx64 http://images.malwareremoval.com/random/RSITx64.exe , navod zde http://forum.viry.cz/viewtopic.php?f=13&t=130786

a k tomu

:arrow: Dejte nove logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz