Úvodní stránka v ruštině

Zpráva

greatone · #1 Příspěvek od **greatone** » 07 lis 2016 19:13

Dobrý den,

prosím o kontrolu. Mám úvodní stránku v ruštině a superantispyware nachází spoustu různé havěti.
Nedokáži se jich zbavit, tak abych věděl že jsou všechny opravdu pryč. Můžete prosím pomoct ?
Přikládám log a děkuji

Logfile of random's system information tool 1.14 (written by random/random)
Run by Tereza at 2016-11-07 18:03:09
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 88 GB (30%) free of 289 GB
Total RAM: 4078 MB (36% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:03:14, on 7.11.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18500)
Boot mode: Normal

Running processes:
C:\Users\Tereza\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\Magic-i Visual Effects.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Users\Tereza\AppData\Local\Temp\TeamViewer\Version8\TeamViewer.exe
C:\Windows\SysWOW64\cmd.exe
C:\Users\Tereza\Downloads\ComboFix.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Tereza_RSITx64(1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://search.avast.com/AV772/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.avast.com/AV772/search/w ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://granena.ru/?utm_content=31b5cebd ... d=20161011
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://search.avast.com/AV772/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.avast.com/AV772/search/w ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.avast.com/AV772/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Tereza\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Tereza\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [ltvravwayq] explorer "http://granena.ru/?utm_source=uoua03n&u ... d=20161011"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service for Sony (McComponentHostServiceSony) - McAfee, Inc. - C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\vuagent.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13149 bytes

======Enumerating Processes======

C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
C:\Windows\system32\taskhost.exe
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Apoint\Apoint.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
C:\Users\Tereza\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
"C:\Users\Tereza\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "1313777186-1485331419-360017995-5882350791240851648-19451763861245607582843877687
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\Windows\system32\taskeng.exe
"C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
C:\Windows\system32\taskeng.exe
"C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe"
"C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe" /AutoStart
"C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" /logon
"C:\Windows\Samsung\PanelMgr\SSMMgr.exe" /autorun
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\Samsung\PanelMgr\caller64.exe Samsung PanelMgr
"C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{CB45D4CA-8A34-4EF1-9957-6134E5270E83}
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Sony\VAIO Smart Network\VSNService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Apoint\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Apoint\Apvfb.exe"
C:\Program Files\Apoint\Apntex.exe
\??\C:\Windows\system32\conhost.exe "1366845247690594536-1378967991621915148-110523768-1466874044392482055-275327799
"C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe" /Stationary
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Sony\VAIO Update\vuagent.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\Magic-i Visual Effects.exe" -CamMonitor
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
"C:\Users\Tereza\AppData\Local\Temp\TeamViewer\Version8\TeamViewer.exe" --dre
"C:\Users\Tereza\AppData\Local\Temp\TeamViewer\Version8\tv_w32.exe" --action hooks --log C:\Users\Tereza\AppData\Roaming\TeamViewer\TeamViewer8_Logfile.log
"C:\Users\Tereza\AppData\Local\Temp\TeamViewer\Version8\tv_x64.exe" --action hooks --log C:\Users\Tereza\AppData\Roaming\TeamViewer\TeamViewer8_Logfile.log
"c:\users\tereza\appdata\local\temp\teamviewer\version8\TeamViewer_Desktop.exe" --IPCport 6039
C:\Windows\SysWOW64\cmd.exe
\??\C:\Windows\system32\conhost.exe "438954746202852546118771454521739857768-1708711823-2015730220-1687564340-2077996641
"C:\Users\Tereza\Downloads\ComboFix.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="6120.0.1418423997\923482806" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 6120 "\\.\pipe\gecko-crash-server-pipe.6120" tab
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\taskhost.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\Tereza\Downloads\RSITx64(1).exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1274712558-6156734-4062072829-1000Core.job - C:\Users\Tereza\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1274712558-6156734-4062072829-1000UA.job - C:\Users\Tereza\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf68fbcc52616c.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8f10b1e33290.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\avast! Emergency Update - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\Windows\system32\tasks\avastBCLRestart_chrome.exe - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-1274712558-6156734-4062072829-1000Core - C:\Users\Tereza\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-1274712558-6156734-4062072829-1000UA - C:\Users\Tereza\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore1cf68fbcc52616c - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA1cf8f10b1e33290 - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\Maxthon Update - "C:\Program Files (x86)\Maxthon3\Bin\mxup.exe" -RunScheduledUpdate
C:\Windows\system32\tasks\SafeZone scheduled Autoupdate 1469343018 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\ShouldIRemoveIt - C:\Program Files (x86)\Reason\Should I Remove It\ShouldIRemoveIt.exe /scheduled
C:\Windows\system32\tasks\temp_Torntv V7.0-enabler - C:\Program Files (x86)\Torntv V7.0\Torntv V7.0-enabler.exe /enablebho /agentregpath='Torntv V7.0' /appid=49040 /srcid='000867' /subid='0' /zdata='0' /bic=28045E52D818450BB423A726E768D84AIE /verifier=339b109b30d0230fd64f5bfd78545ee9 /installerversion=1_33_153 /installationtime=1390133307 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /bhoguid=11111111-1111-1111-1111-110411901140 /defbro=ff /allusers /runfrom='installer' /externallog='C:\Users\Tereza\AppData\Local\Temp\Torntv V7.0Installer_1390133307.log'
C:\Windows\system32\tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896} - C:\Windows\system32\msfeedssync.exe sync
C:\Windows\system32\tasks\{043B0643-F5A8-482E-AFCF-5903B7DC61A2} - C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\TopCD\Faces of War\Uninstall\setup.exe"
C:\Windows\system32\tasks\{0887D15A-90B8-4DC3-90E9-41587BF78E3E} - C:\Program Files (x86)\Electronic Arts\The Sims 3\Game\Bin\Sims3Launcher.exe
C:\Windows\system32\tasks\{1A5809B3-055A-4EB5-B816-CF82482042F6} - "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/7.27.0.101/cs/ ... Error=1638
C:\Windows\system32\tasks\{1AACD324-9A67-41F6-9C25-A7B346516BC7} - "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/7.28.80.101/cs ... Error=1638
C:\Windows\system32\tasks\{1D872E4E-C0FF-4086-B034-B4E4161AE287} - C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe -c /M{F6BA169A-F1E8-45B5-864D-9A4BB9C24ABF}
C:\Windows\system32\tasks\{258A76C7-197C-43DE-95BD-F44FCA30C90F} - C:\Users\Tereza\Desktop\setup.exe
C:\Windows\system32\tasks\{382AE121-9652-419E-AE36-E626C6862628} - C:\Windows\system32\pcalua.exe -a D:\Sims3Setup.exe -d D:\
C:\Windows\system32\tasks\{56466185-A6F8-4E25-9234-6B66C4BDE216} - C:\Program Files (x86)\Electronic Arts\The Sims 3\Game\Bin\Sims3Launcher.exe
C:\Windows\system32\tasks\{59D43109-68F6-42BE-8E9D-C4EF9E898DC1} - C:\Program Files (x86)\Electronic Arts\The Sims 3\Game\Bin\Sims3Launcher.exe
C:\Windows\system32\tasks\{7A29F795-54F2-401A-9C1D-C04F9ADDC4F4} - "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/7.27.64.101/cs ... Error=1638
C:\Windows\system32\tasks\{7CB65951-C455-4CFE-AD3A-C66A0B719462} - "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.1.0.129.272/ ... rogressBar
C:\Windows\system32\tasks\{AD2CA250-A7D6-4085-9726-C44178074BC1} - C:\Users\Tereza\Desktop\Radek\GotClipDownloader__6629_i928982365_il823.exe
C:\Windows\system32\tasks\{B7016288-D444-4B86-A7FC-17FF8518EF91} - C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\vso\ConvertXtoDVD\unins000.exe"
C:\Windows\system32\tasks\{B8FC0972-B5FD-4A21-8EAB-97D7ECEC1BA3} - C:\Program Files (x86)\Electronic Arts\The Sims 3\Game\Bin\Sims3Launcher.exe
C:\Windows\system32\tasks\{CF1DB545-6568-4AD5-8777-59A7B4C9B6C2} - "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/7.27.64.101/cs ... Error=1638
C:\Windows\system32\tasks\{D54DB9F9-5035-489F-85F1-9BCB207EB5FA} - C:\Users\Tereza\Desktop\Radek\GotClipDownloader__6629_i928982365_il823.exe
C:\Windows\system32\tasks\{E04DB0A6-66BE-4A4A-B850-45C98A11D639} - C:\Windows\system32\pcalua.exe -a C:\Users\Tereza\Downloads\recuva-lista-centrumcz.exe -d C:\Users\Tereza\Downloads
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1274712558-6156734-4062072829-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\Sony Corporation\VAIO Update\VAIO Update - "C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe" /Stationary
C:\Windows\system32\tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair - C:\Program Files\Sony\VAIO Update\VUSR.exe
C:\Windows\system32\tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start - C:\Program Files\Sony\VAIO Smart Network\VSNClient /Start
C:\Windows\system32\tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation - C:\Program Files\Sony\VAIO Improvement Validation\viv.exe
C:\Windows\system32\tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader - C:\Program Files\Sony\VAIO Improvement\viuploader.exe -autostart
C:\Windows\system32\tasks\SONY\VAIO Gate\StartExecuteProxy - "%programfiles%\Sony\VAIO Gate\ExecutionProxy.exe" /StartCounter
C:\Windows\system32\tasks\SONY\VAIO Gate\VAIO Gate - C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe /AutoStart
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Lenovo\Lenovo Customer Feedback Program 64 35 - "%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs

=========Mozilla firefox=========

ProfilePath - C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\Profiles\ddmfbkzx.default

prefs.js - "browser.startup.homepage" - "http://granena.ru/?utm_content=31b5cebd ... d=20161011"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.205 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Users\Tereza\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Users\Tereza\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Users\Tereza\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Users\Tereza\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Users\Tereza\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Users\Tereza\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Users\Tereza\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.205 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll

C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\Profiles\ddmfbkzx.default\extensions\
{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\Profiles\ddmfbkzx.default\searchplugins\
avast-search.xml
GoSearch.xml

C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\Profiles\ddmfbkzx.default\addons.json
Seznam lištička - extension - {ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\Profiles\ddmfbkzx.default\extensions.json
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Визуальные закладки @Mail.Ru - extension - {a38384b3-2d1d-4f36-bc22-0f7ae402bcd7} - C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\Profiles\ddmfbkzx.default\extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7}
Seznam lištička - extension - {ea614400-e918-4741-9a97-7a972ff7c30b} - C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\Profiles\ddmfbkzx.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Avast Online Security - extension - wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
Avast SafePrice - extension - sp@avast.com - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Asynchronous Plugin Rendering - extension - asyncrendering@mozilla.org - C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\Profiles\ddmfbkzx.default\features\{555bd5de-ae52-4e9c-9182-01bee02ec225}\asyncrendering@mozilla.org.xpi

C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\Profiles\ddmfbkzx.default\pluginreg.dat
Plugin - Adobe Acrobat - 11.0.18.21 - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\browser\nppdf32.dll
Plugin - Adobe Acrobat - 11.0.18.21 - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
Plugin - VLC Web Plugin - 2.2.4.0 - C:\Users\Tereza\VLC\npvlc.dll
Plugin - Google Update - 1.3.31.5 - C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
Plugin - NVIDIA 3D Vision - 7.17.12.6721 - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
Plugin - NVIDIA 3D VISION - 7.17.12.6721 - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
Plugin - Windows Live Photo Gallery - 15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
Plugin - Silverlight Plug-In - 5.1.50901.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
Plugin - Java Deployment Toolkit 6.0.220.4 - 6.0.220.4 - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
Plugin - Java(TM) Platform SE 6 U22 - 6.0.220.4 - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
Plugin - Google Earth Plugin - 7.1.2.2041 - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
Plugin - Shockwave Flash - 23.0.0.205 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll

=========Google Chrome=========

C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 3.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension ccfifbojenkenpkmnbnndeadpfdiffof 2 Домашняя страница Mail.Ru 11.0.26
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension eofcbnmajmjmplflapaojjnihcjkigck 2 Avast SafePrice 12.0.102
Extension faminaibgiklngmfpfbhmokfmnglamcm 1 7.5.183
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension gomekmidlodglbbmalcneegieacbdmki 0 Avast Online Security 11.1.0.955
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension oelpkepjlgmehajehfeicfbjdiobdkfj 2 Визуальные Закладки Mail.Ru 7.0.30
Extension ojlcebdkbpjdpiligkdbbkdkfjmchbfd 2 Поиск Mail.Ru 12.0.11
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5416.905.0.6
Homepage: http://mail.ru/cnt/10445?gp=811009
default_search_provider.search_url:
C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage: http://granena.ru/?utm_content=31b5cebd ... d=20161011
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ccfifbojenkenpkmnbnndeadpfdiffof]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nikmnmhkbnkamhjjblknjabedmadohhf]
"Path"=C:\ProgramData\Bcool\nikmnmhkbnkamhjjblknjabedmadohhf.crx

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\oelpkepjlgmehajehfeicfbjdiobdkfj]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ojlcebdkbpjdpiligkdbbkdkfjmchbfd]
"Path"=

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={33BB0A4E-99AF-4226-BDF6-49120163DE86}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTer ... -SearchBox

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={8C31F27B-BE8A-4e4b-A478-17760AF1F5D9}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{8C31F27B-BE8A-4e4b-A478-17760AF1F5D9}]
"URL"=https://search.avast.com/AV772/search/w ... earchTerms}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24 790552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-02-05 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-04-29 64672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24 664848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-02-05 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2011-03-29 518784]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-04-29 790688]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-04-29 657568]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2011-10-17 226672]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent"=C:\Program Files (x86)\BitTorrent\BitTorrent.exe []
"cz.seznam.software.autoupdate"=C:\Users\Tereza\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Tereza\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2016-10-27 7943072]
"EA Core"=C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent []
"ltvravwayq"=explorer http://granena.ru/?utm_source=uoua03n&u ... d=20161011 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16 1156824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-09-13 283160]
"ISBMgr.exe"=C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2011-02-15 2757312]
"PMBVolumeWatcher"=C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [2010-11-27 648032]
""= []
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"Samsung PanelMgr"=C:\Windows\Samsung\PanelMgr\SSMMgr.exe [2008-08-08 524288]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-10-27 9099440]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16 1156824]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"RestrictRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"RestrictRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2016-11-07 18:03:09 ----D---- C:\rsit
2016-11-07 17:57:51 ----D---- C:\32788R22FWJFW
2016-10-31 10:56:17 ----D---- C:\ProgramData\Atheros
2016-10-25 21:03:28 ----D---- C:\SUPERDelete
2016-10-13 13:50:55 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2016-10-13 13:50:55 ----A---- C:\Windows\system32\poqexec.exe
2016-10-12 09:09:14 ----A---- C:\Windows\system32\generaltel.dll
2016-10-12 09:09:14 ----A---- C:\Windows\system32\devinv.dll
2016-10-12 09:09:14 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-10-12 09:09:14 ----A---- C:\Windows\system32\appraiser.dll
2016-10-12 09:09:14 ----A---- C:\Windows\system32\aepic.dll
2016-10-12 09:09:14 ----A---- C:\Windows\system32\aeinv.dll
2016-10-12 09:09:14 ----A---- C:\Windows\system32\acmigration.dll
2016-10-12 09:09:13 ----A---- C:\Windows\system32\invagent.dll
2016-10-12 09:09:13 ----A---- C:\Windows\system32\centel.dll
2016-10-12 09:09:04 ----A---- C:\Windows\system32\mshtml.dll
2016-10-12 09:09:03 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-10-12 09:09:02 ----A---- C:\Windows\system32\ieframe.dll
2016-10-12 09:09:01 ----A---- C:\Windows\system32\wmp.dll
2016-10-12 09:09:00 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-10-12 09:09:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-10-12 09:08:59 ----A---- C:\Windows\system32\jscript9.dll
2016-10-12 09:08:58 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-10-12 09:08:58 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-10-12 09:08:58 ----A---- C:\Windows\system32\wininet.dll
2016-10-12 09:08:58 ----A---- C:\Windows\system32\mf.dll
2016-10-12 09:08:57 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-10-12 09:08:57 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2016-10-12 09:08:57 ----A---- C:\Windows\system32\WsmSvc.dll
2016-10-12 09:08:57 ----A---- C:\Windows\system32\drmv2clt.dll
2016-10-12 09:08:57 ----A---- C:\Windows\system32\blackbox.dll
2016-10-12 09:08:56 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2016-10-12 09:08:56 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-10-12 09:08:56 ----A---- C:\Windows\system32\iertutil.dll
2016-10-12 09:08:55 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2016-10-12 09:08:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-10-12 09:08:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-10-12 09:08:54 ----A---- C:\Windows\system32\wmdrmsdk.dll
2016-10-12 09:08:54 ----A---- C:\Windows\system32\urlmon.dll
2016-10-12 09:08:54 ----A---- C:\Windows\system32\scavengeui.dll
2016-10-12 09:08:54 ----A---- C:\Windows\system32\quartz.dll
2016-10-12 09:08:53 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2016-10-12 09:08:53 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-10-12 09:08:53 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-10-12 09:08:53 ----A---- C:\Windows\system32\lsasrv.dll
2016-10-12 09:08:52 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-10-12 09:08:52 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-10-12 09:08:52 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-10-12 09:08:52 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-12 09:08:52 ----A---- C:\Windows\system32\vbscript.dll
2016-10-12 09:08:52 ----A---- C:\Windows\system32\evr.dll
2016-10-12 09:08:52 ----A---- C:\Windows\system32\drmmgrtn.dll
2016-10-12 09:08:52 ----A---- C:\Windows\system32\audiosrv.dll
2016-10-12 09:08:52 ----A---- C:\Windows\system32\AUDIOKSE.dll
2016-10-12 09:08:51 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-10-12 09:08:51 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2016-10-12 09:08:51 ----A---- C:\Windows\system32\WsmWmiPl.dll
2016-10-12 09:08:51 ----A---- C:\Windows\system32\DWrite.dll
2016-10-12 09:08:50 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2016-10-12 09:08:50 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2016-10-12 09:08:50 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-10-12 09:08:50 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2016-10-12 09:08:50 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2016-10-12 09:08:50 ----A---- C:\Windows\system32\qdvd.dll
2016-10-12 09:08:50 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2016-10-12 09:08:50 ----A---- C:\Windows\system32\cryptui.dll
2016-10-12 09:08:50 ----A---- C:\Windows\system32\AudioEng.dll
2016-10-12 09:08:49 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2016-10-12 09:08:49 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2016-10-12 09:08:49 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2016-10-12 09:08:49 ----A---- C:\Windows\system32\msfeeds.dll
2016-10-12 09:08:49 ----A---- C:\Windows\system32\mfplat.dll
2016-10-12 09:08:49 ----A---- C:\Windows\system32\FntCache.dll
2016-10-12 09:08:48 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-10-12 09:08:48 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-10-12 09:08:48 ----A---- C:\Windows\system32\WsmAuto.dll
2016-10-12 09:08:48 ----A---- C:\Windows\system32\win32k.sys
2016-10-12 09:08:48 ----A---- C:\Windows\system32\AudioSes.dll
2016-10-12 09:08:47 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2016-10-12 09:08:47 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-10-12 09:08:47 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2016-10-12 09:08:47 ----A---- C:\Windows\system32\pcasvc.dll
2016-10-12 09:08:47 ----A---- C:\Windows\system32\mfps.dll
2016-10-12 09:08:47 ----A---- C:\Windows\system32\EncDump.dll
2016-10-12 09:08:47 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-10-12 09:08:46 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-10-12 09:08:46 ----A---- C:\Windows\system32\wmploc.DLL
2016-10-12 09:08:46 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-10-12 09:08:46 ----A---- C:\Windows\system32\audiodg.exe
2016-10-12 09:08:45 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-10-12 09:08:45 ----A---- C:\Windows\system32\inetcomm.dll
2016-10-12 09:08:45 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-10-12 09:08:44 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-10-12 09:08:44 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-10-12 09:08:44 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-10-12 09:08:44 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2016-10-12 09:08:44 ----A---- C:\Windows\system32\cryptsp.dll
2016-10-12 09:08:43 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-10-12 09:08:43 ----A---- C:\Windows\system32\ntdll.dll
2016-10-12 09:08:43 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-12 09:08:43 ----A---- C:\Windows\system32\msscp.dll
2016-10-12 09:08:43 ----A---- C:\Windows\system32\iedkcs32.dll
2016-10-12 09:08:43 ----A---- C:\Windows\system32\adsmsext.dll
2016-10-12 09:08:42 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-10-12 09:08:42 ----A---- C:\Windows\SYSWOW64\msscp.dll
2016-10-12 09:08:42 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-10-12 09:08:42 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2016-10-12 09:08:42 ----A---- C:\Windows\system32\WebClnt.dll
2016-10-12 09:08:42 ----A---- C:\Windows\system32\msnetobj.dll
2016-10-12 09:08:42 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-10-12 09:08:42 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-10-12 09:08:42 ----A---- C:\Windows\system32\davclnt.dll
2016-10-12 09:08:41 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2016-10-12 09:08:41 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-10-12 09:08:41 ----A---- C:\Windows\system32\rrinstaller.exe
2016-10-12 09:08:41 ----A---- C:\Windows\system32\pcadm.dll
2016-10-12 09:08:41 ----A---- C:\Windows\system32\mfpmp.exe
2016-10-12 09:08:41 ----A---- C:\Windows\system32\ie4uinit.exe
2016-10-12 09:08:40 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2016-10-12 09:08:40 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2016-10-12 09:08:40 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-10-12 09:08:40 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-10-12 09:08:40 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-10-12 09:08:40 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-10-12 09:08:40 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2016-10-12 09:08:40 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-10-12 09:08:40 ----A---- C:\Windows\system32\wsmprovhost.exe
2016-10-12 09:08:40 ----A---- C:\Windows\system32\wsmplpxy.dll
2016-10-12 09:08:40 ----A---- C:\Windows\system32\spwmp.dll
2016-10-12 09:08:40 ----A---- C:\Windows\system32\rpcrt4.dll
2016-10-12 09:08:40 ----A---- C:\Windows\system32\pcawrk.exe
2016-10-12 09:08:40 ----A---- C:\Windows\system32\pcalua.exe
2016-10-12 09:08:40 ----A---- C:\Windows\system32\pcaevts.dll
2016-10-12 09:08:40 ----A---- C:\Windows\system32\msmmsp.dll
2016-10-12 09:08:40 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-10-12 09:08:40 ----A---- C:\Windows\system32\jscript.dll
2016-10-12 09:08:40 ----A---- C:\Windows\system32\INETRES.dll
2016-10-12 09:08:40 ----A---- C:\Windows\system32\dxmasf.dll
2016-10-12 09:08:40 ----A---- C:\Windows\system32\certcli.dll
2016-10-12 09:08:39 ----A---- C:\Windows\system32\ieui.dll
2016-10-12 09:08:39 ----A---- C:\Windows\system32\ieapfltr.dll
2016-10-12 09:08:38 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-10-12 09:08:38 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-10-12 09:08:38 ----A---- C:\Windows\system32\webcheck.dll
2016-10-12 09:08:38 ----A---- C:\Windows\system32\dxtrans.dll
2016-10-12 09:08:37 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-10-12 09:08:37 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-10-12 09:08:37 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-10-12 09:08:37 ----A---- C:\Windows\system32\occache.dll
2016-10-12 09:08:37 ----A---- C:\Windows\system32\msrating.dll
2016-10-12 09:08:37 ----A---- C:\Windows\system32\mshtmled.dll
2016-10-12 09:08:37 ----A---- C:\Windows\system32\kerberos.dll
2016-10-12 09:08:37 ----A---- C:\Windows\system32\jsproxy.dll
2016-10-12 09:08:37 ----A---- C:\Windows\system32\jscript9diag.dll
2016-10-12 09:08:37 ----A---- C:\Windows\system32\dxtmsft.dll
2016-10-12 09:08:37 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-10-12 09:08:36 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-10-12 09:08:36 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-10-12 09:08:36 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-10-12 09:08:36 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-10-12 09:08:36 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-10-12 09:08:36 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-10-12 09:08:36 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-10-12 09:08:36 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-10-12 09:08:36 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-10-12 09:08:36 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-10-12 09:08:36 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-10-12 09:08:36 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-10-12 09:08:36 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-10-12 09:08:36 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-10-12 09:08:36 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-10-12 09:08:36 ----A---- C:\Windows\system32\wintrust.dll
2016-10-12 09:08:36 ----A---- C:\Windows\system32\wdigest.dll
2016-10-12 09:08:36 ----A---- C:\Windows\system32\TSpkg.dll
2016-10-12 09:08:36 ----A---- C:\Windows\system32\sspicli.dll
2016-10-12 09:08:36 ----A---- C:\Windows\system32\smss.exe
2016-10-12 09:08:36 ----A---- C:\Windows\system32\schannel.dll
2016-10-12 09:08:36 ----A---- C:\Windows\system32\rpchttp.dll
2016-10-12 09:08:36 ----A---- C:\Windows\system32\ncrypt.dll
2016-10-12 09:08:36 ----A---- C:\Windows\system32\msv1_0.dll
2016-10-12 09:08:36 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-10-12 09:08:36 ----A---- C:\Windows\system32\kernel32.dll
2016-10-12 09:08:36 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-12 09:08:36 ----A---- C:\Windows\system32\inseng.dll
2016-10-12 09:08:36 ----A---- C:\Windows\system32\ieUnatt.exe
2016-10-12 09:08:36 ----A---- C:\Windows\system32\iesetup.dll
2016-10-12 09:08:36 ----A---- C:\Windows\system32\iernonce.dll
2016-10-12 09:08:36 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-10-12 09:08:36 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-10-12 09:08:36 ----A---- C:\Windows\system32\cryptsvc.dll
2016-10-12 09:08:36 ----A---- C:\Windows\system32\crypt32.dll
2016-10-12 09:08:36 ----A---- C:\Windows\system32\advapi32.dll
2016-10-12 09:08:35 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2016-10-12 09:08:35 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-10-12 09:08:35 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-10-12 09:08:35 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-10-12 09:08:35 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-10-12 09:08:35 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-10-12 09:08:35 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-10-12 09:08:35 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-10-12 09:08:35 ----A---- C:\Windows\system32\WsmRes.dll
2016-10-12 09:08:35 ----A---- C:\Windows\system32\wow64win.dll
2016-10-12 09:08:35 ----A---- C:\Windows\system32\winsrv.dll
2016-10-12 09:08:35 ----A---- C:\Windows\system32\srcore.dll
2016-10-12 09:08:35 ----A---- C:\Windows\system32\mferror.dll
2016-10-12 09:08:35 ----A---- C:\Windows\system32\lsass.exe
2016-10-12 09:08:35 ----A---- C:\Windows\system32\KernelBase.dll
2016-10-12 09:08:35 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-10-12 09:08:35 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-10-12 09:08:35 ----A---- C:\Windows\system32\cryptnet.dll
2016-10-12 09:08:35 ----A---- C:\Windows\system32\cryptbase.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-12 09:08:34 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-12 09:08:34 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-10-12 09:08:34 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2016-10-12 09:08:34 ----A---- C:\Windows\SYSWOW64\user.exe
2016-10-12 09:08:34 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-10-12 09:08:34 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-10-12 09:08:34 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-10-12 09:08:34 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-10-12 09:08:34 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-10-12 09:08:34 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-10-12 09:08:34 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-10-12 09:08:34 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-10-12 09:08:34 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-10-12 09:08:34 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-10-12 09:08:34 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2016-10-12 09:08:34 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2016-10-12 09:08:34 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-10-12 09:08:34 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-10-12 09:08:34 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-10-12 09:08:34 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-10-12 09:08:34 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-10-12 09:08:34 ----A---- C:\Windows\system32\wow64cpu.dll
2016-10-12 09:08:34 ----A---- C:\Windows\system32\wow64.dll
2016-10-12 09:08:34 ----A---- C:\Windows\system32\sspisrv.dll
2016-10-12 09:08:34 ----A---- C:\Windows\system32\srclient.dll
2016-10-12 09:08:34 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-10-12 09:08:34 ----A---- C:\Windows\system32\secur32.dll
2016-10-12 09:08:34 ----A---- C:\Windows\system32\rstrui.exe
2016-10-12 09:08:34 ----A---- C:\Windows\system32\ntvdm64.dll
2016-10-12 09:08:34 ----A---- C:\Windows\system32\drivers\appid.sys
2016-10-12 09:08:34 ----A---- C:\Windows\system32\csrsrv.dll
2016-10-12 09:08:34 ----A---- C:\Windows\system32\credssp.dll
2016-10-12 09:08:34 ----A---- C:\Windows\system32\conhost.exe
2016-10-12 09:08:34 ----A---- C:\Windows\system32\auditpol.exe
2016-10-12 09:08:34 ----A---- C:\Windows\system32\appidsvc.dll
2016-10-12 09:08:34 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-10-12 09:08:34 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-10-12 09:08:34 ----A---- C:\Windows\system32\appidapi.dll
2016-10-12 09:08:34 ----A---- C:\Windows\system32\apisetschema.dll
2016-10-12 09:08:33 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-10-12 09:08:33 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-10-12 09:08:33 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-10-12 09:08:33 ----A---- C:\Windows\system32\msobjs.dll
2016-10-12 09:08:33 ----A---- C:\Windows\system32\msaudite.dll
2016-10-12 09:08:33 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-10-12 09:08:33 ----A---- C:\Windows\system32\adtschema.dll
2016-10-12 09:07:21 ----A---- C:\Windows\system32\drivers\usbport.sys
2016-10-12 09:07:21 ----A---- C:\Windows\system32\drivers\usbhub.sys
2016-10-12 09:07:21 ----A---- C:\Windows\system32\drivers\usbehci.sys
2016-10-12 09:07:20 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2016-10-12 09:07:20 ----A---- C:\Windows\system32\drivers\usbohci.sys
2016-10-12 09:07:20 ----A---- C:\Windows\system32\drivers\usbd.sys
2016-10-12 09:07:20 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2016-10-12 09:07:04 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-10-12 09:07:04 ----A---- C:\Windows\system32\shell32.dll
2016-10-12 09:07:03 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-10-12 09:07:03 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-10-12 09:07:03 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-10-12 09:07:03 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-10-12 09:07:03 ----A---- C:\Windows\system32\authui.dll
2016-10-12 09:07:03 ----A---- C:\Windows\explorer.exe
2016-10-10 18:27:25 ----D---- C:\Program Files (x86)\Origin Games

======List of files/folders modified in the last 1 month======

2016-11-07 18:03:12 ----D---- C:\Program Files\trend micro
2016-11-07 17:58:02 ----D---- C:\Windows\inf
2016-11-07 17:54:10 ----D---- C:\Users\Tereza\AppData\Roaming\Skype
2016-11-07 17:52:54 ----D---- C:\Windows\system32\drivers
2016-11-07 17:52:49 ----D---- C:\Windows\temp
2016-11-07 17:08:24 ----SHD---- C:\System Volume Information
2016-11-07 16:54:38 ----SHD---- C:\Windows\Installer
2016-11-07 16:52:11 ----D---- C:\Windows\system32\Tasks
2016-11-07 16:48:29 ----D---- C:\Windows\System32
2016-11-07 16:48:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-11-07 16:47:01 ----D---- C:\Users\Tereza\AppData\Roaming\Seznam.cz
2016-11-07 16:45:23 ----A---- C:\Windows\SYSWOW64\log.txt
2016-11-07 16:42:35 ----D---- C:\ProgramData\NVIDIA
2016-11-07 13:27:21 ----D---- C:\Windows\system32\config
2016-11-06 19:45:08 ----D---- C:\ProgramData
2016-11-04 21:34:33 ----D---- C:\Users\Tereza\AppData\Roaming\vlc
2016-11-03 19:36:21 ----D---- C:\Windows\Prefetch
2016-10-31 15:45:57 ----D---- C:\Windows
2016-10-31 10:24:17 ----D---- C:\Windows\Minidump
2016-10-29 18:03:44 ----D---- C:\Windows\system32\DriverStore
2016-10-28 22:00:57 ----D---- C:\Program Files (x86)\Google
2016-10-28 08:32:58 ----D---- C:\Program Files\SUPERAntiSpyware
2016-10-26 20:46:10 ----D---- C:\Windows\SysWOW64
2016-10-26 20:46:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-10-26 20:46:05 ----D---- C:\Windows\system32\Macromed
2016-10-26 20:46:04 ----D---- C:\Windows\SYSWOW64\Macromed
2016-10-25 21:08:59 ----D---- C:\Program Files (x86)\Bluetooth Suite
2016-10-25 21:06:07 ----RD---- C:\Program Files (x86)
2016-10-25 12:38:21 ----D---- C:\Program Files (x86)\Common Files
2016-10-25 12:38:10 ----RSD---- C:\Windows\Fonts
2016-10-22 14:06:33 ----D---- C:\Windows\Tasks
2016-10-21 07:26:06 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-10-16 08:15:56 ----D---- C:\Windows\LiveKernelReports
2016-10-14 07:43:09 ----D---- C:\Windows\debug
2016-10-12 20:28:33 ----D---- C:\Windows\rescache
2016-10-12 20:10:52 ----D---- C:\Windows\Microsoft.NET
2016-10-12 20:10:10 ----RSD---- C:\Windows\assembly
2016-10-12 19:21:38 ----D---- C:\Windows\winsxs
2016-10-12 19:21:13 ----D---- C:\Windows\system32\catroot2
2016-10-12 18:58:52 ----D---- C:\Program Files (x86)\Internet Explorer
2016-10-12 18:58:51 ----D---- C:\Program Files\Internet Explorer
2016-10-12 18:58:51 ----D---- C:\Program Files (x86)\Windows Media Player
2016-10-12 18:58:50 ----D---- C:\Windows\SYSWOW64\Dism
2016-10-12 18:58:50 ----D---- C:\Program Files\Windows Media Player
2016-10-12 18:58:49 ----D---- C:\Windows\SYSWOW64\en-US
2016-10-12 18:58:49 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-10-12 18:58:37 ----D---- C:\Windows\system32\Dism
2016-10-12 18:58:37 ----D---- C:\Windows\system32\cs-CZ
2016-10-12 18:58:36 ----D---- C:\Windows\system32\en-US
2016-10-12 18:58:26 ----D---- C:\Windows\AppPatch
2016-10-12 18:58:24 ----D---- C:\Windows\system32\Boot
2016-10-12 18:58:22 ----SD---- C:\Windows\system32\CompatTel
2016-10-12 18:58:22 ----D---- C:\Windows\system32\appraiser
2016-10-12 18:58:18 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-10-12 18:58:05 ----D---- C:\Windows\cs-CZ
2016-10-12 18:55:16 ----D---- C:\Program Files\Microsoft Silverlight
2016-10-12 18:55:14 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-10-12 16:36:01 ----D---- C:\Windows\system32\MRT
2016-10-12 16:35:48 ----AC---- C:\Windows\system32\MRT.exe
2016-10-12 16:30:53 ----D---- C:\Windows\Logs
2016-10-11 10:31:52 ----HD---- C:\Windows\system32\GroupPolicy
2016-10-11 10:31:48 ----D---- C:\Windows\SYSWOW64\GroupPolicy
2016-10-11 10:31:39 ----D---- C:\Program Files (x86)\Electronic Arts
2016-10-10 18:27:44 ----D---- C:\ProgramData\Origin
2016-10-10 18:27:36 ----D---- C:\Users\Tereza\AppData\Roaming\Origin
2016-10-08 19:26:03 ----D---- C:\ProgramData\Electronic Arts

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-09-10 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-10-13 293352]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2012-01-12 437272]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-09-10 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-09-10 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-09-13 969184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-09-22 513632]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-09-10 108816]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-09-10 163416]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2007-08-13 11576]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\drivers\Apfiltr.sys [2011-10-17 317776]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-02-16 2377216]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\drivers\btath_bus.sys [2011-04-29 29344]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2011-03-29 1581184]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2010-10-19 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2011-03-29 173160]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-03-29 335464]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-29 425064]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\drivers\SFEP.sys [2010-04-26 12032]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-09-10 37656]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2011-04-29 51872]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\drivers\btath_hcrp.sys [2011-04-29 166048]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\drivers\btath_rcp.sys [2011-04-29 283296]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-12-28 80384]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 semav6msr64;semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [2015-11-23 29352]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2015-06-07 172344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-10 197128]
R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-02-18 993896]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-02-18 378472]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [2011-03-05 64704]
R2 VSNService;VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2011-02-28 852160]
R3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [2016-03-31 1656600]
S2 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27 144200]
S2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2016-10-06 2209296]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S2 uCamMonitor;CamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-26 270016]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-09-30 114688]
S3 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [2015-07-22 625632]
S3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [2013-10-16 235216]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-01-14 146888]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2016-10-06 2142728]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SOHCImp;VAIO Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]
S3 SOHDs;VAIO Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-02-21 67232]
S3 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
S3 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-19 549616]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-18 385336]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-05-06 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

#2 Příspěvek od **Roli** » 07 lis 2016 19:49

Zdravím, v první řadě odinstaluj vše od Seznam.cz

Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém

Stáhni a spusť AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.

V případě nejasností je ZDE obrázkový návod.

greatone · #3 Příspěvek od **greatone** » 07 lis 2016 21:13

Děkuji za pomoc nejdřív vkládám ADWCleaner

# AdwCleaner v6.030 - Log soubor vytvořen 07/11/2016 na 19:12:14
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-07.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Tereza - TEREZA-VAIO
# Beží od : C:\Users\Tereza\Desktop\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support

***** [ Služby ] *****

***** [ Adresáře ] *****

[-] Adresář smazán:C:\Users\Tereza\AppData\Local\Moovida
[-] Adresář smazán:C:\Users\Tereza\AppData\Local\fupdate
[-] Adresář smazán:C:\Users\Tereza\AppData\Roaming\moovida-1
[-] Adresář smazán:C:\Users\Tereza\AppData\Roaming\RPEng

***** [ Soubory ] *****

[-] Soubor smazán:C:\Users\Tereza\AppData\LocalLow\Microsoft\Internet Explorer\Services\Search_ask.com.xml

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupce ] *****

***** [ Plánovač úloh ] *****

***** [ Registry ] *****

[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9bb72b76-56f5-40bc-bcfe-583aa8efa8d1}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] Klíč smazán:HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Hodnota smazána:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{00CBB66B-1D3B-46D3-9577-323A336ACB50}]
[-] Hodnota smazána:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{963B125B-8B21-49A2-A3A8-E37092276531}]
[-] Klíč smazán:HKU\S-1-5-21-1274712558-6156734-4062072829-1000\Software\Conduit
[-] Klíč smazán:HKU\S-1-5-21-1274712558-6156734-4062072829-1000\Software\One System Care
[-] Klíč smazán:HKU\S-1-5-21-1274712558-6156734-4062072829-1000\Software\Mail.Ru
[-] Klíč smazán:HKU\S-1-5-21-1274712558-6156734-4062072829-1000\Software\AppDataLow\Software\Mail.Ru
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1274712558-6156734-4062072829-1000\Software\bbrs_002.tb
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1274712558-6156734-4062072829-1000\Software\Blabbers
[#] Klíč smazán po restartování:HKCU\Software\Conduit
[#] Klíč smazán po restartování:HKCU\Software\One System Care
[#] Klíč smazán po restartování:HKCU\Software\Mail.Ru
[#] Klíč smazán po restartování:HKCU\Software\AppDataLow\Software\Mail.Ru
[-] Klíč smazán:HKLM\SOFTWARE\Conduit
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1274712558-6156734-4062072829-1000\Software\bbrs_002.tb
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1274712558-6156734-4062072829-1000\Software\Blabbers
[#] Klíč smazán po restartování:[x64] HKCU\Software\Conduit
[#] Klíč smazán po restartování:[x64] HKCU\Software\One System Care
[#] Klíč smazán po restartování:[x64] HKCU\Software\Mail.Ru
[#] Klíč smazán po restartování:[x64] HKCU\Software\AppDataLow\Software\Mail.Ru
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\16FE85B52F587794795A481CF9295697
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\254796BF4AC84B64891B61C529A2E23F
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\758F5690DAAD39F40845E0E23C8C5C0B
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\16FE85B52F587794795A481CF9295697
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\254796BF4AC84B64891B61C529A2E23F
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\758F5690DAAD39F40845E0E23C8C5C0B
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966d4C29D35B1C9
[-] Data obnovena:HKU\S-1-5-21-1274712558-6156734-4062072829-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena:HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena:[x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Klíč smazán:HKU\S-1-5-21-1274712558-6156734-4062072829-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A06ED961-D98F-4CF9-A89B-80AB11DB149C}
[-] Data obnovena:HKU\S-1-5-21-1274712558-6156734-4062072829-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Klíč smazán:HKU\S-1-5-21-1274712558-6156734-4062072829-1000\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A06ED961-D98F-4CF9-A89B-80AB11DB149C}
[-] Data obnovena:HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A06ED961-D98F-4CF9-A89B-80AB11DB149C}
[-] Data obnovena:[x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
[-] Hodnota smazána:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext [DisableAddonLoadTimePerformanceNotifications]
[-] Klíč smazán:HKLM\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\e24b7131-d039-43cb-9e6f-ad4be601ec1f
[-] Klíč smazán:HKLM\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\04262113-2a31-48e1-b4bb-3b42174bea0f
[-] Klíč smazán:HKLM\SYSTEM\ControlSet002\Control\Power\User\PowerSchemes\e24b7131-d039-43cb-9e6f-ad4be601ec1f
[-] Klíč smazán:HKLM\SYSTEM\ControlSet002\Control\Power\User\PowerSchemes\04262113-2a31-48e1-b4bb-3b42174bea0f
[#] Klíč smazán po restartování:HKLM\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\e24b7131-d039-43cb-9e6f-ad4be601ec1f
[#] Klíč smazán po restartování:HKLM\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\04262113-2a31-48e1-b4bb-3b42174bea0f

***** [ Prohlížeče ] *****

*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [21750 Bajtů] - [07/11/2016 19:12:14]
C:\AdwCleaner\AdwCleaner[R0].txt - [17398 Bajtů] - [22/09/2013 15:56:43]
C:\AdwCleaner\AdwCleaner[R1].txt - [3357 Bajtů] - [08/07/2014 20:20:24]
C:\AdwCleaner\AdwCleaner[S0].txt - [14604 Bajtů] - [22/09/2013 16:01:20]
C:\AdwCleaner\AdwCleaner[S1].txt - [3484 Bajtů] - [08/07/2014 20:26:13]
C:\AdwCleaner\AdwCleaner[S2].txt - [22375 Bajtů] - [07/11/2016 19:11:23]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [22198 Bajtů] ##########

greatone · #4 Příspěvek od **greatone** » 07 lis 2016 22:57

ComboFix 16-11-06.01 - Tereza 07.11.2016 20:49:53.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4078.2529 [GMT 0:00]
Spuštěný z: c:\users\Tereza\Desktop\ComboFix.exe
AV: Avast Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Avast Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NETHFDRV
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-10-07 do 2016-11-07 )))))))))))))))))))))))))))))))
.
.
2016-11-07 21:19 . 2016-11-07 21:30 -------- d-----w- c:\program files (x86)\TeamViewer
2016-11-07 20:56 . 2016-11-07 20:56 -------- d-----w- c:\users\Public\AppData\Local\temp
2016-11-07 20:56 . 2016-11-07 20:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-11-07 18:21 . 2016-11-07 18:21 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-11-07 18:20 . 2016-11-07 18:20 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-11-07 18:20 . 2016-11-07 18:20 -------- d-----w- c:\programdata\Malwarebytes
2016-11-07 18:20 . 2016-03-10 14:09 64896 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-11-07 18:20 . 2016-03-10 14:08 140672 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-11-07 18:20 . 2016-03-10 14:08 27008 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-11-07 18:03 . 2016-11-07 18:03 -------- d-----w- C:\rsit
2016-10-31 10:56 . 2016-10-31 10:56 -------- d-----w- c:\programdata\Atheros
2016-10-25 21:03 . 2016-10-26 19:29 -------- d-----w- C:\SUPERDelete
2016-10-13 13:50 . 2016-07-22 14:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2016-10-13 13:50 . 2016-07-22 14:51 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2016-10-12 09:08 . 2016-09-30 06:09 6048256 ----a-w- c:\windows\system32\jscript9.dll
2016-10-12 09:07 . 2016-08-16 21:54 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\usbehci.sys.mui
2016-10-11 10:38 . 2016-10-11 10:38 -------- d-----w- c:\users\Tereza\AppData\Local\OE3D9A~1
2016-10-11 10:35 . 2016-11-07 16:52 -------- d-----w- c:\users\Tereza\AppData\Local\ComDev
2016-10-11 10:33 . 2016-10-11 10:33 -------- d-----w- c:\users\Tereza\AppData\Local\CE616C~1
2016-10-10 18:27 . 2016-10-10 18:27 -------- d-----w- c:\program files (x86)\Origin Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-10-26 20:46 . 2012-05-05 12:41 796352 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-10-26 20:46 . 2012-05-05 12:41 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-10-13 13:44 . 2015-06-23 16:37 293352 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-10-12 16:35 . 2013-06-24 10:27 143495576 -c--a-w- c:\windows\system32\MRT.exe
2016-09-30 05:35 . 2016-10-12 09:08 262144 ----a-w- c:\windows\system32\webcheck.dll
2016-09-30 05:07 . 2016-10-12 09:08 230400 ----a-w- c:\windows\SysWow64\webcheck.dll
2016-09-22 14:08 . 2015-06-23 16:37 513632 ----a-w- c:\windows\system32\drivers\aswsp.sys
2016-09-13 14:58 . 2015-06-23 16:37 969184 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2016-09-12 21:08 . 2016-10-12 09:08 190464 ----a-w- c:\windows\system32\rpchttp.dll
2016-09-12 20:49 . 2016-10-12 09:08 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2016-09-12 20:49 . 2016-10-12 09:08 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-09-11 18:48 . 2016-09-11 18:48 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F6DC1DA1-A258-4C87-8FEE-23E0236C8C60}\offreg.2584.dll
2016-09-10 10:28 . 2015-06-23 16:37 74544 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-09-10 10:28 . 2015-06-23 16:37 163416 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-09-10 10:28 . 2015-06-23 16:37 108816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-09-10 10:28 . 2016-09-10 10:34 391496 ----a-w- c:\windows\system32\aswBoot.exe
2016-09-10 10:28 . 2015-06-23 16:37 37656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-09-10 10:28 . 2015-06-23 16:37 103064 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-09-10 10:27 . 2016-09-10 10:27 53208 ----a-w- c:\windows\avastSS.scr
2016-09-10 10:27 . 2016-07-13 18:49 37144 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-09-09 17:59 . 2016-10-12 09:08 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-08-16 17:36 . 2016-09-21 20:31 1009152 ----a-w- c:\windows\system32\user32.dll
2016-08-16 02:48 . 2016-09-21 20:31 833024 ----a-w- c:\windows\SysWow64\user32.dll
2016-08-12 16:46 . 2016-10-12 09:08 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2016-08-12 16:26 . 2016-09-21 20:40 464896 ----a-w- c:\windows\system32\drivers\srv.sys
2016-08-12 16:26 . 2016-09-21 20:40 405504 ----a-w- c:\windows\system32\drivers\srv2.sys
2016-08-12 16:26 . 2016-09-21 20:40 168960 ----a-w- c:\windows\system32\drivers\srvnet.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2016-10-27 7943072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-27 648032]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2008-08-08 524288]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-10-27 9099440]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2016-09-16 1156824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Origin Web Helper Service;Origin Web Helper Service;c:\program files (x86)\Origin\OriginWebHelperService.exe;c:\program files (x86)\Origin\OriginWebHelperService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot;c:\program files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe;c:\program files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [x]
R3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;c:\program files (x86)\Sony\MSS\3.8.130\McCHSvc.exe;c:\program files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 semav6msr64;semav6msr64;c:\windows\system32\drivers\semav6msr64.sys;c:\windows\SYSNATIVE\drivers\semav6msr64.sys [x]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\vuagent.exe;c:\program files\Sony\VAIO Update\vuagent.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2016-11-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-02 20:46]
.
2016-11-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1274712558-6156734-4062072829-1000Core.job
- c:\users\Tereza\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-05-21 17:01]
.
2016-11-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1274712558-6156734-4062072829-1000UA.job
- c:\users\Tereza\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-05-21 17:01]
.
2016-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf68fbcc52616c.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-18 20:23]
.
2016-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8f10b1e33290.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-18 20:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-09-10 10:28 1031520 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-03-29 518784]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-04-29 790688]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-04-29 657568]
"Apoint"="c:\program files (x86)\Apoint\Apoint.exe" [BU]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page =
mStart Page = https://search.avast.com/AV772/
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = https://search.avast.com/AV772/search/w ... earchTerms}
mSearch Bar = https://search.avast.com/AV772/
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.154.192.1
FF - ProfilePath - c:\users\Tereza\AppData\Roaming\Mozilla\Firefox\Profiles\8ep7yef3.default-1478543581819\
FF - prefs.js: browser.startup.homepage - www.google.com/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_23_0_0_205_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_23_0_0_205_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_23_0_0_205_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_23_0_0_205_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_205.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.23"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_205.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_205.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_205.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\windows\SysWOW64\DllHost.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\AVAST Software\Avast\AvastEmUpdate.exe
c:\program files\AVAST Software\Avast\avBugReport.exe
.
**************************************************************************
.
Celkový čas: 2016-11-07 21:41:26 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-11-07 21:41
.
Před spuštěním: Volných bajtů: 92 491 235 328
Po spuštění: Volných bajtů: 91 742 728 192
.
- - End Of File - - 77CA8BB5A6EE037AD011583D0ED57C7A

#5 Příspěvek od **Roli** » 09 lis 2016 19:18

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

Registry::  
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ltvravwayq"=-

RegLock::
[HKEY_LOCAL_MACHINE\software\McAfee]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

greatone · #6 Příspěvek od **greatone** » 13 lis 2016 22:09

Hotovo

ComboFix 16-11-06.01 - Tereza 13.11.2016 20:55:47.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4078.2545 [GMT 0:00]
Spuštěný z: c:\users\Tereza\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Tereza\Desktop\CFScript.txt
AV: Avast Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Avast Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-10-13 do 2016-11-13 )))))))))))))))))))))))))))))))
.
.
2016-11-13 21:03 . 2016-11-13 21:03 -------- d-----w- c:\users\Public\AppData\Local\temp
2016-11-13 21:03 . 2016-11-13 21:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-11-09 09:47 . 2016-08-22 16:19 1386496 ----a-w- c:\windows\system32\diagtrack.dll
2016-11-07 21:19 . 2016-11-10 16:27 -------- d-----w- c:\program files (x86)\TeamViewer
2016-11-07 18:21 . 2016-11-07 21:59 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-11-07 18:20 . 2016-11-07 18:20 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-11-07 18:20 . 2016-11-07 18:20 -------- d-----w- c:\programdata\Malwarebytes
2016-11-07 18:20 . 2016-03-10 14:09 64896 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-11-07 18:20 . 2016-03-10 14:08 140672 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-11-07 18:20 . 2016-03-10 14:08 27008 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-11-07 18:03 . 2016-11-07 18:03 -------- d-----w- C:\rsit
2016-10-31 10:56 . 2016-10-31 10:56 -------- d-----w- c:\programdata\Atheros
2016-10-25 21:03 . 2016-10-26 19:29 -------- d-----w- C:\SUPERDelete
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-11-09 23:09 . 2013-06-24 10:27 141011376 -c--a-w- c:\windows\system32\MRT.exe
2016-11-08 20:46 . 2012-05-05 12:41 796352 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-11-08 20:46 . 2012-05-05 12:41 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-10-13 13:44 . 2015-06-23 16:37 293352 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-10-10 15:33 . 2016-11-09 09:48 345600 ----a-w- c:\windows\system32\schannel.dll
2016-10-10 15:33 . 2016-11-09 09:48 190464 ----a-w- c:\windows\system32\rpchttp.dll
2016-10-10 15:16 . 2016-11-09 09:48 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2016-10-10 15:16 . 2016-11-09 09:48 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-10-07 15:12 . 2016-11-09 09:48 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-09-22 14:08 . 2015-06-23 16:37 513632 ----a-w- c:\windows\system32\drivers\aswsp.sys
2016-09-13 14:58 . 2015-06-23 16:37 969184 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2016-09-12 21:17 . 2016-10-12 09:09 77032 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-09-12 21:08 . 2016-10-12 09:09 1226752 ----a-w- c:\windows\system32\aeinv.dll
2016-09-12 21:08 . 2016-10-12 09:08 107520 ----a-w- c:\windows\system32\adsmsext.dll
2016-09-12 20:49 . 2016-10-12 09:08 76800 ----a-w- c:\windows\SysWow64\adsmsext.dll
2016-09-12 19:08 . 2016-10-12 09:08 1251328 ----a-w- c:\windows\SysWow64\DWrite.dll
2016-09-12 18:43 . 2016-10-12 09:08 1180160 ----a-w- c:\windows\system32\FntCache.dll
2016-09-12 18:43 . 2016-10-12 09:08 1648128 ----a-w- c:\windows\system32\DWrite.dll
2016-09-11 18:48 . 2016-09-11 18:48 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F6DC1DA1-A258-4C87-8FEE-23E0236C8C60}\offreg.2584.dll
2016-09-10 10:28 . 2015-06-23 16:37 74544 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-09-10 10:28 . 2015-06-23 16:37 163416 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-09-10 10:28 . 2015-06-23 16:37 108816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-09-10 10:28 . 2016-09-10 10:34 391496 ----a-w- c:\windows\system32\aswBoot.exe
2016-09-10 10:28 . 2015-06-23 16:37 37656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-09-10 10:28 . 2015-06-23 16:37 103064 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-09-10 10:27 . 2016-09-10 10:27 53208 ----a-w- c:\windows\avastSS.scr
2016-09-10 10:27 . 2016-07-13 18:49 37144 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-09-09 15:54 . 2016-10-12 09:09 586752 ----a-w- c:\windows\system32\generaltel.dll
2016-09-09 15:54 . 2016-10-12 09:09 314368 ----a-w- c:\windows\system32\invagent.dll
2016-09-09 15:54 . 2016-10-12 09:09 575488 ----a-w- c:\windows\system32\devinv.dll
2016-09-09 15:54 . 2016-10-12 09:09 224256 ----a-w- c:\windows\system32\aepic.dll
2016-09-09 15:54 . 2016-10-12 09:09 1629184 ----a-w- c:\windows\system32\appraiser.dll
2016-09-09 15:54 . 2016-10-12 09:09 129024 ----a-w- c:\windows\system32\acmigration.dll
2016-09-09 15:54 . 2016-10-12 09:09 273408 ----a-w- c:\windows\system32\centel.dll
2016-09-08 20:34 . 2016-10-12 09:08 263680 ----a-w- c:\windows\system32\WebClnt.dll
2016-09-08 20:34 . 2016-10-12 09:08 108544 ----a-w- c:\windows\system32\davclnt.dll
2016-09-08 20:34 . 2016-10-12 09:08 208896 ----a-w- c:\windows\SysWow64\WebClnt.dll
2016-09-08 20:34 . 2016-10-12 09:08 87040 ----a-w- c:\windows\SysWow64\davclnt.dll
2016-09-08 14:55 . 2016-10-12 09:08 142336 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2016-09-08 14:55 . 2016-10-12 09:08 106496 ----a-w- c:\windows\system32\drivers\dfsc.sys
2016-08-29 15:31 . 2016-10-12 09:07 14183424 ----a-w- c:\windows\system32\shell32.dll
2016-08-29 15:31 . 2016-10-12 09:07 1867776 ----a-w- c:\windows\system32\ExplorerFrame.dll
2016-08-29 15:31 . 2016-10-12 09:07 1941504 ----a-w- c:\windows\system32\authui.dll
2016-08-29 15:12 . 2016-10-12 09:07 1499648 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2016-08-29 15:12 . 2016-10-12 09:07 1806848 ----a-w- c:\windows\SysWow64\authui.dll
2016-08-29 15:04 . 2016-10-12 09:07 3229696 ----a-w- c:\windows\explorer.exe
2016-08-29 14:55 . 2016-10-12 09:07 2972672 ----a-w- c:\windows\SysWow64\explorer.exe
2016-08-16 20:40 . 2016-10-12 09:07 343552 ----a-w- c:\windows\system32\drivers\usbhub.sys
2016-08-16 20:40 . 2016-10-12 09:07 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2016-08-16 20:40 . 2016-10-12 09:07 56320 ----a-w- c:\windows\system32\drivers\usbehci.sys
2016-08-16 20:40 . 2016-10-12 09:07 327168 ----a-w- c:\windows\system32\drivers\usbport.sys
2016-08-16 20:40 . 2016-10-12 09:07 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2016-08-16 20:40 . 2016-10-12 09:07 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2016-08-16 20:40 . 2016-10-12 09:07 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2016-08-16 17:36 . 2016-09-21 20:31 1009152 ----a-w- c:\windows\system32\user32.dll
2016-08-16 02:48 . 2016-09-21 20:31 833024 ----a-w- c:\windows\SysWow64\user32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2016-10-27 7943072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-27 648032]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2008-08-08 524288]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-11-08 9044392]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2016-09-16 1156824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Origin Web Helper Service;Origin Web Helper Service;c:\program files (x86)\Origin\OriginWebHelperService.exe;c:\program files (x86)\Origin\OriginWebHelperService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot;c:\program files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe;c:\program files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [x]
R3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;c:\program files (x86)\Sony\MSS\3.8.130\McCHSvc.exe;c:\program files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 semav6msr64;semav6msr64;c:\windows\system32\drivers\semav6msr64.sys;c:\windows\SYSNATIVE\drivers\semav6msr64.sys [x]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\vuagent.exe;c:\program files\Sony\VAIO Update\vuagent.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2016-11-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-02 20:46]
.
2016-11-10 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1274712558-6156734-4062072829-1000Core.job
- c:\users\Tereza\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-05-21 17:01]
.
2016-11-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1274712558-6156734-4062072829-1000UA.job
- c:\users\Tereza\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-05-21 17:01]
.
2016-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf68fbcc52616c.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-18 20:23]
.
2016-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8f10b1e33290.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-18 20:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-09-10 10:28 1031520 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-03-29 518784]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-04-29 790688]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-04-29 657568]
"Apoint"="c:\program files (x86)\Apoint\Apoint.exe" [BU]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page =
mStart Page = https://search.avast.com/AV772/
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = https://search.avast.com/AV772/search/w ... earchTerms}
mSearch Bar = https://search.avast.com/AV772/
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.154.192.1
FF - ProfilePath - c:\users\Tereza\AppData\Roaming\Mozilla\Firefox\Profiles\8ep7yef3.default-1478543581819\
FF - prefs.js: browser.startup.homepage - www.google.com/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_23_0_0_207_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_23_0_0_207_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_23_0_0_207_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_23_0_0_207_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_207.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.23"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_207.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_207.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_207.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
Celkový čas: 2016-11-13 21:06:32
ComboFix-quarantined-files.txt 2016-11-13 21:06
ComboFix2.txt 2016-11-07 21:41
.
Před spuštěním: Volných bajtů: 90 696 708 096
Po spuštění: Volných bajtů: 90 456 989 696
.
- - End Of File - - DFBF1332D59AF591FDCFB4E3431E1562

#7 Příspěvek od **Roli** » 14 lis 2016 17:04

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.

Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.

Pak dej vědět jak se PC chová.

greatone · #8 Příspěvek od **greatone** » 18 pro 2016 22:28

Dobrý den,

omlouvám se za zpoždění. Vše provedeno.

Děkuji a mějte se

#9 Příspěvek od **Roli** » 19 pro 2016 17:08

greatone píše:Děkuji a mějte se

Není zač a

VIRY.CZ

Úvodní stránka v ruštině

Úvodní stránka v ruštině

Re: Úvodní stránka v ruštině

Re: Úvodní stránka v ruštině

Re: Úvodní stránka v ruštině

Re: Úvodní stránka v ruštině

Re: Úvodní stránka v ruštině

Re: Úvodní stránka v ruštině

Re: Úvodní stránka v ruštině

Re: Úvodní stránka v ruštině