Dobrý den,
tiskárna, která je normálně nainstalovaná nelze nalézt. Jednorázově tento problém odstraním touto utilitkou (Print-Spooler-Repair-Tool), ale při dalším zapnutí počítače je problém znovu tady. I některé programy nejdou spustit, přičemž vyskakuje hláška, že "RPC server is unavailable".
U jiných aplikací mi vyskakuje chybová hláška „0xc0000005“.
LOG:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01
Ran by Keyfor (administrator) on KEYFOR-PC on 07-10-2014 21:56:14
Running from C:\Users\Keyfor\Desktop
Loaded Profile: Keyfor (Available profiles: Keyfor)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\main.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(forum.viry.cz) C:\Users\Keyfor\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe [8886592 2014-08-27] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-08] (AVAST Software)
HKLM-x32\...\Run: [win32] => "C:\kernels\drivers.vbs"
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-833634061-2704343745-1971459761-1000\...\Run: [Google Update] => C:\Users\Keyfor\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-07-09] (Google Inc.)
HKU\S-1-5-21-833634061-2704343745-1971459761-1000\...\Run: [SkyDrive] => C:\Users\Keyfor\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-24] (Microsoft Corporation)
HKU\S-1-5-21-833634061-2704343745-1971459761-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
Startup: C:\Users\Keyfor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Keyfor\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * aswBoot.exe /M:2c6994e3 /wow /dir:C:\Program
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP97&ocid=UP97DHP
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {3F7CCA1F-2AB3-4FA6-B916-7A8DCB8D8517} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
SearchScopes: HKCU - {4A592776-91F2-4B46-83AC-7EAEE62BD3CF} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {54A8382E-7800-4EE2-9997-20742FB05189} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKCU - {66AC0B92-3670-4225-A68E-D9F13F799E2B} URL = http://search.seznam.cz/?q={searchTerms ... arch_13415
SearchScopes: HKCU - {84C9D535-5CA5-4F90-9846-E75A87314AD3} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKCU - {8E947210-1EF1-450F-87A3-CD7EE9548A36} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKCU - {A49B0DD0-12A2-4A65-A725-08C47001D5F7} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKCU - {B5DC0DA9-4AC3-4151-9F42-4476997F3C87} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKCU - {E4A121D6-C760-4461-BA15-32FCD7678B0A} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Keyfor\AppData\Roaming\Mozilla\Firefox\Profiles\nuui4pco.default
FF SearchEngineOrder.3: Bing
FF Homepage: about:home
FF Keyword.URL: hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @acestream.net/acestreamplugin,version=2.2.4.1-next -> C:\Users\Keyfor\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Keyfor\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Keyfor\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Keyfor\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Keyfor\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Keyfor\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Keyfor\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-09-24]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-08]
Chrome:
=======
CHR Profile: C:\Users\Keyfor\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Keyfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-23]
CHR Extension: (No Name) - C:\Users\Keyfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-23]
CHR Extension: (No Name) - C:\Users\Keyfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-23]
CHR Extension: (No Name) - C:\Users\Keyfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-23]
CHR Extension: (No Name) - C:\Users\Keyfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-23]
CHR Extension: (No Name) - C:\Users\Keyfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2014-09-23]
CHR Extension: (No Name) - C:\Users\Keyfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-23]
CHR Extension: (No Name) - C:\Users\Keyfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-23]
CHR Extension: (No Name) - C:\Users\Keyfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpckgflgdapkpabemgkielbefdildaio [2014-09-23]
CHR Extension: (No Name) - C:\Users\Keyfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-09-23]
CHR Extension: (No Name) - C:\Users\Keyfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim [2014-10-06]
CHR Extension: (No Name) - C:\Users\Keyfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-23]
CHR Extension: (No Name) - C:\Users\Keyfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-23]
CHR HKCU\...\Chrome\Extension: [kpckgflgdapkpabemgkielbefdildaio] - C:\Users\Keyfor\AppData\Roaming\ACEStream\extensions\chrome_new\magicplayer.crx [2014-01-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-01]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 ABBYY.Licensing.FineReader.Professional.9.0; C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe [566560 2007-09-24] (ABBYY (BIT Software))
S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-01] (AVAST Software)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe [706864 2014-08-27] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2013-11-22] (Razer Inc.)
S2 Spooler; C:\Windows\SysWOW64\spoolsv.exe [316416 2014-10-05] (Microsoft Corporation) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-01] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-22] (Disc Soft Ltd)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2014-05-25] (ITE )
R3 MTsensor; C:\Windows\System32\DRIVERS\ATK64AMD.sys [13680 2007-08-09] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800832 2010-09-07] (Sonix Technology Co., Ltd.)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-07-10] (BitDefender S.R.L.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-07 21:56 - 2014-10-07 21:56 - 00017575 _____ () C:\Users\Keyfor\Desktop\FRST.txt
2014-10-07 21:55 - 2014-10-07 21:56 - 00000000 ____D () C:\FRST
2014-10-07 21:54 - 2014-10-07 21:54 - 00112640 _____ (forum.viry.cz) C:\Users\Keyfor\Desktop\FRSTLauncher.exe
2014-10-07 21:38 - 2014-10-07 21:38 - 02109952 _____ (Farbar) C:\Users\Keyfor\Desktop\FRST64.exe
2014-10-07 15:19 - 2014-10-07 15:19 - 00000000 ____D () C:\Users\Keyfor\AppData\Roaming\Lavasoft
2014-10-07 14:57 - 2014-10-07 16:32 - 00002305 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-10-07 14:57 - 2014-10-07 14:57 - 00000000 ____D () C:\Users\Keyfor\AppData\Roaming\LavasoftStatistics
2014-10-07 14:57 - 2014-10-07 14:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-10-07 14:56 - 2014-10-07 14:56 - 00000000 ____D () C:\Program Files\Lavasoft
2014-10-07 14:51 - 2014-10-07 14:51 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-10-07 14:49 - 2014-10-07 14:49 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-10-07 14:48 - 2014-10-07 14:48 - 02806920 _____ () C:\Users\Keyfor\Downloads\Adaware_Installer.exe
2014-10-07 14:46 - 2014-10-07 14:46 - 00000000 ___SD () C:\ComboFix
2014-10-06 14:42 - 2014-10-06 18:01 - 00000000 ____D () C:\Users\Keyfor\Desktop\kázání 6.10.2014
2014-10-06 11:47 - 2014-10-06 11:47 - 00001865 _____ () C:\Users\Keyfor\Desktop\Theophilos 3.lnk
2014-10-06 11:47 - 2014-10-06 11:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theophilos 3
2014-10-06 11:46 - 2014-10-06 11:46 - 03882496 _____ () C:\Users\Keyfor\Downloads\csp(1).exe
2014-10-06 11:46 - 2014-10-06 11:46 - 02572288 _____ () C:\Users\Keyfor\Downloads\B21(1).exe
2014-10-06 11:46 - 2014-10-06 11:46 - 02557952 _____ () C:\Users\Keyfor\Downloads\cep(1).exe
2014-10-06 11:45 - 2014-10-06 11:46 - 07783355 _____ ( ) C:\Users\Keyfor\Downloads\theoinst(1).exe
2014-10-05 22:24 - 2014-10-05 22:24 - 00002172 _____ () C:\Users\Keyfor\Desktop\Subtitle Workshop.lnk
2014-10-05 22:24 - 2014-10-05 22:24 - 00000000 ____D () C:\Users\Keyfor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\URUSoft
2014-10-05 22:24 - 2014-10-05 22:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\URUSoft
2014-10-05 22:24 - 2014-10-05 22:24 - 00000000 ____D () C:\Program Files (x86)\URUSoft
2014-10-05 22:22 - 2014-10-06 11:16 - 00000000 ____D () C:\Program Files (x86)\YTD
2014-10-05 22:22 - 2014-10-05 22:22 - 00000961 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD.lnk
2014-10-05 22:22 - 2014-10-05 22:22 - 00000949 _____ () C:\Users\Keyfor\Desktop\YTD.lnk
2014-10-05 22:16 - 2014-10-05 22:16 - 00644640 _____ (Igor Pavlov) C:\Users\Keyfor\Downloads\ytd-1.43.exe
2014-10-05 21:56 - 2014-10-05 21:56 - 01087682 _____ () C:\Users\Keyfor\Downloads\subtitleworkshop251.zip
2014-10-05 17:17 - 2014-10-05 17:17 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-10-05 17:16 - 2014-10-05 17:16 - 05472344 _____ () C:\Users\Keyfor\Downloads\RogueKillerX64.exe
2014-10-05 17:04 - 2014-10-05 17:04 - 01375089 _____ () C:\Users\Keyfor\Downloads\adwcleaner_3.311.exe
2014-10-02 12:47 - 2014-10-05 17:00 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spoolsv.exe
2014-10-02 12:47 - 2014-10-05 17:00 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spoolss.dll
2014-10-02 12:47 - 2014-10-02 12:47 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\old_spoolsv.exe
2014-10-02 12:47 - 2014-10-02 12:47 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\old_spoolss.dll
2014-10-02 12:46 - 2014-10-05 16:59 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacle.exe
2014-10-02 12:46 - 2014-10-02 12:46 - 00000000 ____D () C:\Program Files\PSRT
2014-10-02 12:42 - 2014-10-02 12:42 - 01880096 _____ () C:\Users\Keyfor\Downloads\Print-Spooler-Repair-Tool.exe
2014-10-02 12:42 - 2014-10-02 12:42 - 01880096 _____ () C:\Users\Keyfor\Downloads\Print-Spooler-Repair-Tool(1).exe
2014-10-01 23:34 - 2014-10-04 22:12 - 00014769 _____ () C:\Users\Keyfor\Desktop\leed.xlsx
2014-10-01 19:59 - 2014-10-01 19:59 - 00097388 _____ () C:\Users\Keyfor\Downloads\Star-Wars-Episode-I-The-Phantom-Menace(0000181721).srt
2014-10-01 19:59 - 2014-10-01 19:59 - 00097386 _____ () C:\Users\Keyfor\Downloads\Star-Wars-Episode-I-The-Phantom-Menace(0000218555).srt
2014-10-01 19:59 - 2014-10-01 19:59 - 00003750 _____ () C:\Users\Keyfor\Downloads\Star-Wars-I-Skryt-titulky-k-DVDRip-(0000109477).srt
2014-10-01 19:58 - 2014-10-01 19:58 - 00097693 _____ () C:\Users\Keyfor\Downloads\Star-Wars-Episode-I-the-Phantom-Menace(0000068039).srt
2014-10-01 19:58 - 2014-10-01 19:58 - 00097655 _____ () C:\Users\Keyfor\Downloads\Star-Wars-Episode-I-The-Phantom-Menace(0000124727).srt
2014-10-01 19:58 - 2014-10-01 19:58 - 00097589 _____ () C:\Users\Keyfor\Downloads\Star-Wars-I-The-Phantom-Menace(0000101710).srt
2014-10-01 19:58 - 2014-10-01 19:58 - 00097589 _____ () C:\Users\Keyfor\Downloads\Star-Wars-1-The-Phantom-Menace-HDTV(0000074612).srt
2014-10-01 19:57 - 2014-10-01 19:58 - 00097911 _____ () C:\Users\Keyfor\Downloads\Star-Wars-Episode-I-The-Phantom-Menace(0000024880).srt
2014-09-29 21:40 - 2014-09-29 21:41 - 00087841 _____ () C:\Users\Keyfor\Downloads\Edge-of-Tomorrow(0000241797)(1).srt
2014-09-29 21:40 - 2014-09-29 21:41 - 00087812 _____ () C:\Users\Keyfor\Downloads\Edge-of-Tomorrow(0000241191).srt
2014-09-29 21:40 - 2014-09-29 21:41 - 00087382 _____ () C:\Users\Keyfor\Downloads\Edge-of-Tomorrow(0000239105)(1).srt
2014-09-29 21:40 - 2014-09-29 21:40 - 00087840 _____ () C:\Users\Keyfor\Downloads\Edge-of-Tomorrow(0000242301).srt
2014-09-29 21:40 - 2014-09-29 21:40 - 00087774 _____ () C:\Users\Keyfor\Downloads\Edge-of-Tomorrow(0000237753)(1).srt
2014-09-29 18:16 - 2014-09-29 18:16 - 00026200 _____ () C:\Users\Keyfor\Downloads\The-Bible-S01E06(0000219761).srt
2014-09-28 21:12 - 2014-09-28 21:12 - 00087841 _____ () C:\Users\Keyfor\Downloads\Edge-of-Tomorrow(0000241797).srt
2014-09-28 21:12 - 2014-09-28 21:12 - 00087382 _____ () C:\Users\Keyfor\Downloads\Edge-of-Tomorrow(0000239105).srt
2014-09-28 20:53 - 2014-09-28 20:53 - 00087774 _____ () C:\Users\Keyfor\Downloads\Edge-of-Tomorrow(0000237753).srt
2014-09-27 21:41 - 2014-09-27 21:41 - 00278834 _____ () C:\Users\Keyfor\Downloads\akce-2014-09-28.pptx
2014-09-24 22:03 - 2014-09-24 22:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-22 00:12 - 2014-09-22 00:12 - 00133214 _____ () C:\Users\Keyfor\Downloads\The-Crash-Reel(0000239204).srt
2014-09-22 00:11 - 2014-09-22 00:11 - 00213166 _____ () C:\Users\Keyfor\Downloads\The-Perks-of-Being-a-Wallflower(0000209981).srt
2014-09-22 00:11 - 2014-09-22 00:11 - 00099624 _____ () C:\Users\Keyfor\Downloads\The-Perks-of-Being-a-Wallflower(0000209759).srt
2014-09-22 00:10 - 2014-09-22 00:10 - 00107065 _____ () C:\Users\Keyfor\Downloads\The-Perks-of-Being-a-Wallflower(0000211649).srt
2014-09-22 00:10 - 2014-09-22 00:10 - 00099713 _____ () C:\Users\Keyfor\Downloads\The-Perks-of-Being-a-Wallflower(0000212171).srt
2014-09-22 00:10 - 2014-09-22 00:10 - 00082680 _____ () C:\Users\Keyfor\Downloads\The-Perks-of-Being-a-Wallflower(0000217028).srt
2014-09-22 00:03 - 2014-09-22 00:03 - 00062094 _____ () C:\Users\Keyfor\Downloads\The-Croods(0000223806).srt
2014-09-22 00:03 - 2014-09-22 00:03 - 00059438 _____ () C:\Users\Keyfor\Downloads\The-Croods(0000221533).srt
2014-09-21 23:54 - 2014-09-21 23:54 - 00073458 _____ () C:\Users\Keyfor\Downloads\How-to-Train-Your-Dragon-2(0000241176).srt
2014-09-21 23:52 - 2014-09-21 23:52 - 00070060 _____ () C:\Users\Keyfor\Downloads\How-to-Train-Your-Dragon-2(0000238316).srt
2014-09-21 23:52 - 2014-09-21 23:52 - 00070058 _____ () C:\Users\Keyfor\Downloads\How-to-Train-Your-Dragon-2(0000238928).srt
2014-09-21 23:52 - 2014-09-21 23:52 - 00069328 _____ () C:\Users\Keyfor\Downloads\How-to-Train-Your-Dragon-2(0000238317).srt
2014-09-21 23:52 - 2014-09-21 23:52 - 00067332 _____ () C:\Users\Keyfor\Downloads\How-to-Train-Your-Dragon-2(0000238315).srt
2014-09-21 23:41 - 2014-09-21 23:41 - 00071624 _____ () C:\Users\Keyfor\Downloads\Tangled(0000171928).srt
2014-09-21 23:41 - 2014-09-21 23:41 - 00071624 _____ () C:\Users\Keyfor\Downloads\Tangled(0000168955)(1).srt
2014-09-21 23:41 - 2014-09-21 23:41 - 00071311 _____ () C:\Users\Keyfor\Downloads\Tangled(0000169782).srt
2014-09-21 23:41 - 2014-09-21 23:41 - 00070506 _____ () C:\Users\Keyfor\Downloads\Tangled(0000167182)(1).srt
2014-09-21 23:40 - 2014-09-21 23:40 - 00071624 _____ () C:\Users\Keyfor\Downloads\Tangled(0000168955).srt
2014-09-21 23:40 - 2014-09-21 23:40 - 00070506 _____ () C:\Users\Keyfor\Downloads\Tangled(0000167182).srt
2014-09-21 23:38 - 2014-09-21 23:38 - 00071624 _____ () C:\Users\Keyfor\Downloads\Tangled(0000172249).srt
2014-09-21 23:38 - 2014-09-21 23:38 - 00064022 _____ () C:\Users\Keyfor\Downloads\Tangled(0000176103).srt
2014-09-21 15:57 - 2014-09-26 20:46 - 00011661 _____ () C:\Users\Keyfor\Desktop\leeds.xlsx
2014-09-16 20:28 - 2014-09-16 20:28 - 00001463 _____ () C:\Users\Keyfor\Downloads\brendan_rodgers_system_52991.rar
2014-09-15 16:36 - 2014-09-15 16:36 - 00000896 _____ () C:\Users\Keyfor\Desktop\Connect na disku.lnk
2014-09-15 16:09 - 2014-09-15 16:10 - 133437909 _____ () C:\Users\Keyfor\Downloads\zasilka-AIU7ZAJET349E3JK.zip
2014-09-15 16:09 - 2014-09-15 16:09 - 130059754 _____ () C:\Users\Keyfor\Downloads\zasilka-AIUPW4BXBXA9UEX7.zip
2014-09-12 15:08 - 2014-09-12 15:08 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-09-12 15:07 - 2014-09-12 15:07 - 05644000 _____ (Canneverbe Limited ) C:\Users\Keyfor\Downloads\cdbxp_setup_4.5.4.5000.exe
2014-09-12 15:07 - 2014-09-12 15:07 - 00001941 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-09-12 15:07 - 2014-09-12 15:07 - 00001899 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-09-12 15:07 - 2014-09-12 15:07 - 00000000 ____D () C:\Users\Keyfor\AppData\Roaming\Canneverbe Limited
2014-09-12 15:07 - 2014-09-12 15:07 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-07 21:40 - 2014-06-15 16:26 - 00000000 ____D () C:\Users\Keyfor\AppData\Local\CrashDumps
2014-10-07 21:31 - 2014-07-09 13:26 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-833634061-2704343745-1971459761-1000UA.job
2014-10-07 21:18 - 2014-04-21 17:26 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-07 21:18 - 2014-03-31 22:30 - 01893006 _____ () C:\Windows\WindowsUpdate.log
2014-10-07 14:45 - 2014-05-08 00:06 - 00000000 ___RD () C:\Users\Keyfor\OneDrive
2014-10-07 14:39 - 2009-07-14 06:45 - 00022560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-07 14:39 - 2009-07-14 06:45 - 00022560 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-07 14:38 - 2009-07-14 07:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-07 14:36 - 2014-04-05 15:05 - 00000000 ___RD () C:\Users\Keyfor\Dropbox
2014-10-07 14:36 - 2014-04-05 15:00 - 00000000 ____D () C:\Users\Keyfor\AppData\Roaming\Dropbox
2014-10-07 14:32 - 2014-07-03 16:46 - 00017676 _____ () C:\Windows\setupact.log
2014-10-07 14:32 - 2014-04-21 17:26 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-07 14:32 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-07 14:31 - 2014-03-31 23:32 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-06 15:52 - 2014-04-01 21:57 - 00000000 ____D () C:\Users\Keyfor\AppData\Roaming\vlc
2014-10-06 14:32 - 2014-07-09 13:26 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-833634061-2704343745-1971459761-1000Core.job
2014-10-06 12:01 - 2014-08-20 13:17 - 00000000 ____D () C:\Users\Keyfor\Documents\Outlook Files
2014-10-06 11:47 - 2014-05-17 20:07 - 00000000 ____D () C:\Program Files (x86)\theo30
2014-10-06 11:30 - 2014-04-23 09:12 - 00000000 ____D () C:\FFOutput
2014-10-06 11:15 - 2014-05-17 18:06 - 00000000 ____D () C:\Users\Keyfor\AppData\Roaming\.ACEStream
2014-10-06 09:14 - 2014-04-08 20:05 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-10-05 17:37 - 2013-12-03 22:08 - 00000000 ____D () C:\Qoobox
2014-10-05 17:35 - 2014-06-05 21:52 - 05582481 ____R (Swearware) C:\Users\Keyfor\Desktop\ComboFix.exe
2014-10-05 17:31 - 2014-07-10 09:23 - 00032334 _____ () C:\Windows\PFRO.log
2014-10-05 17:08 - 2014-06-01 22:29 - 00000000 ____D () C:\AdwCleaner
2014-10-05 14:34 - 2014-04-04 19:42 - 00000000 ____D () C:\Users\Keyfor\AppData\Roaming\uTorrent
2014-09-30 18:53 - 2014-08-21 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-09-30 18:53 - 2014-07-18 13:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-28 19:43 - 2014-04-03 13:05 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-27 22:53 - 2014-03-31 23:44 - 00110832 _____ () C:\Users\Keyfor\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-27 15:05 - 2009-07-14 06:45 - 00412024 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-27 13:36 - 2014-04-03 21:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-09-27 13:36 - 2010-11-21 09:16 - 00000000 ____D () C:\Windows\ShellNew
2014-09-25 22:29 - 2014-03-31 23:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-25 01:14 - 2014-04-21 17:26 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-24 21:56 - 2014-05-08 00:06 - 00002139 _____ () C:\Users\Keyfor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-09-20 21:47 - 2014-04-10 21:13 - 00000000 ____D () C:\Users\Keyfor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-09-20 21:10 - 2014-04-17 14:49 - 00000000 ____D () C:\Users\Keyfor\AppData\Local\Microsoft Games
2014-09-19 05:41 - 2014-04-05 15:05 - 00000982 _____ () C:\Users\Keyfor\Desktop\Dropbox.lnk
2014-09-19 05:41 - 2014-04-05 15:02 - 00000000 ____D () C:\Users\Keyfor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
Some content of TEMP:
====================
C:\Users\Keyfor\AppData\Local\Temp\CmdLineExt03.dll
C:\Users\Keyfor\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpw0_9ck.dll
C:\Users\Keyfor\AppData\Local\Temp\ose00002.exe
C:\Users\Keyfor\AppData\Local\Temp\psr2.exe
C:\Users\Keyfor\AppData\Local\Temp\Quarantine.exe
C:\Users\Keyfor\AppData\Local\Temp\SIntf16.dll
C:\Users\Keyfor\AppData\Local\Temp\SIntf32.dll
C:\Users\Keyfor\AppData\Local\Temp\SIntfNT.dll
C:\Users\Keyfor\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Keyfor\AppData\Local\Temp\_isD08A.exe
C:\Users\Keyfor\AppData\Local\Temp\_isF0E.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-06 10:27
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:106.67 GB) (Free:24.79 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Music disc) (Fixed) (Total:172.97 GB) (Free:15.11 GB) NTFS
Drive e: (Data disc) (Fixed) (Total:156.82 GB) (Free:21.8 GB) NTFS
Drive f: (Seriály) (Fixed) (Total:9.76 GB) (Free:3.2 GB) NTFS
Drive h: (OFFICE14) (CDROM) (Total:0.34 GB) (Free:0 GB) UDF
Available physical RAM: 1694.72 MB
Total physical RAM: 4095.27 MB
Percentage of memory in use: 58%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E0C5913D)
Partition 1: (Not Active) - (Size=19.5 GB) - (Type=17)
Partition 2: (Active) - (Size=106.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=9.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=329.8 GB) - (Type=OF Extended)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-833634061-2704343745-1971459761-1000Core.job => C:\Users\Keyfor\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-833634061-2704343745-1971459761-1000UA.job => C:\Users\Keyfor\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Keyfor\Desktop" je 43 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AceStream
C:\Users\Keyfor\AppData\Roaming\ACEStream\engine\ace_engine.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IJNetworkScannerSelectorEX
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mncqtveySrv
C:\Windows\system32\mncqtvey.vbe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2uvc
C:\Windows\vsnp2uvc.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher
"C:\Program Files\Zune\ZuneLauncher.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk
C:\PROGRA~2\ArcSoft\TOTALM~1.5\TMMONI~1.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Keyfor^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk
C:\Users\Keyfor\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
RPC server is unavailable & chyba 0xc0000005
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: RPC server is unavailable & chyba 0xc0000005
Zdravím!
Dejte log ComboFix:
Dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: RPC server is unavailable & chyba 0xc0000005
ComboFix 14-10-04.01 - Keyfor 07.10.2014 22:20:50.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1033.18.4095.1678 [GMT 2:00]
Spuštěný z: c:\users\Keyfor\Desktop\ComboFix.exe
AV: Ad-Aware Antivirus *Disabled/Outdated* {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: Ad-Aware Firewall *Disabled* {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
SP: Ad-Aware Antivirus *Disabled/Outdated* {631A84A5-349B-D564-3A83-A0F22C2DF32B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Keyfor\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpe0xc5x.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-09-07 do 2014-10-07 )))))))))))))))))))))))))))))))
.
.
2014-10-07 20:34 . 2014-10-07 20:34 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-10-07 20:34 . 2014-10-07 20:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-07 19:55 . 2014-10-07 19:57 -------- d-----w- C:\FRST
2014-10-07 13:19 . 2014-10-07 13:19 -------- d-----w- c:\users\Keyfor\AppData\Roaming\Lavasoft
2014-10-07 12:56 . 2014-10-07 12:56 -------- d-----w- c:\program files\Lavasoft
2014-10-07 12:51 . 2014-10-07 12:51 -------- d-----w- c:\program files\Common Files\Lavasoft
2014-10-07 12:49 . 2014-10-07 12:49 -------- d-----w- c:\programdata\Lavasoft
2014-10-05 20:24 . 2014-10-05 20:24 -------- d-----w- c:\program files (x86)\URUSoft
2014-10-05 20:22 . 2014-10-06 09:16 -------- d-----w- c:\program files (x86)\YTD
2014-10-05 15:17 . 2014-10-05 15:17 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-10-02 10:47 . 2014-10-05 15:00 45056 ----a-w- c:\windows\SysWow64\spoolss.dll
2014-10-02 10:47 . 2014-10-05 15:00 316416 ----a-w- c:\windows\SysWow64\spoolsv.exe
2014-10-02 10:47 . 2014-10-02 10:47 45056 ----a-w- c:\windows\SysWow64\old_spoolss.dll
2014-10-02 10:47 . 2014-10-02 10:47 316416 ----a-w- c:\windows\SysWow64\old_spoolsv.exe
2014-10-02 10:46 . 2014-10-05 14:59 290304 ----a-w- c:\windows\SysWow64\subinacle.exe
2014-10-02 10:46 . 2014-10-02 10:46 -------- d-----w- c:\program files\PSRT
2014-10-02 10:46 . 2014-10-02 10:46 -------- d-----w- c:\program files\Common Files\Microsoft
2014-09-27 08:02 . 2014-10-07 20:34 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3D00F6A1-7202-4691-87E1-95FF06E83C93}\offreg.dll
2014-09-12 13:08 . 2014-09-12 13:08 -------- d-----w- c:\programdata\Canneverbe Limited
2014-09-12 13:07 . 2014-09-12 13:07 -------- d-----w- c:\users\Keyfor\AppData\Roaming\Canneverbe Limited
2014-09-12 13:07 . 2014-09-12 13:07 -------- d-----w- c:\program files (x86)\CDBurnerXP
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-29 20:22 . 2012-07-17 12:37 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-23 02:07 . 2014-08-27 18:55 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-27 18:55 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-23 00:59 . 2014-08-27 18:55 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-08-21 03:43 . 2014-09-05 10:36 11319192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3D00F6A1-7202-4691-87E1-95FF06E83C93}\mpengine.dll
2014-08-13 10:29 . 2014-04-22 15:32 99218768 ----a-w- c:\windows\system32\MRT.exe
2014-08-05 07:20 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-07-31 23:41 . 2014-08-13 09:04 348856 ----a-w- c:\windows\system32\iedkcs32.dll
2014-07-25 14:52 . 2014-08-13 09:04 23645696 ----a-w- c:\windows\system32\mshtml.dll
2014-07-25 14:02 . 2014-08-13 09:04 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-07-25 14:01 . 2014-08-13 09:04 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-07-25 13:30 . 2014-08-13 09:04 66048 ----a-w- c:\windows\system32\iesetup.dll
2014-07-25 13:28 . 2014-08-13 09:04 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-07-25 13:28 . 2014-08-13 09:04 548352 ----a-w- c:\windows\system32\vbscript.dll
2014-07-25 13:25 . 2014-08-13 09:04 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-07-25 13:25 . 2014-08-13 09:04 2774528 ----a-w- c:\windows\system32\iertutil.dll
2014-07-25 13:11 . 2014-08-13 09:04 51200 ----a-w- c:\windows\system32\jsproxy.dll
2014-07-25 13:10 . 2014-08-13 09:04 33792 ----a-w- c:\windows\system32\iernonce.dll
2014-07-25 13:04 . 2014-08-13 09:04 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-07-25 13:03 . 2014-08-13 09:04 598016 ----a-w- c:\windows\system32\ieui.dll
2014-07-25 13:00 . 2014-08-13 09:04 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2014-07-25 13:00 . 2014-08-13 09:04 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-07-25 12:59 . 2014-08-13 09:04 758272 ----a-w- c:\windows\system32\jscript9diag.dll
2014-07-25 12:47 . 2014-08-13 09:04 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-07-25 12:40 . 2014-08-13 09:04 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2014-07-25 12:34 . 2014-08-13 09:04 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-07-25 12:34 . 2014-08-13 09:04 455168 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-07-25 12:33 . 2014-08-13 09:04 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-07-25 12:30 . 2014-08-13 09:04 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-07-25 12:28 . 2014-08-13 09:04 5824512 ----a-w- c:\windows\system32\jscript9.dll
2014-07-25 12:28 . 2014-08-13 09:04 72704 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 12:19 . 2014-08-13 09:04 195584 ----a-w- c:\windows\system32\msrating.dll
2014-07-25 12:17 . 2014-08-13 09:04 85504 ----a-w- c:\windows\system32\mshtmled.dll
2014-07-25 12:10 . 2014-08-13 09:04 292864 ----a-w- c:\windows\system32\dxtrans.dll
2014-07-25 12:10 . 2014-08-13 09:04 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-07-25 12:08 . 2014-08-13 09:04 597504 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-07-25 12:06 . 2014-08-13 09:04 4204032 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-07-25 11:47 . 2014-08-13 09:04 631808 ----a-w- c:\windows\system32\msfeeds.dll
2014-07-25 11:43 . 2014-08-13 09:04 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-07-25 11:42 . 2014-08-13 09:04 692736 ----a-w- c:\windows\system32\ie4uinit.exe
2014-07-25 11:39 . 2014-08-13 09:04 2087936 ----a-w- c:\windows\system32\inetcpl.cpl
2014-07-25 11:39 . 2014-08-13 09:04 1249280 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-07-25 11:23 . 2014-08-13 09:04 13547008 ----a-w- c:\windows\system32\ieframe.dll
2014-07-25 11:07 . 2014-08-13 09:04 2001920 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-07-25 11:07 . 2014-08-13 09:04 1068032 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-07-25 10:52 . 2014-08-13 09:04 2266624 ----a-w- c:\windows\system32\wininet.dll
2014-07-25 10:26 . 2014-08-13 09:04 1431040 ----a-w- c:\windows\system32\urlmon.dll
2014-07-25 10:17 . 2014-08-13 09:04 846336 ----a-w- c:\windows\system32\ieapfltr.dll
2014-07-25 10:05 . 2014-08-13 09:04 1792512 ----a-w- c:\windows\SysWow64\wininet.dll
2014-07-16 03:23 . 2014-08-13 09:05 2048 ----a-w- c:\windows\system32\tzres.dll
2014-07-16 02:46 . 2014-08-13 09:05 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-07-15 12:51 . 2014-05-17 17:54 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2014-07-15 12:51 . 2014-06-15 13:23 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-07-14 02:02 . 2014-08-13 09:03 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-07-14 01:40 . 2014-08-13 09:03 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-07-10 12:09 . 2014-07-10 12:09 389240 ----a-w- c:\windows\system32\drivers\Trufos.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-09-24 19:55 239272 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-09-24 19:55 239272 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-09-24 19:55 239272 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkyDrive"="c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2014-09-24 277672]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-08 3890208]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
.
c:\users\Keyfor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Keyfor\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-9-13 36414624]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:2c6994e3 /wow /dir:C:\Program
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys;c:\windows\SYSNATIVE\Drivers\IT9135BDA.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R4 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service;c:\program files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe;c:\program files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 LavasoftAdAwareService11;Ad-Aware Service 11;c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe;c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RzKLService;RzKLService;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-24 23:07 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-21 15:25]
.
2014-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-21 15:25]
.
2014-10-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-833634061-2704343745-1971459761-1000Core.job
- c:\users\Keyfor\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-09 11:26]
.
2014-10-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-833634061-2704343745-1971459761-1000UA.job
- c:\users\Keyfor\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-09 11:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-09-24 19:56 266416 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-09-24 19:56 266416 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-09-24 19:56 266416 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-05-01 20:17 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-02-05 1179576]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-02-05 2234144]
"AdAwareTray"="c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe" [2014-08-27 8886592]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Keyfor\AppData\Roaming\Mozilla\Firefox\Profiles\nuui4pco.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
.
.
------- Asociace souborů -------
.
JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-win32 - c:\kernels\drivers.vbs
AddRemove-IT9130 DriverInstaller_12.2.3.1 - c:\users\Keyfor\AppData\Local\Temp\\DriverInstall64.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-833634061-2704343745-1971459761-1000\Software\G*e*n*i*e*"!\FM Genie Scout 13]
@Allowed: (Read) (RestrictedCode)
"GameDir"="c:\\Users\\Keyfor\\Documents\\Sports Interactive\\Football Manager 2013\\games"
"ShortlistDir"="c:\\Users\\Keyfor\\Documents\\Sports Interactive\\Football Manager 2013\\shortlists"
"FMPath"=""
"ScreenshotsDir"="c:\\Users\\Keyfor\\Documents\\Sports Interactive\\Football Manager 2013"
"SaveDir"="c:\\Users\\Keyfor\\Documents\\Sports Interactive\\Football Manager 2013\\"
"HistoryDir"="c:\\FM Genie Scout 13\\History Points"
"HistoryAutoTracking"=dword:00000000
"LangDB"="c:\\FM Genie Scout 13\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"GraphStep"=dword:00000000
"SkinName"="Steklo Black"
"LastUpdateCheck"=dword:0000a3be
"VersionOf201"=dword:0000007b
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"ShowGuidNotification2"=dword:00000000
"ShowQuickGuideNotification"=dword:00000000
"ShowDonateNotification"=dword:00000000
"Version"=dword:00000158
"UniqueID"="D5-8380-E80F"
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
"PlayerSearchFeatureNum"=dword:0000002c
"StaffSearchFeatureNum"=dword:00000006
"ClubSearchFeatureNum"=dword:00000000
"FilterByClubFeatureNum"=dword:00000000
"CompareFeatureNum"=dword:00000000
"ShortlistFeatureNum"=dword:0000000e
"ExportFeatureNum"=dword:00000001
"HistoryFeatureNum"=dword:00000000
"LanguageDBFeatureNum"=dword:00000000
"HintsFeatureNum"=dword:00000001
"GenieReportFeatureNum"=dword:00000006
"TopFormationFeatureNum"=dword:00000000
"ScreenshotFeatureNum"=dword:00000000
"AdClicksNum"=dword:00000000
"AdImpressionsNum"=dword:000002ec
"GameLoadedCounter"=dword:00000000
"Currency"=dword:00000016
.
[HKEY_USERS\S-1-5-21-833634061-2704343745-1971459761-1000\Software\G*e*n*i*e*"!\FM Genie Scout 14]
"Currency"=dword:00000016
"GameDir"="c:\\FM Genie Scout 14\\games"
"ShortlistDir"="c:\\FM Genie Scout 14\\shortlists"
"FMPath"=""
"ScreenshotsDir"="c:\\FM Genie Scout 14"
"SaveDir"="c:\\FM Genie Scout 14\\"
"HistoryDir"="c:\\FM Genie Scout 14\\History Points"
"HistoryAutoTracking"=dword:00000000
"LangDB"="c:\\FM Genie Scout 14\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"GraphStep"=dword:00000000
"SkinName"="Steklo Black"
"LastUpdateCheck"=dword:0000a32e
"VersionOf201"=dword:0000007b
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"ShowGuidNotification2"=dword:00000000
"ShowQuickGuideNotification"=dword:00000000
"ShowDonateNotification"=dword:00000000
"Version"=dword:000001a2
"UniqueID"="D5-8380-E80F"
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
"PlayerSearchFeatureNum"=dword:00000002
"StaffSearchFeatureNum"=dword:00000000
"ClubSearchFeatureNum"=dword:00000000
"FilterByClubFeatureNum"=dword:00000000
"CompareFeatureNum"=dword:00000000
"ShortlistFeatureNum"=dword:00000002
"ExportFeatureNum"=dword:00000000
"HistoryFeatureNum"=dword:00000000
"LanguageDBFeatureNum"=dword:00000000
"HintsFeatureNum"=dword:00000000
"GenieReportFeatureNum"=dword:00000002
"TopFormationFeatureNum"=dword:00000000
"ScreenshotFeatureNum"=dword:00000000
"AdClicksNum"=dword:00000000
"AdImpressionsNum"=dword:00000193
"GameLoadedCounter"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_182_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_182_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
.
**************************************************************************
.
Celkový čas: 2014-10-07 22:40:46 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-10-07 20:40
ComboFix2.txt 2014-06-05 20:22
ComboFix3.txt 2014-06-05 20:06
ComboFix4.txt 2014-06-03 16:49
ComboFix5.txt 2014-10-05 15:37
.
Před spuštěním: 26 606 440 448 bytes free
Po spuštění: 30 566 338 560 bytes free
.
- - End Of File - - AAB6309DD55BB9066D0A24B5F208569B
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1033.18.4095.1678 [GMT 2:00]
Spuštěný z: c:\users\Keyfor\Desktop\ComboFix.exe
AV: Ad-Aware Antivirus *Disabled/Outdated* {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: Ad-Aware Firewall *Disabled* {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
SP: Ad-Aware Antivirus *Disabled/Outdated* {631A84A5-349B-D564-3A83-A0F22C2DF32B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Keyfor\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpe0xc5x.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-09-07 do 2014-10-07 )))))))))))))))))))))))))))))))
.
.
2014-10-07 20:34 . 2014-10-07 20:34 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-10-07 20:34 . 2014-10-07 20:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-07 19:55 . 2014-10-07 19:57 -------- d-----w- C:\FRST
2014-10-07 13:19 . 2014-10-07 13:19 -------- d-----w- c:\users\Keyfor\AppData\Roaming\Lavasoft
2014-10-07 12:56 . 2014-10-07 12:56 -------- d-----w- c:\program files\Lavasoft
2014-10-07 12:51 . 2014-10-07 12:51 -------- d-----w- c:\program files\Common Files\Lavasoft
2014-10-07 12:49 . 2014-10-07 12:49 -------- d-----w- c:\programdata\Lavasoft
2014-10-05 20:24 . 2014-10-05 20:24 -------- d-----w- c:\program files (x86)\URUSoft
2014-10-05 20:22 . 2014-10-06 09:16 -------- d-----w- c:\program files (x86)\YTD
2014-10-05 15:17 . 2014-10-05 15:17 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-10-02 10:47 . 2014-10-05 15:00 45056 ----a-w- c:\windows\SysWow64\spoolss.dll
2014-10-02 10:47 . 2014-10-05 15:00 316416 ----a-w- c:\windows\SysWow64\spoolsv.exe
2014-10-02 10:47 . 2014-10-02 10:47 45056 ----a-w- c:\windows\SysWow64\old_spoolss.dll
2014-10-02 10:47 . 2014-10-02 10:47 316416 ----a-w- c:\windows\SysWow64\old_spoolsv.exe
2014-10-02 10:46 . 2014-10-05 14:59 290304 ----a-w- c:\windows\SysWow64\subinacle.exe
2014-10-02 10:46 . 2014-10-02 10:46 -------- d-----w- c:\program files\PSRT
2014-10-02 10:46 . 2014-10-02 10:46 -------- d-----w- c:\program files\Common Files\Microsoft
2014-09-27 08:02 . 2014-10-07 20:34 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3D00F6A1-7202-4691-87E1-95FF06E83C93}\offreg.dll
2014-09-12 13:08 . 2014-09-12 13:08 -------- d-----w- c:\programdata\Canneverbe Limited
2014-09-12 13:07 . 2014-09-12 13:07 -------- d-----w- c:\users\Keyfor\AppData\Roaming\Canneverbe Limited
2014-09-12 13:07 . 2014-09-12 13:07 -------- d-----w- c:\program files (x86)\CDBurnerXP
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-29 20:22 . 2012-07-17 12:37 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-23 02:07 . 2014-08-27 18:55 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-27 18:55 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-23 00:59 . 2014-08-27 18:55 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-08-21 03:43 . 2014-09-05 10:36 11319192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3D00F6A1-7202-4691-87E1-95FF06E83C93}\mpengine.dll
2014-08-13 10:29 . 2014-04-22 15:32 99218768 ----a-w- c:\windows\system32\MRT.exe
2014-08-05 07:20 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-07-31 23:41 . 2014-08-13 09:04 348856 ----a-w- c:\windows\system32\iedkcs32.dll
2014-07-25 14:52 . 2014-08-13 09:04 23645696 ----a-w- c:\windows\system32\mshtml.dll
2014-07-25 14:02 . 2014-08-13 09:04 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-07-25 14:01 . 2014-08-13 09:04 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-07-25 13:30 . 2014-08-13 09:04 66048 ----a-w- c:\windows\system32\iesetup.dll
2014-07-25 13:28 . 2014-08-13 09:04 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-07-25 13:28 . 2014-08-13 09:04 548352 ----a-w- c:\windows\system32\vbscript.dll
2014-07-25 13:25 . 2014-08-13 09:04 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-07-25 13:25 . 2014-08-13 09:04 2774528 ----a-w- c:\windows\system32\iertutil.dll
2014-07-25 13:11 . 2014-08-13 09:04 51200 ----a-w- c:\windows\system32\jsproxy.dll
2014-07-25 13:10 . 2014-08-13 09:04 33792 ----a-w- c:\windows\system32\iernonce.dll
2014-07-25 13:04 . 2014-08-13 09:04 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-07-25 13:03 . 2014-08-13 09:04 598016 ----a-w- c:\windows\system32\ieui.dll
2014-07-25 13:00 . 2014-08-13 09:04 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2014-07-25 13:00 . 2014-08-13 09:04 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-07-25 12:59 . 2014-08-13 09:04 758272 ----a-w- c:\windows\system32\jscript9diag.dll
2014-07-25 12:47 . 2014-08-13 09:04 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-07-25 12:40 . 2014-08-13 09:04 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2014-07-25 12:34 . 2014-08-13 09:04 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-07-25 12:34 . 2014-08-13 09:04 455168 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-07-25 12:33 . 2014-08-13 09:04 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-07-25 12:30 . 2014-08-13 09:04 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-07-25 12:28 . 2014-08-13 09:04 5824512 ----a-w- c:\windows\system32\jscript9.dll
2014-07-25 12:28 . 2014-08-13 09:04 72704 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 12:19 . 2014-08-13 09:04 195584 ----a-w- c:\windows\system32\msrating.dll
2014-07-25 12:17 . 2014-08-13 09:04 85504 ----a-w- c:\windows\system32\mshtmled.dll
2014-07-25 12:10 . 2014-08-13 09:04 292864 ----a-w- c:\windows\system32\dxtrans.dll
2014-07-25 12:10 . 2014-08-13 09:04 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-07-25 12:08 . 2014-08-13 09:04 597504 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-07-25 12:06 . 2014-08-13 09:04 4204032 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-07-25 11:47 . 2014-08-13 09:04 631808 ----a-w- c:\windows\system32\msfeeds.dll
2014-07-25 11:43 . 2014-08-13 09:04 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-07-25 11:42 . 2014-08-13 09:04 692736 ----a-w- c:\windows\system32\ie4uinit.exe
2014-07-25 11:39 . 2014-08-13 09:04 2087936 ----a-w- c:\windows\system32\inetcpl.cpl
2014-07-25 11:39 . 2014-08-13 09:04 1249280 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-07-25 11:23 . 2014-08-13 09:04 13547008 ----a-w- c:\windows\system32\ieframe.dll
2014-07-25 11:07 . 2014-08-13 09:04 2001920 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-07-25 11:07 . 2014-08-13 09:04 1068032 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-07-25 10:52 . 2014-08-13 09:04 2266624 ----a-w- c:\windows\system32\wininet.dll
2014-07-25 10:26 . 2014-08-13 09:04 1431040 ----a-w- c:\windows\system32\urlmon.dll
2014-07-25 10:17 . 2014-08-13 09:04 846336 ----a-w- c:\windows\system32\ieapfltr.dll
2014-07-25 10:05 . 2014-08-13 09:04 1792512 ----a-w- c:\windows\SysWow64\wininet.dll
2014-07-16 03:23 . 2014-08-13 09:05 2048 ----a-w- c:\windows\system32\tzres.dll
2014-07-16 02:46 . 2014-08-13 09:05 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-07-15 12:51 . 2014-05-17 17:54 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2014-07-15 12:51 . 2014-06-15 13:23 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-07-14 02:02 . 2014-08-13 09:03 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-07-14 01:40 . 2014-08-13 09:03 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-07-10 12:09 . 2014-07-10 12:09 389240 ----a-w- c:\windows\system32\drivers\Trufos.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-09-24 19:55 239272 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-09-24 19:55 239272 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-09-24 19:55 239272 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkyDrive"="c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2014-09-24 277672]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-08 3890208]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
.
c:\users\Keyfor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Keyfor\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-9-13 36414624]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:2c6994e3 /wow /dir:C:\Program
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys;c:\windows\SYSNATIVE\Drivers\IT9135BDA.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R4 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service;c:\program files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe;c:\program files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 LavasoftAdAwareService11;Ad-Aware Service 11;c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe;c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RzKLService;RzKLService;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-24 23:07 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-21 15:25]
.
2014-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-21 15:25]
.
2014-10-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-833634061-2704343745-1971459761-1000Core.job
- c:\users\Keyfor\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-09 11:26]
.
2014-10-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-833634061-2704343745-1971459761-1000UA.job
- c:\users\Keyfor\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-09 11:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-09-24 19:56 266416 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-09-24 19:56 266416 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-09-24 19:56 266416 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-05-01 20:17 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-02-05 1179576]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-02-05 2234144]
"AdAwareTray"="c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe" [2014-08-27 8886592]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Keyfor\AppData\Roaming\Mozilla\Firefox\Profiles\nuui4pco.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
.
.
------- Asociace souborů -------
.
JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-win32 - c:\kernels\drivers.vbs
AddRemove-IT9130 DriverInstaller_12.2.3.1 - c:\users\Keyfor\AppData\Local\Temp\\DriverInstall64.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-833634061-2704343745-1971459761-1000\Software\G*e*n*i*e*"!\FM Genie Scout 13]
@Allowed: (Read) (RestrictedCode)
"GameDir"="c:\\Users\\Keyfor\\Documents\\Sports Interactive\\Football Manager 2013\\games"
"ShortlistDir"="c:\\Users\\Keyfor\\Documents\\Sports Interactive\\Football Manager 2013\\shortlists"
"FMPath"=""
"ScreenshotsDir"="c:\\Users\\Keyfor\\Documents\\Sports Interactive\\Football Manager 2013"
"SaveDir"="c:\\Users\\Keyfor\\Documents\\Sports Interactive\\Football Manager 2013\\"
"HistoryDir"="c:\\FM Genie Scout 13\\History Points"
"HistoryAutoTracking"=dword:00000000
"LangDB"="c:\\FM Genie Scout 13\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"GraphStep"=dword:00000000
"SkinName"="Steklo Black"
"LastUpdateCheck"=dword:0000a3be
"VersionOf201"=dword:0000007b
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"ShowGuidNotification2"=dword:00000000
"ShowQuickGuideNotification"=dword:00000000
"ShowDonateNotification"=dword:00000000
"Version"=dword:00000158
"UniqueID"="D5-8380-E80F"
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
"PlayerSearchFeatureNum"=dword:0000002c
"StaffSearchFeatureNum"=dword:00000006
"ClubSearchFeatureNum"=dword:00000000
"FilterByClubFeatureNum"=dword:00000000
"CompareFeatureNum"=dword:00000000
"ShortlistFeatureNum"=dword:0000000e
"ExportFeatureNum"=dword:00000001
"HistoryFeatureNum"=dword:00000000
"LanguageDBFeatureNum"=dword:00000000
"HintsFeatureNum"=dword:00000001
"GenieReportFeatureNum"=dword:00000006
"TopFormationFeatureNum"=dword:00000000
"ScreenshotFeatureNum"=dword:00000000
"AdClicksNum"=dword:00000000
"AdImpressionsNum"=dword:000002ec
"GameLoadedCounter"=dword:00000000
"Currency"=dword:00000016
.
[HKEY_USERS\S-1-5-21-833634061-2704343745-1971459761-1000\Software\G*e*n*i*e*"!\FM Genie Scout 14]
"Currency"=dword:00000016
"GameDir"="c:\\FM Genie Scout 14\\games"
"ShortlistDir"="c:\\FM Genie Scout 14\\shortlists"
"FMPath"=""
"ScreenshotsDir"="c:\\FM Genie Scout 14"
"SaveDir"="c:\\FM Genie Scout 14\\"
"HistoryDir"="c:\\FM Genie Scout 14\\History Points"
"HistoryAutoTracking"=dword:00000000
"LangDB"="c:\\FM Genie Scout 14\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"GraphStep"=dword:00000000
"SkinName"="Steklo Black"
"LastUpdateCheck"=dword:0000a32e
"VersionOf201"=dword:0000007b
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"ShowGuidNotification2"=dword:00000000
"ShowQuickGuideNotification"=dword:00000000
"ShowDonateNotification"=dword:00000000
"Version"=dword:000001a2
"UniqueID"="D5-8380-E80F"
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
"PlayerSearchFeatureNum"=dword:00000002
"StaffSearchFeatureNum"=dword:00000000
"ClubSearchFeatureNum"=dword:00000000
"FilterByClubFeatureNum"=dword:00000000
"CompareFeatureNum"=dword:00000000
"ShortlistFeatureNum"=dword:00000002
"ExportFeatureNum"=dword:00000000
"HistoryFeatureNum"=dword:00000000
"LanguageDBFeatureNum"=dword:00000000
"HintsFeatureNum"=dword:00000000
"GenieReportFeatureNum"=dword:00000002
"TopFormationFeatureNum"=dword:00000000
"ScreenshotFeatureNum"=dword:00000000
"AdClicksNum"=dword:00000000
"AdImpressionsNum"=dword:00000193
"GameLoadedCounter"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_182_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_182_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
.
**************************************************************************
.
Celkový čas: 2014-10-07 22:40:46 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-10-07 20:40
ComboFix2.txt 2014-06-05 20:22
ComboFix3.txt 2014-06-05 20:06
ComboFix4.txt 2014-06-03 16:49
ComboFix5.txt 2014-10-05 15:37
.
Před spuštěním: 26 606 440 448 bytes free
Po spuštění: 30 566 338 560 bytes free
.
- - End Of File - - AAB6309DD55BB9066D0A24B5F208569B
A36C5E4F47E84449FF07ED3517B43A31
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: RPC server is unavailable & chyba 0xc0000005
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spsutí a vykoná příkazy ze skriptu.KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-833634061-2704343745-1971459761-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-833634061-2704343745-1971459761-1000UA.job
Firefox::
FF - ProfilePath - c:\users\Keyfor\AppData\Roaming\Mozilla\Firefox\Profiles\nuui4pco.default\
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: RPC server is unavailable & chyba 0xc0000005
ComboFix 14-10-04.01 - Keyfor 09.10.2014 12:14:56.5.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1033.18.4095.2369 [GMT 2:00]
Spuštěný z: c:\users\Keyfor\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Keyfor\Desktop\CFScript.txt
AV: Ad-Aware Antivirus *Disabled/Outdated* {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Norton AntiVirus *Enabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
FW: Ad-Aware Firewall *Disabled* {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
SP: Ad-Aware Antivirus *Disabled/Outdated* {631A84A5-349B-D564-3A83-A0F22C2DF32B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Norton AntiVirus *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-833634061-2704343745-1971459761-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-833634061-2704343745-1971459761-1000UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Keyfor\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvuatqy.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-09-09 do 2014-10-09 )))))))))))))))))))))))))))))))
.
.
2014-10-09 11:48 . 2014-10-09 11:48 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-10-09 11:48 . 2014-10-09 11:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-08 20:25 . 2014-10-08 20:25 -------- d-----w- c:\program files (x86)\Gabest
2014-10-07 21:47 . 2014-10-07 21:47 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2014-10-07 21:31 . 2014-10-07 21:31 -------- d-----w- c:\programdata\NCOTEMP
2014-10-07 21:30 . 2014-10-08 15:03 -------- d-----w- c:\windows\system32\drivers\NSTx64
2014-10-07 21:30 . 2014-10-07 21:30 -------- d-----w- c:\program files (x86)\Norton Identity Safe
2014-10-07 21:30 . 2014-10-07 21:30 177752 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2014-10-07 21:30 . 2014-10-07 21:30 -------- d-----w- c:\program files\Common Files\Symantec Shared
2014-10-07 21:29 . 2014-10-07 21:42 -------- d-----w- c:\windows\system32\drivers\NAVx64
2014-10-07 21:29 . 2014-10-07 21:31 -------- d-----w- c:\programdata\Norton
2014-10-07 21:29 . 2014-10-07 21:29 -------- d-----w- c:\program files (x86)\Norton AntiVirus
2014-10-07 21:25 . 2014-10-07 21:30 -------- d-----w- c:\program files (x86)\NortonInstaller
2014-10-07 19:55 . 2014-10-07 19:57 -------- d-----w- C:\FRST
2014-10-07 13:19 . 2014-10-07 13:19 -------- d-----w- c:\users\Keyfor\AppData\Roaming\Lavasoft
2014-10-07 12:56 . 2014-10-07 12:56 -------- d-----w- c:\program files\Lavasoft
2014-10-07 12:51 . 2014-10-07 12:51 -------- d-----w- c:\program files\Common Files\Lavasoft
2014-10-07 12:49 . 2014-10-07 12:49 -------- d-----w- c:\programdata\Lavasoft
2014-10-05 20:24 . 2014-10-05 20:24 -------- d-----w- c:\program files (x86)\URUSoft
2014-10-05 20:22 . 2014-10-06 09:16 -------- d-----w- c:\program files (x86)\YTD
2014-10-05 15:17 . 2014-10-05 15:17 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-10-02 10:47 . 2014-10-05 15:00 45056 ----a-w- c:\windows\SysWow64\spoolss.dll
2014-10-02 10:47 . 2014-10-05 15:00 316416 ----a-w- c:\windows\SysWow64\spoolsv.exe
2014-10-02 10:47 . 2014-10-02 10:47 45056 ----a-w- c:\windows\SysWow64\old_spoolss.dll
2014-10-02 10:47 . 2014-10-02 10:47 316416 ----a-w- c:\windows\SysWow64\old_spoolsv.exe
2014-10-02 10:46 . 2014-10-05 14:59 290304 ----a-w- c:\windows\SysWow64\subinacle.exe
2014-10-02 10:46 . 2014-10-02 10:46 -------- d-----w- c:\program files\PSRT
2014-10-02 10:46 . 2014-10-02 10:46 -------- d-----w- c:\program files\Common Files\Microsoft
2014-09-27 08:02 . 2014-10-07 20:34 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3D00F6A1-7202-4691-87E1-95FF06E83C93}\offreg.dll
2014-09-12 13:08 . 2014-09-12 13:08 -------- d-----w- c:\programdata\Canneverbe Limited
2014-09-12 13:07 . 2014-09-12 13:07 -------- d-----w- c:\users\Keyfor\AppData\Roaming\Canneverbe Limited
2014-09-12 13:07 . 2014-09-12 13:07 -------- d-----w- c:\program files (x86)\CDBurnerXP
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-08 09:54 . 2013-10-27 13:58 73728 ----a-w- c:\windows\system\vdremote.dll
2014-10-08 09:54 . 2013-10-27 13:58 65536 ----a-w- c:\windows\system\vdsvrlnk.dll
2014-08-29 20:22 . 2012-07-17 12:37 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-23 02:07 . 2014-08-27 18:55 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-27 18:55 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-23 00:59 . 2014-08-27 18:55 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-08-21 03:43 . 2014-09-05 10:36 11319192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3D00F6A1-7202-4691-87E1-95FF06E83C93}\mpengine.dll
2014-08-13 10:29 . 2014-04-22 15:32 99218768 ----a-w- c:\windows\system32\MRT.exe
2014-08-05 07:20 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-07-31 23:41 . 2014-08-13 09:04 348856 ----a-w- c:\windows\system32\iedkcs32.dll
2014-07-25 14:52 . 2014-08-13 09:04 23645696 ----a-w- c:\windows\system32\mshtml.dll
2014-07-25 14:02 . 2014-08-13 09:04 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-07-25 14:01 . 2014-08-13 09:04 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-07-25 13:30 . 2014-08-13 09:04 66048 ----a-w- c:\windows\system32\iesetup.dll
2014-07-25 13:28 . 2014-08-13 09:04 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-07-25 13:28 . 2014-08-13 09:04 548352 ----a-w- c:\windows\system32\vbscript.dll
2014-07-25 13:25 . 2014-08-13 09:04 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-07-25 13:25 . 2014-08-13 09:04 2774528 ----a-w- c:\windows\system32\iertutil.dll
2014-07-25 13:11 . 2014-08-13 09:04 51200 ----a-w- c:\windows\system32\jsproxy.dll
2014-07-25 13:10 . 2014-08-13 09:04 33792 ----a-w- c:\windows\system32\iernonce.dll
2014-07-25 13:04 . 2014-08-13 09:04 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-07-25 13:03 . 2014-08-13 09:04 598016 ----a-w- c:\windows\system32\ieui.dll
2014-07-25 13:00 . 2014-08-13 09:04 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2014-07-25 13:00 . 2014-08-13 09:04 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-07-25 12:59 . 2014-08-13 09:04 758272 ----a-w- c:\windows\system32\jscript9diag.dll
2014-07-25 12:47 . 2014-08-13 09:04 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-07-25 12:40 . 2014-08-13 09:04 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2014-07-25 12:34 . 2014-08-13 09:04 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-07-25 12:34 . 2014-08-13 09:04 455168 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-07-25 12:33 . 2014-08-13 09:04 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-07-25 12:30 . 2014-08-13 09:04 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-07-25 12:28 . 2014-08-13 09:04 5824512 ----a-w- c:\windows\system32\jscript9.dll
2014-07-25 12:28 . 2014-08-13 09:04 72704 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 12:19 . 2014-08-13 09:04 195584 ----a-w- c:\windows\system32\msrating.dll
2014-07-25 12:17 . 2014-08-13 09:04 85504 ----a-w- c:\windows\system32\mshtmled.dll
2014-07-25 12:10 . 2014-08-13 09:04 292864 ----a-w- c:\windows\system32\dxtrans.dll
2014-07-25 12:10 . 2014-08-13 09:04 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-07-25 12:08 . 2014-08-13 09:04 597504 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-07-25 12:06 . 2014-08-13 09:04 4204032 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-07-25 11:47 . 2014-08-13 09:04 631808 ----a-w- c:\windows\system32\msfeeds.dll
2014-07-25 11:43 . 2014-08-13 09:04 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-07-25 11:42 . 2014-08-13 09:04 692736 ----a-w- c:\windows\system32\ie4uinit.exe
2014-07-25 11:39 . 2014-08-13 09:04 2087936 ----a-w- c:\windows\system32\inetcpl.cpl
2014-07-25 11:39 . 2014-08-13 09:04 1249280 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-07-25 11:23 . 2014-08-13 09:04 13547008 ----a-w- c:\windows\system32\ieframe.dll
2014-07-25 11:07 . 2014-08-13 09:04 2001920 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-07-25 11:07 . 2014-08-13 09:04 1068032 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-07-25 10:52 . 2014-08-13 09:04 2266624 ----a-w- c:\windows\system32\wininet.dll
2014-07-25 10:26 . 2014-08-13 09:04 1431040 ----a-w- c:\windows\system32\urlmon.dll
2014-07-25 10:17 . 2014-08-13 09:04 846336 ----a-w- c:\windows\system32\ieapfltr.dll
2014-07-25 10:05 . 2014-08-13 09:04 1792512 ----a-w- c:\windows\SysWow64\wininet.dll
2014-07-16 03:23 . 2014-08-13 09:05 2048 ----a-w- c:\windows\system32\tzres.dll
2014-07-16 02:46 . 2014-08-13 09:05 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-07-15 12:51 . 2014-05-17 17:54 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2014-07-15 12:51 . 2014-06-15 13:23 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-07-14 02:02 . 2014-08-13 09:03 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-07-14 01:40 . 2014-08-13 09:03 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-09-24 19:55 239272 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-09-24 19:55 239272 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-09-24 19:55 239272 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkyDrive"="c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2014-09-24 277672]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-08 3890208]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
.
c:\users\Keyfor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Keyfor\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-9-13 36414624]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:2c6994e3 /wow /dir:C:\Program
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys;c:\windows\SYSNATIVE\Drivers\IT9135BDA.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R4 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service;c:\program files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe;c:\program files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAVx64\1506000.020\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NAVx64\1506000.020\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAVx64\1506000.020\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NAVx64\1506000.020\SYMEFA64.SYS [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20141003.001\BHDrvx64.sys;c:\program files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20141003.001\BHDrvx64.sys [x]
S1 ccSet_NAV;NAV Settings Manager;c:\windows\system32\drivers\NAVx64\1506000.020\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NAVx64\1506000.020\ccSetx64.sys [x]
S1 ccSet_NST;Norton Identity Safe Settings Manager;c:\windows\system32\drivers\NSTx64\7DE06000.01B\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NSTx64\7DE06000.01B\ccSetx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20141008.001\IDSvia64.sys;c:\program files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20141008.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAVx64\1506000.020\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NAVx64\1506000.020\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NAVx64\1506000.020\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NAVx64\1506000.020\SYMNETS.SYS [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 LavasoftAdAwareService11;Ad-Aware Service 11;c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe;c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe [x]
S2 NAV;Norton AntiVirus;c:\program files (x86)\Norton AntiVirus\Engine\21.6.0.32\NAV.exe;c:\program files (x86)\Norton AntiVirus\Engine\21.6.0.32\NAV.exe [x]
S2 NCO;Norton Identity Safe;c:\program files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe;c:\program files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RzKLService;RzKLService;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-24 23:07 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-21 15:25]
.
2014-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-21 15:25]
.
2014-10-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-833634061-2704343745-1971459761-1000Core.job
- c:\users\Keyfor\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-09 11:26]
.
2014-10-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-833634061-2704343745-1971459761-1000UA.job
- c:\users\Keyfor\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-09 11:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-09-24 19:56 266416 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-09-24 19:56 266416 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-09-24 19:56 266416 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-05-01 20:17 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-02-05 1179576]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-02-05 2234144]
"AdAwareTray"="c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe" [2014-08-27 8886592]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Keyfor\AppData\Roaming\Mozilla\Firefox\Profiles\nuui4pco.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-IT9130 DriverInstaller_12.2.3.1 - c:\users\Keyfor\AppData\Local\Temp\\DriverInstall64.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NAV]
"ImagePath"="\"c:\program files (x86)\Norton AntiVirus\Engine\21.6.0.32\NAV.exe\" /s \"NAV\" /m \"c:\program files (x86)\Norton AntiVirus\Engine\21.6.0.32\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NCO]
"ImagePath"="\"c:\program files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe\" /s \"NCO\" /m \"c:\program files (x86)\Norton Identity Safe\Engine\2014.6.0.27\diMaster.dll\" /prefetch:1"
"ImagePath"="\SystemRoot\System32\Drivers\NAVx64\1506000.020\SYMNETS.SYS"
"TrustedImagePaths"="c:\program files (x86)\Norton AntiVirus\Engine\21.6.0.32;c:\program files (x86)\Norton AntiVirus\Engine64\21.6.0.32"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-833634061-2704343745-1971459761-1000\Software\G*e*n*i*e*"!\FM Genie Scout 13]
@Allowed: (Read) (RestrictedCode)
"GameDir"="c:\\Users\\Keyfor\\Documents\\Sports Interactive\\Football Manager 2013\\games"
"ShortlistDir"="c:\\Users\\Keyfor\\Documents\\Sports Interactive\\Football Manager 2013\\shortlists"
"FMPath"=""
"ScreenshotsDir"="c:\\Users\\Keyfor\\Documents\\Sports Interactive\\Football Manager 2013"
"SaveDir"="c:\\Users\\Keyfor\\Documents\\Sports Interactive\\Football Manager 2013\\"
"HistoryDir"="c:\\FM Genie Scout 13\\History Points"
"HistoryAutoTracking"=dword:00000000
"LangDB"="c:\\FM Genie Scout 13\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"GraphStep"=dword:00000000
"SkinName"="Steklo Black"
"LastUpdateCheck"=dword:0000a3c1
"VersionOf201"=dword:0000007b
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"ShowGuidNotification2"=dword:00000000
"ShowQuickGuideNotification"=dword:00000000
"ShowDonateNotification"=dword:00000000
"Version"=dword:00000158
"UniqueID"="D5-8380-E80F"
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
"PlayerSearchFeatureNum"=dword:0000002f
"StaffSearchFeatureNum"=dword:00000006
"ClubSearchFeatureNum"=dword:00000000
"FilterByClubFeatureNum"=dword:00000000
"CompareFeatureNum"=dword:00000000
"ShortlistFeatureNum"=dword:0000000f
"ExportFeatureNum"=dword:00000001
"HistoryFeatureNum"=dword:00000000
"LanguageDBFeatureNum"=dword:00000000
"HintsFeatureNum"=dword:00000001
"GenieReportFeatureNum"=dword:00000006
"TopFormationFeatureNum"=dword:00000000
"ScreenshotFeatureNum"=dword:00000000
"AdClicksNum"=dword:00000000
"AdImpressionsNum"=dword:00000311
"GameLoadedCounter"=dword:00000000
"Currency"=dword:00000016
.
[HKEY_USERS\S-1-5-21-833634061-2704343745-1971459761-1000\Software\G*e*n*i*e*"!\FM Genie Scout 14]
"Currency"=dword:00000016
"GameDir"="c:\\FM Genie Scout 14\\games"
"ShortlistDir"="c:\\FM Genie Scout 14\\shortlists"
"FMPath"=""
"ScreenshotsDir"="c:\\FM Genie Scout 14"
"SaveDir"="c:\\FM Genie Scout 14\\"
"HistoryDir"="c:\\FM Genie Scout 14\\History Points"
"HistoryAutoTracking"=dword:00000000
"LangDB"="c:\\FM Genie Scout 14\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"GraphStep"=dword:00000000
"SkinName"="Steklo Black"
"LastUpdateCheck"=dword:0000a32e
"VersionOf201"=dword:0000007b
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"ShowGuidNotification2"=dword:00000000
"ShowQuickGuideNotification"=dword:00000000
"ShowDonateNotification"=dword:00000000
"Version"=dword:000001a2
"UniqueID"="D5-8380-E80F"
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
"PlayerSearchFeatureNum"=dword:00000002
"StaffSearchFeatureNum"=dword:00000000
"ClubSearchFeatureNum"=dword:00000000
"FilterByClubFeatureNum"=dword:00000000
"CompareFeatureNum"=dword:00000000
"ShortlistFeatureNum"=dword:00000002
"ExportFeatureNum"=dword:00000000
"HistoryFeatureNum"=dword:00000000
"LanguageDBFeatureNum"=dword:00000000
"HintsFeatureNum"=dword:00000000
"GenieReportFeatureNum"=dword:00000002
"TopFormationFeatureNum"=dword:00000000
"ScreenshotFeatureNum"=dword:00000000
"AdClicksNum"=dword:00000000
"AdImpressionsNum"=dword:00000193
"GameLoadedCounter"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_182_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_182_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\progra~2\MICROS~1\Office14\WINWORD.EXE
.
**************************************************************************
.
Celkový čas: 2014-10-09 13:55:34 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-10-09 11:55
ComboFix2.txt 2014-10-07 20:40
ComboFix3.txt 2014-06-05 20:22
ComboFix4.txt 2014-06-05 20:06
ComboFix5.txt 2014-10-09 10:12
.
Před spuštěním: 31 389 192 192 bytes free
Po spuštění: 31 221 448 704 bytes free
.
- - End Of File - - 3DCFE4C8DF45F2AE16D241BF337B46C5
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1033.18.4095.2369 [GMT 2:00]
Spuštěný z: c:\users\Keyfor\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Keyfor\Desktop\CFScript.txt
AV: Ad-Aware Antivirus *Disabled/Outdated* {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Norton AntiVirus *Enabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
FW: Ad-Aware Firewall *Disabled* {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
SP: Ad-Aware Antivirus *Disabled/Outdated* {631A84A5-349B-D564-3A83-A0F22C2DF32B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Norton AntiVirus *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-833634061-2704343745-1971459761-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-833634061-2704343745-1971459761-1000UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Keyfor\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvuatqy.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-09-09 do 2014-10-09 )))))))))))))))))))))))))))))))
.
.
2014-10-09 11:48 . 2014-10-09 11:48 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-10-09 11:48 . 2014-10-09 11:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-08 20:25 . 2014-10-08 20:25 -------- d-----w- c:\program files (x86)\Gabest
2014-10-07 21:47 . 2014-10-07 21:47 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2014-10-07 21:31 . 2014-10-07 21:31 -------- d-----w- c:\programdata\NCOTEMP
2014-10-07 21:30 . 2014-10-08 15:03 -------- d-----w- c:\windows\system32\drivers\NSTx64
2014-10-07 21:30 . 2014-10-07 21:30 -------- d-----w- c:\program files (x86)\Norton Identity Safe
2014-10-07 21:30 . 2014-10-07 21:30 177752 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2014-10-07 21:30 . 2014-10-07 21:30 -------- d-----w- c:\program files\Common Files\Symantec Shared
2014-10-07 21:29 . 2014-10-07 21:42 -------- d-----w- c:\windows\system32\drivers\NAVx64
2014-10-07 21:29 . 2014-10-07 21:31 -------- d-----w- c:\programdata\Norton
2014-10-07 21:29 . 2014-10-07 21:29 -------- d-----w- c:\program files (x86)\Norton AntiVirus
2014-10-07 21:25 . 2014-10-07 21:30 -------- d-----w- c:\program files (x86)\NortonInstaller
2014-10-07 19:55 . 2014-10-07 19:57 -------- d-----w- C:\FRST
2014-10-07 13:19 . 2014-10-07 13:19 -------- d-----w- c:\users\Keyfor\AppData\Roaming\Lavasoft
2014-10-07 12:56 . 2014-10-07 12:56 -------- d-----w- c:\program files\Lavasoft
2014-10-07 12:51 . 2014-10-07 12:51 -------- d-----w- c:\program files\Common Files\Lavasoft
2014-10-07 12:49 . 2014-10-07 12:49 -------- d-----w- c:\programdata\Lavasoft
2014-10-05 20:24 . 2014-10-05 20:24 -------- d-----w- c:\program files (x86)\URUSoft
2014-10-05 20:22 . 2014-10-06 09:16 -------- d-----w- c:\program files (x86)\YTD
2014-10-05 15:17 . 2014-10-05 15:17 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-10-02 10:47 . 2014-10-05 15:00 45056 ----a-w- c:\windows\SysWow64\spoolss.dll
2014-10-02 10:47 . 2014-10-05 15:00 316416 ----a-w- c:\windows\SysWow64\spoolsv.exe
2014-10-02 10:47 . 2014-10-02 10:47 45056 ----a-w- c:\windows\SysWow64\old_spoolss.dll
2014-10-02 10:47 . 2014-10-02 10:47 316416 ----a-w- c:\windows\SysWow64\old_spoolsv.exe
2014-10-02 10:46 . 2014-10-05 14:59 290304 ----a-w- c:\windows\SysWow64\subinacle.exe
2014-10-02 10:46 . 2014-10-02 10:46 -------- d-----w- c:\program files\PSRT
2014-10-02 10:46 . 2014-10-02 10:46 -------- d-----w- c:\program files\Common Files\Microsoft
2014-09-27 08:02 . 2014-10-07 20:34 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3D00F6A1-7202-4691-87E1-95FF06E83C93}\offreg.dll
2014-09-12 13:08 . 2014-09-12 13:08 -------- d-----w- c:\programdata\Canneverbe Limited
2014-09-12 13:07 . 2014-09-12 13:07 -------- d-----w- c:\users\Keyfor\AppData\Roaming\Canneverbe Limited
2014-09-12 13:07 . 2014-09-12 13:07 -------- d-----w- c:\program files (x86)\CDBurnerXP
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-08 09:54 . 2013-10-27 13:58 73728 ----a-w- c:\windows\system\vdremote.dll
2014-10-08 09:54 . 2013-10-27 13:58 65536 ----a-w- c:\windows\system\vdsvrlnk.dll
2014-08-29 20:22 . 2012-07-17 12:37 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-23 02:07 . 2014-08-27 18:55 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-27 18:55 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-23 00:59 . 2014-08-27 18:55 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-08-21 03:43 . 2014-09-05 10:36 11319192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3D00F6A1-7202-4691-87E1-95FF06E83C93}\mpengine.dll
2014-08-13 10:29 . 2014-04-22 15:32 99218768 ----a-w- c:\windows\system32\MRT.exe
2014-08-05 07:20 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-07-31 23:41 . 2014-08-13 09:04 348856 ----a-w- c:\windows\system32\iedkcs32.dll
2014-07-25 14:52 . 2014-08-13 09:04 23645696 ----a-w- c:\windows\system32\mshtml.dll
2014-07-25 14:02 . 2014-08-13 09:04 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-07-25 14:01 . 2014-08-13 09:04 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-07-25 13:30 . 2014-08-13 09:04 66048 ----a-w- c:\windows\system32\iesetup.dll
2014-07-25 13:28 . 2014-08-13 09:04 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-07-25 13:28 . 2014-08-13 09:04 548352 ----a-w- c:\windows\system32\vbscript.dll
2014-07-25 13:25 . 2014-08-13 09:04 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-07-25 13:25 . 2014-08-13 09:04 2774528 ----a-w- c:\windows\system32\iertutil.dll
2014-07-25 13:11 . 2014-08-13 09:04 51200 ----a-w- c:\windows\system32\jsproxy.dll
2014-07-25 13:10 . 2014-08-13 09:04 33792 ----a-w- c:\windows\system32\iernonce.dll
2014-07-25 13:04 . 2014-08-13 09:04 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-07-25 13:03 . 2014-08-13 09:04 598016 ----a-w- c:\windows\system32\ieui.dll
2014-07-25 13:00 . 2014-08-13 09:04 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2014-07-25 13:00 . 2014-08-13 09:04 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-07-25 12:59 . 2014-08-13 09:04 758272 ----a-w- c:\windows\system32\jscript9diag.dll
2014-07-25 12:47 . 2014-08-13 09:04 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-07-25 12:40 . 2014-08-13 09:04 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2014-07-25 12:34 . 2014-08-13 09:04 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-07-25 12:34 . 2014-08-13 09:04 455168 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-07-25 12:33 . 2014-08-13 09:04 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-07-25 12:30 . 2014-08-13 09:04 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-07-25 12:28 . 2014-08-13 09:04 5824512 ----a-w- c:\windows\system32\jscript9.dll
2014-07-25 12:28 . 2014-08-13 09:04 72704 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 12:19 . 2014-08-13 09:04 195584 ----a-w- c:\windows\system32\msrating.dll
2014-07-25 12:17 . 2014-08-13 09:04 85504 ----a-w- c:\windows\system32\mshtmled.dll
2014-07-25 12:10 . 2014-08-13 09:04 292864 ----a-w- c:\windows\system32\dxtrans.dll
2014-07-25 12:10 . 2014-08-13 09:04 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-07-25 12:08 . 2014-08-13 09:04 597504 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-07-25 12:06 . 2014-08-13 09:04 4204032 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-07-25 11:47 . 2014-08-13 09:04 631808 ----a-w- c:\windows\system32\msfeeds.dll
2014-07-25 11:43 . 2014-08-13 09:04 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-07-25 11:42 . 2014-08-13 09:04 692736 ----a-w- c:\windows\system32\ie4uinit.exe
2014-07-25 11:39 . 2014-08-13 09:04 2087936 ----a-w- c:\windows\system32\inetcpl.cpl
2014-07-25 11:39 . 2014-08-13 09:04 1249280 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-07-25 11:23 . 2014-08-13 09:04 13547008 ----a-w- c:\windows\system32\ieframe.dll
2014-07-25 11:07 . 2014-08-13 09:04 2001920 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-07-25 11:07 . 2014-08-13 09:04 1068032 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-07-25 10:52 . 2014-08-13 09:04 2266624 ----a-w- c:\windows\system32\wininet.dll
2014-07-25 10:26 . 2014-08-13 09:04 1431040 ----a-w- c:\windows\system32\urlmon.dll
2014-07-25 10:17 . 2014-08-13 09:04 846336 ----a-w- c:\windows\system32\ieapfltr.dll
2014-07-25 10:05 . 2014-08-13 09:04 1792512 ----a-w- c:\windows\SysWow64\wininet.dll
2014-07-16 03:23 . 2014-08-13 09:05 2048 ----a-w- c:\windows\system32\tzres.dll
2014-07-16 02:46 . 2014-08-13 09:05 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-07-15 12:51 . 2014-05-17 17:54 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2014-07-15 12:51 . 2014-06-15 13:23 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-07-14 02:02 . 2014-08-13 09:03 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-07-14 01:40 . 2014-08-13 09:03 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-09-24 19:55 239272 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-09-24 19:55 239272 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-09-24 19:55 239272 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkyDrive"="c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2014-09-24 277672]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-08 3890208]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
.
c:\users\Keyfor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Keyfor\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-9-13 36414624]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:2c6994e3 /wow /dir:C:\Program
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys;c:\windows\SYSNATIVE\Drivers\IT9135BDA.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R4 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service;c:\program files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe;c:\program files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAVx64\1506000.020\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NAVx64\1506000.020\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAVx64\1506000.020\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NAVx64\1506000.020\SYMEFA64.SYS [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20141003.001\BHDrvx64.sys;c:\program files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20141003.001\BHDrvx64.sys [x]
S1 ccSet_NAV;NAV Settings Manager;c:\windows\system32\drivers\NAVx64\1506000.020\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NAVx64\1506000.020\ccSetx64.sys [x]
S1 ccSet_NST;Norton Identity Safe Settings Manager;c:\windows\system32\drivers\NSTx64\7DE06000.01B\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NSTx64\7DE06000.01B\ccSetx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20141008.001\IDSvia64.sys;c:\program files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20141008.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAVx64\1506000.020\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NAVx64\1506000.020\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NAVx64\1506000.020\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NAVx64\1506000.020\SYMNETS.SYS [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 LavasoftAdAwareService11;Ad-Aware Service 11;c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe;c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe [x]
S2 NAV;Norton AntiVirus;c:\program files (x86)\Norton AntiVirus\Engine\21.6.0.32\NAV.exe;c:\program files (x86)\Norton AntiVirus\Engine\21.6.0.32\NAV.exe [x]
S2 NCO;Norton Identity Safe;c:\program files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe;c:\program files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RzKLService;RzKLService;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-24 23:07 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-21 15:25]
.
2014-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-21 15:25]
.
2014-10-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-833634061-2704343745-1971459761-1000Core.job
- c:\users\Keyfor\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-09 11:26]
.
2014-10-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-833634061-2704343745-1971459761-1000UA.job
- c:\users\Keyfor\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-09 11:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-09-24 19:56 266416 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-09-24 19:56 266416 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-09-24 19:56 266416 ----a-w- c:\users\Keyfor\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-05-01 20:17 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\Keyfor\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-02-05 1179576]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-02-05 2234144]
"AdAwareTray"="c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe" [2014-08-27 8886592]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Keyfor\AppData\Roaming\Mozilla\Firefox\Profiles\nuui4pco.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-IT9130 DriverInstaller_12.2.3.1 - c:\users\Keyfor\AppData\Local\Temp\\DriverInstall64.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NAV]
"ImagePath"="\"c:\program files (x86)\Norton AntiVirus\Engine\21.6.0.32\NAV.exe\" /s \"NAV\" /m \"c:\program files (x86)\Norton AntiVirus\Engine\21.6.0.32\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NCO]
"ImagePath"="\"c:\program files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe\" /s \"NCO\" /m \"c:\program files (x86)\Norton Identity Safe\Engine\2014.6.0.27\diMaster.dll\" /prefetch:1"
"ImagePath"="\SystemRoot\System32\Drivers\NAVx64\1506000.020\SYMNETS.SYS"
"TrustedImagePaths"="c:\program files (x86)\Norton AntiVirus\Engine\21.6.0.32;c:\program files (x86)\Norton AntiVirus\Engine64\21.6.0.32"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-833634061-2704343745-1971459761-1000\Software\G*e*n*i*e*"!\FM Genie Scout 13]
@Allowed: (Read) (RestrictedCode)
"GameDir"="c:\\Users\\Keyfor\\Documents\\Sports Interactive\\Football Manager 2013\\games"
"ShortlistDir"="c:\\Users\\Keyfor\\Documents\\Sports Interactive\\Football Manager 2013\\shortlists"
"FMPath"=""
"ScreenshotsDir"="c:\\Users\\Keyfor\\Documents\\Sports Interactive\\Football Manager 2013"
"SaveDir"="c:\\Users\\Keyfor\\Documents\\Sports Interactive\\Football Manager 2013\\"
"HistoryDir"="c:\\FM Genie Scout 13\\History Points"
"HistoryAutoTracking"=dword:00000000
"LangDB"="c:\\FM Genie Scout 13\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"GraphStep"=dword:00000000
"SkinName"="Steklo Black"
"LastUpdateCheck"=dword:0000a3c1
"VersionOf201"=dword:0000007b
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"ShowGuidNotification2"=dword:00000000
"ShowQuickGuideNotification"=dword:00000000
"ShowDonateNotification"=dword:00000000
"Version"=dword:00000158
"UniqueID"="D5-8380-E80F"
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
"PlayerSearchFeatureNum"=dword:0000002f
"StaffSearchFeatureNum"=dword:00000006
"ClubSearchFeatureNum"=dword:00000000
"FilterByClubFeatureNum"=dword:00000000
"CompareFeatureNum"=dword:00000000
"ShortlistFeatureNum"=dword:0000000f
"ExportFeatureNum"=dword:00000001
"HistoryFeatureNum"=dword:00000000
"LanguageDBFeatureNum"=dword:00000000
"HintsFeatureNum"=dword:00000001
"GenieReportFeatureNum"=dword:00000006
"TopFormationFeatureNum"=dword:00000000
"ScreenshotFeatureNum"=dword:00000000
"AdClicksNum"=dword:00000000
"AdImpressionsNum"=dword:00000311
"GameLoadedCounter"=dword:00000000
"Currency"=dword:00000016
.
[HKEY_USERS\S-1-5-21-833634061-2704343745-1971459761-1000\Software\G*e*n*i*e*"!\FM Genie Scout 14]
"Currency"=dword:00000016
"GameDir"="c:\\FM Genie Scout 14\\games"
"ShortlistDir"="c:\\FM Genie Scout 14\\shortlists"
"FMPath"=""
"ScreenshotsDir"="c:\\FM Genie Scout 14"
"SaveDir"="c:\\FM Genie Scout 14\\"
"HistoryDir"="c:\\FM Genie Scout 14\\History Points"
"HistoryAutoTracking"=dword:00000000
"LangDB"="c:\\FM Genie Scout 14\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"GraphStep"=dword:00000000
"SkinName"="Steklo Black"
"LastUpdateCheck"=dword:0000a32e
"VersionOf201"=dword:0000007b
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"ShowGuidNotification2"=dword:00000000
"ShowQuickGuideNotification"=dword:00000000
"ShowDonateNotification"=dword:00000000
"Version"=dword:000001a2
"UniqueID"="D5-8380-E80F"
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
"PlayerSearchFeatureNum"=dword:00000002
"StaffSearchFeatureNum"=dword:00000000
"ClubSearchFeatureNum"=dword:00000000
"FilterByClubFeatureNum"=dword:00000000
"CompareFeatureNum"=dword:00000000
"ShortlistFeatureNum"=dword:00000002
"ExportFeatureNum"=dword:00000000
"HistoryFeatureNum"=dword:00000000
"LanguageDBFeatureNum"=dword:00000000
"HintsFeatureNum"=dword:00000000
"GenieReportFeatureNum"=dword:00000002
"TopFormationFeatureNum"=dword:00000000
"ScreenshotFeatureNum"=dword:00000000
"AdClicksNum"=dword:00000000
"AdImpressionsNum"=dword:00000193
"GameLoadedCounter"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_182_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_182_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\progra~2\MICROS~1\Office14\WINWORD.EXE
.
**************************************************************************
.
Celkový čas: 2014-10-09 13:55:34 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-10-09 11:55
ComboFix2.txt 2014-10-07 20:40
ComboFix3.txt 2014-06-05 20:22
ComboFix4.txt 2014-06-05 20:06
ComboFix5.txt 2014-10-09 10:12
.
Před spuštěním: 31 389 192 192 bytes free
Po spuštění: 31 221 448 704 bytes free
.
- - End Of File - - 3DCFE4C8DF45F2AE16D241BF337B46C5
A36C5E4F47E84449FF07ED3517B43A31
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: RPC server is unavailable & chyba 0xc0000005
Smazáno. CF odinstalujte pomocí T-Cleaneru: http://vyosek.tym.cz/pro_usery/T-Cleaner.exe . Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: RPC server is unavailable & chyba 0xc0000005
Díky mnohokrát, vše už vypadá být v pořádku!:)
Jen T-Cleaner mi Norton nedovolil stáhnout, našel v odkazu Trojana
Jen T-Cleaner mi Norton nedovolil stáhnout, našel v odkazu Trojana
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: RPC server is unavailable & chyba 0xc0000005
Budete muset Nortona vypnout, asi se mu nelíbí, že ten program maže na příkaz. T-C není nic jiného, než odstraňovač čisticích programů.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?