ComboFix 18-01-10.01 - Josef 27.01.2018 20:09:38.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3062.2323 [GMT 1:00]
Spuštěný z: c:\documents and settings\Josef\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Josef\Plocha\CFScript.txt
AV: ESET Smart Security 8.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personální firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.33.7\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.33.7\GoogleUpdate.exe
c:\program files\Google\Update\1.3.33.7\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.33.7\GoogleUpdateComRegisterShell64.exe
c:\program files\Google\Update\1.3.33.7\GoogleUpdateCore.exe
c:\program files\Google\Update\1.3.33.7\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.33.7\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.33.7\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.33.7\GoogleUpdateWebPlugin.exe
c:\program files\Google\Update\1.3.33.7\goopdate.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_am.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_ar.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_bg.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_bn.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_ca.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_cs.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_da.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_de.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_el.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_en.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_es.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_et.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_fa.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_fi.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_fil.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_fr.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_gu.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_hi.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_hr.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_hu.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_id.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_is.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_it.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_iw.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_ja.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_kn.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_ko.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_lt.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_lv.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_ml.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_mr.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_ms.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_nl.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_no.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_pl.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_ro.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_ru.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_sk.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_sl.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_sr.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_sv.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_sw.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_ta.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_te.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_th.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_tr.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_uk.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_ur.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_vi.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.33.7\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.33.7\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.33.7\psmachine.dll
c:\program files\Google\Update\1.3.33.7\psmachine_64.dll
c:\program files\Google\Update\1.3.33.7\psuser.dll
c:\program files\Google\Update\1.3.33.7\psuser_64.dll
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.33.7\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\49.0.2623.112\49.0.2623.112_chrome_installer.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SKYPEUPDATE
-------\Service_SkypeUpdate
-------\Legacy_gupdate
-------\Legacy_gupdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2017-12-27 do 2018-01-27 )))))))))))))))))))))))))))))))
.
.
2018-01-26 21:44 . 2018-01-26 21:44 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Zemana
2018-01-26 21:44 . 2018-01-27 07:35 -------- d-----w- c:\program files\Zemana AntiMalware
2018-01-26 21:44 . 2018-01-26 21:44 -------- d-----w- c:\documents and settings\Josef\Local Settings\Data aplikací\Zemana
2018-01-26 20:45 . 2018-01-26 20:45 -------- d-----w- C:\zoek
2018-01-26 14:31 . 2018-01-26 14:31 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Sophos
2018-01-18 12:38 . 2017-12-26 14:13 874456 -c--a-w- c:\program files\Mozilla Firefox\uninstall\helper.exe
2018-01-18 12:38 . 2017-12-26 10:15 66000 -c--a-w- c:\program files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll
2018-01-11 23:07 . 2008-05-16 10:48 446464 -c--a-w- c:\windows\system32\NVUNINST.EXE
2018-01-11 12:33 . 2018-01-12 09:50 -------- d-----w- c:\program files\Common Files\Acronis
2018-01-11 12:32 . 2018-01-11 12:32 -------- d-----w- c:\program files\Seznam.cz
2018-01-11 12:30 . 2018-01-27 12:30 -------- d-----w- c:\documents and settings\Josef\Data aplikací\Seznam.cz
2018-01-07 10:09 . 2018-01-07 10:09 -------- d-----w- C:\Temp
2018-01-06 11:23 . 2018-01-06 11:23 -------- d-----w- C:\$SysReset
2018-01-04 14:16 . 2018-01-04 14:16 -------- d-----w- c:\documents and settings\Josef\Data aplikací\Jihosoft ISO Maker
2018-01-04 14:15 . 2018-01-04 14:15 -------- d-----w- c:\program files\ISO Maker Free
2018-01-04 05:48 . 2018-01-07 11:06 -------- d-----w- C:\Recovery
2018-01-04 05:43 . 2018-01-07 18:10 -------- d-----w- C:\Boot
2018-01-01 14:53 . 2018-01-01 14:53 -------- d-----w- c:\documents and settings\Josef\Local Settings\Data aplikací\ImageMaster
2017-12-31 14:14 . 2014-02-26 23:28 13312 -c----w- c:\windows\system32\xp_eos.exe
2017-12-31 14:14 . 2014-02-26 23:28 13312 -c----w- c:\windows\system32\dllcache\xp_eos.exe
2017-12-31 13:39 . 2017-12-31 13:39 -------- d-----w- c:\program files\ESET
2017-12-31 13:39 . 2017-12-31 13:39 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2017-12-31 13:32 . 2017-12-31 13:32 -------- d-----w- c:\windows\system32\wbem\Repository
2017-12-31 13:32 . 2017-12-31 13:32 -------- d-----w- c:\program files\Duolabs
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2018-01-26 16:50 . 2015-11-15 09:41 24688 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2018-01-12 09:56 . 2015-11-14 16:37 803328 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2018-01-12 09:56 . 2015-11-14 16:37 144896 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-03-05 13:05 . 2015-03-15 18:26 2260 -c--a-w- c:\program files\voucher.bin
2013-03-13 07:03 . 2013-03-13 07:03 2174976 -c--a-w- c:\program files\Common Files\atimpenc.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\NBHShellExt]
@="{8D2223A2-B3C6-4e32-B096-CDD11F628C60}"
[HKEY_CLASSES_ROOT\CLSID\{8D2223A2-B3C6-4e32-B096-CDD11F628C60}]
2009-10-16 08:44 97072 ----a-w- c:\program files\Nero\Tools\InCD\NBHshx.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-10-19 6564776]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2009-02-04 204288]
"cz.seznam.software.autoupdate"="c:\documents and settings\Josef\Data aplikací\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\documents and settings\Josef\Data aplikací\Seznam.cz\bin\wszndesktop.exe" [2015-05-26 103080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"Adobe Reader Synchronizer"="c:\program files\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"BluetoothAuthenticationAgent"=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" -osboot
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Nero\\Nero 11\\Nero BackItUp\\BackItUp.exe"=
"g:\\instalace\\GAME\\Kyodai Mahjongg\\kmj.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"c:\\Program Files\\Apowersoft\\Video Download Capture\\Video Download Capture.exe"=
"c:\\Program Files\\Apowersoft\\Video Download Capture\\ApowersoftSrv.dll"=
"c:\\Program Files\\Apowersoft\\Video Download Capture\\ApowersoftDump.dll"=
"c:\\Program Files\\Apowersoft\\Video Download Capture\\ApowersoftAC.dll"=
"c:\\Program Files\\Apowersoft\\Video Download Capture\\ApowersoftPlayer.dll"=
"c:\\Program Files\\Apowersoft\\Video Download Capture\\ApowersoftDownloaderHelp.dll"=
"c:\\Program Files\\Apowersoft\\Video Download Capture\\ApowersoftHDSDump.dll"=
"c:\\Program Files\\TeamViewer\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\TeamViewer_Service.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
.
R0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\drivers\NBVol.sys [21.11.2011 12:30 56496]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\drivers\NBVolUp.sys [21.11.2011 12:30 12464]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [16.12.2012 9:41 13696]
R1 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [10.10.2014 8:59 191928]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [10.10.2014 8:59 135296]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [1.10.2014 14:40 1349576]
R2 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [23.9.2011 18:37 641832]
R2 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\Nero\Tools\InCD\NBHRegInCDSrv.exe [16.10.2009 9:44 53560]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [11.5.2014 16:00 167424]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service;c:\program files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [23.1.2016 10:54 743688]
R2 ssinstall;SInstalátor;c:\windows\system32\ssins.exe [14.11.2015 17:35 4696960]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver;c:\windows\system32\drivers\thdudf.sys [25.11.2013 15:01 66944]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [10.12.2015 13:50 26032]
S1 ZAM;ZAM Helper Driver;\??\c:\windows\System32\drivers\zam32.sys --> c:\windows\System32\drivers\zam32.sys [?]
S1 ZAM_Guard;ZAM Guard Driver;\??\c:\windows\System32\drivers\zamguard32.sys --> c:\windows\System32\drivers\zamguard32.sys [?]
S3 AR9271;Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [1.3.2013 21:35 1763584]
S3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver;c:\windows\system32\drivers\BazisVirtualCDBus.sys [3.6.2015 6:09 121688]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [19.3.2014 22:17 20032]
S3 ew_usbccgpfilter;HwHandSet_CompositeFilter;c:\windows\system32\drivers\ew_usbccgpfilter.sys [13.5.2017 14:36 15360]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [11.5.2014 16:00 24576]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [7.12.2012 17:27 21248]
S3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\drivers\IT9135BDA.SYS [3.2.2013 15:20 145280]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [29.11.2011 18:32 27064]
.
Obsah adresáře 'Naplánované úlohy'
.
2018-01-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-14 09:56]
.
2018-01-11 c:\windows\Tasks\Josef NBAgent 6 0.job
- c:\program files\nero\nero 11\nero backitup\NBAgent.exe [2011-09-20 13:53]
.
2018-01-10 c:\windows\Tasks\Josef.job
- c:\program files\Nero\Nero 11\Nero BackItUp\NBCore.exe [2011-09-20 13:54]
.
2018-01-10 c:\windows\Tasks\Josef2.job
- c:\program files\Nero\Nero 11\Nero BackItUp\NBCore.exe [2011-09-20 13:54]
.
2017-12-31 c:\windows\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2017-12-31 23:28]
.
2018-01-27 c:\windows\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2017-12-31 23:28]
.
2018-01-26 c:\windows\Tasks\User_Feed_Synchronization-{02D609C1-B138-47A6-B631-4C8C2E89B3B5}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]
.
.
------- Doplňkový sken -------
.
uStart Page =
https://www.seznam.cz/uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <-loopback>
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
Trusted Zone: local.sinstalator.cz
Trusted Zone: local.sinstalator.cz\PACS
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\gh9fwllk.default-1456167743093\
FF - prefs.js: browser.startup.homepage -
hxxp://seznam.cz/.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2018-01-27 20:17
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2996)
c:\documents and settings\Josef\Data aplikací\Seznam.cz\bin\29871libfoxloader.dll
c:\program files\Nero\Tools\InCD\NBHshx.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Nero\Tools\InCD\InCDSrv.exe
c:\documents and settings\Josef\Data aplikací\Seznam.cz\bin\szndesktop.exe
c:\program files\TeamViewer\TeamViewer_Service.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2018-01-27 20:19:24 - počítač byl restartován
ComboFix-quarantined-files.txt 2018-01-27 19:19
ComboFix2.txt 2018-01-27 17:04
.
Před spuštěním: Volných bajtů: 36 650 098 688
Po spuštění: Volných bajtů: 36 516 610 048
.
- - End Of File - - 78A28725C65E4B728AAAB25AF8C6B09C
A36C5E4F47E84449FF07ED3517B43A31
za chvíli nový log z HJT
zde
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:28:18, on 27.1.2018
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Nero\Tools\InCD\InCDSrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\Program Files\Nero\Tools\InCD\NBHRegInCDSrv.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
C:\WINDOWS\System32\ssins.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Documents and Settings\Josef\Data aplikací\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\TeamViewer_Service.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Josef\Plocha\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
https://www.seznam.cz/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\Josef\Data aplikací\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\Josef\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InCD Helper (InCDSrv) - Nero AG - C:\Program Files\Nero\Tools\InCD\InCDSrv.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files\Nero\Tools\InCD\NBHRegInCDSrv.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\WINDOWS\System32\ssins.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
--
End of file - 4585 bytes