Prosím o kontrolu Vyřešeno

[Gujin]

Zdravím, v poslední době mám trochu zasekaný notebook, ani nevím proč. Při spuštění ntb se mi ukáže okno "Server je zaneprázdněn". Můžu 10x kliknout na Přepnout, či Opakovat, ale furt nic. Až po několikátém pokusu. Viz ss. Ani nevím, co to znamená...



Log z HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:38:00, on 7.9.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16660)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Filda\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
C:\Users\Filda\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Users\Filda\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
C:\Users\Filda\Desktop\Music\AirPlay.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\HJT\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=;ftp=;https=;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Speed - {48A789BF-F6D6-4930-9C8B-77855A63EDE1} - C:\PROGRA~2\SECURE~1\IE\SPEEDD~1.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
O4 - HKLM\..\Run: [RoxWatchTray] "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
O4 - HKLM\..\Run: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ASUS Ai Charger] C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Shairport4w] "C:\Users\Filda\Desktop\Music\AirPlay.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Filda\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Filda\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Filda\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [DellSystemDetect] C:\Users\Filda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [AirVideoServer] C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\WINDOWS\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Filda\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Logitech . Registrace produktu.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: SecureUpdate (SecureUpdateSvc) - Unknown owner - C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16749 bytes

[Reklama]

[memphisto]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[Gujin]

Používám Chrome. Čím by mohlo být to vyskakující okno "Server je zaneprázdněn"? Vždy se to objevuje při startu notebooku, pak už ne. Musím několikrát kliknout na "Přepnout" aby to okno zmizlo.

Log z Malwarebytes' Anti-Malware:

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
http://www.malwarebytes.org

Verze: v2013.09.16.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Filda :: FILDA-PC [administrátor]

Ochrana: Povolena

16.9.2013 17:59:02
MBAM-log-2013-09-16 (18-06-24).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 252729
Uplynulý čas: 7 minut, 14 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\$RECYCLE.BIN\S-1-5-21-2784445265-4268745598-2048603260-1001\$ROK9HUK.exe (PUP.Optional.Bandoo) -> Nebyla provedena žádná instrukce.

(konec)


Log z AdwCleaneru:

# AdwCleaner v3.004 - Report created 16/09/2013 at 18:07:37
# Updated 15/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Filda - FILDA-PC
# Running from : C:\Users\Filda\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\windows\System32\roboot64.exe
Folder Found C:\ProgramData\apn
Folder Found C:\Users\Maminka\AppData\Local\Temp\apn

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\BI
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKCU\Software\BI
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686


-\\ Google Chrome v29.0.1547.66

[ File : C:\Users\Filda\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : urls_to_restore_on_startup
Found : urls_to_restore_on_startup
Found : urls_to_restore_on_startup

[ File : C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2335 octets] - [16/09/2013 18:07:37]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2395 octets] ##########

[memphisto]

Po spuštění ti toho nabíhá mraky, takže to může být cokoliv z těch aplikací...

V Mbam i adw nech vše smazat a dodej logy po smazání

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

[Gujin]

Logy z RogueKilleru a JRT dodám zítra, teď už se mi do toho nechce...

Log z mbam:

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.09.16.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Filda :: FILDA-PC [administrátor]

Ochrana: Povolena

16.9.2013 18:46:28
mbam-log-2013-09-16 (18-46-28).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 250067
Uplynulý čas: 4 minut, 6 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)



Log z adw:

# AdwCleaner v3.004 - Report created 16/09/2013 at 19:07:31
# Updated 15/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Filda - FILDA-PC
# Running from : C:\Users\Filda\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\Users\Maminka\AppData\Local\Temp\apn
File Deleted : C:\windows\System32\roboot64.exe

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\BI
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686


-\\ Google Chrome v29.0.1547.66

[ File : C:\Users\Filda\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : urls_to_restore_on_startup

[ File : C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2491 octets] - [16/09/2013 18:07:37]
AdwCleaner[R1].txt - [2551 octets] - [16/09/2013 19:06:22]
AdwCleaner[S0].txt - [2394 octets] - [16/09/2013 19:07:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2454 octets] ##########

[memphisto]

OK, počkáme

[Gujin]

Log z RK:

RogueKiller V8.6.11 _x64_ [Sep 11 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Filda [Práva správce]
Mód : Kontrola -- Datum : 09/18/2013 15:13:33
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 14 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Filda\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Filda\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : DellSystemDetect (C:\Users\Filda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms [-]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-2784445265-4268745598-2048603260-1001\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Filda\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-2784445265-4268745598-2048603260-1001\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Filda\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-2784445265-4268745598-2048603260-1001\[...]\Run : DellSystemDetect (C:\Users\Filda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms [-]) -> NALEZENO
[RUN][SUSP PATH] HKLM\[...]\Wow6432Node\[...]\Run : Shairport4w ("C:\Users\Filda\Desktop\Music\AirPlay.exe" [-]) -> NALEZENO
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp=;ftp=;hxxps=;) -> NALEZENO
[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK6475GSX +++++
--- User ---
[MBR] e15b77c3de54d1b920a65c90ad4321a5
[BSP] db34821c5acde879239ffb81eff44264 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 554417 Mo
3 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 1166374912 | Size: 40960 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_09182013_151333.txt >>




Log z JRT:




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.1 (09.15.2013:1)
OS: Windows 7 Home Premium x64
Ran by Filda on st 18.09.2013 at 15:23:45,73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BC8E221E-C38E-4A0F-9511-27D8F1DBC1CD}



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Filda\appdata\local\{2B189C9D-DB1F-49B0-ADC2-722290E651CE}
Successfully deleted: [Empty Folder] C:\Users\Filda\appdata\local\{B052B0C9-8B18-45A5-AB27-6AF08C521F3C}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 18.09.2013 at 15:31:17,69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[memphisto]

¨Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.

[Gujin]

//Edit: Sakra. Omylem jsem to postnul 2x.

[Gujin]

Okno "server je zaneprázdněn" už se při startu ntbku neukazuje.

RK:

RogueKiller V8.6.11 _x64_ [Sep 11 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Filda [Práva správce]
Mód : Odebrat -- Datum : 09/18/2013 20:01:38
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 4 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\Users\Filda\AppData\Roaming\Seznam.cz\bin\8008libfoxloader-x64.dll [x] -> ODEBRÁNO
[SUSP PATH] szndesktop.exe -- C:\Users\Filda\AppData\Roaming\Seznam.cz\bin\szndesktop.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] listicka-x64.exe -- C:\Users\Filda\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] AirPlay.exe -- C:\Users\Filda\Desktop\Music\AirPlay.exe [-] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 15 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Filda\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Filda\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : DellSystemDetect (C:\Users\Filda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms [-]) -> VYMAZÁNO
[RUN][SUSP PATH] HKUS\S-1-5-21-2784445265-4268745598-2048603260-1001\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Filda\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP PATH] HKUS\S-1-5-21-2784445265-4268745598-2048603260-1001\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Filda\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP PATH] HKUS\S-1-5-21-2784445265-4268745598-2048603260-1001\[...]\Run : DellSystemDetect (C:\Users\Filda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms [-]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP PATH] HKLM\[...]\Wow6432Node\[...]\Run : Shairport4w ("C:\Users\Filda\Desktop\Music\AirPlay.exe" [-]) -> VYMAZÁNO
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK6475GSX +++++
--- User ---
[MBR] e15b77c3de54d1b920a65c90ad4321a5
[BSP] db34821c5acde879239ffb81eff44264 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 554417 Mo
3 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 1166374912 | Size: 40960 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_09182013_200138.txt >>
RKreport[0]_S_09182013_151333.txt;RKreport[0]_S_09182013_200113.txt



CF:

ComboFix 13-09-17.01 - Filda 18.09.2013 20:08:44.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4003.2777 [GMT 2:00]
Spuštěný z: c:\users\Filda\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6280\AddOnDownloaded\31d5a116-b563-4195-8dbd-1798d14bfacd.dll
c:\programdata\PCDr\6280\AddOnDownloaded\3265cc37-1ae8-4a1d-b93a-d8a0d09ba823.dll
c:\programdata\PCDr\6280\AddOnDownloaded\394b144a-f70e-44ff-a1ce-7fed69d15b12.dll
c:\programdata\PCDr\6280\AddOnDownloaded\50441041-9037-4c34-842c-4a8523e700da.dll
c:\programdata\PCDr\6280\AddOnDownloaded\5737a9df-39af-4df3-b97d-07f556d679c5.dll
c:\programdata\PCDr\6280\AddOnDownloaded\751275e0-9b7c-49a7-b6d8-eaf73a4eac58.dll
c:\programdata\PCDr\6280\AddOnDownloaded\7ec00d71-b236-42d5-b7d2-aab97a4a1f3d.dll
c:\programdata\PCDr\6280\AddOnDownloaded\840b04b8-fb1e-4492-9645-97c163fb4348.dll
c:\programdata\PCDr\6280\AddOnDownloaded\8658165e-a29d-4eca-a939-35aff3e05f62.dll
c:\programdata\PCDr\6280\AddOnDownloaded\8aa95cb2-816d-4a9a-a370-962b815a3013.dll
c:\programdata\PCDr\6280\AddOnDownloaded\a7c185b3-39a9-4aaf-9506-7726c68d6350.dll
c:\programdata\PCDr\6280\AddOnDownloaded\be543d7a-9241-474e-9567-a20b994760c0.dll
c:\programdata\PCDr\6280\AddOnDownloaded\c0c54ea3-e58e-438a-9c4c-778b0979180a.dll
c:\programdata\PCDr\6280\AddOnDownloaded\e2989224-3347-43ce-b7a2-533339a265b0.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-18 do 2013-09-18 )))))))))))))))))))))))))))))))
.
.
2013-09-18 18:20 . 2013-09-18 18:20 -------- d-----w- c:\users\Maminka\AppData\Local\temp
2013-09-18 18:20 . 2013-09-18 18:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-18 13:23 . 2013-09-18 13:23 -------- d-----w- c:\windows\ERUNT
2013-09-17 12:59 . 2013-09-18 18:13 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9A58E135-E0FA-4F6B-811F-501041F9790C}\offreg.dll
2013-09-17 07:45 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9A58E135-E0FA-4F6B-811F-501041F9790C}\mpengine.dll
2013-09-16 16:07 . 2013-09-16 17:07 -------- d-----w- C:\AdwCleaner
2013-09-16 15:56 . 2013-09-16 15:56 -------- d-----w- c:\users\Filda\AppData\Roaming\Malwarebytes
2013-09-16 15:56 . 2013-09-16 15:56 -------- d-----w- c:\programdata\Malwarebytes
2013-09-16 15:56 . 2013-09-16 15:56 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-09-16 15:56 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-12 09:10 . 2013-09-12 09:10 -------- d-----w- c:\users\Filda\AppData\Roaming\HTC Sync
2013-09-12 09:10 . 2013-09-12 09:10 -------- d-----w- c:\users\Filda\AppData\Roaming\HTC
2013-09-12 09:10 . 2013-09-12 09:10 -------- d-----w- c:\programdata\HTC
2013-09-12 09:08 . 2013-09-18 13:44 -------- d-----w- c:\users\Filda\AppData\Local\HTC MediaHub
2013-09-12 09:08 . 2013-09-12 09:08 -------- d-----w- c:\users\Filda\.android
2013-09-12 09:08 . 2013-09-12 09:08 -------- d-----w- c:\programdata\Motorola
2013-09-12 09:08 . 2013-09-12 09:08 -------- d-----w- c:\program files (x86)\Common Files\Nero
2013-09-12 09:07 . 2013-09-12 09:07 -------- d-----w- c:\program files (x86)\HTC
2013-09-12 09:07 . 2013-09-12 09:07 -------- d-----w- c:\program files (x86)\Spirent Communications
2013-09-12 09:05 . 2013-09-12 09:05 -------- d-----w- c:\users\Filda\AppData\Local\Downloaded Installations
2013-09-11 05:08 . 2013-08-05 02:25 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-09-11 05:07 . 2013-08-02 02:12 6656 ----a-w- c:\windows\system32\apisetschema.dll
2013-09-11 05:07 . 2013-08-02 02:12 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 05:07 . 2013-08-02 01:48 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-09-11 05:07 . 2013-08-02 01:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 05:07 . 2013-08-02 00:45 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-09-11 05:07 . 2013-08-02 00:45 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-09-11 05:07 . 2013-08-02 00:45 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-09-11 05:07 . 2013-08-08 01:20 3155456 ----a-w- c:\windows\system32\win32k.sys
2013-09-11 05:07 . 2013-07-26 02:24 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-09-11 05:07 . 2013-07-26 02:24 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-09-09 15:36 . 2013-09-09 15:36 -------- d-----w- c:\users\Filda\AppData\Local\Overwolf
2013-09-09 08:30 . 2013-09-09 08:32 -------- d-----w- c:\users\Filda\AppData\Local\Microsoft Games
2013-09-07 22:42 . 2013-09-14 14:28 -------- d-----w- c:\program files (x86)\GTA San Andreas
2013-09-07 11:26 . 2013-09-07 11:26 388096 ----a-r- c:\users\Filda\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-09-07 11:26 . 2013-09-07 11:26 -------- d-----w- c:\program files (x86)\HJT
2013-08-30 21:39 . 2013-08-30 21:39 -------- d-----w- c:\program files\AutoHotkey
2013-08-21 22:39 . 2013-08-21 22:39 -------- d-----w- c:\users\Filda\AppData\Roaming\SpinTires
2013-08-21 22:39 . 2013-08-21 22:39 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_7.dll
2013-08-21 22:38 . 2013-08-21 22:38 -------- d-----w- c:\programdata\Logs
2013-08-19 19:02 . 2013-08-19 19:02 -------- d-----w- c:\program files\iPod
2013-08-19 19:02 . 2013-08-19 19:03 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-19 19:02 . 2013-08-19 19:03 -------- d-----w- c:\program files\iTunes
2013-08-19 19:02 . 2013-08-19 19:03 -------- d-----w- c:\program files (x86)\iTunes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-13 10:38 . 2013-08-07 01:20 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-13 10:38 . 2013-08-07 01:20 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-11 10:52 . 2013-07-03 09:39 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-08-21 08:03 . 2013-08-06 22:48 268968 ----a-w- c:\windows\SysWow64\sqlite3.dll
2013-08-14 08:13 . 2013-08-06 23:22 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-08-07 02:22 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-06 23:22 . 2013-08-06 23:22 53248 ----a-r- c:\users\Filda\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-08-02 01:48 . 2013-09-11 05:08 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-28 20:32 . 2013-07-28 20:32 619008 ----a-w- c:\windows\SysWow64\dx7vb.dll
2013-07-28 20:24 . 2013-07-28 20:24 1227264 ----a-w- c:\windows\SysWow64\dx8vb.dll
2013-07-25 09:25 . 2013-08-14 07:57 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-14 07:57 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58 . 2013-08-14 07:57 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-19 01:41 . 2013-08-14 07:57 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-07-09 05:52 . 2013-08-14 07:57 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-07-09 05:51 . 2013-08-14 07:57 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 05:46 . 2013-08-14 07:57 1472512 ----a-w- c:\windows\system32\crypt32.dll
2013-07-09 05:46 . 2013-08-14 07:57 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-09 05:46 . 2013-08-14 07:57 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-09 04:52 . 2013-08-14 07:57 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-07-09 04:52 . 2013-08-14 07:57 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-09 04:46 . 2013-08-14 07:57 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-09 04:46 . 2013-08-14 07:57 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-07-09 04:46 . 2013-08-14 07:57 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-07-07 08:39 . 2013-07-07 08:39 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-07-07 08:39 . 2013-07-07 08:39 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-07-07 08:39 . 2013-07-07 08:39 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-07-06 06:03 . 2013-08-14 07:57 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-07-03 09:47 . 2013-07-03 09:47 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-07-03 09:47 . 2013-07-03 09:47 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-07-03 09:47 . 2013-07-03 09:47 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-07-03 09:47 . 2013-07-03 09:47 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-07-03 09:47 . 2013-07-03 09:47 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-07-03 09:47 . 2013-07-03 09:47 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-07-03 09:47 . 2013-07-03 09:47 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-07-03 09:47 . 2013-07-03 09:47 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-07-03 09:47 . 2013-07-03 09:47 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-07-03 09:47 . 2013-07-03 09:47 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-07-03 09:47 . 2013-07-03 09:47 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-07-03 09:47 . 2013-07-03 09:47 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-07-03 09:47 . 2013-07-03 09:47 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-07-03 09:47 . 2013-07-03 09:47 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-07-03 09:47 . 2013-07-03 09:47 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-07-03 09:47 . 2013-07-03 09:47 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-07-03 09:47 . 2013-07-03 09:47 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-07-03 09:47 . 2013-07-03 09:47 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-07-03 09:47 . 2013-07-03 09:47 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-07-03 09:47 . 2013-07-03 09:47 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-07-03 09:47 . 2013-07-03 09:47 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-07-03 09:47 . 2013-07-03 09:47 81408 ----a-w- c:\windows\system32\icardie.dll
2013-07-03 09:47 . 2013-07-03 09:47 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-07-03 09:47 . 2013-07-03 09:47 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-07-03 09:47 . 2013-07-03 09:47 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-07-03 09:47 . 2013-07-03 09:47 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-07-03 09:47 . 2013-07-03 09:47 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-07-03 09:47 . 2013-07-03 09:47 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-07-03 09:47 . 2013-07-03 09:47 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-07-03 09:47 . 2013-07-03 09:47 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-07-03 09:47 . 2013-07-03 09:47 441856 ----a-w- c:\windows\system32\html.iec
2013-07-03 09:47 . 2013-07-03 09:47 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-07-03 09:47 . 2013-07-03 09:47 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-07-03 09:47 . 2013-07-03 09:47 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-07-03 09:47 . 2013-07-03 09:47 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-07-03 09:47 . 2013-07-03 09:47 235008 ----a-w- c:\windows\system32\url.dll
2013-07-03 09:47 . 2013-07-03 09:47 216064 ----a-w- c:\windows\system32\msls31.dll
2013-07-03 09:47 . 2013-07-03 09:47 197120 ----a-w- c:\windows\system32\msrating.dll
2013-07-03 09:47 . 2013-07-03 09:47 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-07-03 09:47 . 2013-07-03 09:47 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-07-03 09:47 . 2013-07-03 09:47 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-07-03 09:47 . 2013-07-03 09:47 149504 ----a-w- c:\windows\system32\occache.dll
2013-07-03 09:47 . 2013-07-03 09:47 144896 ----a-w- c:\windows\system32\wextract.exe
2013-07-03 09:47 . 2013-07-03 09:47 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-07-03 09:47 . 2013-07-03 09:47 13824 ----a-w- c:\windows\system32\mshta.exe
2013-07-03 09:47 . 2013-07-03 09:47 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-07-03 09:47 . 2013-07-03 09:47 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-07-03 09:47 . 2013-07-03 09:47 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-07-03 09:47 . 2013-07-03 09:47 102912 ----a-w- c:\windows\system32\inseng.dll
2013-06-30 14:28 . 2013-06-30 14:28 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-06-30 14:12 . 2013-06-30 14:12 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-30 14:12 . 2013-06-30 14:12 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-30 14:12 . 2011-09-29 00:21 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\Filda\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\Filda\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\Filda\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\Filda\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-21 19875432]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"Facebook Update"="c:\users\Filda\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-09-13 138096]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"AirVideoServer"="c:\program files (x86)\AirVideoServer\AirVideoServer.exe" [2012-07-19 4935112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-04-13 503942]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"Dell Registration"="c:\program files (x86)\System Registration\prodreg.exe" [2010-11-10 4144448]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2013-09-03 40312]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2011-04-29 885760]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"ASUS Ai Charger"="c:\program files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe" [2012-08-13 547984]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-08-16 152392]
.
c:\users\Filda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Filda\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-6-5 27370808]
Facebook Messenger.lnk - c:\users\Filda\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe [2013-3-7 248240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [x]
R2 SecureUpdateSvc;SecureUpdate;c:\program files (x86)\Secure Speed Dial\IE\SecureUpdate.exe;c:\program files (x86)\Secure Speed Dial\IE\SecureUpdate.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [x]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 AiCharger;AiCharger;SysWow64\drivers\AiCharger.sys;SysWow64\drivers\AiCharger.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-05 12:19 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-07 10:38]
.
2013-09-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2784445265-4268745598-2048603260-1001Core.job
- c:\users\Filda\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-30 11:15]
.
2013-09-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2784445265-4268745598-2048603260-1001UA.job
- c:\users\Filda\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-30 11:15]
.
2013-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-30 13:08]
.
2013-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-30 13:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 164016 ----a-w- c:\users\Filda\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 164016 ----a-w- c:\users\Filda\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 164016 ----a-w- c:\users\Filda\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 164016 ----a-w- c:\users\Filda\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-04-12 609144]
"Stage Remote"="c:\program files (x86)\Dell\Stage Remote\StageRemote.exe" [2011-06-28 2022976]
"AtherosBtStack"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" [2011-05-20 627360]
"AthBtTray"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe" [2011-05-20 379552]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2011-04-29 2055016]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2013-02-21 2991856]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-11-15 171064]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-11-15 399416]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-11-15 441912]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-09-08 1424896]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.bing.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=;ftp=;https=;
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
Trusted Zone: dell.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2784445265-4268745598-2048603260-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{79594272-4871-B97C-CE95-F908A6104A83}*]
"iaidclmekpmcilkdhj"=hex:69,61,64,61,62,66,6b,6b,61,65,6c,6a,64,6a,66,61,6b,6a,
00,77
"haodiajfnndelpmc"=hex:69,61,64,61,62,66,6b,6b,61,65,6c,6a,64,6a,66,61,6b,6a,
00,77
"iaeckfmfpfhlgelhgg"=hex:63,61,68,61,6d,6d,00,00
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-09-18 20:36:15
ComboFix-quarantined-files.txt 2013-09-18 18:36
.
Před spuštěním: Volných bajtů: 273 295 855 616
Po spuštění: Volných bajtů: 273 150 504 960
.
- - End Of File - - 138E20BA0F7E18EA83B60333486D803C

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2784445265-4268745598-2048603260-1001Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2784445265-4268745598-2048603260-1001UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\users\Filda\AppData\Local\Facebook\Update
c:\program files (x86)\Seznam.cz\distribution
c:\program files (x86)\Skype\Updater
c:\users\Filda\AppData\Local\Facebook\Update
c:\program files (x86)\Google\Update

Driver::
SkypeUpdate

Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"seznam-listicka-distribuce"=-

RegLock::
[HKEY_USERS\S-1-5-21-2784445265-4268745598-2048603260-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{79594272-4871-B97C-CE95-F908A6104A83}*]
"iaidclmekpmcilkdhj"=hex:69,61,64,61,62,66,6b,6b,61,65,6c,6a,64,6a,66,61,6b,6a,
 00,77
"haodiajfnndelpmc"=hex:69,61,64,61,62,66,6b,6b,61,65,6c,6a,64,6a,66,61,6b,6a,
 00,77
"iaeckfmfpfhlgelhgg"=hex:63,61,68,61,6d,6d,00,00
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[Gujin]

ComboFix 13-09-17.01 - Filda 19.09.2013 15:34:19.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4003.2522 [GMT 2:00]
Spuštěný z: c:\users\Filda\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Filda\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2784445265-4268745598-2048603260-1001Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2784445265-4268745598-2048603260-1001UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.21.153\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.21.153\goopdate.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.21.153\psmachine.dll
c:\program files (x86)\Google\Update\1.3.21.153\psuser.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.153\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\29.0.1547.66\29.0.1547.66_29.0.1547.62_chrome_updater.exe
c:\program files (x86)\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\7.1.1.1888\GoogleEarth-Win-Bundle-7.1.1.1888.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Seznam.cz\distribution
c:\program files (x86)\Seznam.cz\distribution\install\cz.seznam.software.autoupdate-1.0.5-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\cz.seznam.software.chromelisticka-1.4.2.1-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\cz.seznam.software.szninstall-1.1.3-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\cz.seznam.software.sznsetup-1.1.1-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\packages.inf
c:\program files (x86)\Seznam.cz\distribution\install\szn-software-base-1.0.0-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\szn-software-core-4-4.1.2-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\szn-software-email-4-4.0.4-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\szn-software-fflisticka-2.5.4-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\szn-software-ielisticka-2.6.2-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\szn-software-listicka-2.6.2-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\szn-software-seznamdesktop-1.0.4-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\szn-software-srank-4.1.1-win32.zip
c:\program files (x86)\Seznam.cz\distribution\partner.conf
c:\program files (x86)\Seznam.cz\distribution\sources.inf
c:\program files (x86)\Seznam.cz\distribution\szninstall.exe
c:\program files (x86)\Seznam.cz\distribution\sznsetup.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\users\Filda\AppData\Local\Facebook\Update
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\FacebookCrashHandler.exe
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdate.exe
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdateHelper.msi
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ar.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bg.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bn.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ca.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_cs.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_da.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_de.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_el.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en-GB.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es-419.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_et.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fa.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fi.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fil.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fr.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_gu.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hi.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hr.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hu.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_id.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_is.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_it.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_iw.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ja.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_kn.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ko.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lt.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lv.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ml.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_mr.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ms.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_nl.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_no.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_or.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pl.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-BR.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-PT.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ro.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ru.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sk.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sl.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sr.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sv.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ta.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_te.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_th.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_tr.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_uk.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ur.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_vi.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-CN.dll
c:\users\Filda\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-TW.dll
c:\users\Filda\AppData\Local\Facebook\Update\FacebookUpdate.exe
c:\users\Filda\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2784445265-4268745598-2048603260-1001Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2784445265-4268745598-2048603260-1001UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-19 do 2013-09-19 )))))))))))))))))))))))))))))))
.
.
2013-09-19 13:46 . 2013-09-19 13:46 -------- d-----w- c:\users\Maminka\AppData\Local\temp
2013-09-19 13:46 . 2013-09-19 13:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-19 13:17 . 2013-09-19 13:19 -------- d-----w- c:\users\Filda\AppData\Local\96799E14-03AA-4E84-AA7D-DF1C2AA926D7.aplzod
2013-09-19 13:09 . 2013-09-19 13:09 -------- d-----w- c:\program files\iPod
2013-09-19 13:09 . 2013-09-19 13:10 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-19 13:09 . 2013-09-19 13:10 -------- d-----w- c:\program files\iTunes
2013-09-19 13:09 . 2013-09-19 13:10 -------- d-----w- c:\program files (x86)\iTunes
2013-09-19 13:01 . 2013-09-19 13:01 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2013-09-19 13:01 . 2013-09-19 13:01 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2013-09-19 13:01 . 2013-09-19 13:01 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2013-09-19 13:01 . 2013-09-19 13:01 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2013-09-19 13:01 . 2013-09-19 13:01 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2013-09-19 13:00 . 2013-09-19 13:01 -------- d-----w- c:\program files (x86)\QuickTime
2013-09-18 13:23 . 2013-09-18 13:23 -------- d-----w- c:\windows\ERUNT
2013-09-17 12:59 . 2013-09-18 18:13 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9A58E135-E0FA-4F6B-811F-501041F9790C}\offreg.dll
2013-09-17 07:45 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9A58E135-E0FA-4F6B-811F-501041F9790C}\mpengine.dll
2013-09-16 16:07 . 2013-09-16 17:07 -------- d-----w- C:\AdwCleaner
2013-09-16 15:56 . 2013-09-16 15:56 -------- d-----w- c:\users\Filda\AppData\Roaming\Malwarebytes
2013-09-16 15:56 . 2013-09-16 15:56 -------- d-----w- c:\programdata\Malwarebytes
2013-09-16 15:56 . 2013-09-16 15:56 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-09-16 15:56 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-12 09:10 . 2013-09-12 09:10 -------- d-----w- c:\users\Filda\AppData\Roaming\HTC Sync
2013-09-12 09:10 . 2013-09-12 09:10 -------- d-----w- c:\users\Filda\AppData\Roaming\HTC
2013-09-12 09:10 . 2013-09-12 09:10 -------- d-----w- c:\programdata\HTC
2013-09-12 09:08 . 2013-09-19 13:51 -------- d-----w- c:\users\Filda\AppData\Local\HTC MediaHub
2013-09-12 09:08 . 2013-09-12 09:08 -------- d-----w- c:\users\Filda\.android
2013-09-12 09:08 . 2013-09-12 09:08 -------- d-----w- c:\programdata\Motorola
2013-09-12 09:08 . 2013-09-12 09:08 -------- d-----w- c:\program files (x86)\Common Files\Nero
2013-09-12 09:07 . 2013-09-12 09:07 -------- d-----w- c:\program files (x86)\HTC
2013-09-12 09:07 . 2013-09-12 09:07 -------- d-----w- c:\program files (x86)\Spirent Communications
2013-09-12 09:05 . 2013-09-12 09:05 -------- d-----w- c:\users\Filda\AppData\Local\Downloaded Installations
2013-09-11 05:08 . 2013-08-05 02:25 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-09-11 05:07 . 2013-08-02 02:12 6656 ----a-w- c:\windows\system32\apisetschema.dll
2013-09-11 05:07 . 2013-08-02 02:12 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 05:07 . 2013-08-02 01:48 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-09-11 05:07 . 2013-08-02 01:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 05:07 . 2013-08-02 00:45 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-09-11 05:07 . 2013-08-02 00:45 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-09-11 05:07 . 2013-08-02 00:45 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-09-11 05:07 . 2013-08-08 01:20 3155456 ----a-w- c:\windows\system32\win32k.sys
2013-09-11 05:07 . 2013-07-26 02:24 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-09-11 05:07 . 2013-07-26 02:24 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-09-09 15:36 . 2013-09-09 15:36 -------- d-----w- c:\users\Filda\AppData\Local\Overwolf
2013-09-09 08:30 . 2013-09-09 08:32 -------- d-----w- c:\users\Filda\AppData\Local\Microsoft Games
2013-09-07 22:42 . 2013-09-14 14:28 -------- d-----w- c:\program files (x86)\GTA San Andreas
2013-09-07 11:26 . 2013-09-07 11:26 388096 ----a-r- c:\users\Filda\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-09-07 11:26 . 2013-09-07 11:26 -------- d-----w- c:\program files (x86)\HJT
2013-08-30 21:39 . 2013-08-30 21:39 -------- d-----w- c:\program files\AutoHotkey
2013-08-21 22:39 . 2013-08-21 22:39 -------- d-----w- c:\users\Filda\AppData\Roaming\SpinTires
2013-08-21 22:39 . 2013-08-21 22:39 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_7.dll
2013-08-21 22:38 . 2013-08-21 22:38 -------- d-----w- c:\programdata\Logs
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-13 10:38 . 2013-08-07 01:20 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-13 10:38 . 2013-08-07 01:20 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-11 10:52 . 2013-07-03 09:39 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-08-21 08:03 . 2013-08-06 22:48 268968 ----a-w- c:\windows\SysWow64\sqlite3.dll
2013-08-14 08:13 . 2013-08-06 23:22 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-08-07 02:22 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-06 23:22 . 2013-08-06 23:22 53248 ----a-r- c:\users\Filda\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-08-02 01:48 . 2013-09-11 05:08 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-28 20:32 . 2013-07-28 20:32 619008 ----a-w- c:\windows\SysWow64\dx7vb.dll
2013-07-28 20:24 . 2013-07-28 20:24 1227264 ----a-w- c:\windows\SysWow64\dx8vb.dll
2013-07-25 09:25 . 2013-08-14 07:57 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-14 07:57 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58 . 2013-08-14 07:57 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-19 01:41 . 2013-08-14 07:57 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-07-09 05:52 . 2013-08-14 07:57 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-07-09 05:51 . 2013-08-14 07:57 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 05:46 . 2013-08-14 07:57 1472512 ----a-w- c:\windows\system32\crypt32.dll
2013-07-09 05:46 . 2013-08-14 07:57 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-09 05:46 . 2013-08-14 07:57 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-09 04:52 . 2013-08-14 07:57 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-07-09 04:52 . 2013-08-14 07:57 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-09 04:46 . 2013-08-14 07:57 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-09 04:46 . 2013-08-14 07:57 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-07-09 04:46 . 2013-08-14 07:57 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-07-07 08:39 . 2013-07-07 08:39 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-07-07 08:39 . 2013-07-07 08:39 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-07-07 08:39 . 2013-07-07 08:39 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-07-06 06:03 . 2013-08-14 07:57 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-07-03 09:47 . 2013-07-03 09:47 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-07-03 09:47 . 2013-07-03 09:47 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-07-03 09:47 . 2013-07-03 09:47 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-07-03 09:47 . 2013-07-03 09:47 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-07-03 09:47 . 2013-07-03 09:47 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-07-03 09:47 . 2013-07-03 09:47 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-07-03 09:47 . 2013-07-03 09:47 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-07-03 09:47 . 2013-07-03 09:47 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-07-03 09:47 . 2013-07-03 09:47 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-07-03 09:47 . 2013-07-03 09:47 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-07-03 09:47 . 2013-07-03 09:47 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-07-03 09:47 . 2013-07-03 09:47 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-07-03 09:47 . 2013-07-03 09:47 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-07-03 09:47 . 2013-07-03 09:47 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-07-03 09:47 . 2013-07-03 09:47 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-07-03 09:47 . 2013-07-03 09:47 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-07-03 09:47 . 2013-07-03 09:47 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-07-03 09:47 . 2013-07-03 09:47 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-07-03 09:47 . 2013-07-03 09:47 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-07-03 09:47 . 2013-07-03 09:47 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-07-03 09:47 . 2013-07-03 09:47 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-07-03 09:47 . 2013-07-03 09:47 81408 ----a-w- c:\windows\system32\icardie.dll
2013-07-03 09:47 . 2013-07-03 09:47 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-07-03 09:47 . 2013-07-03 09:47 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-07-03 09:47 . 2013-07-03 09:47 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-07-03 09:47 . 2013-07-03 09:47 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-07-03 09:47 . 2013-07-03 09:47 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-07-03 09:47 . 2013-07-03 09:47 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-07-03 09:47 . 2013-07-03 09:47 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-07-03 09:47 . 2013-07-03 09:47 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-07-03 09:47 . 2013-07-03 09:47 441856 ----a-w- c:\windows\system32\html.iec
2013-07-03 09:47 . 2013-07-03 09:47 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-07-03 09:47 . 2013-07-03 09:47 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-07-03 09:47 . 2013-07-03 09:47 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-07-03 09:47 . 2013-07-03 09:47 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-07-03 09:47 . 2013-07-03 09:47 235008 ----a-w- c:\windows\system32\url.dll
2013-07-03 09:47 . 2013-07-03 09:47 216064 ----a-w- c:\windows\system32\msls31.dll
2013-07-03 09:47 . 2013-07-03 09:47 197120 ----a-w- c:\windows\system32\msrating.dll
2013-07-03 09:47 . 2013-07-03 09:47 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-07-03 09:47 . 2013-07-03 09:47 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-07-03 09:47 . 2013-07-03 09:47 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-07-03 09:47 . 2013-07-03 09:47 149504 ----a-w- c:\windows\system32\occache.dll
2013-07-03 09:47 . 2013-07-03 09:47 144896 ----a-w- c:\windows\system32\wextract.exe
2013-07-03 09:47 . 2013-07-03 09:47 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-07-03 09:47 . 2013-07-03 09:47 13824 ----a-w- c:\windows\system32\mshta.exe
2013-07-03 09:47 . 2013-07-03 09:47 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-07-03 09:47 . 2013-07-03 09:47 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-07-03 09:47 . 2013-07-03 09:47 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-07-03 09:47 . 2013-07-03 09:47 102912 ----a-w- c:\windows\system32\inseng.dll
2013-06-30 14:28 . 2013-06-30 14:28 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-06-30 14:12 . 2013-06-30 14:12 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-30 14:12 . 2013-06-30 14:12 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-30 14:12 . 2011-09-29 00:21 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\Filda\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\Filda\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\Filda\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\users\Filda\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-21 19875432]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"AirVideoServer"="c:\program files (x86)\AirVideoServer\AirVideoServer.exe" [2012-07-19 4935112]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-09-14 59720]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-09-15 59720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-04-13 503942]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"Dell Registration"="c:\program files (x86)\System Registration\prodreg.exe" [2010-11-10 4144448]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2013-09-03 40312]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2011-04-29 885760]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"ASUS Ai Charger"="c:\program files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe" [2012-08-13 547984]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-09-17 152392]
.
c:\users\Filda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Filda\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-6-5 27370808]
Facebook Messenger.lnk - c:\users\Filda\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe [2013-3-7 248240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [x]
R2 SecureUpdateSvc;SecureUpdate;c:\program files (x86)\Secure Speed Dial\IE\SecureUpdate.exe;c:\program files (x86)\Secure Speed Dial\IE\SecureUpdate.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [x]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 AiCharger;AiCharger;SysWow64\drivers\AiCharger.sys;SysWow64\drivers\AiCharger.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-05 12:19 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-07 10:38]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 164016 ----a-w- c:\users\Filda\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 164016 ----a-w- c:\users\Filda\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 164016 ----a-w- c:\users\Filda\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 164016 ----a-w- c:\users\Filda\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-04-12 609144]
"Stage Remote"="c:\program files (x86)\Dell\Stage Remote\StageRemote.exe" [2011-06-28 2022976]
"AtherosBtStack"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" [2011-05-20 627360]
"AthBtTray"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe" [2011-05-20 379552]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2011-04-29 2055016]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2013-02-21 2991856]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-11-15 171064]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-11-15 399416]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-11-15 441912]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-09-08 1424896]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.bing.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=;ftp=;https=;
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
Trusted Zone: dell.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2784445265-4268745598-2048603260-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{79594272-4871-B97C-CE95-F908A6104A83}*]
"iaidclmekpmcilkdhj"=hex:69,61,64,61,62,66,6b,6b,61,65,6c,6a,64,6a,66,61,6b,6a,
00,77
"haodiajfnndelpmc"=hex:69,61,64,61,62,66,6b,6b,61,65,6c,6a,64,6a,66,61,6b,6a,
00,77
"iaeckfmfpfhlgelhgg"=hex:63,61,68,61,6d,6d,00,00
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2013-09-19 16:03:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-19 14:03
ComboFix2.txt 2013-09-18 18:36
.
Před spuštěním: Volných bajtů: 271 973 318 656
Po spuštění: Volných bajtů: 271 356 768 256
.
- - End Of File - - F6795487F526EE71E4B122385C99E0B7


HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:08:05, on 19.9.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\HJT\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=;ftp=;https=;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Speed - {48A789BF-F6D6-4930-9C8B-77855A63EDE1} - C:\PROGRA~2\SECURE~1\IE\SPEEDD~1.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
O4 - HKLM\..\Run: [RoxWatchTray] "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
O4 - HKLM\..\Run: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ASUS Ai Charger] C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [AirVideoServer] C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - Startup: Dropbox.lnk = Filda\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Facebook Messenger.lnk = Filda\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: SecureUpdate (SecureUpdateSvc) - Unknown owner - C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14809 bytes



aswMBR dodám později.