PC-HELP.CZ

České diskuzní fórum o počítačích
https://pc-help.cnews.cz/

Prosím o pomoc

https://pc-help.cnews.cz/viewtopic.php?f=70&t=156473

Stránka 1 z 3

Prosím o pomoc  Vyřešeno

Napsal: 19 čer 2015 23:27
od Odahviing
Asi už 3 dny mi Eset stále opakuje tyto hrozby a infiltrace -> horní je z karantény a dolní z protokolů. Jednu infiltraci mi opakoval 100x.
Nevím si s tím vůbec rady jak se toho zbavit. Budu moc rád za každou radu.

Děkuji :-)

Obrázek.jpg

Re: Prosím o pomoc

Napsal: 20 čer 2015 07:54
od fredik
Vítej na fóru!

Vlož sem log z HJT

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

Re: Prosím o pomoc

Napsal: 22 čer 2015 13:55
od Odahviing
Zde posílám log z každého toho programu.


# AdwCleaner v4.207 - Log vytvořen 22/06/2015 v 13:30:06
# Aktualizováno 21/06/2015 by Xplode
# Databáze : 2015-06-21.2 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Lenovo - IDEA-PC
# Spuštěno z : C:\Users\Lenovo\Desktop\AdwCleaner.exe
# Nastavení : Sken

***** [ Služby ] *****


***** [ Soubory / Složky ] *****


***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{9B7B034B-944A-4261-B487-862F642F7615}

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Mozilla Firefox v38.0.1 (x86 cs)


-\\ Google Chrome v43.0.2357.124


-\\ Opera v30.0.1835.59


*************************

AdwCleaner[R0].txt - [751 bytů] - [22/06/2015 13:30:06]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [808 bytů] ##########






Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 22. 6. 2015
Čas skenování: 13:33:28
Protokol: Malwarebytes Anti-Malware log.txt
Správce: Ano

Verze: 2.01.6.1022
Databáze malwaru: v2015.06.22.01
Databáze rootkitů: v2015.06.15.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Lenovo

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 434509
Uplynulý čas: 14 min, 52 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 1
Trojan.Sathurbot, HKLM\SOFTWARE\CLASSES\CLSID\{3B5B973C-92A4-4855-9D3F-0F3D23332208}, , [dfda7b4264264cea926a6c457093c43c],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 31
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0734d39cfb8b071990d4886f2d949a3b, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1796e7d6e66fced6b67278be55ac8792, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\25c3c77067e1c76ae25ec7e469130747, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3243f2e2dd6dcbdf1d5a864320a81d97, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\388259f596ebc79086bef6b622fa89ea, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\40a980d07864cb2d3bc536509ceb2fbf, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\53300681bf06d8cd4a29a4eef8256979, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5796bcc07cbb2cda2efb9eee3798e749, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6380b49e0020bec1affc1c2ffbc79660, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\70b67386f19eeb69314be61c09dfe702, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\70dc66296b2d1ef53d5ff050e08cb527, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\72e85f85f59c90941e6e08f54a3bd4ca, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8519dc14775b5d802da81b4c850992fa, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a65324063d01973e672b725fab36bb6e, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b9de4a4371d5e2eb97637e942fdfd4b9, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\bc3ed0279228b37bf52f0d8e8dcf81b2, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\be196a8ea5dc148896d79dd6b9fed868, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c40d98b79bac0c7b0ea3c0cc9a1bfc70, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cc9539033650fa2e4e0fa565ed296de4, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d7f43d377ecd245f2e40e1e4d8018158, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e816d0bbcebc18f1837aad16171798a6, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ea38836ea45a37832eab79355c0bc2d9, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f693d20f01d58120a1a6101701c0e23c, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fece1eee3c6733bff5e297f082e304d5, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp, , [7e3bcdf00e7c0135355d6c87c83bad53],

Soubory: 169
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dll, , [dfda7b4264264cea926a6c457093c43c],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\31638e7c368ed8fe588ee98852621b94, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\5e75f71a9582a18eb95abf5b0d3401ba, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\6df28ba66161ee6c0352c43eca6c22a5, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\a6067fb5b9f79ffe3462e8490458020c, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\b087cbbf130e1103e41e9ea3a0c58db5, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\dbadf687331785c824ea9f609eee1831, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\zepplauncher.mif, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\0734d39cfb8b071990d4886f2d949a3b, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\1796e7d6e66fced6b67278be55ac8792, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\25c3c77067e1c76ae25ec7e469130747, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\3243f2e2dd6dcbdf1d5a864320a81d97, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\388259f596ebc79086bef6b622fa89ea, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\40a980d07864cb2d3bc536509ceb2fbf, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\53300681bf06d8cd4a29a4eef8256979, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\5796bcc07cbb2cda2efb9eee3798e749, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\6380b49e0020bec1affc1c2ffbc79660, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\70b67386f19eeb69314be61c09dfe702, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\70dc66296b2d1ef53d5ff050e08cb527, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\72e85f85f59c90941e6e08f54a3bd4ca, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\8519dc14775b5d802da81b4c850992fa, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\a65324063d01973e672b725fab36bb6e, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\b9de4a4371d5e2eb97637e942fdfd4b9, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\bc3ed0279228b37bf52f0d8e8dcf81b2, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\be196a8ea5dc148896d79dd6b9fed868, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\c40d98b79bac0c7b0ea3c0cc9a1bfc70, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\cc9539033650fa2e4e0fa565ed296de4, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\d7f43d377ecd245f2e40e1e4d8018158, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\e816d0bbcebc18f1837aad16171798a6, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\ea38836ea45a37832eab79355c0bc2d9, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\f693d20f01d58120a1a6101701c0e23c, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\fece1eee3c6733bff5e297f082e304d5, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\0734d39cfb8b071990d4886f2d949a3b, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\1796e7d6e66fced6b67278be55ac8792, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\25c3c77067e1c76ae25ec7e469130747, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\3243f2e2dd6dcbdf1d5a864320a81d97, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\388259f596ebc79086bef6b622fa89ea, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\40a980d07864cb2d3bc536509ceb2fbf, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\53300681bf06d8cd4a29a4eef8256979, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\5796bcc07cbb2cda2efb9eee3798e749, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\6380b49e0020bec1affc1c2ffbc79660, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\70b67386f19eeb69314be61c09dfe702, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\70dc66296b2d1ef53d5ff050e08cb527, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\72e85f85f59c90941e6e08f54a3bd4ca, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\8519dc14775b5d802da81b4c850992fa, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\a65324063d01973e672b725fab36bb6e, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\b9de4a4371d5e2eb97637e942fdfd4b9, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\bc3ed0279228b37bf52f0d8e8dcf81b2, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\be196a8ea5dc148896d79dd6b9fed868, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\c40d98b79bac0c7b0ea3c0cc9a1bfc70, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\cc9539033650fa2e4e0fa565ed296de4, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\d7f43d377ecd245f2e40e1e4d8018158, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\e816d0bbcebc18f1837aad16171798a6, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\ea38836ea45a37832eab79355c0bc2d9, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\f693d20f01d58120a1a6101701c0e23c, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\fece1eee3c6733bff5e297f082e304d5, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\0734d39cfb8b071990d4886f2d949a3b, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\1796e7d6e66fced6b67278be55ac8792, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\25c3c77067e1c76ae25ec7e469130747, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\3243f2e2dd6dcbdf1d5a864320a81d97, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\388259f596ebc79086bef6b622fa89ea, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\40a980d07864cb2d3bc536509ceb2fbf, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\53300681bf06d8cd4a29a4eef8256979, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\5796bcc07cbb2cda2efb9eee3798e749, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\6380b49e0020bec1affc1c2ffbc79660, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\70b67386f19eeb69314be61c09dfe702, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\70dc66296b2d1ef53d5ff050e08cb527, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\72e85f85f59c90941e6e08f54a3bd4ca, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\8519dc14775b5d802da81b4c850992fa, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\a65324063d01973e672b725fab36bb6e, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\b9de4a4371d5e2eb97637e942fdfd4b9, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\bc3ed0279228b37bf52f0d8e8dcf81b2, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\be196a8ea5dc148896d79dd6b9fed868, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\c40d98b79bac0c7b0ea3c0cc9a1bfc70, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\cc9539033650fa2e4e0fa565ed296de4, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\d7f43d377ecd245f2e40e1e4d8018158, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\e816d0bbcebc18f1837aad16171798a6, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\ea38836ea45a37832eab79355c0bc2d9, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\f693d20f01d58120a1a6101701c0e23c, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\fece1eee3c6733bff5e297f082e304d5, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0734d39cfb8b071990d4886f2d949a3b\Lite x264 Codec Pack.exe, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0734d39cfb8b071990d4886f2d949a3b\Tusk 2014.avi, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0734d39cfb8b071990d4886f2d949a3b\Tusk 2014.nfo, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1796e7d6e66fced6b67278be55ac8792\Satellite TV For PC 2011 Elite Edition.exe, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1796e7d6e66fced6b67278be55ac8792\Satellite TV For PC 2011 Elite Edition.nfo, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\25c3c77067e1c76ae25ec7e469130747\Lite x264 Codec Pack.exe, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\25c3c77067e1c76ae25ec7e469130747\While Were Young 2014.avi, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\25c3c77067e1c76ae25ec7e469130747\While Were Young 2014.nfo, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3243f2e2dd6dcbdf1d5a864320a81d97\Yahoo! Toolbar.exe, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3243f2e2dd6dcbdf1d5a864320a81d97\Yahoo! Toolbar.nfo, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\388259f596ebc79086bef6b622fa89ea\Professional Bartender.exe, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\388259f596ebc79086bef6b622fa89ea\Professional Bartender.nfo, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\40a980d07864cb2d3bc536509ceb2fbf\Silver Efex Pro.exe, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\40a980d07864cb2d3bc536509ceb2fbf\Silver Efex Pro.nfo, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\53300681bf06d8cd4a29a4eef8256979\Lite x264 Codec Pack.exe, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\53300681bf06d8cd4a29a4eef8256979\Wild Card 2015.avi, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\53300681bf06d8cd4a29a4eef8256979\Wild Card 2015.nfo, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5796bcc07cbb2cda2efb9eee3798e749\Lite x264 Codec Pack.exe, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5796bcc07cbb2cda2efb9eee3798e749\Whiplash 2014.avi, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5796bcc07cbb2cda2efb9eee3798e749\Whiplash 2014.nfo, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6380b49e0020bec1affc1c2ffbc79660\Lite x264 Codec Pack.exe, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6380b49e0020bec1affc1c2ffbc79660\Pitch Perfect 2 2015.avi, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6380b49e0020bec1affc1c2ffbc79660\Pitch Perfect 2 2015.nfo, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\70b67386f19eeb69314be61c09dfe702\Lite x264 Codec Pack.exe, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\70b67386f19eeb69314be61c09dfe702\The Signal 2014.avi, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\70b67386f19eeb69314be61c09dfe702\The Signal 2014.nfo, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\70dc66296b2d1ef53d5ff050e08cb527\JProfiler.exe, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\70dc66296b2d1ef53d5ff050e08cb527\JProfiler.nfo, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\72e85f85f59c90941e6e08f54a3bd4ca\Lite x264 Codec Pack.exe, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\72e85f85f59c90941e6e08f54a3bd4ca\Still Alice 2014.avi, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\72e85f85f59c90941e6e08f54a3bd4ca\Still Alice 2014.nfo, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8519dc14775b5d802da81b4c850992fa\Mobile Master.exe, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8519dc14775b5d802da81b4c850992fa\Mobile Master.nfo, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a65324063d01973e672b725fab36bb6e\Lite x264 Codec Pack.exe, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a65324063d01973e672b725fab36bb6e\The Good Dinosaur 2015.avi, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a65324063d01973e672b725fab36bb6e\The Good Dinosaur 2015.nfo, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b9de4a4371d5e2eb97637e942fdfd4b9\PhotoScore Ultimate.exe, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b9de4a4371d5e2eb97637e942fdfd4b9\PhotoScore Ultimate.nfo, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\bc3ed0279228b37bf52f0d8e8dcf81b2\Lite x264 Codec Pack.exe, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\bc3ed0279228b37bf52f0d8e8dcf81b2\Unfriended 2014.avi, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\bc3ed0279228b37bf52f0d8e8dcf81b2\Unfriended 2014.nfo, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\be196a8ea5dc148896d79dd6b9fed868\Ultra Video Splitter.exe, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\be196a8ea5dc148896d79dd6b9fed868\Ultra Video Splitter.nfo, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c40d98b79bac0c7b0ea3c0cc9a1bfc70\Macro Scheduler Automation Tool.exe, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c40d98b79bac0c7b0ea3c0cc9a1bfc70\Macro Scheduler Automation Tool.nfo, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cc9539033650fa2e4e0fa565ed296de4\Home 2015.avi, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cc9539033650fa2e4e0fa565ed296de4\Home 2015.nfo, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cc9539033650fa2e4e0fa565ed296de4\Lite x264 Codec Pack.exe, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d7f43d377ecd245f2e40e1e4d8018158\Lite x264 Codec Pack.exe, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d7f43d377ecd245f2e40e1e4d8018158\The Age of Adaline 2015.avi, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d7f43d377ecd245f2e40e1e4d8018158\The Age of Adaline 2015.nfo, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e816d0bbcebc18f1837aad16171798a6\Lite x264 Codec Pack.exe, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e816d0bbcebc18f1837aad16171798a6\The Fault in Our Stars 2014.avi, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e816d0bbcebc18f1837aad16171798a6\The Fault in Our Stars 2014.nfo, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ea38836ea45a37832eab79355c0bc2d9\Kaspersky Anti-Virus.exe, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ea38836ea45a37832eab79355c0bc2d9\Kaspersky Anti-Virus.nfo, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ea38836ea45a37832eab79355c0bc2d9\Setup.dat, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f693d20f01d58120a1a6101701c0e23c\Don Jon 2013.avi, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f693d20f01d58120a1a6101701c0e23c\Don Jon 2013.nfo, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f693d20f01d58120a1a6101701c0e23c\Lite x264 Codec Pack.exe, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fece1eee3c6733bff5e297f082e304d5\Iron Man 3 2013.avi, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fece1eee3c6733bff5e297f082e304d5\Iron Man 3 2013.nfo, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fece1eee3c6733bff5e297f082e304d5\Lite x264 Codec Pack.exe, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp1B56.tmp, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp1B82.tmp, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp22F5.tmp, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp26E0.tmp, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp294A.tmp, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp2B22.tmp, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp418C.tmp, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp51C9.tmp, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp5647.tmp, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp59F6.tmp, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp6874.tmp, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp7451.tmp, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp8605.tmp, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp887.tmp, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp99AB.tmp, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpB8E9.tmp, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpBD0D.tmp, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpD2A1.tmp, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpD9B0.tmp, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpE49E.tmp, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpE87B.tmp, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpE87C.tmp, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpE88.tmp, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpEB8F.tmp, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpF001.tmp, , [7e3bcdf00e7c0135355d6c87c83bad53],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\{FEE85F15-DBE4-5A31-E0EC-0ED0930FDBB5}, , [7e3bcdf00e7c0135355d6c87c83bad53],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Re: Prosím o pomoc

Napsal: 22 čer 2015 14:14
od jerabina
PŘESOUVÁM DO SEKCE HJT !!

Vlož sem prosím ještě log z HJT podle následujícího návodu: http://www.pc-help.cz/viewtopic.php?t=5119

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Re: Prosím o pomoc

Napsal: 25 čer 2015 13:17
od Odahviing
Vkládám log od každého uvedeného programu. Měl jsem, ale problém s Malwarebytes anti-malware. Protože jak jsem chtěl dát "Vymazat-Clean" tak program přestal pracovat, zkoušel jsem to i v nouzovém režimu a také mi psal, že neodpovídá.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:14:37, on 25. 6. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\UMonit64.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\Lenovo\Desktop\Další dokumenty\Software\Hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [331BigDog] "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GalaxyClient] C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe /launchViaAutoStart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [IWsoft] C:\Windows\SysWOW64\regsvr32.exe C:\Users\Lenovo\AppData\Local\UQSmedia\3gfs31.dll
O4 - HKCU\..\Run: [Eztion] regsvr32.exe C:\Users\Lenovo\AppData\Local\Eztion\3gfs31.dll
O4 - Global Startup: iSCTsysTray.lnk = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: BrcmSetSecurity - Intel - C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - Unknown owner - C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe (file missing)
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: SplitCamService (SpliCamService) - SplitCam Co. - C:\Program Files (x86)\SplitCam\SplitCamService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11102 bytes



# AdwCleaner v4.207 - Log vytvořen 25/06/2015 v 11:17:07
# Aktualizováno 21/06/2015 by Xplode
# Databáze : 2015-06-23.1 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Lenovo - IDEA-PC
# Spuštěno z : C:\Users\Lenovo\Desktop\AdwCleaner.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****


***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{9B7B034B-944A-4261-B487-862F642F7615}

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Mozilla Firefox v38.0.1 (x86 cs)


-\\ Google Chrome v43.0.2357.130


-\\ Opera v30.0.1835.88


*************************

AdwCleaner[R0].txt - [885 bytů] - [22/06/2015 13:30:06]
AdwCleaner[R1].txt - [942 bytů] - [25/06/2015 11:15:22]
AdwCleaner[S0].txt - [867 bytů] - [25/06/2015 11:17:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [924 bytů] ##########


Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 25. 6. 2015
Čas skenování: 12:53:39
Protokol: MbAM.txt
Správce: Ano

Verze: 2.01.6.1022
Databáze malwaru: v2015.06.25.02
Databáze rootkitů: v2015.06.22.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Lenovo

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 433908
Uplynulý čas: 15 min, 58 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 1
Trojan.Sathurbot, HKLM\SOFTWARE\CLASSES\CLSID\{3B5B973C-92A4-4855-9D3F-0F3D23332208}, , [f0f65f5ffe8c15212cd671403fc438c8],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 31
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0734d39cfb8b071990d4886f2d949a3b, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1796e7d6e66fced6b67278be55ac8792, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\25c3c77067e1c76ae25ec7e469130747, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3243f2e2dd6dcbdf1d5a864320a81d97, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\388259f596ebc79086bef6b622fa89ea, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\40a980d07864cb2d3bc536509ceb2fbf, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\53300681bf06d8cd4a29a4eef8256979, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5796bcc07cbb2cda2efb9eee3798e749, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6380b49e0020bec1affc1c2ffbc79660, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\70b67386f19eeb69314be61c09dfe702, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\70dc66296b2d1ef53d5ff050e08cb527, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\72e85f85f59c90941e6e08f54a3bd4ca, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8519dc14775b5d802da81b4c850992fa, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a65324063d01973e672b725fab36bb6e, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b9de4a4371d5e2eb97637e942fdfd4b9, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\bc3ed0279228b37bf52f0d8e8dcf81b2, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\be196a8ea5dc148896d79dd6b9fed868, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c40d98b79bac0c7b0ea3c0cc9a1bfc70, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cc9539033650fa2e4e0fa565ed296de4, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d7f43d377ecd245f2e40e1e4d8018158, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e816d0bbcebc18f1837aad16171798a6, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ea38836ea45a37832eab79355c0bc2d9, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f693d20f01d58120a1a6101701c0e23c, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fece1eee3c6733bff5e297f082e304d5, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp, , [1bcbba04f09af73fe774737f1ae9837d],

Soubory: 171
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\31638e7c368ed8fe588ee98852621b94, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\5e75f71a9582a18eb95abf5b0d3401ba, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\6df28ba66161ee6c0352c43eca6c22a5, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\a6067fb5b9f79ffe3462e8490458020c, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\b087cbbf130e1103e41e9ea3a0c58db5, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\dbadf687331785c824ea9f609eee1831, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\zepplauncher.mif, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\0734d39cfb8b071990d4886f2d949a3b, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\1796e7d6e66fced6b67278be55ac8792, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\25c3c77067e1c76ae25ec7e469130747, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\3243f2e2dd6dcbdf1d5a864320a81d97, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\388259f596ebc79086bef6b622fa89ea, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\40a980d07864cb2d3bc536509ceb2fbf, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\53300681bf06d8cd4a29a4eef8256979, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\5796bcc07cbb2cda2efb9eee3798e749, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\6380b49e0020bec1affc1c2ffbc79660, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\70b67386f19eeb69314be61c09dfe702, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\70dc66296b2d1ef53d5ff050e08cb527, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\72e85f85f59c90941e6e08f54a3bd4ca, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\8519dc14775b5d802da81b4c850992fa, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\a65324063d01973e672b725fab36bb6e, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\b9de4a4371d5e2eb97637e942fdfd4b9, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\bc3ed0279228b37bf52f0d8e8dcf81b2, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\be196a8ea5dc148896d79dd6b9fed868, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\c40d98b79bac0c7b0ea3c0cc9a1bfc70, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\cc9539033650fa2e4e0fa565ed296de4, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\d7f43d377ecd245f2e40e1e4d8018158, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\e816d0bbcebc18f1837aad16171798a6, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\ea38836ea45a37832eab79355c0bc2d9, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\f693d20f01d58120a1a6101701c0e23c, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\fece1eee3c6733bff5e297f082e304d5, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\0734d39cfb8b071990d4886f2d949a3b, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\1796e7d6e66fced6b67278be55ac8792, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\25c3c77067e1c76ae25ec7e469130747, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\3243f2e2dd6dcbdf1d5a864320a81d97, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\388259f596ebc79086bef6b622fa89ea, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\40a980d07864cb2d3bc536509ceb2fbf, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\53300681bf06d8cd4a29a4eef8256979, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\5796bcc07cbb2cda2efb9eee3798e749, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\6380b49e0020bec1affc1c2ffbc79660, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\70b67386f19eeb69314be61c09dfe702, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\70dc66296b2d1ef53d5ff050e08cb527, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\72e85f85f59c90941e6e08f54a3bd4ca, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\8519dc14775b5d802da81b4c850992fa, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\a65324063d01973e672b725fab36bb6e, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\b9de4a4371d5e2eb97637e942fdfd4b9, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\bc3ed0279228b37bf52f0d8e8dcf81b2, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\be196a8ea5dc148896d79dd6b9fed868, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\c40d98b79bac0c7b0ea3c0cc9a1bfc70, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\cc9539033650fa2e4e0fa565ed296de4, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\d7f43d377ecd245f2e40e1e4d8018158, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\e816d0bbcebc18f1837aad16171798a6, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\ea38836ea45a37832eab79355c0bc2d9, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\f693d20f01d58120a1a6101701c0e23c, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\fece1eee3c6733bff5e297f082e304d5, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\0734d39cfb8b071990d4886f2d949a3b, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\1796e7d6e66fced6b67278be55ac8792, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\25c3c77067e1c76ae25ec7e469130747, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\3243f2e2dd6dcbdf1d5a864320a81d97, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\388259f596ebc79086bef6b622fa89ea, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\40a980d07864cb2d3bc536509ceb2fbf, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\53300681bf06d8cd4a29a4eef8256979, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\5796bcc07cbb2cda2efb9eee3798e749, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\6380b49e0020bec1affc1c2ffbc79660, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\70b67386f19eeb69314be61c09dfe702, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\70dc66296b2d1ef53d5ff050e08cb527, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\72e85f85f59c90941e6e08f54a3bd4ca, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\8519dc14775b5d802da81b4c850992fa, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\a65324063d01973e672b725fab36bb6e, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\b9de4a4371d5e2eb97637e942fdfd4b9, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\bc3ed0279228b37bf52f0d8e8dcf81b2, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\be196a8ea5dc148896d79dd6b9fed868, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\c40d98b79bac0c7b0ea3c0cc9a1bfc70, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\cc9539033650fa2e4e0fa565ed296de4, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\d7f43d377ecd245f2e40e1e4d8018158, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\e816d0bbcebc18f1837aad16171798a6, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\ea38836ea45a37832eab79355c0bc2d9, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\f693d20f01d58120a1a6101701c0e23c, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\fece1eee3c6733bff5e297f082e304d5, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0734d39cfb8b071990d4886f2d949a3b\Lite x264 Codec Pack.exe, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0734d39cfb8b071990d4886f2d949a3b\Tusk 2014.avi, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0734d39cfb8b071990d4886f2d949a3b\Tusk 2014.nfo, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1796e7d6e66fced6b67278be55ac8792\Satellite TV For PC 2011 Elite Edition.exe, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1796e7d6e66fced6b67278be55ac8792\Satellite TV For PC 2011 Elite Edition.nfo, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\25c3c77067e1c76ae25ec7e469130747\Lite x264 Codec Pack.exe, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\25c3c77067e1c76ae25ec7e469130747\While Were Young 2014.avi, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\25c3c77067e1c76ae25ec7e469130747\While Were Young 2014.nfo, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3243f2e2dd6dcbdf1d5a864320a81d97\Yahoo! Toolbar.exe, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3243f2e2dd6dcbdf1d5a864320a81d97\Yahoo! Toolbar.nfo, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\388259f596ebc79086bef6b622fa89ea\Professional Bartender.exe, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\388259f596ebc79086bef6b622fa89ea\Professional Bartender.nfo, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\40a980d07864cb2d3bc536509ceb2fbf\Silver Efex Pro.exe, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\40a980d07864cb2d3bc536509ceb2fbf\Silver Efex Pro.nfo, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\53300681bf06d8cd4a29a4eef8256979\Lite x264 Codec Pack.exe, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\53300681bf06d8cd4a29a4eef8256979\Wild Card 2015.avi, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\53300681bf06d8cd4a29a4eef8256979\Wild Card 2015.nfo, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5796bcc07cbb2cda2efb9eee3798e749\Lite x264 Codec Pack.exe, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5796bcc07cbb2cda2efb9eee3798e749\Whiplash 2014.avi, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5796bcc07cbb2cda2efb9eee3798e749\Whiplash 2014.nfo, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6380b49e0020bec1affc1c2ffbc79660\Lite x264 Codec Pack.exe, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6380b49e0020bec1affc1c2ffbc79660\Pitch Perfect 2 2015.avi, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6380b49e0020bec1affc1c2ffbc79660\Pitch Perfect 2 2015.nfo, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\70b67386f19eeb69314be61c09dfe702\Lite x264 Codec Pack.exe, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\70b67386f19eeb69314be61c09dfe702\The Signal 2014.avi, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\70b67386f19eeb69314be61c09dfe702\The Signal 2014.nfo, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\70dc66296b2d1ef53d5ff050e08cb527\JProfiler.exe, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\70dc66296b2d1ef53d5ff050e08cb527\JProfiler.nfo, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\72e85f85f59c90941e6e08f54a3bd4ca\Lite x264 Codec Pack.exe, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\72e85f85f59c90941e6e08f54a3bd4ca\Still Alice 2014.avi, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\72e85f85f59c90941e6e08f54a3bd4ca\Still Alice 2014.nfo, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8519dc14775b5d802da81b4c850992fa\Mobile Master.exe, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8519dc14775b5d802da81b4c850992fa\Mobile Master.nfo, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a65324063d01973e672b725fab36bb6e\Lite x264 Codec Pack.exe, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a65324063d01973e672b725fab36bb6e\The Good Dinosaur 2015.avi, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a65324063d01973e672b725fab36bb6e\The Good Dinosaur 2015.nfo, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b9de4a4371d5e2eb97637e942fdfd4b9\PhotoScore Ultimate.exe, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b9de4a4371d5e2eb97637e942fdfd4b9\PhotoScore Ultimate.nfo, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\bc3ed0279228b37bf52f0d8e8dcf81b2\Lite x264 Codec Pack.exe, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\bc3ed0279228b37bf52f0d8e8dcf81b2\Unfriended 2014.avi, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\bc3ed0279228b37bf52f0d8e8dcf81b2\Unfriended 2014.nfo, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\be196a8ea5dc148896d79dd6b9fed868\Ultra Video Splitter.exe, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\be196a8ea5dc148896d79dd6b9fed868\Ultra Video Splitter.nfo, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c40d98b79bac0c7b0ea3c0cc9a1bfc70\Macro Scheduler Automation Tool.exe, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c40d98b79bac0c7b0ea3c0cc9a1bfc70\Macro Scheduler Automation Tool.nfo, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cc9539033650fa2e4e0fa565ed296de4\Home 2015.avi, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cc9539033650fa2e4e0fa565ed296de4\Home 2015.nfo, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cc9539033650fa2e4e0fa565ed296de4\Lite x264 Codec Pack.exe, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d7f43d377ecd245f2e40e1e4d8018158\Lite x264 Codec Pack.exe, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d7f43d377ecd245f2e40e1e4d8018158\The Age of Adaline 2015.avi, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d7f43d377ecd245f2e40e1e4d8018158\The Age of Adaline 2015.nfo, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e816d0bbcebc18f1837aad16171798a6\Lite x264 Codec Pack.exe, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e816d0bbcebc18f1837aad16171798a6\The Fault in Our Stars 2014.avi, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e816d0bbcebc18f1837aad16171798a6\The Fault in Our Stars 2014.nfo, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ea38836ea45a37832eab79355c0bc2d9\Kaspersky Anti-Virus.exe, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ea38836ea45a37832eab79355c0bc2d9\Kaspersky Anti-Virus.nfo, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ea38836ea45a37832eab79355c0bc2d9\Setup.dat, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f693d20f01d58120a1a6101701c0e23c\Don Jon 2013.avi, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f693d20f01d58120a1a6101701c0e23c\Don Jon 2013.nfo, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f693d20f01d58120a1a6101701c0e23c\Lite x264 Codec Pack.exe, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fece1eee3c6733bff5e297f082e304d5\Iron Man 3 2013.avi, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fece1eee3c6733bff5e297f082e304d5\Iron Man 3 2013.nfo, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fece1eee3c6733bff5e297f082e304d5\Lite x264 Codec Pack.exe, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp1B56.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp1B82.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp22F5.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp26E0.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp294A.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp2B22.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp3A3A.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp418C.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp51C9.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp5647.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp59F6.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp6874.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp6D8.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp6EC4.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp7451.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp8605.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp887.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp99AB.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpB8E9.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpBD0D.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpD2A1.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpD9B0.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpE49E.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpE87B.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpE87C.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpE88.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpEB8F.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpF001.tmp, , [1bcbba04f09af73fe774737f1ae9837d],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\{FEE85F15-DBE4-5A31-E0EC-0ED0930FDBB5}, , [1bcbba04f09af73fe774737f1ae9837d],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.1.4 (06.25.2015:1)
OS: Windows 8.1 x64
Ran by Lenovo on źt 25. 06. 2015 at 12:39:30,96
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Chrome


[C:\Users\Lenovo\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Lenovo\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Lenovo\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Lenovo\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 25. 06. 2015 at 12:42:58,49
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



RogueKiller V10.8.6.0 (x64) [Jun 22 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9200 ) 64 bits version
Spuštěno : Normální režim
Uživatel : Lenovo [Práva správce]
Started from : C:\Users\Lenovo\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 06/25/2015 12:52:10

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 5 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\0PerformanceMonitor | (default) : {3B5B973C-92A4-4855-9D3F-0F3D23332208} [x] -> Nalezeno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1320642483-3030571100-942361551-1001\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/ -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1320642483-3030571100-942361551-1001\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/ -> Nalezeno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1320642483-3030571100-942361551-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://lenovo13.msn.com -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1320642483-3030571100-942361551-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://lenovo13.msn.com -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST500LM000-1EJ162 +++++
--- User ---
[MBR] e696d1d08dc6596f904e7ef3c0d644fc
[BSP] a7a8b3bb2d6fd21fa62ebb0775734bff : Empty|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 1000 MB
1 - [SYSTEM][MAN-MOUNT] EFI system partition | Offset (sectors): 2050048 | Size: 260 MB
2 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2582528 | Size: 1000 MB
3 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 4630528 | Size: 128 MB
4 - Basic data partition | Offset (sectors): 4892672 | Size: 432706 MB
5 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 891074560 | Size: 452 MB
6 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 892000256 | Size: 350 MB
7 - Basic data partition | Offset (sectors): 892717056 | Size: 25600 MB
8 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 945145856 | Size: 15443 MB
User = LL1 ... OK
User = LL2 ... OK

Re: Prosím o pomoc

Napsal: 25 čer 2015 14:07
od jerabina
Přesně stejný problém, že MBAM nechce mazat tuhle složku, jsme tu již měli, takže to vymažeme ručně.

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni antivir
Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;


klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Udělen nový sken MBAM a log sem vlož.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit Farbar Recovery Scan Tool (FRST)
32bit.:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
64bit.:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
a ulož jej na plochu. ,pak spusť FRST jako správce
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

Re: Prosím o pomoc

Napsal: 28 čer 2015 14:18
od Odahviing
RogueKiller V10.8.6.0 (x64) [Jun 22 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9200 ) 64 bits version
Spuštěno : Normální režim
Uživatel : Lenovo [Práva správce]
Started from : C:\Users\Lenovo\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 06/28/2015 13:11:21

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 5 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\0PerformanceMonitor | (default) : {3B5B973C-92A4-4855-9D3F-0F3D23332208} [x] -> Smazáno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1320642483-3030571100-942361551-1001\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/ -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1320642483-3030571100-942361551-1001\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/ -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1320642483-3030571100-942361551-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://lenovo13.msn.com -> Nahrazeno (http://www.microsoft.com/isapi/redir.dl ... ar=msnhome)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1320642483-3030571100-942361551-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://lenovo13.msn.com -> Nahrazeno (http://www.microsoft.com/isapi/redir.dl ... ar=msnhome)

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 3 ¤¤¤
[FIREFX:Addon] rnmc1a8t.default : Adblock Plus [{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] -> Smazáno
[FIREFX:Addon] rnmc1a8t.default : [{370B1449-3254-10C9-FBF1-78BA0D41B433}] -> Smazáno
[FIREFX:Addon] rnmc1a8t.default : Skype Click to Call [{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}] -> Smazáno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST500LM000-1EJ162 +++++
--- User ---
[MBR] e696d1d08dc6596f904e7ef3c0d644fc
[BSP] a7a8b3bb2d6fd21fa62ebb0775734bff : Empty|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 1000 MB
1 - [SYSTEM][MAN-MOUNT] EFI system partition | Offset (sectors): 2050048 | Size: 260 MB
2 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2582528 | Size: 1000 MB
3 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 4630528 | Size: 128 MB
4 - Basic data partition | Offset (sectors): 4892672 | Size: 432706 MB
5 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 891074560 | Size: 452 MB
6 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 892000256 | Size: 350 MB
7 - Basic data partition | Offset (sectors): 892717056 | Size: 25600 MB
8 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 945145856 | Size: 15443 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_SCN_06252015_125210.log - RKreport_SCN_06282015_131027.log



Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Lenovo on ne 28. 06. 2015 at 13:13:54,03.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Lenovo\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

28. 6. 2015 13:16:46 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\New Folder deleted successfully
C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully
C:\Users\Lenovo\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Lenovo\AppData\Local\EmieSiteList deleted successfully
C:\Users\Lenovo\AppData\Local\EmieUserList deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\rnmc1a8t.default\prefs.js:

Added to C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\rnmc1a8t.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\New Folder not found
C:\windows\SysNative\Tasks\OFFICE2013ACT deleted
C:\PROGRA~2\Warner Bros. Interactive Entertainment deleted
C:\PROGRA~2\Universal Interactive deleted
C:\extensions.ini deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
"C:\WINDOWS\Installer\2370040.msi" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\rnmc1a8t.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================


==== Chromium Look ======================

Google Chrome Version: 43.0.2357.130

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[01. 05. 2015 11:17]

AdBlock - Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

==== Chromium Startpages ======================

C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Preferences
_id\":\"59\",\"width_microns\":215900},{\"custom_display_name\":\"A4 Plus\",\"height_microns\":330000,\"name\":\"OM_FOLIO\",\"vendor_id\":\"60\",\"width_microns\":210000},{\"custom_display_name\":\"A3 Extra\",\"height_microns\":445000,\"name\":\"ISO_A3_EXTRA\",\"vendor_id\":\"63\",\"width_microns\":322000},{\"custom_display_name\":\"A5 Extra\",\"height_microns\":235000,\"name\":\"ISO_A5_EXTRA\",\"vendor_id\":\"64\",\"width_microns\":174000},{\"custom_display_name\":\"B5 (ISO) Extra\",\"height_microns\":276000,\"name\":\"ISO_B5_EXTRA\",\"vendor_id\":\"65\",\"width_microns\":201000},{\"custom_display_name\":\"A2\",\"height_microns\":594000,\"name\":\"ISO_A2\",\"vendor_id\":\"66\",\"width_microns\":420000},{\"custom_display_name\":\"Japonská dvojitá pohlednice\",\"height_microns\":200000,\"name\":\"JPN_OUFUKU\",\"vendor_id\":\"69\",\"width_microns\":148000},{\"custom_display_name\":\"A6\",\"height_microns\":148000,\"name\":\"ISO_A6\",\"vendor_id\":\"70\",\"width_microns\":105000},{\"custom_display_name\":\"Japonská obálka Kaku č. 2\",\"height_microns\":332000,\"name\":\"JPN_KAKU2\",\"vendor_id\":\"71\",\"width_microns\":240000},{\"custom_display_name\":\"Japonská obálka Kaku č. 3\",\"height_microns\":277000,\"vendor_id\":\"72\",\"width_microns\":216000},{\"custom_display_name\":\"Japonská obálka Chou č. 3\",\"height_microns\":235000,\"name\":\"JPN_CHOU3\",\"vendor_id\":\"73\",\"width_microns\":120000},{\"custom_display_name\":\"Japonská obálka Chou č. 4\",\"height_microns\":205000,\"name\":\"JPN_CHOU4\",\"vendor_id\":\"74\",\"width_microns\":90000},{\"custom_display_name\":\"B6 (JIS)\",\"height_microns\":182000,\"name\":\"JIS_B6\",\"vendor_id\":\"88\",\"width_microns\":128000},{\"custom_display_name\":\"12×11\",\"height_microns\":304900,\"name\":\"NA_11X12\",\"vendor_id\":\"90\",\"width_microns\":279500},{\"custom_display_name\":\"Japonská obálka You 4\",\"height_microns\":235000,\"name\":\"JPN_YOU4\",\"vendor_id\":\"91\",\"width_microns\":105000},{\"custom_display_name\":\"Obálka PRC č. 1\",\"height_microns\":165000,\"name\":\"PRC_1\",\"vendor_id\":\"96\",\"width_microns\":102000},{\"custom_display_name\":\"Obálka PRC č. 4\",\"height_microns\":208000,\"name\":\"PRC_4\",\"vendor_id\":\"99\",\"width_microns\":110000},{\"custom_display_name\":\"Obálka PRC č. 6\",\"height_microns\":230000,\"name\":\"PRC_6\",\"vendor_id\":\"101\",\"width_microns\":120000},{\"custom_display_name\":\"Obálka PRC č. 7\",\"height_microns\":230000,\"name\":\"PRC_7\",\"vendor_id\":\"102\",\"width_microns\":160000},{\"custom_display_name\":\"Obálka PRC č. 8\",\"height_microns\":309000,\"name\":\"PRC_8\",\"vendor_id\":\"103\",\"width_microns\":120000}]},\"page_orientation\":{\"option\":[{\"is_default\":true,\"type\":\"PORTRAIT\"},{\"type\":\"LANDSCAPE\"},{\"type\":\"AUTO\"}]},\"supported_content_type\":[{\"content_type\":\"application/pdf\"}]},\"version\":\"1.0\"},\"selectedDestinationName\":\"Microsoft XPS Document Writer\",\"selectedDestinationExtensionId\":\"\",\"selectedDestinationExtensionName\":\"\",\"mediaSize\":{\"custom_display_name\":\"A4\",\"height_microns\":297000,\"is_default\":true,\"name\":\"ISO_A4\",\"vendor_id\":\"9\",\"width_microns\":210000}}"}},"profile":{"avatar_index":26,"content_settings":{"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{"[*.]simpsonovi.nikee.net,*":{"setting":1},"http://free.zoznam.sk:80,http://free.zoznam.sk:80":{"setting":1},"http://nahnoji.cz:80,http://simpsonovi.nikee.net:80":{"setting":1},"https://[*.]www.youtube.com:443,*":{"setting":1},"https://koukni.cz:443,https://koukni.cz:443":{"setting":1},"https://r6---sn-2gb7ln7l.googlevideo.com:443,http://iwatchthis.net:80":{"setting":1}},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{"http://webcamtoy.com:80,*":{"last_used":1434197000},"http://www.amateri.cz:80,*":{"last_used":1433292000,"setting":1}},"media_stream_mic":{"http://www.amateri.cz:80,*":{"last_used":1433292000,"setting":1},"https://translate.google.cz:443,*":{"setting":2}},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"[*.]simpsonovi.nikee.net,*":{"fullscreen":1},"http://free.zoznam.sk:80,http://free.zoznam.sk:80":{"fullscreen":1},"http://nahnoji.cz:80,http://simpsonovi.nikee.net:80":{"fullscreen":1},"http://webcamtoy.com:80,*":{"last_used":{"media-stream-camera":1431967000}},"http://www.amateri.cz:80,*":{"last_used":{"media-stream-camera":1432207000,"media-stream-mic":1432207000},"media-stream-camera":1,"media-stream-mic":1},"https://[*.]www.youtube.com:443,*":{"fullscreen":1},"https://koukni.cz:443,https://koukni.cz:443":{"fullscreen":1},"https://r6---sn-2gb7ln7l.googlevideo.com:443,http://iwatchthis.net:80":{"fullscreen":1},"https://translate.google.cz:443,*":{"media-stream-mic":2}},"pref_version":1},"created_by_version":"41.0.2272.89","exit_type":"Normal","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"První uživatel","per_host_zoom_levels":{}},"protection":{"macs":{}},"safebrowsing":{"enabled":false},"savefile":{"default_directory":"C:\\Users\\Lenovo\\Downloads"},"selectfile":{"last_directory":"C:\\Users\\Lenovo\\Desktop"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13070815114490870"},"sync_promo":{"startup_count":2,"user_skipped":true},"translate_accepted_count":{"en":0},"translate_blocked_languages":["cs"],"translate_denied_count":{"en":2},"translate_last_denied_time":1.426349e+12,"translate_too_often_denied":true,"translate_whitelists":{},"zerosuggest":{"cachedresults":""}}
99C6A1748AB75B5089A1B4461E5D7D980848BB1B"}},"homepage":"3F768D3961E61143D09604505257F435A1F8148D0C0AECB53A1A64ECBF635238","homepage_is_newtabpage":"CD1DB88F2105C60FD11DA0F23328479C9F7062589259D8904B7859EF8367A681","pinned_tabs":"020664AF3319A34900C0571FF30374FAFA52C9090A70B90334B17F943E166A27","prefs":{"preference_reset_time":"FE9EA511687D8C050E0ECFEFE43B25BA505A46522FA105F0D7F33067C15B9BB8"},"profile":{"reset_prompt_memento":"90F59491239FE92AF8ECCC5007DC9335AB9A102D417F1D9687788A88D647466D"},"safebrowsing":{"incidents_sent":"810746F5B4C06FCED732187188815CDF933895AC2895B0800D4401137C78C040"},"search_provider_overrides":"1B8FCD8F88F04F36B339FB3756DA007CA3943E4330239729A69A8507D58AA5FF","session":{"restore_on_startup":"21632323904C4551BF62B8D9045EA13E17F5DE477B4ECB2CBEC87FABC2CCB637","startup_urls":"7E31CB6C1FC2507A2C660FDC0D8D0BFFDE78F0129F9F0A17FE022EE82DDB40FB"},"software_reporter":{"prompt_reason":"D9D75FB3BA960AB9FB9C05B0DE2BB7345A3C18BBA3F140895647B52C3CF3F286","prompt_seed":"37C3DB3D41381C8315B5C46CFB56838BEB1456AEF3B5068BD11151FBC922973C","prompt_version":"1108860CCBBA384DD5539A14AA366CB554B13299885BF0ED2BCF48938BBDA729"},"sync":{"remaining_rollback_tries":"B9DC1273EBC4F46DCF476C51515FEB709C62F5ED7F93E77D23A5B34158C1858C"}},"super_mac":"9C945058CA3FF16DA8C3185441B8C798C62CAADA524D93BA72DA6ED3E1D5303D"},"session":{"restore_on_startup":4,"startup_urls":["https://www.google.cz/webhp?ei=FmQEVau1EsLyapuvgIAP&ved=0CAYQqS4oBA"]}}

C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\Preferences
"startup_urls": [ "https://www.google.cz/?gws_rd=ssl" ],


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
"Old Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
"Old Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{350F77E2-B5DD-4305-AC63-73FF73274EF4} Unknown Url="Not_Found"

==== Reset Google Chrome ======================

C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1320642483-3030571100-942361551-1001\Software\Microsoft\Internet Explorer\SearchScopes\{350F77E2-B5DD-4305-AC63-73FF73274EF4} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{350F77E2-B5DD-4305-AC63-73FF73274EF4} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{350F77E2-B5DD-4305-AC63-73FF73274EF4} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\275C743A4B7F3A34DB15FF9C19487FD0 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A347C572-F7B4-43A3-BD51-FFC99184F70D} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{A347C572-F7B4-43A3-BD51-FFC99184F70D} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\275C743A4B7F3A34DB15FF9C19487FD0 deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Lenovo\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Lenovo\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Lenovo\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2468 folders=154 6785224966 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Lenovo\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Lenovo\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on ne 28. 06. 2015 at 13:40:57,00 ======================


Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 28. 6. 2015
Čas skenování: 13:46:41
Protokol: MBAM.txt
Správce: Ano

Verze: 2.01.6.1022
Databáze malwaru: v2015.06.28.01
Databáze rootkitů: v2015.06.26.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Lenovo

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 434932
Uplynulý čas: 17 min, 33 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 1
Trojan.Sathurbot, HKLM\SOFTWARE\CLASSES\CLSID\{3B5B973C-92A4-4855-9D3F-0F3D23332208}, , [bc554f71a6e487afe0ec743e26ddda26],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 31
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0734d39cfb8b071990d4886f2d949a3b, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1796e7d6e66fced6b67278be55ac8792, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\25c3c77067e1c76ae25ec7e469130747, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3243f2e2dd6dcbdf1d5a864320a81d97, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\388259f596ebc79086bef6b622fa89ea, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\40a980d07864cb2d3bc536509ceb2fbf, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\53300681bf06d8cd4a29a4eef8256979, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5796bcc07cbb2cda2efb9eee3798e749, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6380b49e0020bec1affc1c2ffbc79660, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\70b67386f19eeb69314be61c09dfe702, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\70dc66296b2d1ef53d5ff050e08cb527, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\72e85f85f59c90941e6e08f54a3bd4ca, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8519dc14775b5d802da81b4c850992fa, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a65324063d01973e672b725fab36bb6e, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b9de4a4371d5e2eb97637e942fdfd4b9, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\bc3ed0279228b37bf52f0d8e8dcf81b2, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\be196a8ea5dc148896d79dd6b9fed868, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c40d98b79bac0c7b0ea3c0cc9a1bfc70, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cc9539033650fa2e4e0fa565ed296de4, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d7f43d377ecd245f2e40e1e4d8018158, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e816d0bbcebc18f1837aad16171798a6, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ea38836ea45a37832eab79355c0bc2d9, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f693d20f01d58120a1a6101701c0e23c, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fece1eee3c6733bff5e297f082e304d5, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp, , [62afcdf32565b97d36ee52a219ea32ce],

Soubory: 171
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\31638e7c368ed8fe588ee98852621b94, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\5e75f71a9582a18eb95abf5b0d3401ba, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\6df28ba66161ee6c0352c43eca6c22a5, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\a6067fb5b9f79ffe3462e8490458020c, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\b087cbbf130e1103e41e9ea3a0c58db5, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\dbadf687331785c824ea9f609eee1831, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\zepplauncher.mif, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\0734d39cfb8b071990d4886f2d949a3b, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\1796e7d6e66fced6b67278be55ac8792, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\25c3c77067e1c76ae25ec7e469130747, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\3243f2e2dd6dcbdf1d5a864320a81d97, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\388259f596ebc79086bef6b622fa89ea, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\40a980d07864cb2d3bc536509ceb2fbf, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\53300681bf06d8cd4a29a4eef8256979, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\5796bcc07cbb2cda2efb9eee3798e749, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\6380b49e0020bec1affc1c2ffbc79660, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\70b67386f19eeb69314be61c09dfe702, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\70dc66296b2d1ef53d5ff050e08cb527, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\72e85f85f59c90941e6e08f54a3bd4ca, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\8519dc14775b5d802da81b4c850992fa, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\a65324063d01973e672b725fab36bb6e, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\b9de4a4371d5e2eb97637e942fdfd4b9, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\bc3ed0279228b37bf52f0d8e8dcf81b2, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\be196a8ea5dc148896d79dd6b9fed868, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\c40d98b79bac0c7b0ea3c0cc9a1bfc70, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\cc9539033650fa2e4e0fa565ed296de4, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\d7f43d377ecd245f2e40e1e4d8018158, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\e816d0bbcebc18f1837aad16171798a6, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\ea38836ea45a37832eab79355c0bc2d9, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\f693d20f01d58120a1a6101701c0e23c, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\fece1eee3c6733bff5e297f082e304d5, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\0734d39cfb8b071990d4886f2d949a3b, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\1796e7d6e66fced6b67278be55ac8792, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\25c3c77067e1c76ae25ec7e469130747, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\3243f2e2dd6dcbdf1d5a864320a81d97, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\388259f596ebc79086bef6b622fa89ea, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\40a980d07864cb2d3bc536509ceb2fbf, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\53300681bf06d8cd4a29a4eef8256979, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\5796bcc07cbb2cda2efb9eee3798e749, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\6380b49e0020bec1affc1c2ffbc79660, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\70b67386f19eeb69314be61c09dfe702, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\70dc66296b2d1ef53d5ff050e08cb527, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\72e85f85f59c90941e6e08f54a3bd4ca, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\8519dc14775b5d802da81b4c850992fa, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\a65324063d01973e672b725fab36bb6e, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\b9de4a4371d5e2eb97637e942fdfd4b9, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\bc3ed0279228b37bf52f0d8e8dcf81b2, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\be196a8ea5dc148896d79dd6b9fed868, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\c40d98b79bac0c7b0ea3c0cc9a1bfc70, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\cc9539033650fa2e4e0fa565ed296de4, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\d7f43d377ecd245f2e40e1e4d8018158, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\e816d0bbcebc18f1837aad16171798a6, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\ea38836ea45a37832eab79355c0bc2d9, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\f693d20f01d58120a1a6101701c0e23c, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\resume\fece1eee3c6733bff5e297f082e304d5, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\0734d39cfb8b071990d4886f2d949a3b, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\1796e7d6e66fced6b67278be55ac8792, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\25c3c77067e1c76ae25ec7e469130747, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\3243f2e2dd6dcbdf1d5a864320a81d97, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\388259f596ebc79086bef6b622fa89ea, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\40a980d07864cb2d3bc536509ceb2fbf, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\53300681bf06d8cd4a29a4eef8256979, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\5796bcc07cbb2cda2efb9eee3798e749, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\6380b49e0020bec1affc1c2ffbc79660, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\70b67386f19eeb69314be61c09dfe702, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\70dc66296b2d1ef53d5ff050e08cb527, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\72e85f85f59c90941e6e08f54a3bd4ca, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\8519dc14775b5d802da81b4c850992fa, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\a65324063d01973e672b725fab36bb6e, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\b9de4a4371d5e2eb97637e942fdfd4b9, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\bc3ed0279228b37bf52f0d8e8dcf81b2, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\be196a8ea5dc148896d79dd6b9fed868, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\c40d98b79bac0c7b0ea3c0cc9a1bfc70, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\cc9539033650fa2e4e0fa565ed296de4, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\d7f43d377ecd245f2e40e1e4d8018158, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\e816d0bbcebc18f1837aad16171798a6, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\ea38836ea45a37832eab79355c0bc2d9, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\f693d20f01d58120a1a6101701c0e23c, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\cache\rules\fece1eee3c6733bff5e297f082e304d5, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0734d39cfb8b071990d4886f2d949a3b\Lite x264 Codec Pack.exe, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0734d39cfb8b071990d4886f2d949a3b\Tusk 2014.avi, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\0734d39cfb8b071990d4886f2d949a3b\Tusk 2014.nfo, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1796e7d6e66fced6b67278be55ac8792\Satellite TV For PC 2011 Elite Edition.exe, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\1796e7d6e66fced6b67278be55ac8792\Satellite TV For PC 2011 Elite Edition.nfo, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\25c3c77067e1c76ae25ec7e469130747\Lite x264 Codec Pack.exe, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\25c3c77067e1c76ae25ec7e469130747\While Were Young 2014.avi, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\25c3c77067e1c76ae25ec7e469130747\While Were Young 2014.nfo, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3243f2e2dd6dcbdf1d5a864320a81d97\Yahoo! Toolbar.exe, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\3243f2e2dd6dcbdf1d5a864320a81d97\Yahoo! Toolbar.nfo, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\388259f596ebc79086bef6b622fa89ea\Professional Bartender.exe, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\388259f596ebc79086bef6b622fa89ea\Professional Bartender.nfo, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\40a980d07864cb2d3bc536509ceb2fbf\Silver Efex Pro.exe, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\40a980d07864cb2d3bc536509ceb2fbf\Silver Efex Pro.nfo, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\53300681bf06d8cd4a29a4eef8256979\Lite x264 Codec Pack.exe, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\53300681bf06d8cd4a29a4eef8256979\Wild Card 2015.avi, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\53300681bf06d8cd4a29a4eef8256979\Wild Card 2015.nfo, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5796bcc07cbb2cda2efb9eee3798e749\Lite x264 Codec Pack.exe, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5796bcc07cbb2cda2efb9eee3798e749\Whiplash 2014.avi, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\5796bcc07cbb2cda2efb9eee3798e749\Whiplash 2014.nfo, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6380b49e0020bec1affc1c2ffbc79660\Lite x264 Codec Pack.exe, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6380b49e0020bec1affc1c2ffbc79660\Pitch Perfect 2 2015.avi, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\6380b49e0020bec1affc1c2ffbc79660\Pitch Perfect 2 2015.nfo, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\70b67386f19eeb69314be61c09dfe702\Lite x264 Codec Pack.exe, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\70b67386f19eeb69314be61c09dfe702\The Signal 2014.avi, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\70b67386f19eeb69314be61c09dfe702\The Signal 2014.nfo, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\70dc66296b2d1ef53d5ff050e08cb527\JProfiler.exe, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\70dc66296b2d1ef53d5ff050e08cb527\JProfiler.nfo, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\72e85f85f59c90941e6e08f54a3bd4ca\Lite x264 Codec Pack.exe, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\72e85f85f59c90941e6e08f54a3bd4ca\Still Alice 2014.avi, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\72e85f85f59c90941e6e08f54a3bd4ca\Still Alice 2014.nfo, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8519dc14775b5d802da81b4c850992fa\Mobile Master.exe, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\8519dc14775b5d802da81b4c850992fa\Mobile Master.nfo, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a65324063d01973e672b725fab36bb6e\Lite x264 Codec Pack.exe, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a65324063d01973e672b725fab36bb6e\The Good Dinosaur 2015.avi, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\a65324063d01973e672b725fab36bb6e\The Good Dinosaur 2015.nfo, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b9de4a4371d5e2eb97637e942fdfd4b9\PhotoScore Ultimate.exe, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\b9de4a4371d5e2eb97637e942fdfd4b9\PhotoScore Ultimate.nfo, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\bc3ed0279228b37bf52f0d8e8dcf81b2\Lite x264 Codec Pack.exe, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\bc3ed0279228b37bf52f0d8e8dcf81b2\Unfriended 2014.avi, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\bc3ed0279228b37bf52f0d8e8dcf81b2\Unfriended 2014.nfo, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\be196a8ea5dc148896d79dd6b9fed868\Ultra Video Splitter.exe, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\be196a8ea5dc148896d79dd6b9fed868\Ultra Video Splitter.nfo, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c40d98b79bac0c7b0ea3c0cc9a1bfc70\Macro Scheduler Automation Tool.exe, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\c40d98b79bac0c7b0ea3c0cc9a1bfc70\Macro Scheduler Automation Tool.nfo, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cc9539033650fa2e4e0fa565ed296de4\Home 2015.avi, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cc9539033650fa2e4e0fa565ed296de4\Home 2015.nfo, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\cc9539033650fa2e4e0fa565ed296de4\Lite x264 Codec Pack.exe, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d7f43d377ecd245f2e40e1e4d8018158\Lite x264 Codec Pack.exe, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d7f43d377ecd245f2e40e1e4d8018158\The Age of Adaline 2015.avi, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\d7f43d377ecd245f2e40e1e4d8018158\The Age of Adaline 2015.nfo, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e816d0bbcebc18f1837aad16171798a6\Lite x264 Codec Pack.exe, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e816d0bbcebc18f1837aad16171798a6\The Fault in Our Stars 2014.avi, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\e816d0bbcebc18f1837aad16171798a6\The Fault in Our Stars 2014.nfo, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ea38836ea45a37832eab79355c0bc2d9\Kaspersky Anti-Virus.exe, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ea38836ea45a37832eab79355c0bc2d9\Kaspersky Anti-Virus.nfo, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\ea38836ea45a37832eab79355c0bc2d9\Setup.dat, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f693d20f01d58120a1a6101701c0e23c\Don Jon 2013.avi, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f693d20f01d58120a1a6101701c0e23c\Don Jon 2013.nfo, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\f693d20f01d58120a1a6101701c0e23c\Lite x264 Codec Pack.exe, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fece1eee3c6733bff5e297f082e304d5\Iron Man 3 2013.avi, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fece1eee3c6733bff5e297f082e304d5\Iron Man 3 2013.nfo, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\SecurityCache\data\fece1eee3c6733bff5e297f082e304d5\Lite x264 Codec Pack.exe, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp1B56.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp1B82.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp22F5.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp26E0.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp294A.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp2B22.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp3A3A.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp418C.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp51C9.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp5647.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp59F6.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp6874.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp6D8.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp6EC4.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp7451.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp8605.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp887.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp99AB.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpB8E9.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpBD0D.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpD2A1.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpD9B0.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpE49E.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpE87B.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpE87C.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpE88.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpEB8F.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpF001.tmp, , [62afcdf32565b97d36ee52a219ea32ce],
Trojan.Sathurbot, C:\ProgramData\Microsoft\Performance\Monitor\temp\{FEE85F15-DBE4-5A31-E0EC-0ED0930FDBB5}, , [62afcdf32565b97d36ee52a219ea32ce],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Re: Prosím o pomoc

Napsal: 28 čer 2015 14:20
od Odahviing
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-06-2015
Ran by Lenovo (administrator) on IDEA-PC on 28-06-2015 14:06:21
Running from C:\Users\Lenovo\Desktop
Loaded Profiles: Lenovo (Available Profiles: Lenovo & Administrator)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(SplitCam Co.) C:\Program Files (x86)\SplitCam\SplitCamService.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13626072 2013-06-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1311304 2013-06-05] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\windows\system32\igfxtray.exe [457616 2014-10-03] ()
HKLM\...\Run: [HotKeysCmds] => "C:\windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\windows\system32\igfxpers.exe"
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [UMonit64] => C:\windows\SysWOW64\UMonit64.exe [40960 2013-02-28] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15792112 2013-08-24] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [101360 2013-08-24] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2986224 2013-06-20] (Synaptics Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-01-28] (ESET)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-31] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-26] (Disc Soft Ltd)
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe /launchViaAutoStart
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\Run: [IWsoft] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Lenovo\AppData\Local\UQSmedia\3gfs31.dll
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\Run: [Eztion] => regsvr32.exe C:\Users\Lenovo\AppData\Local\Eztion\3gfs31.dll <===== ATTENTION
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\MountPoints2: {5aef9333-d63d-11e4-be86-0c8bfd48d068} - "E:\autorun.exe"
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\MountPoints2: {addf5ba6-ef5d-11e4-be89-0c8bfd48d068} - "E:\AutoRun.exe"
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\MountPoints2: {af91ebb1-e9f0-11e4-be89-0c8bfd48d068} - "E:\AutoRun.exe"
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\MountPoints2: {af91ec1a-e9f0-11e4-be89-0c8bfd48d068} - "E:\AutoRun.exe"
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\MountPoints2: {fb0ad94b-ff95-11e4-be8e-0c8bfd48d068} - "F:\autorun.exe"
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\MountPoints2: {fb0ad94d-ff95-11e4-be8e-0c8bfd48d068} - "G:\autorun.exe"
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\MountPoints2: {fb0ad94f-ff95-11e4-be8e-0c8bfd48d068} - "H:\autorun.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2013-08-24]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1320642483-3030571100-942361551-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1320642483-3030571100-942361551-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-22] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-22] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\rnmc1a8t.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-22] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-28]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-14]
CHR Extension: (Google Docs) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-14]
CHR Extension: (Google Drive) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-14]
CHR Extension: (YouTube) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-14]
CHR Extension: (Google Search) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-14]
CHR Extension: (Google Sheets) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-14]
CHR Extension: (AdBlock) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-03-24]
CHR Extension: (Google Wallet) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-14]
CHR Extension: (Gmail) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-14]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Lenovo\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-03-24]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-05-29] (Intel)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-26] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2015-01-28] (ESET)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6516280 2015-05-28] (GOG.com)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-09] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [156616 2013-06-26] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-16] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-09] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 SpliCamService; C:\Program Files (x86)\SplitCam\SplitCamService.exe [311424 2014-09-15] (SplitCam Co.)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-08-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-03-15] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-03-15] (Microsoft Corporation)
S3 GalaxyClientService; "C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1385272 2013-04-24] (Motorola Solutions, Inc.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30352 2015-03-17] (Disc Soft Ltd)
U3 dtlitescsidrv; C:\Windows\System32\Drivers\dtlitescsidrv.sys [316072 2015-03-17] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-03-10] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241880 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169792 2015-03-10] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [159480 2015-03-10] (ESET)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [115656 2013-06-03] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-04-16] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-04-16] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-04-16] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-28] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99800 2013-05-09] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew02.sys [3648480 2013-10-08] (Intel Corporation)
R3 scvad_simple; C:\Windows\system32\drivers\SplitCamAudio.sys [23552 2014-06-30] (Windows (R) Win 7 DDK provider)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-21] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-06-20] (Synaptics Incorporated)
R3 splitcam_hd_driver; C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys [37496 2014-06-30] (Windows (R) Win 7 DDK provider)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-03-17] (Duplex Secure Ltd.)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [206744 2013-05-29] (Windows (R) Win 7 DDK provider)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1064704 2013-05-31] (Vimicro Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-03-15] (Microsoft Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-06-28] ()
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 ew_hwusbdev; \SystemRoot\system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; \SystemRoot\System32\drivers\ew_usbenumfilter.sys [X]
S3 huawei_enumerator; \SystemRoot\System32\drivers\ew_jubusenum.sys [X]
S3 hwusb_cdcacm; \SystemRoot\system32\DRIVERS\ew_cdcacm.sys [X]
S3 hwusb_wwanecm; \SystemRoot\system32\DRIVERS\ew_wwanecm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-28 14:06 - 2015-06-28 14:07 - 00020551 _____ C:\Users\Lenovo\Desktop\FRST.txt
2015-06-28 14:06 - 2015-06-28 14:06 - 00000000 ____D C:\FRST
2015-06-28 14:04 - 2015-06-28 14:04 - 00033226 _____ C:\Users\Lenovo\Desktop\MBAM.txt
2015-06-28 13:41 - 2015-06-28 13:41 - 00015991 _____ C:\Users\Lenovo\Desktop\zoek-results.txt
2015-06-28 13:40 - 2015-06-28 13:40 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2015-06-28 13:39 - 2015-06-28 13:13 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-06-28 13:15 - 2015-06-28 13:40 - 00015988 _____ C:\zoek-results.log
2015-06-28 13:13 - 2015-06-28 13:39 - 00000000 ____D C:\zoek_backup
2015-06-28 13:12 - 2015-06-28 13:12 - 00003280 _____ C:\Users\Lenovo\Desktop\RogueKiller.txt
2015-06-28 11:19 - 2015-06-28 11:19 - 02112512 _____ (Farbar) C:\Users\Lenovo\Desktop\FRST64.exe
2015-06-28 11:17 - 2015-06-28 11:18 - 01308672 _____ C:\Users\Lenovo\Desktop\zoek.exe
2015-06-26 01:31 - 2015-06-26 01:31 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-06-25 22:45 - 2015-06-25 22:45 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Universal Interactive
2015-06-25 22:45 - 2015-06-25 22:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Universal Interactive
2015-06-25 13:19 - 2015-06-25 13:19 - 00000000 ____D C:\Users\Lenovo\Desktop\Logy z 25.6.2015
2015-06-25 13:11 - 2015-06-28 14:05 - 00000000 ____D C:\Users\Lenovo\AppData\Local\CrashDumps
2015-06-25 12:44 - 2015-06-28 13:02 - 00037624 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-06-25 12:44 - 2015-06-25 12:53 - 00000000 ____D C:\ProgramData\RogueKiller
2015-06-25 12:39 - 2015-06-25 12:39 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-IDEA-PC-Windows-8.1-(64-bit).dat
2015-06-25 12:39 - 2015-06-25 12:39 - 00000000 ____D C:\RegBackup
2015-06-25 11:05 - 2015-06-25 11:05 - 21471480 _____ C:\Users\Lenovo\Desktop\RogueKillerX64.exe
2015-06-25 11:04 - 2015-06-25 11:04 - 02952250 _____ (Malwarebytes Corporation) C:\Users\Lenovo\Desktop\Junkware Removal Tool.exe
2015-06-24 22:42 - 2015-06-24 22:42 - 00000000 ____D C:\Users\Lenovo\Desktop\Minulé logy
2015-06-22 13:33 - 2015-06-28 13:46 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-06-22 13:32 - 2015-06-22 13:32 - 00001085 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-22 13:32 - 2015-06-22 13:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-22 13:32 - 2015-06-22 13:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-22 13:32 - 2015-06-22 13:32 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-22 13:32 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-06-22 13:32 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-06-22 13:32 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-06-22 13:28 - 2015-06-28 13:40 - 00001232 _____ C:\WINDOWS\setupact.log
2015-06-22 13:28 - 2015-06-28 13:39 - 00007408 _____ C:\WINDOWS\PFRO.log
2015-06-22 13:28 - 2015-06-22 13:28 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-06-22 13:23 - 2015-06-25 11:17 - 00000000 ____D C:\AdwCleaner
2015-06-22 13:23 - 2015-06-22 13:23 - 02244096 _____ C:\Users\Lenovo\Desktop\AdwCleaner.exe
2015-06-22 13:22 - 2015-06-22 13:22 - 00448512 _____ (OldTimer Tools) C:\Users\Lenovo\Desktop\TFC.exe
2015-06-22 13:07 - 2015-06-28 13:53 - 01813404 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-19 21:58 - 2015-06-21 11:35 - 00000000 ____D C:\Users\Lenovo\AppData\Local\UQSmedia
2015-06-19 21:58 - 2015-06-21 10:35 - 00000000 ____D C:\Users\Lenovo\AppData\Local\Eztion
2015-06-19 17:33 - 2015-06-19 17:33 - 00000000 ____D C:\SUPERDelete
2015-06-18 18:37 - 2015-06-18 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-06-18 18:37 - 2015-06-18 18:37 - 00000000 ____D C:\ProgramData\ESET
2015-06-18 18:37 - 2015-06-18 18:37 - 00000000 ____D C:\Program Files\ESET
2015-06-18 15:56 - 2015-06-18 15:56 - 00000000 ____D C:\Program Files (x86)\ESET
2015-06-18 13:41 - 2015-06-18 13:41 - 00000000 ____D C:\Program Files\Speccy
2015-06-18 13:22 - 2015-06-22 00:24 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\WinKun
2015-06-14 11:31 - 2015-06-14 11:31 - 00002790 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-06-14 11:31 - 2015-06-14 11:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-06-14 11:31 - 2015-06-14 11:31 - 00000000 ____D C:\Program Files\CCleaner
2015-06-12 10:46 - 2015-06-12 10:46 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\MPC-HC
2015-06-12 10:39 - 2015-06-12 10:39 - 00003796 _____ C:\WINDOWS\System32\Tasks\klcp_update
2015-06-12 10:38 - 2015-06-12 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-06-12 10:38 - 2015-06-12 10:38 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-06-12 10:38 - 2015-02-28 17:22 - 03571200 _____ (x264vfw project) C:\WINDOWS\system32\x264vfw64.dll
2015-06-12 10:38 - 2015-02-28 17:21 - 03591680 _____ (x264vfw project) C:\WINDOWS\SysWOW64\x264vfw.dll
2015-06-12 10:38 - 2012-07-21 12:55 - 00180736 _____ (fccHandler) C:\WINDOWS\system32\ac3acm.acm
2015-06-12 10:38 - 2012-07-21 12:54 - 00122880 _____ (fccHandler) C:\WINDOWS\SysWOW64\ac3acm.acm
2015-06-12 10:38 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\WINDOWS\system32\lagarith.dll
2015-06-12 10:38 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\WINDOWS\SysWOW64\lagarith.dll
2015-06-10 09:45 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-10 09:45 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-10 09:45 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-10 09:45 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-10 09:45 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-10 09:45 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-10 09:45 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-10 09:45 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-10 09:45 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-10 09:45 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-10 09:45 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-10 09:45 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-10 09:45 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-10 09:45 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-10 09:45 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-10 09:45 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-10 09:45 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-10 09:45 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-10 09:45 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-10 09:45 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-10 09:45 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-10 09:45 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-10 09:45 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-10 09:45 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-10 09:45 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-10 09:45 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-10 09:45 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-10 09:45 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-10 09:45 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-10 09:45 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-10 09:45 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-10 09:45 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-10 09:45 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-10 09:45 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-10 09:45 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 09:45 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-10 09:45 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-10 09:45 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-10 09:45 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-10 09:45 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-10 09:45 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-10 09:45 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-10 09:45 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-10 09:45 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-10 09:45 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-10 09:45 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-10 09:45 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-10 09:45 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-10 09:45 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-10 09:45 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-10 09:45 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-10 09:45 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-10 09:45 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-10 09:45 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-10 09:45 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-10 09:45 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-10 09:45 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-10 09:45 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-10 09:45 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-10 09:45 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-10 09:45 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-10 09:45 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-10 09:45 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-10 09:45 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-10 09:45 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-10 09:45 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-10 09:45 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-10 09:45 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-10 09:45 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-10 09:45 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-10 09:45 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-10 09:45 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-10 09:45 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-10 09:45 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-10 09:45 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-10 09:45 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-10 09:45 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-10 09:45 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-10 09:45 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-10 09:45 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-10 09:44 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-02 17:55 - 2015-06-02 17:55 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\Warner Bros. Interactive Entertainment
2015-06-01 12:26 - 2015-06-01 12:26 - 00000000 ____D C:\Users\Lenovo\AppData\Local\GWX
2015-05-29 21:27 - 2015-05-29 21:27 - 00000000 ____D C:\Warner Bros. Interactive Entertainment
2015-05-29 21:27 - 2015-05-29 21:27 - 00000000 ____D C:\ProgramData\Steam
2015-05-29 21:21 - 2015-05-29 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO - The Hobbit
2015-05-29 21:00 - 2015-06-19 22:52 - 00000000 ____D C:\Program Files (x86)\LEGO - The Hobbit

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-28 14:07 - 2015-03-14 15:56 - 00000976 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-28 14:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-28 13:41 - 2015-05-15 22:28 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\Skype
2015-06-28 13:40 - 2015-03-14 15:56 - 00000972 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-28 13:40 - 2013-08-24 08:36 - 00034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2015-06-28 13:40 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-28 13:39 - 2013-08-24 08:49 - 00006656 _____ C:\WINDOWS\system32\VfService.trf
2015-06-28 11:14 - 2015-03-15 16:00 - 00003970 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0647B977-4CAE-42A8-B4FF-5691359EE889}
2015-06-28 01:08 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-27 19:52 - 2015-03-17 11:03 - 00000000 ___RD C:\Users\Lenovo\Desktop\Hry
2015-06-27 13:21 - 2015-03-15 15:29 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1320642483-3030571100-942361551-1001
2015-06-27 11:38 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-25 22:45 - 2013-08-24 08:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-25 22:42 - 2015-03-14 20:05 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\DAEMON Tools Lite
2015-06-25 21:10 - 2014-01-01 17:32 - 07957504 ___SH C:\Users\Lenovo\Downloads\Thumbs.db
2015-06-25 11:01 - 2015-03-14 16:40 - 00003828 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1426343992
2015-06-25 11:01 - 2015-03-14 16:39 - 00001034 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-06-25 11:01 - 2015-03-14 16:39 - 00000000 ____D C:\Program Files (x86)\Opera
2015-06-25 10:58 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-06-24 18:11 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-22 08:51 - 2015-04-28 20:42 - 00000000 ____D C:\Program Files\Recuva
2015-06-21 23:31 - 2013-11-23 22:38 - 07117312 ___SH C:\Users\Lenovo\Desktop\Thumbs.db
2015-06-20 05:02 - 2014-11-21 14:21 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-20 05:02 - 2014-11-21 14:21 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-19 12:40 - 2014-11-21 06:53 - 01749406 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-19 12:40 - 2014-11-21 06:10 - 00740962 _____ C:\WINDOWS\system32\perfh005.dat
2015-06-19 12:40 - 2014-11-21 06:10 - 00152146 _____ C:\WINDOWS\system32\perfc005.dat
2015-06-18 22:55 - 2015-03-15 14:55 - 00000000 ____D C:\Users\Lenovo
2015-06-18 11:48 - 2015-04-03 14:52 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\BitTorrent
2015-06-17 23:05 - 2014-08-15 18:06 - 00000000 ____D C:\Users\Lenovo\Documents\Dočasné soubory
2015-06-14 11:34 - 2015-03-15 14:35 - 00000000 ___DC C:\WINDOWS\Panther
2015-06-13 10:05 - 2013-08-24 08:56 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2015-06-13 10:05 - 2013-08-24 08:52 - 00000000 ____D C:\Program Files\Lenovo
2015-06-13 10:05 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\tracing
2015-06-12 12:05 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-11 10:43 - 2013-08-22 16:44 - 00485016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-10 21:43 - 2015-03-14 23:18 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-10 21:43 - 2014-11-21 14:14 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-10 21:43 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-10 21:43 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-10 20:18 - 2015-03-14 15:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-10 20:15 - 2015-03-14 15:41 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-08 21:52 - 2015-03-26 20:29 - 00000584 _____ C:\Users\Lenovo\Documents\grstyles.stl
2015-05-31 20:00 - 2015-04-11 11:12 - 00112128 _____ C:\WINDOWS\SysWOW64\ff_vfw.dll
2015-05-30 19:09 - 2015-04-04 20:09 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-05-30 19:09 - 2015-04-04 20:09 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-05-30 14:27 - 2015-03-14 16:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-29 21:22 - 2015-04-04 15:48 - 00000000 ____D C:\WINDOWS\SysWOW64\directx

==================== Files in the root of some directories =======

2015-03-14 15:05 - 2015-03-19 20:01 - 0011093 _____ () C:\Users\Lenovo\AppData\Roaming\AbsoluteReminder.xml
2013-08-24 08:31 - 2013-08-24 08:31 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-03-19 20:32 - 2013-03-19 20:32 - 0010011 _____ () C:\ProgramData\regid.2012-01.com.intel.discover-at_512FCF1B-3685-45F2-A1E9-63AEF7F79B35.swidtag

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-26 17:45

==================== End of log ============================

Re: Prosím o pomoc

Napsal: 28 čer 2015 14:21
od Odahviing
Additional scan result of Farbar Recovery Scan Tool (x64) Version:24-06-2015
Ran by Lenovo at 2015-06-28 14:07:41
Running from C:\Users\Lenovo\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1320642483-3030571100-942361551-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-1320642483-3030571100-942361551-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1320642483-3030571100-942361551-1007 - Limited - Enabled)
Lenovo (S-1-5-21-1320642483-3030571100-942361551-1001 - Administrator - Enabled) => C:\Users\Lenovo

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 8.0 (Disabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Disabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Mass Effect 3" (HKLM-x32\...\{46E776B9-37DE-4B71-8DF2-F4C75112CA27}_is1) (Version: - )
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.3.0.0 - Absolute Software)
ACD/Labs Software in C:\ACDFREE12\ (HKLM-x32\...\ACDLabs in C__ACDFREE12_) (Version: v12.00, FREE - ACD/Labs)
Adobe Reader XI (11.0.11) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
BitTorrent (HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\BitTorrent) (Version: 7.9.3.40299 - BitTorrent Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo)
Energy Manager (x32 Version: 1.0.0.24 - Lenovo) Hidden
ESET NOD32 Antivirus (HKLM\...\{D56E0F0E-CC77-4BED-B63A-95432AFDC114}) (Version: 8.0.312.3 - ESET, spol s r. o.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.0 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Graph 3.1.5 (HKLM-x32\...\Graph_is1) (Version: - Jiri Plachy)
Intel Anti-Theft Discovery App (HKLM-x32\...\{707248B9-2D34-4D77-A5C6-2A8A54848E5A}) (Version: 1.1.0.7 - Intel Corporation)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel Experience Center - Configuration (x32 Version: 1.5.0.0 - Intel) Hidden
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{e4fefc02-cd6c-45e3-8974-e7357e71da40}) (Version: 1.5.0.0 - Intel)
Intel(R) Experience Center Driver (HKLM-x32\...\{16660b76-bdc5-47cf-b28d-846120a1ee76}) (Version: 1.0.90.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1306-148929CC1385}) (Version: 3.1.1306.0354 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{DBECAE94-4C04-40AC-9AFB-FA9953258EAF}) (Version: 4.1.41.2234 - Intel)
Intel(R) Update Manager (x32 Version: 1.6.0.56 - Intel Corporation) Hidden
Intel(R) WiDi (HKLM\...\{90621A56-901E-417D-A8CB-E8E3A6793C29}) (Version: 4.1.19.0 - Intel Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
K-Lite Mega Codec Pack 11.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.2.0 - )
LEGO - The Hobbit, âĺđńč˙ 1.0.0.0 (HKLM-x32\...\LEGO - The Hobbit_is1) (Version: 1.0.0.0 - RePack by SEYTER)
LEGO® Star Wars™: The Complete Saga (HKLM-x32\...\InstallShield_{D596980D-17BE-4425-B8F0-5640719AADE9}) (Version: 1.00.0000 - LucasArts)
LEGO® Star Wars™: The Complete Saga (x32 Version: 1.00.0000 - LucasArts) Hidden
LEGO® The Lord of the Rings™ (HKLM-x32\...\{C6F20FA7-342A-47A9-A3C8-EB36CABE6419}) (Version: 1.0.0.0 - Warner Bros. Interactive Entertainment)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.13.531.1 - Vimicro)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.4241 - Lenovo)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3423 - CyberLink Corp.) Hidden
Malwarebytes Anti-Malware verze 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Mass Effect (HKLM-x32\...\{D5FED686-AF59-454C-91A9-DC357E4AED11}_is1) (Version: - )
Mass Effect 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.00 - Electronic Arts, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 cs)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.6 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}) (Version: 9.12.0213 - NVIDIA Corporation)
Opera Stable 30.0.1835.88 (HKLM-x32\...\Opera 30.0.1835.88) (Version: 30.0.1835.88 - Opera Software)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.15.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6954 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.25 - Piriform)
SplitCam (HKLM-x32\...\SplitCam) (Version: 6.9.4.1 - SplitCam Co)
Star Wars Jedi Knight Jedi Academy (HKLM-x32\...\{0D994CC5-819F-4657-84DD-397B8FE1EA80}) (Version: - )
Star Wars JK II Jedi Outcast (HKLM-x32\...\{576E71DA-3000-48F6-9B21-B9A70D47DFCF}) (Version: - )
STAR WARS® - Knights of the Old Republic™ II - The Sith Lords (HKLM-x32\...\1421404581_is1) (Version: 2.0.0.2 - GOG.com)
Star Wars®: Knights of the Old Republic (TM) (HKLM-x32\...\{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}) (Version: - )
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.4.19 - Synaptics Incorporated)
The Witcher 2 Assassins of Kings - Enhanced Edition (HKLM-x32\...\The Witcher 2 Assassins of Kings - Enhanced Edition_is1) (Version: - )
TSEV Skyrim LE (HKLM-x32\...\TSEV Skyrim LE_is1) (Version: 2.0.0.0 - )
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
UserGuide (x32 Version: 1.0.0.9 - Lenovo) Hidden
Wildlife Park Gold Edition (HKLM-x32\...\{C3159144-B4F4-420F-9266-9CAF4498D88A}_is1) (Version: 1.17 - US - ACTION, s.r.o.)
Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Zoo Tycoon 2 - Extinct Animals (HKLM-x32\...\InstallShield_{15292416-A464-4FBA-BB96-7298EAACFC07}) (Version: 1.00.0000 - Microsoft Game Studios)
Zoo Tycoon 2 - Extinct Animals (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Zoo Tycoon: Complete Collection (HKLM-x32\...\Zoo Tycoon 1.0) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1320642483-3030571100-942361551-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

10-06-2015 13:32:28 Windows Update
18-06-2015 18:35:09 Nainstalováno: ESET NOD32 Antivirus
24-06-2015 18:10:16 Windows Update
25-06-2015 22:43:46 Installed Jurassic Park Operation Genesis
28-06-2015 13:15:46 zoek.exe restore point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-06-28 13:16 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D0BF7FE-46B6-4255-997A-7541523479A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-14] (Google Inc.)
Task: {1FDCD108-01F4-4B7C-8433-FFF63CD62CFD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-14] (Google Inc.)
Task: {228333CF-D280-41A4-B316-902F10EC93DD} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-06-20] (Synaptics Incorporated)
Task: {4AAD6802-6985-4265-A965-F332E5172932} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-10] (Microsoft Corporation)
Task: {4DA57CEB-AE4E-4F8B-8905-D0168BCA58CE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {63927978-6203-45B3-BEEB-8D67E7F01248} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {7A0D541C-1200-4902-BF2C-91A77C6CC228} - \OFFICE2013ACT No Task File <==== ATTENTION
Task: {7CA09559-F820-4E52-96A0-AFFE4A41BBFB} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-09-01] (Dolby Laboratories Inc.)
Task: {83645D2C-7EF2-469B-8EB0-A8B12E056EB1} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-03-08] (Intel Corporation)
Task: {8A2A102E-2084-402B-A003-F53EA286E19D} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-03-08] (Intel Corporation)
Task: {8C61C717-9E3E-4D00-98D7-C8BC585E64AF} - System32\Tasks\GoogleUpdateTaskMachineUA1d0931656372a86 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-14] (Google Inc.)
Task: {9BB435C0-2783-4D01-BFA5-9116A7B557B7} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-05-31] ()
Task: {9C6DB646-265E-4245-A487-538AE5733F39} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {AF7AAB32-7DB9-4F87-B5CD-708545F940A1} - System32\Tasks\Opera scheduled Autoupdate 1426343992 => C:\Program Files (x86)\Opera\launcher.exe [2015-06-19] (Opera Software)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0931656372a86.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (Whitelisted) ==============

2013-04-16 00:45 - 2013-04-16 00:45 - 00182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-16 00:45 - 2013-04-16 00:45 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-24 08:49 - 2013-08-24 08:49 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2013-08-24 08:49 - 2013-08-24 08:49 - 00672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-10-03 18:36 - 2014-10-03 18:36 - 00457616 _____ () C:\WINDOWS\system32\igfxTray.exe
2013-08-24 08:28 - 2013-02-28 01:26 - 00040960 _____ () C:\Windows\SysWOW64\UMonit64.exe
2015-05-08 20:50 - 2015-05-08 20:50 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2014-09-15 07:17 - 2014-09-15 07:17 - 00114304 _____ () C:\Program Files (x86)\SplitCam\splitcam_hd_driver_ProxyPlugin.ax
2013-08-24 08:11 - 2013-05-09 14:23 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1320642483-3030571100-942361551-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6729F846-4C9F-4645-A617-F77CD66A313F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{162555EE-BFE7-487D-A681-2F16AAB2852B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3D3312DF-0513-4B56-904B-8BD36BF9FC1A}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{9BDA9906-2F22-4418-AA85-0916E54052D1}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{2C1E4B0C-9A19-4870-A3DA-F222413CDB53}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [TCP Query User{66C1C0F8-4D85-4448-8930-CBA1A4CC7380}C:\program files (x86)\cd projekt red\the witcher 2 assassins of kings - enhanced edition\bin\witcher2.exe] => (Allow) C:\program files (x86)\cd projekt red\the witcher 2 assassins of kings - enhanced edition\bin\witcher2.exe
FirewallRules: [UDP Query User{6B5EA119-9B75-4618-9BFC-8D6A918101E7}C:\program files (x86)\cd projekt red\the witcher 2 assassins of kings - enhanced edition\bin\witcher2.exe] => (Allow) C:\program files (x86)\cd projekt red\the witcher 2 assassins of kings - enhanced edition\bin\witcher2.exe
FirewallRules: [TCP Query User{38864D17-22C9-4559-8D3F-B20EB426FD75}C:\users\lenovo\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\lenovo\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [UDP Query User{5E228544-4C05-4AC8-8BF1-4087BC567E75}C:\users\lenovo\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\lenovo\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [{47B849E1-D29B-437B-B9E7-462FB6F35BF1}] => (Allow) C:\Program Files (x86)\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{A6C919FF-223F-49E1-A985-ED79EA415436}] => (Allow) C:\Program Files (x86)\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{0981DD24-6012-46A0-B4CC-F3A8F21D3F56}] => (Allow) C:\Program Files (x86)\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{6451D47F-265E-407E-BB78-626E4BDDBD79}] => (Allow) C:\Program Files (x86)\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [TCP Query User{AAC46531-A549-467F-BD03-E61899272EC1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{024390FC-466E-49E8-AE43-83BCE0742B1E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{7316EFE1-9099-474D-8123-C25189972E04}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{3566D11B-F5F8-4BC3-89E3-CE8B4962F494}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{FAA145D1-1425-4272-B94F-7AA881C99061}] => (Allow) C:\Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{DAD290B6-5343-4AE1-9E03-0F0097E09D4D}] => (Allow) C:\Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{54063B9D-8364-4D8B-9F58-56205D0A5693}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe
FirewallRules: [{C772D9A5-8F79-47F2-BD47-E26A36EB3C1F}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe
FirewallRules: [{AC5C638B-C0DD-49B5-8BF6-91A8C5EBC206}] => (Allow) C:\WINDOWS\explorer.exe
FirewallRules: [{7D29BD5F-1212-4F49-91DF-D92CB44A30F9}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{02351527-5F17-48D2-AFCF-D49F2D7E318C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: IWD Bus Enumerator
Description: IWD Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: iwdbus
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (06/28/2015 02:04:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbam.exe, verze: 1.0.2.929, časové razítko: 0x552d3ec4
Název chybujícího modulu: MSVCR100.dll, verze: 10.0.40219.325, časové razítko: 0x4df2be1e
Kód výjimky: 0x40000015
Posun chyby: 0x0008d6fd
ID chybujícího procesu: 0xbbc
Čas spuštění chybující aplikace: 0xmbam.exe0
Cesta k chybující aplikaci: mbam.exe1
Cesta k chybujícímu modulu: mbam.exe2
ID zprávy: mbam.exe3
Úplný název chybujícího balíčku: mbam.exe4
ID aplikace související s chybujícím balíčkem: mbam.exe5

Error: (06/28/2015 01:40:20 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (06/28/2015 01:40:20 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=25, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (06/28/2015 01:40:20 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=17, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (06/28/2015 00:30:42 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (06/28/2015 00:30:42 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=25, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (06/28/2015 00:30:42 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=17, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (06/28/2015 11:11:05 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (06/28/2015 11:11:05 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=25, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (06/28/2015 11:11:05 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=17, ID autora=9, ID dodavatele=0, typ dodavatele=0


System errors:
=============
Error: (06/28/2015 01:31:17 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/28/2015 01:31:17 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/28/2015 01:31:16 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/28/2015 01:31:16 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/28/2015 01:31:16 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/27/2015 08:06:03 PM) (Source: DCOM) (EventID: 10010) (User: Idea-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/27/2015 06:28:58 PM) (Source: DCOM) (EventID: 10010) (User: Idea-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/27/2015 11:38:26 AM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (06/26/2015 05:46:37 PM) (Source: DCOM) (EventID: 10010) (User: Idea-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (06/26/2015 05:46:10 PM) (Source: DCOM) (EventID: 10010) (User: Idea-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}


Microsoft Office:
=========================

CodeIntegrity Errors:
===================================
Date: 2015-06-13 14:10:12.093
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-06-13 14:10:10.390
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-06-12 22:45:27.256
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-06-12 22:45:25.909
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-06-03 02:32:32.109
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-06-03 02:32:30.903
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-06-03 01:40:32.106
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-06-03 01:40:30.666
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-05-28 13:21:19.390
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-05-28 13:21:17.899
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-4010U CPU @ 1.70GHz
Percentage of memory in use: 37%
Total physical RAM: 3816.27 MB
Available physical RAM: 2386.89 MB
Total Pagefile: 4712.27 MB
Available Pagefile: 3178.58 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:422.56 GB) (Free:268.61 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:20.92 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 9C05E21D)

Partition: GPT Partition Type.

==================== End of log ============================

Re: Prosím o pomoc

Napsal: 28 čer 2015 17:32
od jaro3
torrenty bys neměl používat..

Odinstaluj:
McAfee

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\Run: [Eztion] => regsvr32.exe C:\Users\Lenovo\AppData\Local\Eztion\3gfs31.dll <===== ATTENTION
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\MountPoints2: {5aef9333-d63d-11e4-be86-0c8bfd48d068} - "E:\autorun.exe"
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\MountPoints2: {addf5ba6-ef5d-11e4-be89-0c8bfd48d068} - "E:\AutoRun.exe"
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\MountPoints2: {af91ebb1-e9f0-11e4-be89-0c8bfd48d068} - "E:\AutoRun.exe"
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\MountPoints2: {af91ec1a-e9f0-11e4-be89-0c8bfd48d068} - "E:\AutoRun.exe"
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\MountPoints2: {fb0ad94b-ff95-11e4-be8e-0c8bfd48d068} - "F:\autorun.exe"
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\MountPoints2: {fb0ad94d-ff95-11e4-be8e-0c8bfd48d068} - "G:\autorun.exe"
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\MountPoints2: {fb0ad94f-ff95-11e4-be8e-0c8bfd48d068} - "H:\autorun.exe"
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1320642483-3030571100-942361551-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
FF NewTab: about:newtab
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\DP45977C.lfl
Task: {7A0D541C-1200-4902-BF2C-91A77C6CC228} - \OFFICE2013ACT No Task File <==== ATTENTION
Task: {8C61C717-9E3E-4D00-98D7-C8BC585E64AF} - System32\Tasks\GoogleUpdateTaskMachineUA1d0931656372a86 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-14] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0931656372a86.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
FirewallRules: [{3D3312DF-0513-4B56-904B-8BD36BF9FC1A}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{9BDA9906-2F22-4418-AA85-0916E54052D1}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe


(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Zkus znovu MbAM.

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

Re: Prosím o pomoc

Napsal: 28 čer 2015 19:04
od Odahviing
MbAM našel hrozby, ale zase je nedokázal vymazat...



Fix result of Farbar Recovery Scan Tool (x64) Version:24-06-2015
Ran by Lenovo at 2015-06-28 18:20:25 Run:1
Running from C:\Users\Lenovo\Desktop
Loaded Profiles: Lenovo (Available Profiles: Lenovo & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\Run: [Eztion] => regsvr32.exe C:\Users\Lenovo\AppData\Local\Eztion\3gfs31.dll <===== ATTENTION
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\MountPoints2: {5aef9333-d63d-11e4-be86-0c8bfd48d068} - "E:\autorun.exe"
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\MountPoints2: {addf5ba6-ef5d-11e4-be89-0c8bfd48d068} - "E:\AutoRun.exe"
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\MountPoints2: {af91ebb1-e9f0-11e4-be89-0c8bfd48d068} - "E:\AutoRun.exe"
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\MountPoints2: {af91ec1a-e9f0-11e4-be89-0c8bfd48d068} - "E:\AutoRun.exe"
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\MountPoints2: {fb0ad94b-ff95-11e4-be8e-0c8bfd48d068} - "F:\autorun.exe"
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\MountPoints2: {fb0ad94d-ff95-11e4-be8e-0c8bfd48d068} - "G:\autorun.exe"
HKU\S-1-5-21-1320642483-3030571100-942361551-1001\...\MountPoints2: {fb0ad94f-ff95-11e4-be8e-0c8bfd48d068} - "H:\autorun.exe"
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1320642483-3030571100-942361551-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
FF NewTab: about:newtab
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\DP45977C.lfl
Task: {7A0D541C-1200-4902-BF2C-91A77C6CC228} - \OFFICE2013ACT No Task File <==== ATTENTION
Task: {8C61C717-9E3E-4D00-98D7-C8BC585E64AF} - System32\Tasks\GoogleUpdateTaskMachineUA1d0931656372a86 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-14] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0931656372a86.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
FirewallRules: [{3D3312DF-0513-4B56-904B-8BD36BF9FC1A}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{9BDA9906-2F22-4418-AA85-0916E54052D1}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
*****************

HKU\S-1-5-21-1320642483-3030571100-942361551-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Eztion => value removed successfully
"HKU\S-1-5-21-1320642483-3030571100-942361551-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5aef9333-d63d-11e4-be86-0c8bfd48d068}" => key removed successfully
HKCR\CLSID\{5aef9333-d63d-11e4-be86-0c8bfd48d068} => key not found.
"HKU\S-1-5-21-1320642483-3030571100-942361551-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{addf5ba6-ef5d-11e4-be89-0c8bfd48d068}" => key removed successfully
HKCR\CLSID\{addf5ba6-ef5d-11e4-be89-0c8bfd48d068} => key not found.
"HKU\S-1-5-21-1320642483-3030571100-942361551-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{af91ebb1-e9f0-11e4-be89-0c8bfd48d068}" => key removed successfully
HKCR\CLSID\{af91ebb1-e9f0-11e4-be89-0c8bfd48d068} => key not found.
"HKU\S-1-5-21-1320642483-3030571100-942361551-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{af91ec1a-e9f0-11e4-be89-0c8bfd48d068}" => key removed successfully
HKCR\CLSID\{af91ec1a-e9f0-11e4-be89-0c8bfd48d068} => key not found.
"HKU\S-1-5-21-1320642483-3030571100-942361551-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fb0ad94b-ff95-11e4-be8e-0c8bfd48d068}" => key removed successfully
HKCR\CLSID\{fb0ad94b-ff95-11e4-be8e-0c8bfd48d068} => key not found.
"HKU\S-1-5-21-1320642483-3030571100-942361551-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fb0ad94d-ff95-11e4-be8e-0c8bfd48d068}" => key removed successfully
HKCR\CLSID\{fb0ad94d-ff95-11e4-be8e-0c8bfd48d068} => key not found.
"HKU\S-1-5-21-1320642483-3030571100-942361551-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fb0ad94f-ff95-11e4-be8e-0c8bfd48d068}" => key removed successfully
HKCR\CLSID\{fb0ad94f-ff95-11e4-be8e-0c8bfd48d068} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-1320642483-3030571100-942361551-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
Firefox newtab removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A0D541C-1200-4902-BF2C-91A77C6CC228}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A0D541C-1200-4902-BF2C-91A77C6CC228}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OFFICE2013ACT" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C61C717-9E3E-4D00-98D7-C8BC585E64AF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C61C717-9E3E-4D00-98D7-C8BC585E64AF}" => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d0931656372a86 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d0931656372a86" => key removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0931656372a86.job => moved successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3D3312DF-0513-4B56-904B-8BD36BF9FC1A} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9BDA9906-2F22-4418-AA85-0916E54052D1} => value removed successfully

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-06-28 18:22:23)<=

C:\ProgramData\DP45977C.lfl => Is moved successfully

==== End of Fixlog 18:22:23 ====

Re: Prosím o pomoc

Napsal: 28 čer 2015 19:06
od Odahviing
OTL logfile created on: 28. 6. 2015 18:45:53 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lenovo\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17842)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

3,73 Gb Total Physical Memory | 2,35 Gb Available Physical Memory | 63,11% Memory free
4,60 Gb Paging File | 3,12 Gb Available in Paging File | 67,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 422,56 Gb Total Space | 268,75 Gb Free Space | 63,60% Space Free | Partition Type: NTFS
Drive D: | 25,00 Gb Total Space | 21,34 Gb Free Space | 85,34% Space Free | Partition Type: NTFS

Computer Name: IDEA-PC | User Name: Lenovo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Lenovo\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Oracle Corporation)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)
PRC - C:\Program Files (x86)\SplitCam\SplitCamService.exe (SplitCam Co.)
PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.)
PRC - C:\Program Files (x86)\USB Camera\VM331STI.EXE (Vimicro)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Motorola Solutions, Inc.)
PRC - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Windows\SysWOW64\UMonit64.exe ()
PRC - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)


========== Modules (No Company Name) ==========

MOD - C:\Windows\SysWOW64\UMonit64.exe ()


========== Services (SafeList) ==========

SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (Disc Soft Lite Bus Service) -- C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (Disc Soft Ltd)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation)
SRV:64bit: - (igfxCUIService1.0.0.0) -- C:\Windows\SysNative\igfxCUIService.exe (Intel Corporation)
SRV:64bit: - (BrcmSetSecurity) -- C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe (Intel)
SRV:64bit: - (ISCTAgent) -- C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe ()
SRV:64bit: - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (GalaxyCommunication) -- C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe (GOG.com)
SRV - (c2cpnrsvc) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
SRV - (c2cautoupdatesvc) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (SpliCamService) -- C:\Program Files (x86)\SplitCam\SplitCamService.exe (SplitCam Co.)
SRV - (VeriFaceSrv) -- C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe ()
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe (Intel Corporation)
SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Motorola Solutions, Inc.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV:64bit: - (WPRO_41_2001) -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys ()
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (dtlitescsidrv) -- C:\WINDOWS\SysNative\drivers\dtlitescsidrv.sys (Disc Soft Ltd)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (dtlitescsibus) -- C:\Windows\SysNative\drivers\dtlitescsibus.sys (Disc Soft Ltd)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (eamonm) -- C:\Windows\SysNative\drivers\eamonm.sys (ESET)
DRV:64bit: - (edevmon) -- C:\Windows\SysNative\drivers\edevmon.sys (ESET)
DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)
DRV:64bit: - (epfwwfpr) -- C:\Windows\SysNative\drivers\epfwwfpr.sys (ESET)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (acpials) -- C:\Windows\SysNative\drivers\acpials.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (scvad_simple) -- C:\Windows\SysNative\drivers\SplitCamAudio.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (splitcam_hd_driver) -- C:\Windows\SysNative\drivers\splitcam_hd_driver.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (NETwNe64) -- C:\Windows\SysNative\drivers\NETwew02.sys (Intel Corporation)
DRV:64bit: - (NETwNb64) -- C:\Windows\SysNative\drivers\NETwbw02.sys (Intel Corporation)
DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\drivers\AcpiVpc.sys (Lenovo Corporation)
DRV:64bit: - (LHDmgr) -- C:\Windows\SysNative\drivers\LhdX64.sys (Lenovo.)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (ibtusb) -- C:\Windows\SysNative\drivers\ibtusb.sys (Intel Corporation)
DRV:64bit: - (vm331avs) -- C:\Windows\SysNative\drivers\vm331avs.sys (Vimicro Corporation)
DRV:64bit: - (usb3Hub) -- C:\Windows\SysNative\drivers\usb3Hub.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys (Intel Corporation)
DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Motorola Solutions, Inc.)
DRV:64bit: - (ISCT) -- C:\Windows\SysNative\drivers\ISCTD64.sys ()
DRV:64bit: - (imsevent) -- C:\Windows\SysNative\drivers\imsevent.sys ()
DRV:64bit: - (ikbevent) -- C:\Windows\SysNative\drivers\ikbevent.sys ()
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\drivers\Rt630x64.sys (Realtek )
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys ("CyberLink)

========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Old Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:38.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.40.2: C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2: C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 38.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 38.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 38.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 38.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2015/03/14 16:37:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lenovo\AppData\Roaming\Mozilla\Extensions
[2015/06/28 13:11:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\rnmc1a8t.default\extensions
[2015/05/28 21:15:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/05/28 21:15:58 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_1\
CHR - Extension: No name found = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_1\
CHR - Extension: No name found = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_1\
CHR - Extension: No name found = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\
CHR - Extension: No name found = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\
CHR - Extension: No name found = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_1\
CHR - Extension: No name found = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.35_0\
CHR - Extension: No name found = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_1\
CHR - Extension: No name found = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\

O1 HOSTS File: ([2015/06/28 13:16:59 | 000,000,753 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [Energy Manager] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [HotKeysCmds] "C:\windows\system32\hkcmd.exe" File not found
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe ()
O4:64bit: - HKLM..\Run: [Lenovo Utility] C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [Persistence] "C:\windows\system32\igfxpers.exe" File not found
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4:64bit: - HKLM..\Run: [UMonit64] C:\Windows\SysWOW64\UMonit64.exe ()
O4 - HKLM..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331STI.EXE (Vimicro)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [GalaxyClient] C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe /launchViaAutoStart File not found
O4 - HKCU..\Run: [IWsoft] C:\Windows\SysWOW64\regsvr32.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{148648DC-A229-4475-BBCC-41DE676EFCC4}: DhcpNameServer = 127.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{26F1A065-46A0-47E0-8279-65E9528B9A45}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\WINDOWS\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\WINDOWS\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\WINDOWS\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\WINDOWS\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\WINDOWS\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\WINDOWS\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========
Časové pásmo: UTC+02:00
Stránka 1 z 3
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/