Prosím o kontrolu logu Vyřešeno

[jaro3]

Stačí.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\windows\system32\GameMon.des

Folder::
c:\program files (x86)\Skype\Updater

Driver::
SkypeUpdate
npggsvc

Registry::
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[Reklama]

[vašekp]

ComboFix 13-12-18.01 - Vašek . 12. 2013 13:39:22.11.4 - x64 MINIMAL
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.3960.3055 [GMT 1:00]
Spuštěný z: c:\users\VaÜek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\VaÜek\Desktop\CFScript.txt
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-22 do 2013-12-22 )))))))))))))))))))))))))))))))
.
.
2013-12-22 12:50 . 2013-12-22 12:50 -------- d-----w- c:\users\Vašek\AppData\Local\temp
2013-12-22 12:50 . 2013-12-22 12:50 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-12-22 12:50 . 2013-12-22 12:50 -------- d-----w- c:\users\Naďa\AppData\Local\temp
2013-12-22 12:50 . 2013-12-22 12:50 -------- d-----w- c:\users\Michal\AppData\Local\temp
2013-12-22 12:50 . 2013-12-22 12:50 -------- d-----w- c:\users\Jan\AppData\Local\temp
2013-12-22 12:50 . 2013-12-22 12:50 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-12-22 12:50 . 2013-12-22 12:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-22 12:24 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EE7DAFD7-06D6-49E8-B711-2AED3FC62711}\mpengine.dll
2013-12-21 10:38 . 2013-12-21 10:38 -------- d-----w- c:\users\Michal\AppData\Local\Broadcom
2013-12-20 22:25 . 2013-01-10 01:29 1934056 ----a-w- c:\windows\SysWow64\drivers\ntfs.sys
2013-12-20 21:49 . 2013-12-20 21:49 -------- d-----w- C:\_OTM
2013-12-20 21:15 . 2013-12-20 21:16 522240 ----a-w- C:\OTM.exe
2013-12-20 20:22 . 2013-12-20 20:22 232112 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10228.bin
2013-12-16 18:07 . 2013-12-16 18:07 -------- d-----w- c:\program files (x86)\SecurityXploded
2013-12-14 07:32 . 2013-11-01 01:45 23350272 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-14 07:32 . 2013-11-01 01:16 22615040 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-12 05:26 . 2013-12-04 00:53 78304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-12 05:26 . 2013-12-04 00:53 694240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 19:41 . 2013-11-23 06:43 420864 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-11 19:41 . 2013-11-23 05:05 368640 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-11 19:41 . 2013-11-01 05:38 312320 ----a-w- c:\windows\system32\msieftp.dll
2013-12-11 19:41 . 2013-11-01 03:49 273408 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-11 19:12 . 2013-10-08 22:27 773120 ----a-w- c:\windows\system32\wuapi.dll
2013-12-10 19:50 . 2013-12-10 19:50 -------- d-----w- c:\users\Vašek\AppData\Local\Adobe
2013-12-09 20:36 . 2013-12-14 07:58 -------- d-----w- c:\windows\system32\MRT
2013-12-09 20:03 . 2013-12-09 20:03 -------- d-----w- c:\windows\ERUNT
2013-12-08 20:55 . 2013-12-08 20:55 -------- d-----w- c:\users\Naďa\AppData\Local\Broadcom
2013-12-08 20:51 . 2013-06-16 22:41 997632 ----a-w- c:\windows\system32\drivers\ndis.sys
2013-12-08 20:48 . 2013-09-04 03:11 576512 ----a-w- c:\windows\system32\drivers\afd.sys
2013-12-08 20:48 . 2013-10-10 11:53 96600 ----a-w- c:\windows\system32\drivers\wfplwfs.sys
2013-12-08 20:48 . 2013-10-10 09:21 1160192 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-12-08 20:48 . 2013-10-10 09:20 723968 ----a-w- c:\windows\system32\BFE.DLL
2013-12-08 20:48 . 2013-06-10 19:16 888832 ----a-w- c:\windows\system32\nshwfp.dll
2013-12-08 20:48 . 2013-06-10 19:15 381952 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-12-08 20:48 . 2013-06-10 19:10 702464 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-12-08 20:48 . 2013-06-10 19:10 245248 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-12-08 20:47 . 2013-08-16 05:22 4917760 ----a-w- c:\windows\system32\sppsvc.exe
2013-12-08 20:44 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-12-08 20:44 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-12-08 20:44 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2013-12-08 20:44 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-12-08 20:44 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-12-08 20:44 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-12-08 20:44 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2013-12-08 20:44 . 2013-10-02 23:25 1300992 ----a-w- c:\windows\system32\gdi32.dll
2013-12-08 20:44 . 2013-10-01 22:22 1022976 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-12-08 20:39 . 2013-07-05 22:02 99328 ----a-w- c:\windows\system32\drivers\usbcir.sys
2013-12-08 20:39 . 2013-07-05 22:01 210560 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2013-12-08 20:39 . 2013-06-22 05:45 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-12-08 20:39 . 2013-06-22 05:45 54488 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-12-08 20:39 . 2013-06-29 03:07 83968 ----a-w- c:\windows\system32\drivers\hidclass.sys
2013-12-08 20:39 . 2013-07-01 22:14 25600 ----a-w- c:\windows\system32\drivers\usbprint.sys
2013-12-08 20:39 . 2013-06-29 03:08 32768 ----a-w- c:\windows\system32\drivers\hidparse.sys
2013-12-08 20:35 . 2013-10-01 23:26 1890816 ----a-w- c:\windows\system32\crypt32.dll
2013-12-08 20:35 . 2013-10-01 23:37 1569280 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-12-08 20:35 . 2013-05-23 23:02 1314816 ----a-w- c:\windows\system32\rpcrt4.dll
2013-12-08 20:35 . 2013-05-23 22:25 694272 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-12-08 20:34 . 2013-04-23 22:56 1255936 ----a-w- c:\windows\system32\certutil.exe
2013-12-08 20:34 . 2013-04-23 23:13 1013248 ----a-w- c:\windows\SysWow64\certutil.exe
2013-12-08 20:34 . 2013-04-23 23:12 109056 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-12-08 20:34 . 2013-04-23 22:55 141312 ----a-w- c:\windows\system32\cryptnet.dll
2013-12-08 20:33 . 2013-09-23 22:30 419328 ----a-w- c:\windows\system32\schannel.dll
2013-12-08 20:33 . 2013-09-23 22:30 323072 ----a-w- c:\windows\SysWow64\schannel.dll
2013-12-08 20:29 . 2013-04-09 04:51 99840 ----a-w- c:\windows\system32\wscsvc.dll
2013-12-08 20:28 . 2013-08-10 05:21 448512 ----a-w- c:\windows\system32\SettingSync.dll
2013-12-08 20:27 . 2013-08-03 06:40 566784 ----a-w- c:\windows\system32\wvc.dll
2013-12-08 20:26 . 2013-04-28 22:30 108032 ----a-w- c:\program files (x86)\Internet Explorer\jsdebuggeride.dll
2013-12-08 20:26 . 2013-04-28 22:28 148992 ----a-w- c:\program files\Internet Explorer\jsdebuggeride.dll
2013-12-08 20:26 . 2013-05-15 22:37 44032 ----a-w- c:\windows\SysWow64\UXInit.dll
2013-12-08 20:26 . 2013-05-15 22:35 53760 ----a-w- c:\windows\system32\UXInit.dll
2013-12-08 20:26 . 2013-05-14 13:14 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-12-08 20:26 . 2013-05-14 09:23 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-12-08 20:26 . 2013-03-15 00:17 861184 ----a-w- c:\windows\system32\drivers\http.sys
2013-12-08 20:26 . 2013-04-02 23:37 25088 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-12-08 20:26 . 2013-04-02 23:12 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-12-08 20:26 . 2013-03-06 07:10 112872 ----a-w- c:\windows\system32\consent.exe
2013-12-08 20:26 . 2013-03-06 06:29 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-12-08 20:25 . 2013-08-23 07:22 2062848 ----a-w- c:\windows\system32\d3d11.dll
2013-12-08 20:25 . 2013-08-23 01:44 1711616 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-12-08 20:25 . 2013-03-22 03:49 2382336 ----a-w- c:\windows\SysWow64\esent.dll
2013-12-08 20:25 . 2013-03-21 22:47 2851840 ----a-w- c:\windows\system32\esent.dll
2013-12-08 20:24 . 2013-08-02 06:28 10116608 ----a-w- c:\windows\system32\twinui.dll
2013-12-08 20:24 . 2013-08-02 05:08 8858112 ----a-w- c:\windows\SysWow64\twinui.dll
2013-12-08 20:24 . 2013-10-01 23:37 2035712 ----a-w- c:\windows\SysWow64\authui.dll
2013-12-08 20:24 . 2013-10-01 23:26 2304512 ----a-w- c:\windows\system32\authui.dll
2013-12-08 17:10 . 2013-12-22 12:45 -------- d-----w- c:\users\Vašek\AppData\Local\CrashDumps
2013-12-08 12:20 . 2013-12-09 19:48 -------- d-----w- C:\AdwCleaner
2013-12-08 11:56 . 2013-12-08 11:56 -------- d-----w- c:\users\Vašek\AppData\Local\Broadcom
2013-12-07 20:54 . 2013-12-07 20:54 -------- d-----w- c:\windows\SysWow64\Adobe
2013-12-07 20:11 . 2013-12-07 20:11 -------- d-----w- c:\windows\ServiceProfiles\LocalService\winhttp
2013-12-07 19:44 . 2013-12-07 19:44 -------- d-----w- c:\users\Vašek\AppData\Roaming\Malwarebytes
2013-12-07 19:44 . 2013-12-07 19:44 -------- d-----w- c:\programdata\Malwarebytes
2013-12-07 19:44 . 2013-12-07 19:44 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-12-07 19:44 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-16 21:00 . 2013-03-10 16:18 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-12-14 12:39 . 2012-07-26 01:21 133120 ----a-w- c:\windows\SysWow64\regedit.exe
2013-12-14 07:54 . 2013-04-06 14:26 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-11-19 10:21 . 2013-04-06 06:11 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-10 17:19 . 2013-10-10 17:19 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-10 17:19 . 2013-05-03 15:35 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-10-10 17:19 . 2013-05-03 15:35 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-09-23 22:30 . 2013-12-08 20:33 419328 ----a-w- c:\windows\system32\schannel.dll
2013-09-23 22:30 . 2013-12-08 20:33 323072 ----a-w- c:\windows\SysWow64\schannel.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-03 19603048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2012-07-26 508656]
"332BigDog"="c:\program files (x86)\USB Camera2\VM332STI.EXE" [2012-03-20 548864]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2012-07-27 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2012-07-27 167024]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2012-04-19 217088]
"RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-8-26 1346936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
R2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
R3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
R3 LSCWinService;LSCWinService;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 vm332avs;Lenovo Camera2;c:\windows\System32\Drivers\vm332avs.sys;c:\windows\SYSNATIVE\Drivers\vm332avs.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 WSDScan;Podpora skenování WSD;c:\windows\System32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys;c:\windows\SYSNATIVE\drivers\AcpiVpc.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 14:13 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="c:\program files\CONEXANT\SAII\SACpl.exe" [2012-06-13 1647616]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2012-06-14 887968]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-10-26 17080376]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-10-26 191544]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/?clid=12454
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SYSTEM32\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Celkový čas: 2013-12-22 13:54:42
ComboFix-quarantined-files.txt 2013-12-22 12:54
ComboFix2.txt 2013-12-21 19:40
ComboFix3.txt 2013-12-20 16:06
ComboFix4.txt 2013-12-19 14:37
ComboFix5.txt 2013-12-22 12:34
.
Před spuštěním: 870 241 579 008 bytes free
Po spuštění: 869 924 352 000 bytes free
.
- - End Of File - - F21C44908A55B2D7E6F5BCD941B4F97F

[vašekp]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:05:39, on 22. 12. 2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\USB Camera2\VM332STI.EXE
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Users\Vašek\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332STI.EXE
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: @oem17.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service (BcmBtRSupport) - Unknown owner - C:\windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Unknown owner - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9361 bytes

[vašekp]

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-12-22 14:08:11
-----------------------------
14:08:11.110 OS Version: Windows x64 6.2.9200
14:08:11.110 Number of processors: 4 586 0x2A07
14:08:11.110 ComputerName: IDEA-PC UserName: Vašek
14:08:11.110 Initialze error 1
14:08:18.907 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000039
14:08:18.923 Disk 0 Vendor: ST1000LM024_HN-M101MBB 2AR10001 Size: 953869MB BusType: 11
14:08:18.954 Disk 0 MBR read successfully
14:08:18.954 Disk 0 MBR scan
14:08:18.954 Disk 0 unknown MBR code
14:08:18.954 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
14:08:18.954 Disk 0 scanning C:\windows\system32\drivers
14:08:18.954 Service scanning
14:08:19.736 Modules scanning
14:08:19.736 Disk 0 trace - called modules:
14:08:19.751 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys
14:08:19.751 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006338740]
14:08:19.767 3 CLASSPNP.SYS[fffff88000b2fe0a] -> nt!IofCallDriver -> \Device\00000039[0xfffffa8004a04060]
14:08:19.767 Scan finished successfully
14:08:33.956 Disk 0 MBR has been saved successfully to "C:\Users\Vašek\Desktop\MBR.dat"
14:08:33.956 The log file has been saved successfully to "C:\Users\Vašek\Desktop\aswMBR.txt"

[jaro3]

Ten script V Combofixu udělej ještě jednou , v nouz. režimu. HJT už nedávej.

[vašekp]

ComboFix 13-12-18.01 - Vašek . 12. 2013 12:43:01.12.4 - x64 MINIMAL
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.3960.3165 [GMT 1:00]
Spuštěný z: c:\users\VaÜek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\VaÜek\Desktop\CFScript.txt
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-23 do 2013-12-23 )))))))))))))))))))))))))))))))
.
.
2013-12-23 11:51 . 2013-12-23 11:51 -------- d-----w- c:\users\Vašek\AppData\Local\temp
2013-12-23 11:51 . 2013-12-23 11:51 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-12-23 11:51 . 2013-12-23 11:51 -------- d-----w- c:\users\Naďa\AppData\Local\temp
2013-12-23 11:51 . 2013-12-23 11:51 -------- d-----w- c:\users\Michal\AppData\Local\temp
2013-12-23 11:51 . 2013-12-23 11:51 -------- d-----w- c:\users\Jan\AppData\Local\temp
2013-12-23 11:51 . 2013-12-23 11:51 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-12-23 11:51 . 2013-12-23 11:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-22 12:24 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EE7DAFD7-06D6-49E8-B711-2AED3FC62711}\mpengine.dll
2013-12-21 10:38 . 2013-12-21 10:38 -------- d-----w- c:\users\Michal\AppData\Local\Broadcom
2013-12-20 22:25 . 2013-01-10 01:29 1934056 ----a-w- c:\windows\SysWow64\drivers\ntfs.sys
2013-12-20 21:49 . 2013-12-20 21:49 -------- d-----w- C:\_OTM
2013-12-20 21:15 . 2013-12-20 21:16 522240 ----a-w- C:\OTM.exe
2013-12-20 20:22 . 2013-12-20 20:22 232112 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10228.bin
2013-12-16 18:07 . 2013-12-16 18:07 -------- d-----w- c:\program files (x86)\SecurityXploded
2013-12-14 07:32 . 2013-11-01 01:45 23350272 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-14 07:32 . 2013-11-01 01:16 22615040 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-12 05:26 . 2013-12-04 00:53 78304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-12 05:26 . 2013-12-04 00:53 694240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 19:41 . 2013-11-23 06:43 420864 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-11 19:41 . 2013-11-23 05:05 368640 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-11 19:41 . 2013-11-01 05:38 312320 ----a-w- c:\windows\system32\msieftp.dll
2013-12-11 19:41 . 2013-11-01 03:49 273408 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-11 19:12 . 2013-10-08 22:27 773120 ----a-w- c:\windows\system32\wuapi.dll
2013-12-10 19:50 . 2013-12-10 19:50 -------- d-----w- c:\users\Vašek\AppData\Local\Adobe
2013-12-09 20:36 . 2013-12-14 07:58 -------- d-----w- c:\windows\system32\MRT
2013-12-09 20:03 . 2013-12-09 20:03 -------- d-----w- c:\windows\ERUNT
2013-12-08 20:55 . 2013-12-08 20:55 -------- d-----w- c:\users\Naďa\AppData\Local\Broadcom
2013-12-08 20:51 . 2013-06-16 22:41 997632 ----a-w- c:\windows\system32\drivers\ndis.sys
2013-12-08 20:48 . 2013-09-04 03:11 576512 ----a-w- c:\windows\system32\drivers\afd.sys
2013-12-08 20:48 . 2013-10-10 11:53 96600 ----a-w- c:\windows\system32\drivers\wfplwfs.sys
2013-12-08 20:48 . 2013-10-10 09:21 1160192 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-12-08 20:48 . 2013-10-10 09:20 723968 ----a-w- c:\windows\system32\BFE.DLL
2013-12-08 20:48 . 2013-06-10 19:16 888832 ----a-w- c:\windows\system32\nshwfp.dll
2013-12-08 20:48 . 2013-06-10 19:15 381952 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-12-08 20:48 . 2013-06-10 19:10 702464 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-12-08 20:48 . 2013-06-10 19:10 245248 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-12-08 20:47 . 2013-08-16 05:22 4917760 ----a-w- c:\windows\system32\sppsvc.exe
2013-12-08 20:44 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-12-08 20:44 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-12-08 20:44 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2013-12-08 20:44 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-12-08 20:44 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-12-08 20:44 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-12-08 20:44 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2013-12-08 20:44 . 2013-10-02 23:25 1300992 ----a-w- c:\windows\system32\gdi32.dll
2013-12-08 20:44 . 2013-10-01 22:22 1022976 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-12-08 20:39 . 2013-07-05 22:02 99328 ----a-w- c:\windows\system32\drivers\usbcir.sys
2013-12-08 20:39 . 2013-07-05 22:01 210560 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2013-12-08 20:39 . 2013-06-22 05:45 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-12-08 20:39 . 2013-06-22 05:45 54488 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-12-08 20:39 . 2013-06-29 03:07 83968 ----a-w- c:\windows\system32\drivers\hidclass.sys
2013-12-08 20:39 . 2013-07-01 22:14 25600 ----a-w- c:\windows\system32\drivers\usbprint.sys
2013-12-08 20:39 . 2013-06-29 03:08 32768 ----a-w- c:\windows\system32\drivers\hidparse.sys
2013-12-08 20:35 . 2013-10-01 23:26 1890816 ----a-w- c:\windows\system32\crypt32.dll
2013-12-08 20:35 . 2013-10-01 23:37 1569280 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-12-08 20:35 . 2013-05-23 23:02 1314816 ----a-w- c:\windows\system32\rpcrt4.dll
2013-12-08 20:35 . 2013-05-23 22:25 694272 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-12-08 20:34 . 2013-04-23 22:56 1255936 ----a-w- c:\windows\system32\certutil.exe
2013-12-08 20:34 . 2013-04-23 23:13 1013248 ----a-w- c:\windows\SysWow64\certutil.exe
2013-12-08 20:34 . 2013-04-23 23:12 109056 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-12-08 20:34 . 2013-04-23 22:55 141312 ----a-w- c:\windows\system32\cryptnet.dll
2013-12-08 20:33 . 2013-09-23 22:30 419328 ----a-w- c:\windows\system32\schannel.dll
2013-12-08 20:33 . 2013-09-23 22:30 323072 ----a-w- c:\windows\SysWow64\schannel.dll
2013-12-08 20:29 . 2013-04-09 04:51 99840 ----a-w- c:\windows\system32\wscsvc.dll
2013-12-08 20:28 . 2013-08-10 05:21 448512 ----a-w- c:\windows\system32\SettingSync.dll
2013-12-08 20:27 . 2013-08-03 06:40 566784 ----a-w- c:\windows\system32\wvc.dll
2013-12-08 20:26 . 2013-04-28 22:30 108032 ----a-w- c:\program files (x86)\Internet Explorer\jsdebuggeride.dll
2013-12-08 20:26 . 2013-04-28 22:28 148992 ----a-w- c:\program files\Internet Explorer\jsdebuggeride.dll
2013-12-08 20:26 . 2013-05-15 22:37 44032 ----a-w- c:\windows\SysWow64\UXInit.dll
2013-12-08 20:26 . 2013-05-15 22:35 53760 ----a-w- c:\windows\system32\UXInit.dll
2013-12-08 20:26 . 2013-05-14 13:14 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-12-08 20:26 . 2013-05-14 09:23 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-12-08 20:26 . 2013-03-15 00:17 861184 ----a-w- c:\windows\system32\drivers\http.sys
2013-12-08 20:26 . 2013-04-02 23:37 25088 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-12-08 20:26 . 2013-04-02 23:12 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-12-08 20:26 . 2013-03-06 07:10 112872 ----a-w- c:\windows\system32\consent.exe
2013-12-08 20:26 . 2013-03-06 06:29 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-12-08 20:25 . 2013-08-23 07:22 2062848 ----a-w- c:\windows\system32\d3d11.dll
2013-12-08 20:25 . 2013-08-23 01:44 1711616 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-12-08 20:25 . 2013-03-22 03:49 2382336 ----a-w- c:\windows\SysWow64\esent.dll
2013-12-08 20:25 . 2013-03-21 22:47 2851840 ----a-w- c:\windows\system32\esent.dll
2013-12-08 20:24 . 2013-08-02 06:28 10116608 ----a-w- c:\windows\system32\twinui.dll
2013-12-08 20:24 . 2013-08-02 05:08 8858112 ----a-w- c:\windows\SysWow64\twinui.dll
2013-12-08 20:24 . 2013-10-01 23:37 2035712 ----a-w- c:\windows\SysWow64\authui.dll
2013-12-08 20:24 . 2013-10-01 23:26 2304512 ----a-w- c:\windows\system32\authui.dll
2013-12-08 17:10 . 2013-12-22 13:07 -------- d-----w- c:\users\Vašek\AppData\Local\CrashDumps
2013-12-08 12:20 . 2013-12-09 19:48 -------- d-----w- C:\AdwCleaner
2013-12-08 11:56 . 2013-12-08 11:56 -------- d-----w- c:\users\Vašek\AppData\Local\Broadcom
2013-12-07 20:54 . 2013-12-07 20:54 -------- d-----w- c:\windows\SysWow64\Adobe
2013-12-07 20:11 . 2013-12-07 20:11 -------- d-----w- c:\windows\ServiceProfiles\LocalService\winhttp
2013-12-07 19:44 . 2013-12-07 19:44 -------- d-----w- c:\users\Vašek\AppData\Roaming\Malwarebytes
2013-12-07 19:44 . 2013-12-07 19:44 -------- d-----w- c:\programdata\Malwarebytes
2013-12-07 19:44 . 2013-12-07 19:44 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-12-07 19:44 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-16 21:00 . 2013-03-10 16:18 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-12-14 12:39 . 2012-07-26 01:21 133120 ----a-w- c:\windows\SysWow64\regedit.exe
2013-12-14 07:54 . 2013-04-06 14:26 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-11-19 10:21 . 2013-04-06 06:11 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-10 17:19 . 2013-10-10 17:19 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-10 17:19 . 2013-05-03 15:35 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-10-10 17:19 . 2013-05-03 15:35 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-03 19603048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2012-07-26 508656]
"332BigDog"="c:\program files (x86)\USB Camera2\VM332STI.EXE" [2012-03-20 548864]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2012-07-27 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2012-07-27 167024]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2012-04-19 217088]
"RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-8-26 1346936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
R2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
R3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
R3 LSCWinService;LSCWinService;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 vm332avs;Lenovo Camera2;c:\windows\System32\Drivers\vm332avs.sys;c:\windows\SYSNATIVE\Drivers\vm332avs.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 WSDScan;Podpora skenování WSD;c:\windows\System32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys;c:\windows\SYSNATIVE\drivers\AcpiVpc.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 14:13 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="c:\program files\CONEXANT\SAII\SACpl.exe" [2012-06-13 1647616]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2012-06-14 887968]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-10-26 17080376]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-10-26 191544]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/?clid=12454
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SYSTEM32\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Celkový čas: 2013-12-23 12:53:52
ComboFix-quarantined-files.txt 2013-12-23 11:53
ComboFix2.txt 2013-12-22 12:54
ComboFix3.txt 2013-12-21 19:40
ComboFix4.txt 2013-12-20 16:06
ComboFix5.txt 2013-12-23 11:41
.
Před spuštěním: 870 005 755 904 bytes free
Po spuštění: 869 819 658 240 bytes free
.
- - End Of File - - E7393F263A9FD5351CFA8DDC857F12AB

[jaro3]

Nějak to nemaže , ale jsou to jen zbytečnosti.

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Co problémy?

[vašekp]

Notebook funguje dobře až na úvodní prodlevu při připojení k síti. Mám jiný noťas Asus s W7 a ten se připojí hned po zapnutí. Není to ani chyba routeru, na dovolené jsem měl oba a na jiné síti byl stejný problém. Prodleva trvá asi 5 minut, když zkouším připojení k síti po zapnutí, tak se objeví: k této síti se nedá připojit. Nevím jestli problém není způsoben W8, nějaký test po startu nebo něco podobného. Myslel jsem že tady snad něco objevíme, čím by to mohlo být. Pokud by nemělo smysl pokračovat, tak můžeme dát zelenou fajfku.
Přeju všem v pc-help hezké svátky.

[jaro3]

Taky přejeme!

Stáhni si Farbar Recovery Scan Tool

a ulož jej na plochu.
Poznámka: Je třeba spustit kompatibilní verze s vaším systémem. Zde si můžeš zkontrolovat, pokud si nejsi jistý, zda je váš počítač 32-bit nebo 64-bit:
http://windows.microsoft.com/en-us/wind ... -or-64-bit
Poklepáním jej spusť . Když se otevře nástroj klepni na tlačítko YES(Ano) disclaimer.
Stiskni tlačítko Scan (Skenovat).Log (FRST.txt) bude ve stejném adresáři jako nástroj . Prosím, zkopíruj a vlož jej sem.
Poprvé když je nástroj spuštěn, udělá dalšílog (Addition.txt). Prosím, vlož ho sem také.

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[vašekp]

Tak už jsem na to přišel. Když jsem dal Zapnout nebo vypnout bezdrátovou komunikaci, tak pod Režim v letadle - vyp je Wi-fi - zap a Bluetooth - zap. Když jsem vypnul Bluetooth připojení k síti je okamžité. Nemám s W8 ještě tolik zkušeností, asi jsem ten přepínač zapomněl vrátit.

[jaro3]

Fajn.

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.