ComboFix 13-08-25.01 - Petr 26.08.2013 11:31:36.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4061.2755 [GMT 2:00]
Spuštěný z: c:\users\Petr\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Petr\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\TEMP\cpuz136\cpuz136_x64.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_CPUZ136
-------\Service_cpuz136
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-07-26 do 2013-08-26 )))))))))))))))))))))))))))))))
.
.
2013-08-26 09:39 . 2013-08-26 09:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-26 09:39 . 2013-08-26 09:39 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-08-26 08:55 . 2013-08-26 08:55 -------- d-----w- c:\users\Petr\AppData\Roaming\pdfforge
2013-08-26 08:55 . 2012-05-05 09:54 137000 ----a-w- c:\windows\SysWow64\MSMAPI32.OCX
2013-08-26 08:55 . 2013-04-09 13:13 110264 ----a-w- c:\windows\system32\pdfcmon.dll
2013-08-26 08:55 . 2012-05-05 09:54 23552 ----a-w- c:\windows\SysWow64\MSMPIDE.DLL
2013-08-26 08:55 . 2013-08-26 08:56 -------- d-----w- c:\program files (x86)\PDFCreator
2013-08-26 08:15 . 2013-08-26 08:15 -------- d-----w- C:\NvidiaLogging
2013-08-26 08:14 . 2013-05-14 19:28 39712 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-08-26 08:14 . 2013-05-14 19:27 29984 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-08-26 08:14 . 2013-05-14 19:27 28448 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-08-26 08:13 . 2013-08-26 08:13 -------- d-----w- c:\users\Petr\AppData\Local\NVIDIA
2013-08-26 08:05 . 2013-08-26 08:07 -------- d-----w- c:\programdata\NVIDIA
2013-08-26 08:05 . 2013-08-26 08:05 -------- d-----w- c:\users\UpdatusUser
2013-08-26 08:05 . 2013-08-26 08:15 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2013-08-26 08:05 . 2013-08-26 08:05 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-08-26 08:04 . 2013-06-21 10:23 6496544 ----a-w- c:\windows\system32\nvcpl.dll
2013-08-26 08:04 . 2013-06-21 10:23 3514656 ----a-w- c:\windows\system32\nvsvc64.dll
2013-08-26 08:04 . 2013-06-21 10:23 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-08-26 08:04 . 2013-06-21 10:23 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-08-26 08:04 . 2013-06-21 10:23 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-08-26 08:04 . 2013-06-21 10:23 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-08-26 07:07 . 2013-08-26 08:11 -------- d-----w- c:\programdata\NVIDIA Corporation
2013-08-25 21:09 . 2013-08-25 21:09 -------- d-----w- C:\NVIDIA
2013-08-23 08:44 . 2013-08-23 08:44 -------- d-----w- c:\windows\ERUNT
2013-08-23 08:02 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A0CD24DF-A833-4350-BC3C-5436ECF6E231}\mpengine.dll
2013-08-23 07:14 . 2013-08-23 07:14 -------- d-----w- c:\users\Petr\AppData\Local\Adobe
2013-08-23 06:50 . 2013-08-23 08:31 -------- d-----w- C:\AdwCleaner
2013-08-23 06:37 . 2013-08-23 06:37 -------- d-----w- c:\users\Petr\AppData\Roaming\Malwarebytes
2013-08-23 06:36 . 2013-08-23 06:36 -------- d-----w- c:\programdata\Malwarebytes
2013-08-23 06:36 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-08-23 06:36 . 2013-08-23 06:36 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-08-23 06:36 . 2013-08-23 06:36 -------- d-----w- c:\users\Petr\AppData\Local\Programs
2013-08-22 20:05 . 2013-08-22 20:05 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-22 20:05 . 2013-08-22 20:05 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-22 18:06 . 2013-08-22 18:06 388096 ----a-r- c:\users\Petr\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-08-22 18:06 . 2013-08-22 18:06 -------- d-----w- c:\program files (x86)\Trend Micro
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-22 17:42 . 2010-01-31 10:50 78161360 ----a-w- c:\windows\system32\MRT.exe
2013-07-09 04:45 . 2013-08-22 17:40 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-06-24 08:10 . 2013-06-24 08:10 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-24 08:10 . 2012-08-04 08:54 867240 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2013-06-24 08:10 . 2011-05-09 17:06 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-05 03:34 . 2013-07-10 08:39 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 06:00 . 2013-07-10 08:39 624128 ----a-w- c:\windows\system32\qedit.dll
2013-06-04 04:53 . 2013-07-10 08:39 509440 ----a-w- c:\windows\SysWow64\qedit.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 130736 ----a-w- c:\users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 130736 ----a-w- c:\users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 130736 ----a-w- c:\users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2009-08-12 352256]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2009-06-02 423936]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-01-13 34088]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-08-12 6203296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\NVIDIA~1\NVSTRE~1\rxinput.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
"TUSBSleepChargeSrv"=c:\program files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Bonus.SSR.FR11"="c:\program files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 ABBYY.Licensing.FineReader.Corporate.11.0;ABBYY FineReader 11 CE Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [x]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys;c:\windows\SYSNATIVE\DRIVERS\adusbser.sys [x]
R3 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
R3 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [x]
R3 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
R3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SolutoRemoteService;Soluto Remote Service;c:\program files\Soluto\SolutoRemoteService.exe;c:\program files\Soluto\SolutoRemoteService.exe [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wod0205;WeOnlyDo Network Adapter 2.5;c:\windows\system32\DRIVERS\wod0205.sys;c:\windows\SYSNATIVE\DRIVERS\wod0205.sys [x]
S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys;c:\windows\SYSNATIVE\DRIVERS\Soluto.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys;c:\windows\SYSNATIVE\DRIVERS\thpdrv.sys [x]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS;c:\windows\SYSNATIVE\DRIVERS\Thpevm.SYS [x]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys;c:\windows\SYSNATIVE\DRIVERS\tos_sps64.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 ArcGIS License Manager;ArcGIS License Manager;c:\progra~2\ESRI\License\arcgis9x\lmgrd.exe;c:\progra~2\ESRI\License\arcgis9x\lmgrd.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 SolutoLauncherService;Soluto Launcher Service;c:\program files\Soluto\SolutoLauncherService.exe;c:\program files\Soluto\SolutoLauncherService.exe [x]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe;c:\program files\Soluto\SolutoService.exe [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - CPUZ136
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 164016 ----a-w- c:\users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 164016 ----a-w- c:\users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 164016 ----a-w- c:\users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 164016 ----a-w- c:\users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-08-03 7982112]
"Teco"="c:\program files (x86)\TOSHIBA\TECO\Teco.exe" [BU]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-11-16 2716216]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2009-08-05 909624]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-27 1028896]
"Soluto"="c:\program files\soluto\soluto.exe" [2013-01-10 1229296]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~1\NVIDIA~1\NVSTRE~1\rxinput.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/ig/redirectdomain ... &bmod=TSEH
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-PolarClock3 - c:\windows\system32\PolarClock3.scr
AddRemove-Verbatim GREEN BUTTON_is1 - i:\verbatim\GREEN BUTTON\unins000.exe
AddRemove-{B931FB80-537A-4600-00AD-AC5DEDB6C25B} - c:\program files (x86)\Electronic Arts\The Lord of the Rings
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-799259419-3588551148-2385700677-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:42,74,6a,d3,60,3b,b4,90,33,cd,3d,8d,03,9a,1d,f7,02,1e,51,d1,67,3b,7f,
38,84,f8,4a,b9,d8,08,a8,5e,7e,c2,0e,35,90,b6,1c,8a,95,fe,ab,84,7d,ff,2e,2d,\
"??"=hex:24,89,38,01,d6,ba,15,60,1d,fb,4d,05,86,f9,ed,9a
.
[HKEY_USERS\S-1-5-21-799259419-3588551148-2385700677-1000\Software\SecuROM\License information*]
"datasecu"=hex:ea,4b,1a,a6,3e,cc,dd,45,11,69,27,51,f3,b5,fc,c5,4d,9c,46,44,a6,
15,6f,90,5e,78,c6,55,7e,57,51,33,84,c0,43,16,b6,41,98,d2,38,3f,58,b6,bb,0f,\
"rkeysecu"=hex:70,94,3b,bf,b7,74,bd,14,6e,70,a4,0b,bf,1c,06,fa
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\progra~2\ESRI\License\arcgis9x\ARCGIS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
c:\windows\SysWOW64\POLARC~1.SCR
.
**************************************************************************
.
Celkový čas: 2013-08-26 13:03:07 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-08-26 11:03
ComboFix2.txt 2013-08-25 19:36
.
Před spuštěním: Volných bajtů: 135 409 471 488
Po spuštění: Volných bajtů: 137 138 606 080
.
- - End Of File - - 200B52226A9B773D9752842F39AD97B4
A36C5E4F47E84449FF07ED3517B43A31
Prosím o kontrolu logu
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
+ Nový log z HJT
Jak se chová PC?
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
+ Nový log z HJT
Jak se chová PC?
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: Prosím o kontrolu logu
Ahoj, díky za pomoc, ale nějak moc mi blbnou okna poslední dobou, jdu na Linux...
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Možná špatný disk.
Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 97 hostů