Prosím o kontrolu logu Vyřešeno

[vašekp]

NDISWANLEGACY C:\windows\system32\DRIVERS\ndiswan.sys
21:47:46.0304 5828 NDISWANLEGACY - ok
21:47:46.0336 5828 [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
21:47:46.0336 5828 NDProxy - ok
21:47:46.0351 5828 [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu C:\windows\system32\drivers\Ndu.sys
21:47:46.0351 5828 Ndu - ok
21:47:46.0367 5828 [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
21:47:46.0367 5828 NetBIOS - ok
21:47:46.0383 5828 [ 7CEC25C682D319D484630B3952C31A11 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
21:47:46.0383 5828 NetBT - ok
21:47:46.0414 5828 [ F702AB6181513303AB0FC8D59E52708B ] Netlogon C:\windows\system32\lsass.exe
21:47:46.0414 5828 Netlogon - ok
21:47:46.0445 5828 [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman C:\windows\System32\netman.dll
21:47:46.0461 5828 Netman - ok
21:47:46.0508 5828 [ 79FA9393C67EBBF92A56923592CF7A7C ] netprofm C:\windows\System32\netprofmsvc.dll
21:47:46.0523 5828 netprofm - ok
21:47:46.0601 5828 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:47:46.0633 5828 NetTcpPortSharing - ok
21:47:46.0820 5828 [ 57B9C04D673F236D41FAB03842C8640B ] NETwNs64 C:\windows\system32\DRIVERS\NETwNs64.sys
21:47:46.0977 5828 NETwNs64 - ok
21:47:47.0008 5828 [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
21:47:47.0008 5828 nfrd960 - ok
21:47:47.0039 5828 [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc C:\windows\System32\nlasvc.dll
21:47:47.0055 5828 NlaSvc - ok
21:47:47.0070 5828 [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs C:\windows\system32\drivers\Npfs.sys
21:47:47.0070 5828 Npfs - ok
21:47:47.0070 5828 npggsvc - ok
21:47:47.0086 5828 [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig C:\windows\System32\drivers\npsvctrig.sys
21:47:47.0086 5828 npsvctrig - ok
21:47:47.0117 5828 [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi C:\windows\system32\nsisvc.dll
21:47:47.0117 5828 nsi - ok
21:47:47.0133 5828 [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
21:47:47.0133 5828 nsiproxy - ok
21:47:47.0227 5828 [ 76929F4A69E425911A63B407E26C2589 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
21:47:47.0258 5828 Ntfs - ok
21:47:47.0273 5828 [ 4163ADE07DB51843AE31F65B94F5398D ] Null C:\windows\system32\drivers\Null.sys
21:47:47.0289 5828 Null - ok
21:47:47.0570 5828 [ 0A2F27B5BCC45B64E152DD6AE0815198 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
21:47:47.0758 5828 nvlddmkm - ok
21:47:47.0789 5828 [ EB12E165FD233F2DDC47B11423186177 ] nvpciflt C:\windows\system32\DRIVERS\nvpciflt.sys
21:47:47.0789 5828 nvpciflt - ok
21:47:47.0820 5828 [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid C:\windows\system32\drivers\nvraid.sys
21:47:47.0820 5828 nvraid - ok
21:47:47.0836 5828 [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor C:\windows\system32\drivers\nvstor.sys
21:47:47.0836 5828 nvstor - ok
21:47:47.0867 5828 [ 574087EA9105F23FB522A4FDDD5292D9 ] nvsvc C:\windows\system32\nvvsvc.exe
21:47:47.0883 5828 nvsvc - ok
21:47:47.0977 5828 [ ABA5A88740635D37A2B6CEB27DBC738A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
21:47:47.0992 5828 nvUpdatusService - ok
21:47:48.0024 5828 [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
21:47:48.0024 5828 nv_agp - ok
21:47:48.0070 5828 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:47:48.0070 5828 ose - ok
21:47:48.0242 5828 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:47:48.0367 5828 osppsvc - ok
21:47:48.0399 5828 [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc C:\windows\system32\pnrpsvc.dll
21:47:48.0414 5828 p2pimsvc - ok
21:47:48.0430 5828 [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc C:\windows\system32\p2psvc.dll
21:47:48.0430 5828 p2psvc - ok
21:47:48.0461 5828 [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport C:\windows\System32\drivers\parport.sys
21:47:48.0461 5828 Parport - ok
21:47:48.0492 5828 [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr C:\windows\system32\drivers\partmgr.sys
21:47:48.0492 5828 partmgr - ok
21:47:48.0539 5828 [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc C:\windows\System32\pcasvc.dll
21:47:48.0555 5828 PcaSvc - ok
21:47:48.0586 5828 [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci C:\windows\system32\drivers\pci.sys
21:47:48.0586 5828 pci - ok
21:47:48.0602 5828 [ F9908D274D458220F91E89B54D78D837 ] pciide C:\windows\system32\drivers\pciide.sys
21:47:48.0602 5828 pciide - ok
21:47:48.0617 5828 [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia C:\windows\system32\drivers\pcmcia.sys
21:47:48.0633 5828 pcmcia - ok
21:47:48.0633 5828 [ CEBBAD5391C2644560C55628A40BFD27 ] pcw C:\windows\system32\drivers\pcw.sys
21:47:48.0633 5828 pcw - ok
21:47:48.0664 5828 [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc C:\windows\system32\drivers\pdc.sys
21:47:48.0664 5828 pdc - ok
21:47:48.0711 5828 [ 61FE70659CD43E07F94DA4DC31DEC493 ] PEAUTH C:\windows\system32\drivers\peauth.sys
21:47:48.0727 5828 PEAUTH - ok
21:47:48.0789 5828 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost C:\windows\SysWow64\perfhost.exe
21:47:48.0789 5828 PerfHost - ok
21:47:48.0836 5828 [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla C:\windows\system32\pla.dll
21:47:48.0852 5828 pla - ok
21:47:48.0883 5828 [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay C:\windows\system32\umpnpmgr.dll
21:47:48.0883 5828 PlugPlay - ok
21:47:48.0883 5828 [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
21:47:48.0899 5828 PNRPAutoReg - ok
21:47:48.0899 5828 [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc C:\windows\system32\pnrpsvc.dll
21:47:48.0899 5828 PNRPsvc - ok
21:47:48.0930 5828 [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
21:47:48.0946 5828 PolicyAgent - ok
21:47:48.0977 5828 [ F1E067F56373F11EA4B785CAE823740A ] Power C:\windows\system32\umpo.dll
21:47:49.0008 5828 Power - ok
21:47:49.0039 5828 [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
21:47:49.0039 5828 PptpMiniport - ok
21:47:49.0164 5828 [ 9D59831262CAD44E709D695FC9D5E7AB ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
21:47:49.0196 5828 PrintNotify - ok
21:47:49.0227 5828 [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor C:\windows\System32\drivers\processr.sys
21:47:49.0227 5828 Processor - ok
21:47:49.0243 5828 [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc C:\windows\system32\profsvc.dll
21:47:49.0258 5828 ProfSvc - ok
21:47:49.0274 5828 [ EB8034147D4820CD31BFCB11A2A652DF ] Psched C:\windows\system32\DRIVERS\pacer.sys
21:47:49.0274 5828 Psched - ok
21:47:49.0290 5828 [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE C:\windows\system32\qwave.dll
21:47:49.0305 5828 QWAVE - ok
21:47:49.0321 5828 [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
21:47:49.0336 5828 QWAVEdrv - ok
21:47:49.0336 5828 [ 873C60F8178100557740A832FCE10B5F ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
21:47:49.0336 5828 RasAcd - ok
21:47:49.0368 5828 [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
21:47:49.0368 5828 RasAgileVpn - ok
21:47:49.0383 5828 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto C:\windows\System32\rasauto.dll
21:47:49.0399 5828 RasAuto - ok
21:47:49.0399 5828 [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
21:47:49.0399 5828 Rasl2tp - ok
21:47:49.0415 5828 [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan C:\windows\System32\rasmans.dll
21:47:49.0415 5828 RasMan - ok
21:47:49.0430 5828 [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
21:47:49.0430 5828 RasPppoe - ok
21:47:49.0430 5828 [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
21:47:49.0430 5828 RasSstp - ok
21:47:49.0461 5828 [ CA03D642ACE58E1BA54E4B383F91CD69 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
21:47:49.0461 5828 rdbss - ok
21:47:49.0477 5828 [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus C:\windows\System32\drivers\rdpbus.sys
21:47:49.0477 5828 rdpbus - ok
21:47:49.0493 5828 [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR C:\windows\system32\drivers\rdpdr.sys
21:47:49.0493 5828 RDPDR - ok
21:47:49.0540 5828 [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
21:47:49.0540 5828 RdpVideoMiniport - ok
21:47:49.0555 5828 [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
21:47:49.0571 5828 RDPWD - ok
21:47:49.0571 5828 [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
21:47:49.0586 5828 rdyboost - ok
21:47:49.0618 5828 [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess C:\windows\System32\mprdim.dll
21:47:49.0633 5828 RemoteAccess - ok
21:47:49.0665 5828 [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry C:\windows\system32\regsvc.dll
21:47:49.0665 5828 RemoteRegistry - ok
21:47:49.0696 5828 [ 9C3AC71A9934B884FAC567A8807E9C4D ] Revoflt C:\windows\system32\DRIVERS\revoflt.sys
21:47:49.0696 5828 Revoflt - ok
21:47:49.0727 5828 [ CCBFCABDFE2BC22F0645CEAADDB36004 ] RFCOMM C:\windows\System32\drivers\rfcomm.sys
21:47:49.0727 5828 RFCOMM - ok
21:47:49.0758 5828 [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
21:47:49.0790 5828 RpcEptMapper - ok
21:47:49.0821 5828 [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator C:\windows\system32\locator.exe
21:47:49.0821 5828 RpcLocator - ok
21:47:49.0852 5828 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs C:\windows\system32\rpcss.dll
21:47:49.0868 5828 RpcSs - ok
21:47:49.0899 5828 [ E04E770DD198B9399640717145E79EBF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
21:47:49.0930 5828 rspndr - ok
21:47:49.0961 5828 [ 8EB6DCEB7473C232D8BC9A886E3183AC ] RSUSBVSTOR C:\windows\System32\Drivers\RtsUVStor.sys
21:47:49.0977 5828 RSUSBVSTOR - ok
21:47:50.0008 5828 [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap C:\windows\System32\drivers\vms3cap.sys
21:47:50.0008 5828 s3cap - ok
21:47:50.0040 5828 [ F702AB6181513303AB0FC8D59E52708B ] SamSs C:\windows\system32\lsass.exe
21:47:50.0040 5828 SamSs - ok
21:47:50.0055 5828 [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
21:47:50.0055 5828 sbp2port - ok
21:47:50.0102 5828 [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr C:\windows\System32\SCardSvr.dll
21:47:50.0118 5828 SCardSvr - ok
21:47:50.0118 5828 [ 5D7733A12756B267FCA021672B26BC9E ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
21:47:50.0118 5828 scfilter - ok
21:47:50.0211 5828 [ ED40ED9A65F3E79A8C43DD50C5FDADBF ] Schedule C:\windows\system32\schedsvc.dll
21:47:50.0227 5828 Schedule - ok
21:47:50.0258 5828 [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc C:\windows\System32\certprop.dll
21:47:50.0258 5828 SCPolicySvc - ok
21:47:50.0290 5828 [ 047315E75392CEA447ACC86257824C16 ] sdbus C:\windows\System32\drivers\sdbus.sys
21:47:50.0305 5828 sdbus - ok
21:47:50.0321 5828 [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC C:\windows\System32\SDRSVC.dll
21:47:50.0336 5828 SDRSVC - ok
21:47:50.0368 5828 [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor C:\windows\System32\drivers\sdstor.sys
21:47:50.0368 5828 sdstor - ok
21:47:50.0399 5828 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
21:47:50.0415 5828 secdrv - ok
21:47:50.0415 5828 [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon C:\windows\system32\seclogon.dll
21:47:50.0430 5828 seclogon - ok
21:47:50.0446 5828 [ 9C51620998F0763039DFA6BF68E475ED ] SENS C:\windows\System32\sens.dll
21:47:50.0446 5828 SENS - ok
21:47:50.0461 5828 [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc C:\windows\system32\sensrsvc.dll
21:47:50.0477 5828 SensrSvc - ok
21:47:50.0493 5828 [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx C:\windows\system32\drivers\SerCx.sys
21:47:50.0493 5828 SerCx - ok
21:47:50.0508 5828 [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum C:\windows\System32\drivers\serenum.sys
21:47:50.0508 5828 Serenum - ok
21:47:50.0524 5828 [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial C:\windows\System32\drivers\serial.sys
21:47:50.0524 5828 Serial - ok
21:47:50.0540 5828 [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse C:\windows\System32\drivers\sermouse.sys
21:47:50.0540 5828 sermouse - ok
21:47:50.0555 5828 [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv C:\windows\system32\sessenv.dll
21:47:50.0571 5828 SessionEnv - ok
21:47:50.0571 5828 [ 7EE65419B29302C795714FF8073969A1 ] sfloppy C:\windows\System32\drivers\sfloppy.sys
21:47:50.0571 5828 sfloppy - ok
21:47:50.0602 5828 [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess C:\windows\System32\ipnathlp.dll
21:47:50.0602 5828 SharedAccess - ok
21:47:50.0680 5828 [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\windows\System32\shsvcs.dll
21:47:50.0696 5828 ShellHWDetection - ok
21:47:50.0696 5828 [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
21:47:50.0712 5828 SiSRaid2 - ok
21:47:50.0712 5828 [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
21:47:50.0727 5828 SiSRaid4 - ok
21:47:50.0884 5828 [ 9F712B26EE3B0242DE997A42FD302E2C ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
21:47:50.0915 5828 Skype C2C Service - ok
21:47:50.0993 5828 [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:47:51.0009 5828 SkypeUpdate - ok
21:47:51.0040 5828 [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP C:\windows\System32\snmptrap.exe
21:47:51.0040 5828 SNMPTRAP - ok
21:47:51.0087 5828 [ FD3AF5575B99871BADB94E7699DBCE08 ] spaceport C:\windows\system32\drivers\spaceport.sys
21:47:51.0102 5828 spaceport - ok
21:47:51.0134 5828 [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx C:\windows\system32\drivers\SpbCx.sys
21:47:51.0134 5828 SpbCx - ok
21:47:51.0165 5828 [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler C:\windows\System32\spoolsv.exe
21:47:51.0180 5828 Spooler - ok
21:47:51.0305 5828 [ EC84D961501054F87A6878EC5D53388F ] sppsvc C:\windows\system32\sppsvc.exe
21:47:51.0415 5828 sppsvc - ok
21:47:51.0446 5828 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv C:\windows\system32\DRIVERS\srv.sys
21:47:51.0462 5828 srv - ok
21:47:51.0509 5828 [ 56218A571ECF8D55E0CDFF8DF2546CF1 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
21:47:51.0509 5828 srv2 - ok
21:47:51.0540 5828 [ 14FC338B80CFF7E04215133B568D15C4 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
21:47:51.0540 5828 srvnet - ok
21:47:51.0587 5828 [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
21:47:51.0587 5828 SSDPSRV - ok
21:47:51.0587 5828 [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc C:\windows\system32\sstpsvc.dll
21:47:51.0603 5828 SstpSvc - ok
21:47:51.0618 5828 [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor C:\windows\system32\drivers\stexstor.sys
21:47:51.0618 5828 stexstor - ok
21:47:51.0649 5828 [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc C:\windows\System32\wiaservc.dll
21:47:51.0665 5828 stisvc - ok
21:47:51.0696 5828 [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci C:\windows\system32\drivers\storahci.sys
21:47:51.0696 5828 storahci - ok
21:47:51.0712 5828 [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt C:\windows\system32\DRIVERS\vmstorfl.sys
21:47:51.0712 5828 storflt - ok
21:47:51.0728 5828 [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc C:\windows\system32\storsvc.dll
21:47:51.0728 5828 StorSvc - ok
21:47:51.0743 5828 [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc C:\windows\system32\drivers\storvsc.sys
21:47:51.0743 5828 storvsc - ok
21:47:51.0759 5828 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc C:\windows\system32\svsvc.dll
21:47:51.0759 5828 svsvc - ok
21:47:51.0774 5828 [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum C:\windows\System32\drivers\swenum.sys
21:47:51.0774 5828 swenum - ok
21:47:51.0790 5828 [ 502F9488540051F3E6C39889ECFA76BB ] swprv C:\windows\System32\swprv.dll
21:47:51.0806 5828 swprv - ok
21:47:51.0853 5828 [ A06CB9269D29EE3D0F3F5630ABB660B8 ] SysMain C:\windows\system32\sysmain.dll
21:47:51.0868 5828 SysMain - ok
21:47:51.0915 5828 [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
21:47:51.0946 5828 SystemEventsBroker - ok
21:47:51.0978 5828 [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\windows\System32\TabSvc.dll
21:47:51.0993 5828 TabletInputService - ok
21:47:52.0009 5828 [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv C:\windows\System32\tapisrv.dll
21:47:52.0024 5828 TapiSrv - ok
21:47:52.0118 5828 [ 37D85E873C9531A2F88DD9C63D3F8A9E ] Tcpip C:\windows\system32\drivers\tcpip.sys
21:47:52.0149 5828 Tcpip - ok
21:47:52.0181 5828 [ 37D85E873C9531A2F88DD9C63D3F8A9E ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
21:47:52.0196 5828 TCPIP6 - ok
21:47:52.0228 5828 [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
21:47:52.0228 5828 tcpipreg - ok
21:47:52.0243 5828 [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx C:\windows\system32\DRIVERS\tdx.sys
21:47:52.0243 5828 tdx - ok
21:47:52.0259 5828 [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt C:\windows\System32\drivers\terminpt.sys
21:47:52.0259 5828 terminpt - ok
21:47:52.0306 5828 [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService C:\windows\System32\termsrv.dll
21:47:52.0321 5828 TermService - ok
21:47:52.0337 5828 [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes C:\windows\system32\themeservice.dll
21:47:52.0337 5828 Themes - ok
21:47:52.0368 5828 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER C:\windows\system32\mmcss.dll
21:47:52.0368 5828 THREADORDER - ok
21:47:52.0399 5828 [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker C:\windows\System32\TimeBrokerServer.dll
21:47:52.0415 5828 TimeBroker - ok
21:47:52.0446 5828 [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM C:\windows\system32\drivers\tpm.sys
21:47:52.0446 5828 TPM - ok
21:47:52.0462 5828 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks C:\windows\System32\trkwks.dll
21:47:52.0462 5828 TrkWks - ok
21:47:52.0509 5828 [ 8ABBB5CE0C62E0A6D28F32F44B7F865C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
21:47:52.0524 5828 TrustedInstaller - ok
21:47:52.0540 5828 [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
21:47:52.0540 5828 TsUsbFlt - ok
21:47:52.0571 5828 [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD C:\windows\System32\drivers\TsUsbGD.sys
21:47:52.0571 5828 TsUsbGD - ok
21:47:52.0587 5828 [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
21:47:52.0587 5828 tunnel - ok
21:47:52.0618 5828 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35 C:\windows\system32\drivers\uagp35.sys
21:47:52.0618 5828 uagp35 - ok
21:47:52.0649 5828 [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor C:\windows\System32\drivers\uaspstor.sys
21:47:52.0649 5828 UASPStor - ok
21:47:52.0696 5828 [ 061BA3EE0D2BE17944990544008CF190 ] UCX01000 C:\windows\System32\drivers\ucx01000.sys
21:47:52.0696 5828 UCX01000 - ok
21:47:52.0728 5828 [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs C:\windows\system32\DRIVERS\udfs.sys
21:47:52.0743 5828 udfs - ok
21:47:52.0790 5828 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect C:\windows\system32\UI0Detect.exe
21:47:52.0790 5828 UI0Detect - ok
21:47:52.0806 5828 [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
21:47:52.0821 5828 uliagpkx - ok
21:47:52.0821 5828 [ 02CEB3FE6152668A7BA420B93B664860 ] umbus C:\windows\System32\drivers\umbus.sys
21:47:52.0821 5828 umbus - ok
21:47:52.0837 5828 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass C:\windows\System32\drivers\umpass.sys
21:47:52.0837 5828 UmPass - ok
21:47:52.0868 5828 [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService C:\windows\System32\umrdp.dll
21:47:52.0868 5828 UmRdpService - ok
21:47:52.0962 5828 [ E1A119AD21F5AFE22EB516C549306D3D ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:47:52.0962 5828 UNS - ok
21:47:53.0009 5828 [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost C:\windows\System32\upnphost.dll
21:47:53.0025 5828 upnphost - ok
21:47:53.0072 5828 [ C976C4306F9AE133D6BBD47FDFC3BF92 ] usbccgp C:\windows\System32\drivers\usbccgp.sys
21:47:53.0072 5828 usbccgp - ok
21:47:53.0087 5828 [ B395B62B62F28106218FA6FB17F4C797 ] usbcir C:\windows\System32\drivers\usbcir.sys
21:47:53.0087 5828 usbcir - ok
21:47:53.0103 5828 [ B24FDEB1B18496F1B463782235AA3AF1 ] usbehci C:\windows\System32\drivers\usbehci.sys
21:47:53.0103 5828 usbehci - ok
21:47:53.0118 5828 [ F8C2A832DF9403F5EA8080CBDBDA95FB ] usbhub C:\windows\System32\drivers\usbhub.sys
21:47:53.0134 5828 usbhub - ok
21:47:53.0150 5828 [ B1E910DDC08A8536116214326124903C ] USBHUB3 C:\windows\System32\drivers\UsbHub3.sys
21:47:53.0165 5828 USBHUB3 - ok
21:47:53.0181 5828 [ 325F6179009B5A7F6118951A5BA422AB ] usbohci C:\windows\System32\drivers\usbohci.sys
21:47:53.0181 5828 usbohci - ok
21:47:53.0212 5828 [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint C:\windows\System32\drivers\usbprint.sys
21:47:53.0212 5828 usbprint - ok
21:47:53.0243 5828 [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR C:\windows\System32\drivers\USBSTOR.SYS
21:47:53.0243 5828 USBSTOR - ok
21:47:53.0259 5828 [ 1ABF657259DB57F7E5558E4DF1357C0C ] usbuhci C:\windows\System32\drivers\usbuhci.sys
21:47:53.0259 5828 usbuhci - ok
21:47:53.0290 5828 [ 09799E701B4327097E9F63D3FE221083 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
21:47:53.0290 5828 usbvideo - ok
21:47:53.0322 5828 [ 8DC398D7B8E02C929A2096E74A170970 ] USBXHCI C:\windows\System32\drivers\USBXHCI.SYS
21:47:53.0322 5828 USBXHCI - ok
21:47:53.0337 5828 [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc C:\windows\system32\lsass.exe
21:47:53.0337 5828 VaultSvc - ok
21:47:53.0353 5828 [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
21:47:53.0353 5828 vdrvroot - ok
21:47:53.0400 5828 [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71 ] vds C:\windows\System32\vds.exe
21:47:53.0415 5828 vds - ok
21:47:53.0415 5828 [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt C:\windows\system32\drivers\VerifierExt.sys
21:47:53.0431 5828 VerifierExt - ok
21:47:53.0447 5828 [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp C:\windows\System32\drivers\vhdmp.sys
21:47:53.0447 5828 vhdmp - ok
21:47:53.0478 5828 [ F5B4A14B00E89250C50982AC762DDD1D ] viaide C:\windows\system32\drivers\viaide.sys
21:47:53.0478 5828 viaide - ok
21:47:53.0509 5828 [ 71B51CF0B12E216D1FA8262B3B8E7DB4 ] vm332avs C:\windows\System32\Drivers\vm332avs.sys
21:47:53.0525 5828 vm332avs - ok
21:47:53.0540 5828 [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus C:\windows\system32\drivers\vmbus.sys
21:47:53.0540 5828 vmbus - ok
21:47:53.0556 5828 [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID C:\windows\System32\drivers\VMBusHID.sys
21:47:53.0556 5828 VMBusHID - ok
21:47:53.0572 5828 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat C:\windows\System32\ICSvc.dll
21:47:53.0587 5828 vmicheartbeat - ok
21:47:53.0587 5828 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\windows\System32\ICSvc.dll
21:47:53.0587 5828 vmickvpexchange - ok
21:47:53.0603 5828 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv C:\windows\System32\ICSvc.dll
21:47:53.0603 5828 vmicrdv - ok
21:47:53.0603 5828 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown C:\windows\System32\ICSvc.dll
21:47:53.0603 5828 vmicshutdown - ok
21:47:53.0619 5828 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync C:\windows\System32\ICSvc.dll
21:47:53.0619 5828 vmictimesync - ok
21:47:53.0634 5828 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss C:\windows\System32\ICSvc.dll
21:47:53.0634 5828 vmicvss - ok
21:47:53.0650 5828 [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr C:\windows\system32\drivers\volmgr.sys
21:47:53.0665 5828 volmgr - ok
21:47:53.0665 5828 [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
21:47:53.0665 5828 volmgrx - ok
21:47:53.0681 5828 [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap C:\windows\system32\drivers\volsnap.sys
21:47:53.0697 5828 volsnap - ok
21:47:53.0712 5828 [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci C:\windows\System32\drivers\vpci.sys
21:47:53.0712 5828 vpci - ok
21:47:53.0712 5828 [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
21:47:53.0712 5828 vsmraid - ok
21:47:53.0790 5828 [ D0C69E44BC1E1D4AD290FD84104623D8 ] VSS C:\windows\system32\vssvc.exe
21:47:53.0806 5828 VSS - ok
21:47:53.0822 5828 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID C:\windows\system32\drivers\vstxraid.sys
21:47:53.0822 5828 VSTXRAID - ok
21:47:53.0837 5828 [ 62460A45435A26A334907E3F2EA45611 ] vwifibus C:\windows\System32\drivers\vwifibus.sys
21:47:53.0837 5828 vwifibus - ok
21:47:53.0853 5828 [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
21:47:53.0853 5828 vwififlt - ok
21:47:53.0853 5828 [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
21:47:53.0853 5828 vwifimp - ok
21:47:53.0884 5828 [ F690B6EEAA94576727B24376D7ED3601 ] W32Time C:\windows\system32\w32time.dll
21:47:53.0884 5828 W32Time - ok
21:47:53.0900 5828 [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen C:\windows\System32\drivers\wacompen.sys
21:47:53.0900 5828 WacomPen - ok
21:47:53.0931 5828 [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarp C:\windows\system32\DRIVERS\wanarp.sys
21:47:53.0931 5828 Wanarp - ok
21:47:53.0931 5828 [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
21:47:53.0931 5828 Wanarpv6 - ok
21:47:53.0978 5828 [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine C:\windows\system32\wbengine.exe
21:47:54.0009 5828 wbengine - ok
21:47:54.0009 5828 [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
21:47:54.0025 5828 WbioSrvc - ok
21:47:54.0041 5828 [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc C:\windows\System32\wcmsvc.dll
21:47:54.0041 5828 Wcmsvc - ok
21:47:54.0103 5828 [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc C:\windows\System32\wcncsvc.dll
21:47:54.0119 5828 wcncsvc - ok
21:47:54.0134 5828 [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
21:47:54.0181 5828 WcsPlugInService - ok
21:47:54.0197 5828 [ B3A4D918DAB90505B6BC7B70632913CB ] Wd C:\windows\system32\drivers\wd.sys
21:47:54.0197 5828 Wd - ok
21:47:54.0228 5828 [ 6F4B5DDDC3B86091E94BC47347A78AF7 ] WdBoot C:\windows\system32\drivers\WdBoot.sys
21:47:54.0228 5828 WdBoot - ok
21:47:54.0275 5828 [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
21:47:54.0291 5828 Wdf01000 - ok
21:47:54.0322 5828 [ 99D404A9A0AFC4734E014EBEBAC13F8F ] WdFilter C:\windows\system32\drivers\WdFilter.sys
21:47:54.0322 5828 WdFilter - ok
21:47:54.0338 5828 [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost C:\windows\system32\wdi.dll
21:47:54.0338 5828 WdiServiceHost - ok
21:47:54.0338 5828 [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost C:\windows\system32\wdi.dll
21:47:54.0353 5828 WdiSystemHost - ok
21:47:54.0369 5828 [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient C:\windows\System32\webclnt.dll
21:47:54.0369 5828 WebClient - ok
21:47:54.0384 5828 [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc C:\windows\system32\wecsvc.dll
21:47:54.0384 5828 Wecsvc - ok
21:47:54.0400 5828 [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport C:\windows\System32\wercplsupport.dll
21:47:54.0400 5828 wercplsupport - ok
21:47:54.0447 5828 [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc C:\windows\System32\WerSvc.dll
21:47:54.0447 5828 WerSvc - ok
21:47:54.0478 5828 [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS C:\windows\system32\DRIVERS\wfplwfs.sys
21:47:54.0478 5828 WFPLWFS - ok
21:47:54.0494 5828 [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc C:\windows\System32\wiarpc.dll
21:47:54.0509 5828 WiaRpc - ok
21:47:54.0525 5828 [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount C:\windows\system32\drivers\wimmount.sys
21:47:54.0525 5828 WIMMount - ok
21:47:54.0556 5828 WinDefend - ok
21:47:54.0619 5828 [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
21:47:54.0634 5828 WinHttpAutoProxySvc - ok
21:47:54.0697 5828 [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
21:47:54.0697 5828 Winmgmt - ok
21:47:54.0713 5828 WinRing0_1_2_0 - ok
21:47:54.0806 5828 [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM C:\windows\system32\WsmSvc.dll
21:47:54.0838 5828 WinRM - ok
21:47:54.0869 5828 [ BB20956C424531003F7FA6CD36F11D5D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
21:47:54.0869 5828 WinUsb - ok
21:47:54.0931 5828 [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc C:\windows\System32\wlansvc.dll
21:47:54.0963 5828 WlanSvc - ok
21:47:55.0041 5828 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc C:\windows\system32\wlidsvc.dll
21:47:55.0072 5828 wlidsvc - ok
21:47:55.0103 5828 [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi C:\windows\System32\drivers\wmiacpi.sys
21:47:55.0103 5828 WmiAcpi - ok
21:47:55.0150 5828 [ D113499052C5E541906B727779F0F959 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
21:47:55.0150 5828 wmiApSrv - ok
21:47:55.0181 5828 WMPNetworkSvc - ok
21:47:55.0213 5828 [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr C:\windows\system32\DRIVERS\wpcfltr.sys
21:47:55.0213 5828 wpcfltr - ok
21:47:55.0244 5828 [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc C:\windows\System32\wpcsvc.dll
21:47:55.0244 5828 WPCSvc - ok
21:47:55.0275 5828 [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
21:47:55.0291 5828 WPDBusEnum - ok
21:47:55.0291 5828 [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr C:\windows\system32\drivers\WpdUpFltr.sys
21:47:55.0291 5828 WpdUpFltr - ok
21:47:55.0322 5828 [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
21:47:55.0338 5828 ws2ifsl - ok
21:47:55.0369 5828 [ 012CFE7F0F95266F554EE3B91EE2128A ] wscsvc C:\windows\System32\wscsvc.dll
21:47:55.0400 5828 wscsvc - ok
21:47:55.0447 5828 [ 74EFDA0526862C3D8D01A776182798EA ] WSDPrintDevice C:\windows\System32\drivers\WSDPrint.sys
21:47:55.0463 5828 WSDPrintDevice - ok
21:47:55.0478 5828 [ FA07DF46070F0826139709EF4D31FB71 ] WSDScan C:\windows\system32\DRIVERS\WSDScan.sys
21:47:55.0494 5828 WSDScan - ok
21:47:55.0494 5828 WSearch - ok
21:47:55.0588 5828 [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService C:\windows\System32\WSService.dll
21:47:55.0619 5828 WSService - ok
21:47:55.0650 5828 [ 72B4E9DF6456C43C42A1419B09486045 ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
21:47:55.0650 5828 wsvd - ok
21:47:55.0744 5828 [ BE302BABE45EC05995F8DC66E37BBB3D ] wuauserv C:\windows\system32\wuaueng.dll
21:47:55.0775 5828 wuauserv - ok
21:47:55.0791 5828 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
21:47:55.0806 5828 WudfPf - ok
21:47:55.0806 5828 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\System32\drivers\WUDFRd.sys
21:47:55.0822 5828 WUDFRd - ok
21:47:55.0838 5828 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP C:\windows\system32\DRIVERS\WUDFRd.sys
21:47:55.0838 5828 WUDFSensorLP - ok
21:47:55.0853 5828 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
21:47:55.0853 5828 wudfsvc - ok
21:47:55.0869 5828 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs C:\windows\system32\DRIVERS\WUDFRd.sys
21:47:55.0869 5828 WUDFWpdFs - ok
21:47:55.0885 5828 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdMtp C:\windows\system32\DRIVERS\WUDFRd.sys
21:47:55.0885 5828 WUDFWpdMtp - ok
21:47:55.0932 5828 [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc C:\windows\System32\wwansvc.dll
21:47:55.0947 5828 WwanSvc - ok
21:47:55.0963 5828 ================ Scan global ===============================
21:47:56.0010 5828 [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\windows\system32\basesrv.dll
21:47:56.0041 5828 [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\windows\system32\winsrv.dll
21:47:56.0088 5828 [ BD7C6949984D19AAA609896B675E7357 ] C:\windows\system32\sxssrv.dll
21:47:56.0135 5828 [ 8F226143046435C75C033B0C52E90FFE ] C:\windows\system32\services.exe
21:47:56.0150 5828 [Global] - ok
21:47:56.0150 5828 ================ Scan MBR ==================================
21:47:56.0166 5828 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:47:56.0166 5828 \Device\Harddisk0\DR0 - ok
21:47:56.0166 5828 ================ Scan VBR ==================================
21:47:56.0182 5828 [ 9C2AA8683705893A17F4D416A5E9C10E ] \Device\Harddisk0\DR0\Partition1
21:47:56.0182 5828 \Device\Harddisk0\DR0\Partition1 - ok
21:47:56.0197 5828 [ 74DAC7098E1DDFF44C9FE471E01FA3E1 ] \Device\Harddisk0\DR0\Partition2
21:47:56.0197 5828 \Device\Harddisk0\DR0\Partition2 - ok
21:47:56.0213 5828 [ 932D226A48D87C19E2C09DCDF0415346 ] \Device\Harddisk0\DR0\Partition3
21:47:56.0213 5828 \Device\Harddisk0\DR0\Partition3 - ok
21:47:56.0213 5828 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition4
21:47:56.0213 5828 \Device\Harddisk0\DR0\Partition4 - ok
21:47:56.0228 5828 [ D85F9CCDAEF51B98DFAB9BD57C0C0B50 ] \Device\Harddisk0\DR0\Partition5
21:47:56.0228 5828 \Device\Harddisk0\DR0\Partition5 - ok
21:47:56.0260 5828 [ 1FA13FC46F05AEDF341A9059EF911FAE ] \Device\Harddisk0\DR0\Partition6
21:47:56.0260 5828 \Device\Harddisk0\DR0\Partition6 - ok
21:47:56.0275 5828 [ A97415BEE2616B22DA2CBFFDE6411DB4 ] \Device\Harddisk0\DR0\Partition7
21:47:56.0275 5828 \Device\Harddisk0\DR0\Partition7 - ok
21:47:56.0275 5828 ============================================================
21:47:56.0275 5828 Scan finished
21:47:56.0275 5828 ============================================================
21:47:56.0291 4068 Detected object count: 0
21:47:56.0291 4068 Actual detected object count: 0

[Reklama]

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[vašekp]

ComboFix 13-12-10.01 - Vašek . 12. 2013 20:50:22.1.4 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.3960.2363 [GMT 1:00]
Spuštěný z: c:\users\VaÜek\Desktop\ComboFix.exe
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Lenovo\Lenovo Solution Center\Microsoft Fix it\FixitUi\_desktop.ini
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-11 do 2013-12-11 )))))))))))))))))))))))))))))))
.
.
2013-12-11 20:01 . 2013-12-11 20:01 -------- d-----w- c:\users\Vašek\AppData\Local\temp
2013-12-11 20:01 . 2013-12-11 20:01 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-12-11 20:01 . 2013-12-11 20:01 -------- d-----w- c:\users\Naďa\AppData\Local\temp
2013-12-11 20:01 . 2013-12-11 20:01 -------- d-----w- c:\users\Jan\AppData\Local\temp
2013-12-11 20:01 . 2013-12-11 20:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-11 17:37 . 2013-11-07 18:12 10285968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F4DD8897-6414-4946-881B-40F5B6A323B7}\mpengine.dll
2013-12-10 19:50 . 2013-12-10 19:50 -------- d-----w- c:\users\Vašek\AppData\Local\Adobe
2013-12-09 20:49 . 2013-11-05 22:58 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-09 20:49 . 2013-11-05 22:58 694232 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-09 20:36 . 2013-12-09 20:39 -------- d-----w- c:\windows\system32\MRT
2013-12-09 20:03 . 2013-12-09 20:03 -------- d-----w- c:\windows\ERUNT
2013-12-08 20:55 . 2013-12-08 20:55 -------- d-----w- c:\users\Naďa\AppData\Local\Broadcom
2013-12-08 20:34 . 2013-04-23 22:56 1255936 ----a-w- c:\windows\system32\certutil.exe
2013-12-08 20:34 . 2013-04-23 23:13 1013248 ----a-w- c:\windows\SysWow64\certutil.exe
2013-12-08 20:34 . 2013-04-23 23:12 109056 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-12-08 20:34 . 2013-04-23 22:55 141312 ----a-w- c:\windows\system32\cryptnet.dll
2013-12-08 20:33 . 2013-09-23 22:30 419328 ----a-w- c:\windows\system32\schannel.dll
2013-12-08 20:33 . 2013-09-23 22:30 323072 ----a-w- c:\windows\SysWow64\schannel.dll
2013-12-08 20:29 . 2013-04-09 04:51 99840 ----a-w- c:\windows\system32\wscsvc.dll
2013-12-08 20:28 . 2013-08-10 05:21 448512 ----a-w- c:\windows\system32\SettingSync.dll
2013-12-08 20:27 . 2013-08-03 06:40 566784 ----a-w- c:\windows\system32\wvc.dll
2013-12-08 20:26 . 2013-10-12 08:43 15404544 ----a-w- c:\windows\system32\ieframe.dll
2013-12-08 20:25 . 2013-08-23 07:22 2062848 ----a-w- c:\windows\system32\d3d11.dll
2013-12-08 20:25 . 2013-08-23 01:44 1711616 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-12-08 20:25 . 2013-03-22 03:49 2382336 ----a-w- c:\windows\SysWow64\esent.dll
2013-12-08 20:25 . 2013-03-21 22:47 2851840 ----a-w- c:\windows\system32\esent.dll
2013-12-08 20:24 . 2013-08-02 06:28 10116608 ----a-w- c:\windows\system32\twinui.dll
2013-12-08 20:24 . 2013-08-02 05:08 8858112 ----a-w- c:\windows\SysWow64\twinui.dll
2013-12-08 20:24 . 2013-10-01 23:37 2035712 ----a-w- c:\windows\SysWow64\authui.dll
2013-12-08 20:24 . 2013-10-01 23:26 2304512 ----a-w- c:\windows\system32\authui.dll
2013-12-08 17:10 . 2013-12-10 15:10 -------- d-----w- c:\users\Vašek\AppData\Local\CrashDumps
2013-12-08 12:20 . 2013-12-09 19:48 -------- d-----w- C:\AdwCleaner
2013-12-08 11:56 . 2013-12-08 11:56 -------- d-----w- c:\users\Vašek\AppData\Local\Broadcom
2013-12-07 21:59 . 2013-12-07 21:59 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2013-12-07 21:56 . 2013-12-07 22:31 -------- d-----w- c:\programdata\Symantec
2013-12-07 21:55 . 2013-12-07 21:55 -------- d-----w- c:\programdata\Norton
2013-12-07 20:54 . 2013-12-07 20:54 -------- d-----w- c:\windows\SysWow64\Adobe
2013-12-07 20:11 . 2013-12-07 20:11 -------- d-----w- c:\windows\ServiceProfiles\LocalService\winhttp
2013-12-07 19:44 . 2013-12-07 19:44 -------- d-----w- c:\users\Vašek\AppData\Roaming\Malwarebytes
2013-12-07 19:44 . 2013-12-07 19:44 -------- d-----w- c:\programdata\Malwarebytes
2013-12-07 19:44 . 2013-12-07 19:44 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-12-07 19:44 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-11-24 07:51 . 2013-11-24 07:51 280752 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10226.bin
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-19 10:21 . 2013-04-06 06:11 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-07 15:00 . 2013-04-06 14:26 82896128 ----a-w- c:\windows\system32\MRT.exe
2013-11-01 21:34 . 2013-03-10 16:18 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-10-10 17:19 . 2013-10-10 17:19 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-10 17:19 . 2013-05-03 15:35 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-10-10 17:19 . 2013-05-03 15:35 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-09-23 22:30 . 2013-12-08 20:33 419328 ----a-w- c:\windows\system32\schannel.dll
2013-09-23 22:30 . 2013-12-08 20:33 323072 ----a-w- c:\windows\SysWow64\schannel.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-03 19603048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2012-07-26 508656]
"332BigDog"="c:\program files (x86)\USB Camera2\VM332STI.EXE" [2012-03-20 548864]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2012-07-27 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2012-07-27 167024]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2012-04-19 217088]
"RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2012-09-13 1009288]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-8-26 1346936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 LSCWinService;LSCWinService;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 WSDScan;Podpora skenování WSD;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S2 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys;c:\windows\SYSNATIVE\drivers\AcpiVpc.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 vm332avs;Lenovo Camera2;c:\windows\System32\Drivers\vm332avs.sys;c:\windows\SYSNATIVE\Drivers\vm332avs.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 14:13 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-11 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1007Core.job
- c:\users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-12 16:27]
.
2013-12-11 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1007UA.job
- c:\users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-12 16:27]
.
2013-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-23 15:47]
.
2013-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-23 15:47]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="c:\program files\CONEXANT\SAII\SACpl.exe" [2012-06-13 1647616]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2012-06-14 887968]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-10-26 17080376]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-10-26 191544]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/?clid=12454
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-FLV Player - c:\users\Vašek\AppData\Local\WebPlayer\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Celkový čas: 2013-12-11 21:05:11
ComboFix-quarantined-files.txt 2013-12-11 20:05
.
Před spuštěním: 867 179 614 208 bytes free
Po spuštění: 866 626 437 120 bytes free
.
- - End Of File - - 2F8C4AD69BAB718F1A53E16F3DC3C5A5

[memphisto]

Máš něco od Nortona/Symantecu?

[vašekp]

Ano, našel jsem Norton Security scan. Mám ho odstranit?

[jaro3]

Ano , odinstaluj a pak nový Combofix.

[vašekp]

ComboFix 13-12-10.01 - Vašek . 12. 2013 17:57:13.2.4 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.3960.2408 [GMT 1:00]
Spuštěný z: c:\users\VaÜek\Desktop\ComboFix.exe
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-13 do 2013-12-13 )))))))))))))))))))))))))))))))
.
.
2013-12-13 17:05 . 2013-12-13 17:05 -------- d-----w- c:\users\Vašek\AppData\Local\temp
2013-12-13 17:05 . 2013-12-13 17:05 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-12-13 17:05 . 2013-12-13 17:05 -------- d-----w- c:\users\Naďa\AppData\Local\temp
2013-12-13 17:05 . 2013-12-13 17:05 -------- d-----w- c:\users\Michal\AppData\Local\temp
2013-12-13 17:05 . 2013-12-13 17:05 -------- d-----w- c:\users\Jan\AppData\Local\temp
2013-12-13 17:05 . 2013-12-13 17:05 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-12-13 17:05 . 2013-12-13 17:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-12 22:39 . 2013-12-12 22:39 254128 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10227.bin
2013-12-12 21:46 . 2013-11-07 18:12 10285968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B79715E3-EE21-4295-A703-78410341D4DC}\mpengine.dll
2013-12-12 05:26 . 2013-12-04 00:53 78304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-12 05:26 . 2013-12-04 00:53 694240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 19:41 . 2013-11-23 06:43 420864 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-11 19:41 . 2013-11-23 05:05 368640 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-11 19:41 . 2013-11-01 05:38 312320 ----a-w- c:\windows\system32\msieftp.dll
2013-12-11 19:41 . 2013-11-01 03:49 273408 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-11 19:12 . 2013-10-08 22:27 773120 ----a-w- c:\windows\system32\wuapi.dll
2013-12-10 19:50 . 2013-12-10 19:50 -------- d-----w- c:\users\Vašek\AppData\Local\Adobe
2013-12-09 20:36 . 2013-12-09 20:39 -------- d-----w- c:\windows\system32\MRT
2013-12-09 20:03 . 2013-12-09 20:03 -------- d-----w- c:\windows\ERUNT
2013-12-08 20:55 . 2013-12-08 20:55 -------- d-----w- c:\users\Naďa\AppData\Local\Broadcom
2013-12-08 20:51 . 2013-06-16 22:41 997632 ----a-w- c:\windows\system32\drivers\ndis.sys
2013-12-08 20:48 . 2013-09-04 03:11 576512 ----a-w- c:\windows\system32\drivers\afd.sys
2013-12-08 20:48 . 2013-10-10 11:53 96600 ----a-w- c:\windows\system32\drivers\wfplwfs.sys
2013-12-08 20:48 . 2013-10-10 09:21 1160192 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-12-08 20:48 . 2013-10-10 09:20 723968 ----a-w- c:\windows\system32\BFE.DLL
2013-12-08 20:48 . 2013-06-10 19:16 888832 ----a-w- c:\windows\system32\nshwfp.dll
2013-12-08 20:48 . 2013-06-10 19:15 381952 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-12-08 20:48 . 2013-06-10 19:10 702464 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-12-08 20:48 . 2013-06-10 19:10 245248 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-12-08 20:47 . 2013-08-16 05:22 4917760 ----a-w- c:\windows\system32\sppsvc.exe
2013-12-08 20:44 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-12-08 20:44 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-12-08 20:44 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2013-12-08 20:44 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-12-08 20:44 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-12-08 20:44 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-12-08 20:44 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2013-12-08 20:44 . 2013-10-02 23:25 1300992 ----a-w- c:\windows\system32\gdi32.dll
2013-12-08 20:44 . 2013-10-01 22:22 1022976 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-12-08 20:39 . 2013-07-05 22:02 99328 ----a-w- c:\windows\system32\drivers\usbcir.sys
2013-12-08 20:39 . 2013-07-05 22:01 210560 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2013-12-08 20:39 . 2013-06-22 05:45 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-12-08 20:39 . 2013-06-22 05:45 54488 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-12-08 20:39 . 2013-06-29 03:07 83968 ----a-w- c:\windows\system32\drivers\hidclass.sys
2013-12-08 20:39 . 2013-07-01 22:14 25600 ----a-w- c:\windows\system32\drivers\usbprint.sys
2013-12-08 20:39 . 2013-06-29 03:08 32768 ----a-w- c:\windows\system32\drivers\hidparse.sys
2013-12-08 20:35 . 2013-10-01 23:26 1890816 ----a-w- c:\windows\system32\crypt32.dll
2013-12-08 20:35 . 2013-10-01 23:37 1569280 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-12-08 20:35 . 2013-05-23 23:02 1314816 ----a-w- c:\windows\system32\rpcrt4.dll
2013-12-08 20:35 . 2013-05-23 22:25 694272 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-12-08 20:34 . 2013-04-23 22:56 1255936 ----a-w- c:\windows\system32\certutil.exe
2013-12-08 20:34 . 2013-04-23 23:13 1013248 ----a-w- c:\windows\SysWow64\certutil.exe
2013-12-08 20:34 . 2013-04-23 23:12 109056 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-12-08 20:34 . 2013-04-23 22:55 141312 ----a-w- c:\windows\system32\cryptnet.dll
2013-12-08 20:33 . 2013-09-23 22:30 419328 ----a-w- c:\windows\system32\schannel.dll
2013-12-08 20:33 . 2013-09-23 22:30 323072 ----a-w- c:\windows\SysWow64\schannel.dll
2013-12-08 20:29 . 2013-04-09 04:51 99840 ----a-w- c:\windows\system32\wscsvc.dll
2013-12-08 20:28 . 2013-08-10 05:21 448512 ----a-w- c:\windows\system32\SettingSync.dll
2013-12-08 20:27 . 2013-08-03 06:40 566784 ----a-w- c:\windows\system32\wvc.dll
2013-12-08 20:26 . 2013-04-28 22:30 108032 ----a-w- c:\program files (x86)\Internet Explorer\jsdebuggeride.dll
2013-12-08 20:26 . 2013-04-28 22:28 148992 ----a-w- c:\program files\Internet Explorer\jsdebuggeride.dll
2013-12-08 20:26 . 2013-05-15 22:37 44032 ----a-w- c:\windows\SysWow64\UXInit.dll
2013-12-08 20:26 . 2013-05-15 22:35 53760 ----a-w- c:\windows\system32\UXInit.dll
2013-12-08 20:26 . 2013-05-14 13:14 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-12-08 20:26 . 2013-05-14 09:23 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-12-08 20:26 . 2013-03-15 00:17 861184 ----a-w- c:\windows\system32\drivers\http.sys
2013-12-08 20:26 . 2013-04-02 23:37 25088 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-12-08 20:26 . 2013-04-02 23:12 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-12-08 20:26 . 2013-06-21 05:04 19187712 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-08 20:26 . 2013-06-21 04:46 18523648 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-08 20:26 . 2013-03-06 07:10 112872 ----a-w- c:\windows\system32\consent.exe
2013-12-08 20:26 . 2013-03-06 06:29 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-12-08 20:25 . 2013-08-23 07:22 2062848 ----a-w- c:\windows\system32\d3d11.dll
2013-12-08 20:25 . 2013-08-23 01:44 1711616 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-12-08 20:25 . 2013-03-22 03:49 2382336 ----a-w- c:\windows\SysWow64\esent.dll
2013-12-08 20:25 . 2013-03-21 22:47 2851840 ----a-w- c:\windows\system32\esent.dll
2013-12-08 20:24 . 2013-08-02 06:28 10116608 ----a-w- c:\windows\system32\twinui.dll
2013-12-08 20:24 . 2013-08-02 05:08 8858112 ----a-w- c:\windows\SysWow64\twinui.dll
2013-12-08 20:24 . 2013-10-01 23:37 2035712 ----a-w- c:\windows\SysWow64\authui.dll
2013-12-08 20:24 . 2013-10-01 23:26 2304512 ----a-w- c:\windows\system32\authui.dll
2013-12-08 17:10 . 2013-12-10 15:10 -------- d-----w- c:\users\Vašek\AppData\Local\CrashDumps
2013-12-08 12:20 . 2013-12-09 19:48 -------- d-----w- C:\AdwCleaner
2013-12-08 11:56 . 2013-12-08 11:56 -------- d-----w- c:\users\Vašek\AppData\Local\Broadcom
2013-12-07 20:54 . 2013-12-07 20:54 -------- d-----w- c:\windows\SysWow64\Adobe
2013-12-07 20:11 . 2013-12-07 20:11 -------- d-----w- c:\windows\ServiceProfiles\LocalService\winhttp
2013-12-07 19:44 . 2013-12-07 19:44 -------- d-----w- c:\users\Vašek\AppData\Roaming\Malwarebytes
2013-12-07 19:44 . 2013-12-07 19:44 -------- d-----w- c:\programdata\Malwarebytes
2013-12-07 19:44 . 2013-12-07 19:44 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-12-07 19:44 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-19 10:21 . 2013-04-06 06:11 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-07 15:00 . 2013-04-06 14:26 82896128 ----a-w- c:\windows\system32\MRT.exe
2013-11-01 21:34 . 2013-03-10 16:18 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-10-10 17:19 . 2013-10-10 17:19 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-10 17:19 . 2013-05-03 15:35 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-10-10 17:19 . 2013-05-03 15:35 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-09-23 22:30 . 2013-12-08 20:33 419328 ----a-w- c:\windows\system32\schannel.dll
2013-09-23 22:30 . 2013-12-08 20:33 323072 ----a-w- c:\windows\SysWow64\schannel.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-03 19603048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2012-07-26 508656]
"332BigDog"="c:\program files (x86)\USB Camera2\VM332STI.EXE" [2012-03-20 548864]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2012-07-27 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2012-07-27 167024]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2012-04-19 217088]
"RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2012-09-13 1009288]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-8-26 1346936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 LSCWinService;LSCWinService;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 WSDScan;Podpora skenování WSD;c:\windows\System32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S2 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys;c:\windows\SYSNATIVE\drivers\AcpiVpc.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 vm332avs;Lenovo Camera2;c:\windows\System32\Drivers\vm332avs.sys;c:\windows\SYSNATIVE\Drivers\vm332avs.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 14:13 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1007Core.job
- c:\users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-12 16:27]
.
2013-12-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1007UA.job
- c:\users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-12 16:27]
.
2013-12-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-23 15:47]
.
2013-12-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-23 15:47]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="c:\program files\CONEXANT\SAII\SACpl.exe" [2012-06-13 1647616]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2012-06-14 887968]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-10-26 17080376]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-10-26 191544]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/?clid=12454
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Celkový čas: 2013-12-13 18:10:44
ComboFix-quarantined-files.txt 2013-12-13 17:10
ComboFix2.txt 2013-12-11 20:05
.
Před spuštěním: 866 747 559 936 bytes free
Po spuštění: 866 292 043 776 bytes free
.
- - End Of File - - 85F079D21BE5B9B568FD210082E1142A

[memphisto]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

Folder::
c:\program files (x86)\Seznam.cz
c:\program files (x86)\Skype\Updater
c:\users\Michal\AppData\Local\Facebook\Update
c:\program files (x86)\Google\Update

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"seznam-listicka-distribuce"=-

Driver::
SkypeUpdate
cpuz136

File::
c:\windows\TEMP\cpuz136\cpuz136_x64.sys
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1007Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1007UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[vašekp]

ComboFix 13-12-10.01 - Vašek . 12. 2013 23:21:35.3.4 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.3960.2392 [GMT 1:00]
Spuštěný z: c:\users\VaÜek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\VaÜek\Desktop\CFScript.txt
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-13 do 2013-12-13 )))))))))))))))))))))))))))))))
.
.
2013-12-13 22:30 . 2013-12-13 22:30 -------- d-----w- c:\users\Vašek\AppData\Local\temp
2013-12-13 22:30 . 2013-12-13 22:30 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-12-13 22:30 . 2013-12-13 22:30 -------- d-----w- c:\users\Naďa\AppData\Local\temp
2013-12-13 22:30 . 2013-12-13 22:30 -------- d-----w- c:\users\Michal\AppData\Local\temp
2013-12-13 22:30 . 2013-12-13 22:30 -------- d-----w- c:\users\Jan\AppData\Local\temp
2013-12-13 22:30 . 2013-12-13 22:30 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-12-13 22:30 . 2013-12-13 22:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-13 20:38 . 2013-11-07 18:12 10285968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BA987DE4-A506-4A1F-893B-A6302F7A7112}\mpengine.dll
2013-12-12 22:39 . 2013-12-12 22:39 254128 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10227.bin
2013-12-12 05:26 . 2013-12-04 00:53 78304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-12 05:26 . 2013-12-04 00:53 694240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 19:41 . 2013-11-23 06:43 420864 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-11 19:41 . 2013-11-23 05:05 368640 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-11 19:41 . 2013-11-01 05:38 312320 ----a-w- c:\windows\system32\msieftp.dll
2013-12-11 19:41 . 2013-11-01 03:49 273408 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-11 19:12 . 2013-10-08 22:27 773120 ----a-w- c:\windows\system32\wuapi.dll
2013-12-10 19:50 . 2013-12-10 19:50 -------- d-----w- c:\users\Vašek\AppData\Local\Adobe
2013-12-09 20:36 . 2013-12-09 20:39 -------- d-----w- c:\windows\system32\MRT
2013-12-09 20:03 . 2013-12-09 20:03 -------- d-----w- c:\windows\ERUNT
2013-12-08 20:55 . 2013-12-08 20:55 -------- d-----w- c:\users\Naďa\AppData\Local\Broadcom
2013-12-08 20:51 . 2013-06-16 22:41 997632 ----a-w- c:\windows\system32\drivers\ndis.sys
2013-12-08 20:48 . 2013-09-04 03:11 576512 ----a-w- c:\windows\system32\drivers\afd.sys
2013-12-08 20:48 . 2013-10-10 11:53 96600 ----a-w- c:\windows\system32\drivers\wfplwfs.sys
2013-12-08 20:48 . 2013-10-10 09:21 1160192 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-12-08 20:48 . 2013-10-10 09:20 723968 ----a-w- c:\windows\system32\BFE.DLL
2013-12-08 20:48 . 2013-06-10 19:16 888832 ----a-w- c:\windows\system32\nshwfp.dll
2013-12-08 20:48 . 2013-06-10 19:15 381952 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-12-08 20:48 . 2013-06-10 19:10 702464 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-12-08 20:48 . 2013-06-10 19:10 245248 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-12-08 20:47 . 2013-08-16 05:22 4917760 ----a-w- c:\windows\system32\sppsvc.exe
2013-12-08 20:44 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-12-08 20:44 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-12-08 20:44 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2013-12-08 20:44 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-12-08 20:44 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-12-08 20:44 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-12-08 20:44 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2013-12-08 20:44 . 2013-10-02 23:25 1300992 ----a-w- c:\windows\system32\gdi32.dll
2013-12-08 20:44 . 2013-10-01 22:22 1022976 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-12-08 20:39 . 2013-07-05 22:02 99328 ----a-w- c:\windows\system32\drivers\usbcir.sys
2013-12-08 20:39 . 2013-07-05 22:01 210560 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2013-12-08 20:39 . 2013-06-22 05:45 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-12-08 20:39 . 2013-06-22 05:45 54488 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-12-08 20:39 . 2013-06-29 03:07 83968 ----a-w- c:\windows\system32\drivers\hidclass.sys
2013-12-08 20:39 . 2013-07-01 22:14 25600 ----a-w- c:\windows\system32\drivers\usbprint.sys
2013-12-08 20:39 . 2013-06-29 03:08 32768 ----a-w- c:\windows\system32\drivers\hidparse.sys
2013-12-08 20:35 . 2013-10-01 23:26 1890816 ----a-w- c:\windows\system32\crypt32.dll
2013-12-08 20:35 . 2013-10-01 23:37 1569280 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-12-08 20:35 . 2013-05-23 23:02 1314816 ----a-w- c:\windows\system32\rpcrt4.dll
2013-12-08 20:35 . 2013-05-23 22:25 694272 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-12-08 20:34 . 2013-04-23 22:56 1255936 ----a-w- c:\windows\system32\certutil.exe
2013-12-08 20:34 . 2013-04-23 23:13 1013248 ----a-w- c:\windows\SysWow64\certutil.exe
2013-12-08 20:34 . 2013-04-23 23:12 109056 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-12-08 20:34 . 2013-04-23 22:55 141312 ----a-w- c:\windows\system32\cryptnet.dll
2013-12-08 20:33 . 2013-09-23 22:30 419328 ----a-w- c:\windows\system32\schannel.dll
2013-12-08 20:33 . 2013-09-23 22:30 323072 ----a-w- c:\windows\SysWow64\schannel.dll
2013-12-08 20:29 . 2013-04-09 04:51 99840 ----a-w- c:\windows\system32\wscsvc.dll
2013-12-08 20:28 . 2013-08-10 05:21 448512 ----a-w- c:\windows\system32\SettingSync.dll
2013-12-08 20:27 . 2013-08-03 06:40 566784 ----a-w- c:\windows\system32\wvc.dll
2013-12-08 20:26 . 2013-04-28 22:30 108032 ----a-w- c:\program files (x86)\Internet Explorer\jsdebuggeride.dll
2013-12-08 20:26 . 2013-04-28 22:28 148992 ----a-w- c:\program files\Internet Explorer\jsdebuggeride.dll
2013-12-08 20:26 . 2013-05-15 22:37 44032 ----a-w- c:\windows\SysWow64\UXInit.dll
2013-12-08 20:26 . 2013-05-15 22:35 53760 ----a-w- c:\windows\system32\UXInit.dll
2013-12-08 20:26 . 2013-05-14 13:14 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-12-08 20:26 . 2013-05-14 09:23 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-12-08 20:26 . 2013-03-15 00:17 861184 ----a-w- c:\windows\system32\drivers\http.sys
2013-12-08 20:26 . 2013-04-02 23:37 25088 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-12-08 20:26 . 2013-04-02 23:12 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-12-08 20:26 . 2013-06-21 05:04 19187712 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-08 20:26 . 2013-06-21 04:46 18523648 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-08 20:26 . 2013-03-06 07:10 112872 ----a-w- c:\windows\system32\consent.exe
2013-12-08 20:26 . 2013-03-06 06:29 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-12-08 20:25 . 2013-08-23 07:22 2062848 ----a-w- c:\windows\system32\d3d11.dll
2013-12-08 20:25 . 2013-08-23 01:44 1711616 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-12-08 20:25 . 2013-03-22 03:49 2382336 ----a-w- c:\windows\SysWow64\esent.dll
2013-12-08 20:25 . 2013-03-21 22:47 2851840 ----a-w- c:\windows\system32\esent.dll
2013-12-08 20:24 . 2013-08-02 06:28 10116608 ----a-w- c:\windows\system32\twinui.dll
2013-12-08 20:24 . 2013-08-02 05:08 8858112 ----a-w- c:\windows\SysWow64\twinui.dll
2013-12-08 20:24 . 2013-10-01 23:37 2035712 ----a-w- c:\windows\SysWow64\authui.dll
2013-12-08 20:24 . 2013-10-01 23:26 2304512 ----a-w- c:\windows\system32\authui.dll
2013-12-08 17:10 . 2013-12-10 15:10 -------- d-----w- c:\users\Vašek\AppData\Local\CrashDumps
2013-12-08 12:20 . 2013-12-09 19:48 -------- d-----w- C:\AdwCleaner
2013-12-08 11:56 . 2013-12-08 11:56 -------- d-----w- c:\users\Vašek\AppData\Local\Broadcom
2013-12-07 20:54 . 2013-12-07 20:54 -------- d-----w- c:\windows\SysWow64\Adobe
2013-12-07 20:11 . 2013-12-07 20:11 -------- d-----w- c:\windows\ServiceProfiles\LocalService\winhttp
2013-12-07 19:44 . 2013-12-07 19:44 -------- d-----w- c:\users\Vašek\AppData\Roaming\Malwarebytes
2013-12-07 19:44 . 2013-12-07 19:44 -------- d-----w- c:\programdata\Malwarebytes
2013-12-07 19:44 . 2013-12-07 19:44 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-12-07 19:44 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-19 10:21 . 2013-04-06 06:11 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-07 15:00 . 2013-04-06 14:26 82896128 ----a-w- c:\windows\system32\MRT.exe
2013-11-01 21:34 . 2013-03-10 16:18 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-10-10 17:19 . 2013-10-10 17:19 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-10 17:19 . 2013-05-03 15:35 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-10-10 17:19 . 2013-05-03 15:35 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-09-23 22:30 . 2013-12-08 20:33 419328 ----a-w- c:\windows\system32\schannel.dll
2013-09-23 22:30 . 2013-12-08 20:33 323072 ----a-w- c:\windows\SysWow64\schannel.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-03 19603048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2012-07-26 508656]
"332BigDog"="c:\program files (x86)\USB Camera2\VM332STI.EXE" [2012-03-20 548864]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2012-07-27 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2012-07-27 167024]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2012-04-19 217088]
"RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2012-09-13 1009288]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-8-26 1346936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 LSCWinService;LSCWinService;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 WSDScan;Podpora skenování WSD;c:\windows\System32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S2 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys;c:\windows\SYSNATIVE\drivers\AcpiVpc.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 vm332avs;Lenovo Camera2;c:\windows\System32\Drivers\vm332avs.sys;c:\windows\SYSNATIVE\Drivers\vm332avs.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 14:13 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1007Core.job
- c:\users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-12 16:27]
.
2013-12-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1007UA.job
- c:\users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-12 16:27]
.
2013-12-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-23 15:47]
.
2013-12-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-23 15:47]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="c:\program files\CONEXANT\SAII\SACpl.exe" [2012-06-13 1647616]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2012-06-14 887968]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-10-26 17080376]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-10-26 191544]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/?clid=12454
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Celkový čas: 2013-12-13 23:33:00
ComboFix-quarantined-files.txt 2013-12-13 22:33
ComboFix2.txt 2013-12-13 17:10
ComboFix3.txt 2013-12-11 20:05
.
Před spuštěním: 866 130 534 400 bytes free
Po spuštění: 866 041 405 440 bytes free
.
- - End Of File - - 696773F1172CECA9681762B63BA7DD8C

[memphisto]

Nic se neprovedlo, tak to zkus znovu v nouzovém režimu

[vašekp]

ComboFix 13-12-10.01 - Vašek . 12. 2013 13:33:55.4.4 - x64 NETWORK
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.3960.2917 [GMT 1:00]
Spuštěný z: c:\users\VaÜek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\VaÜek\Desktop\CFScript.txt
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\drivers\ntfs.sys . . . je infikován!!
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-14 do 2013-12-14 )))))))))))))))))))))))))))))))
.
.
2013-12-14 12:51 . 2013-12-14 12:51 -------- d-----w- c:\users\Vašek\AppData\Local\temp
2013-12-14 12:51 . 2013-12-14 12:51 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-12-14 12:51 . 2013-12-14 12:51 -------- d-----w- c:\users\Naďa\AppData\Local\temp
2013-12-14 12:51 . 2013-12-14 12:51 -------- d-----w- c:\users\Michal\AppData\Local\temp
2013-12-14 12:51 . 2013-12-14 12:51 -------- d-----w- c:\users\Jan\AppData\Local\temp
2013-12-14 12:51 . 2013-12-14 12:51 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-12-14 12:51 . 2013-12-14 12:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-14 10:44 . 2013-11-07 18:12 10285968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{01353241-9A12-499F-8B10-DDF125F9F522}\mpengine.dll
2013-12-14 07:32 . 2013-11-01 01:45 23350272 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-14 07:32 . 2013-11-01 01:16 22615040 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-12 22:39 . 2013-12-12 22:39 254128 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10227.bin
2013-12-12 05:26 . 2013-12-04 00:53 78304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-12 05:26 . 2013-12-04 00:53 694240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 19:41 . 2013-11-23 06:43 420864 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-11 19:41 . 2013-11-23 05:05 368640 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-11 19:41 . 2013-11-01 05:38 312320 ----a-w- c:\windows\system32\msieftp.dll
2013-12-11 19:41 . 2013-11-01 03:49 273408 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-11 19:12 . 2013-10-08 22:27 773120 ----a-w- c:\windows\system32\wuapi.dll
2013-12-10 19:50 . 2013-12-10 19:50 -------- d-----w- c:\users\Vašek\AppData\Local\Adobe
2013-12-09 20:36 . 2013-12-14 07:58 -------- d-----w- c:\windows\system32\MRT
2013-12-09 20:03 . 2013-12-09 20:03 -------- d-----w- c:\windows\ERUNT
2013-12-08 20:55 . 2013-12-08 20:55 -------- d-----w- c:\users\Naďa\AppData\Local\Broadcom
2013-12-08 20:51 . 2013-06-16 22:41 997632 ----a-w- c:\windows\system32\drivers\ndis.sys
2013-12-08 20:48 . 2013-09-04 03:11 576512 ----a-w- c:\windows\system32\drivers\afd.sys
2013-12-08 20:48 . 2013-10-10 11:53 96600 ----a-w- c:\windows\system32\drivers\wfplwfs.sys
2013-12-08 20:48 . 2013-10-10 09:21 1160192 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-12-08 20:48 . 2013-10-10 09:20 723968 ----a-w- c:\windows\system32\BFE.DLL
2013-12-08 20:48 . 2013-06-10 19:16 888832 ----a-w- c:\windows\system32\nshwfp.dll
2013-12-08 20:48 . 2013-06-10 19:15 381952 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-12-08 20:48 . 2013-06-10 19:10 702464 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-12-08 20:48 . 2013-06-10 19:10 245248 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-12-08 20:47 . 2013-08-16 05:22 4917760 ----a-w- c:\windows\system32\sppsvc.exe
2013-12-08 20:44 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-12-08 20:44 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-12-08 20:44 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2013-12-08 20:44 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-12-08 20:44 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-12-08 20:44 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-12-08 20:44 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2013-12-08 20:44 . 2013-10-02 23:25 1300992 ----a-w- c:\windows\system32\gdi32.dll
2013-12-08 20:44 . 2013-10-01 22:22 1022976 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-12-08 20:39 . 2013-07-05 22:02 99328 ----a-w- c:\windows\system32\drivers\usbcir.sys
2013-12-08 20:39 . 2013-07-05 22:01 210560 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2013-12-08 20:39 . 2013-06-22 05:45 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-12-08 20:39 . 2013-06-22 05:45 54488 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-12-08 20:39 . 2013-06-29 03:07 83968 ----a-w- c:\windows\system32\drivers\hidclass.sys
2013-12-08 20:39 . 2013-07-01 22:14 25600 ----a-w- c:\windows\system32\drivers\usbprint.sys
2013-12-08 20:39 . 2013-06-29 03:08 32768 ----a-w- c:\windows\system32\drivers\hidparse.sys
2013-12-08 20:35 . 2013-10-01 23:26 1890816 ----a-w- c:\windows\system32\crypt32.dll
2013-12-08 20:35 . 2013-10-01 23:37 1569280 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-12-08 20:35 . 2013-05-23 23:02 1314816 ----a-w- c:\windows\system32\rpcrt4.dll
2013-12-08 20:35 . 2013-05-23 22:25 694272 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-12-08 20:34 . 2013-04-23 22:56 1255936 ----a-w- c:\windows\system32\certutil.exe
2013-12-08 20:34 . 2013-04-23 23:13 1013248 ----a-w- c:\windows\SysWow64\certutil.exe
2013-12-08 20:34 . 2013-04-23 23:12 109056 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-12-08 20:34 . 2013-04-23 22:55 141312 ----a-w- c:\windows\system32\cryptnet.dll
2013-12-08 20:33 . 2013-09-23 22:30 419328 ----a-w- c:\windows\system32\schannel.dll
2013-12-08 20:33 . 2013-09-23 22:30 323072 ----a-w- c:\windows\SysWow64\schannel.dll
2013-12-08 20:29 . 2013-04-09 04:51 99840 ----a-w- c:\windows\system32\wscsvc.dll
2013-12-08 20:28 . 2013-08-10 05:21 448512 ----a-w- c:\windows\system32\SettingSync.dll
2013-12-08 20:27 . 2013-08-03 06:40 566784 ----a-w- c:\windows\system32\wvc.dll
2013-12-08 20:26 . 2013-04-28 22:30 108032 ----a-w- c:\program files (x86)\Internet Explorer\jsdebuggeride.dll
2013-12-08 20:26 . 2013-04-28 22:28 148992 ----a-w- c:\program files\Internet Explorer\jsdebuggeride.dll
2013-12-08 20:26 . 2013-05-15 22:37 44032 ----a-w- c:\windows\SysWow64\UXInit.dll
2013-12-08 20:26 . 2013-05-15 22:35 53760 ----a-w- c:\windows\system32\UXInit.dll
2013-12-08 20:26 . 2013-05-14 13:14 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-12-08 20:26 . 2013-05-14 09:23 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-12-08 20:26 . 2013-03-15 00:17 861184 ----a-w- c:\windows\system32\drivers\http.sys
2013-12-08 20:26 . 2013-04-02 23:37 25088 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-12-08 20:26 . 2013-04-02 23:12 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-12-08 20:26 . 2013-03-06 07:10 112872 ----a-w- c:\windows\system32\consent.exe
2013-12-08 20:26 . 2013-03-06 06:29 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-12-08 20:25 . 2013-08-23 07:22 2062848 ----a-w- c:\windows\system32\d3d11.dll
2013-12-08 20:25 . 2013-08-23 01:44 1711616 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-12-08 20:25 . 2013-03-22 03:49 2382336 ----a-w- c:\windows\SysWow64\esent.dll
2013-12-08 20:25 . 2013-03-21 22:47 2851840 ----a-w- c:\windows\system32\esent.dll
2013-12-08 20:24 . 2013-08-02 06:28 10116608 ----a-w- c:\windows\system32\twinui.dll
2013-12-08 20:24 . 2013-08-02 05:08 8858112 ----a-w- c:\windows\SysWow64\twinui.dll
2013-12-08 20:24 . 2013-10-01 23:37 2035712 ----a-w- c:\windows\SysWow64\authui.dll
2013-12-08 20:24 . 2013-10-01 23:26 2304512 ----a-w- c:\windows\system32\authui.dll
2013-12-08 17:10 . 2013-12-10 15:10 -------- d-----w- c:\users\Vašek\AppData\Local\CrashDumps
2013-12-08 12:20 . 2013-12-09 19:48 -------- d-----w- C:\AdwCleaner
2013-12-08 11:56 . 2013-12-08 11:56 -------- d-----w- c:\users\Vašek\AppData\Local\Broadcom
2013-12-07 20:54 . 2013-12-07 20:54 -------- d-----w- c:\windows\SysWow64\Adobe
2013-12-07 20:11 . 2013-12-07 20:11 -------- d-----w- c:\windows\ServiceProfiles\LocalService\winhttp
2013-12-07 19:44 . 2013-12-07 19:44 -------- d-----w- c:\users\Vašek\AppData\Roaming\Malwarebytes
2013-12-07 19:44 . 2013-12-07 19:44 -------- d-----w- c:\programdata\Malwarebytes
2013-12-07 19:44 . 2013-12-07 19:44 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-12-07 19:44 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-14 07:54 . 2013-04-06 14:26 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-11-19 10:21 . 2013-04-06 06:11 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-01 21:34 . 2013-03-10 16:18 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-10-10 17:19 . 2013-10-10 17:19 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-10 17:19 . 2013-05-03 15:35 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-10-10 17:19 . 2013-05-03 15:35 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-09-23 22:30 . 2013-12-08 20:33 419328 ----a-w- c:\windows\system32\schannel.dll
2013-09-23 22:30 . 2013-12-08 20:33 323072 ----a-w- c:\windows\SysWow64\schannel.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-03 19603048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2012-07-26 508656]
"332BigDog"="c:\program files (x86)\USB Camera2\VM332STI.EXE" [2012-03-20 548864]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2012-07-27 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2012-07-27 167024]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2012-04-19 217088]
"RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2012-09-13 1009288]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-8-26 1346936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
R2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
R3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 LSCWinService;LSCWinService;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 vm332avs;Lenovo Camera2;c:\windows\System32\Drivers\vm332avs.sys;c:\windows\SYSNATIVE\Drivers\vm332avs.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 WSDScan;Podpora skenování WSD;c:\windows\System32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys;c:\windows\SYSNATIVE\drivers\AcpiVpc.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 14:13 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1007Core.job
- c:\users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-12 16:27]
.
2013-12-14 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-961389813-253083461-155772885-1007UA.job
- c:\users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-12 16:27]
.
2013-12-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-23 15:47]
.
2013-12-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-23 15:47]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="c:\program files\CONEXANT\SAII\SACpl.exe" [2012-06-13 1647616]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2012-06-14 887968]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-10-26 17080376]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-10-26 191544]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/?clid=12454
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Celkový čas: 2013-12-14 13:54:10
ComboFix-quarantined-files.txt 2013-12-14 12:54
ComboFix2.txt 2013-12-13 22:33
ComboFix3.txt 2013-12-13 17:10
ComboFix4.txt 2013-12-11 20:05
.
Před spuštěním: 865 732 177 920 bytes free
Po spuštění: 865 540 698 112 bytes free
.
- - End Of File - - 3A05452201372E76DD57562B9111579D

[jaro3]

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\SysWow64\drivers\ntfs.sys

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/