ComboFix 13-12-31.01 - Petr . 01. 2014 18:53:14.2.4 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.3962.2535 [GMT 1:00]
Spuštěný z: c:\users\Petr\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Petr\Desktop\CFScript.txt
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA1cee4c96eccf58b.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Petr\AppData\Local\Temp\_MEI96962\_ctypes.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\_elementtree.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\_hashlib.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\_multiprocessing.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\_socket.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\_ssl.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\pyexpat.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\pysqlite2._sqlite.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\python27.dll
c:\users\Petr\AppData\Local\Temp\_MEI96962\pythoncom27.dll
c:\users\Petr\AppData\Local\Temp\_MEI96962\PyWinTypes27.dll
c:\users\Petr\AppData\Local\Temp\_MEI96962\select.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\unicodedata.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\win32api.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\win32com.shell.shell.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\win32crypt.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\win32event.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\win32file.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\win32inet.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\win32pdh.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\win32pipe.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\win32process.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\win32profile.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\win32security.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\win32ts.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\windows._lib_cacheinvalidation.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\wx._controls_.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\wx._core_.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\wx._gdi_.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\wx._html2.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\wx._misc_.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\wx._windows_.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\wx._wizard.pyd
c:\users\Petr\AppData\Local\Temp\_MEI96962\wxbase294u_net_vc90.dll
c:\users\Petr\AppData\Local\Temp\_MEI96962\wxbase294u_vc90.dll
c:\users\Petr\AppData\Local\Temp\_MEI96962\wxmsw294u_adv_vc90.dll
c:\users\Petr\AppData\Local\Temp\_MEI96962\wxmsw294u_core_vc90.dll
c:\users\Petr\AppData\Local\Temp\_MEI96962\wxmsw294u_html_vc90.dll
c:\users\Petr\AppData\Local\Temp\_MEI96962\wxmsw294u_webview_vc90.dll
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA1cee4c96eccf58b.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-05 do 2014-01-05 )))))))))))))))))))))))))))))))
.
.
2014-01-05 18:44 . 2014-01-05 18:46 -------- d-----w- c:\users\Petr\AppData\Local\temp
2014-01-05 18:44 . 2014-01-05 18:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-05 17:42 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BF12A708-8EB7-4784-9A51-1015186937BD}\mpengine.dll
2013-12-30 11:56 . 2013-12-30 11:56 -------- d-----w- c:\windows\ERUNT
2013-12-30 11:52 . 2013-12-31 10:36 33024 ----a-w- c:\windows\system32\drivers\USBCAMD2.sys.bak
2013-12-30 11:51 . 2013-12-31 10:34 172264 ----a-w- c:\windows\system32\drivers\ksecpkg.sys.bak
2013-12-29 21:45 . 2013-12-30 11:24 -------- d-----w- c:\program files\office.tmp
2013-12-29 21:35 . 2013-12-30 11:23 -------- d-----w- C:\AdwCleaner
2013-12-27 12:08 . 2013-12-27 12:08 236208 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10229.bin
2013-12-26 10:35 . 2014-01-05 17:39 -------- d-----r- c:\users\Petr\Disk Google
2013-12-23 11:17 . 2013-12-23 11:03 566480 ------w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2013-12-21 00:47 . 2013-12-21 00:47 -------- d-----w- c:\users\Petr\.android
2013-12-21 00:47 . 2013-12-28 21:26 -------- d-----w- c:\users\Petr\AppData\Local\cache
2013-12-21 00:47 . 2013-12-28 21:02 -------- d-----w- c:\users\Petr\AppData\Local\genienext
2013-12-21 00:44 . 2013-12-21 00:45 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2013-12-19 16:35 . 2013-12-19 16:37 -------- d-----w- c:\users\Petr\AppData\Local\NVIDIA Corporation
2013-12-19 16:33 . 2013-12-19 16:33 -------- d-----w- c:\windows\LastGood.Tmp
2013-12-19 16:32 . 2013-12-05 08:42 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-12-19 16:32 . 2013-12-05 08:42 32544 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-12-14 10:51 . 2013-11-01 01:45 23350272 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-14 10:51 . 2013-11-01 01:16 22615040 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-13 19:36 . 2013-10-27 22:41 965000 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6D186A3D-1F6B-44ED-A98F-8A7A65CAC186}\gapaengine.dll
2013-12-13 19:34 . 2013-10-25 06:19 1084928 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-12-13 19:34 . 2013-10-25 06:17 2648576 ----a-w- c:\windows\system32\iertutil.dll
2013-12-13 19:34 . 2013-10-25 06:17 3959808 ----a-w- c:\windows\system32\jscript9.dll
2013-12-13 19:34 . 2013-10-25 04:43 2877952 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-12-13 19:34 . 2013-10-25 06:19 484352 ----a-w- c:\program files\Internet Explorer\ieinstal.exe
2013-12-13 19:34 . 2013-10-25 06:19 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2013-12-13 19:34 . 2013-10-25 06:19 915968 ----a-w- c:\windows\system32\uxtheme.dll
2013-12-13 19:34 . 2013-10-25 06:17 365568 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2013-12-13 19:34 . 2013-10-25 04:45 469504 ----a-w- c:\program files (x86)\Internet Explorer\ieinstal.exe
2013-12-13 19:34 . 2013-10-25 04:43 245248 ----a-w- c:\program files (x86)\Internet Explorer\IEShims.dll
2013-12-13 19:30 . 2013-11-06 23:18 4036608 ----a-w- c:\windows\system32\win32k.sys
2013-12-13 19:30 . 2013-09-28 03:35 288768 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-13 19:30 . 2013-10-10 09:32 115712 ----a-w- c:\windows\SysWow64\cscript.exe
2013-12-13 19:30 . 2013-10-10 09:30 162304 ----a-w- c:\windows\SysWow64\scrobj.dll
2013-12-13 19:30 . 2013-10-10 09:30 156160 ----a-w- c:\windows\SysWow64\scrrun.dll
2013-12-13 19:30 . 2013-10-10 09:24 143872 ----a-w- c:\windows\system32\wshom.ocx
2013-12-13 19:30 . 2013-10-10 09:23 146944 ----a-w- c:\windows\system32\cscript.exe
2013-12-13 19:30 . 2013-10-10 09:22 222720 ----a-w- c:\windows\system32\scrobj.dll
2013-12-13 19:30 . 2013-10-10 09:22 194048 ----a-w- c:\windows\system32\scrrun.dll
2013-12-13 19:30 . 2013-11-01 05:38 312320 ----a-w- c:\windows\system32\msieftp.dll
2013-12-13 19:30 . 2013-11-01 03:49 273408 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-13 19:30 . 2013-11-23 06:43 420864 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-13 19:30 . 2013-11-23 05:05 368640 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-08 18:17 . 2013-12-08 18:19 -------- d-----w- c:\users\Petr\AppData\Roaming\EurekaLog
2013-12-08 18:17 . 2013-12-08 18:17 -------- d-----w- c:\users\Petr\AppData\Roaming\JAM Software
2013-12-08 18:17 . 2013-12-08 18:17 -------- d-----w- c:\program files (x86)\JAM Software
2013-12-08 18:16 . 2013-12-08 18:16 -------- d-----w- c:\program files\CPUID
2013-12-08 12:29 . 2013-12-08 12:29 -------- d-----w- c:\users\Petr\AppData\Roaming\Malwarebytes
2013-12-08 12:28 . 2013-12-08 12:28 -------- d-----w- c:\programdata\Malwarebytes
2013-12-07 20:31 . 2013-12-07 20:31 -------- d-----w- c:\program files (x86)\Minecraft 1.4 Free Full Download
2013-12-07 13:01 . 2013-12-07 13:01 -------- d-----w- c:\programdata\Package Cache
2013-12-07 12:53 . 2008-07-31 09:41 238088 ----a-w- c:\windows\SysWow64\xactengine3_2.dll
2013-12-07 12:22 . 2013-12-07 13:32 -------- d-----w- c:\program files (x86)\Assassins Creed IV Black Flag
2013-12-07 10:44 . 2013-12-08 09:38 -------- d-----w- c:\users\Petr\AppData\Roaming\.minecraft
2013-12-07 09:37 . 2013-12-07 09:37 -------- d-----w- c:\programdata\Steam
2013-12-07 09:36 . 2013-12-07 09:37 -------- d-----w- c:\users\Petr\AppData\Local\Game Updater
2013-12-07 09:35 . 2007-04-04 17:54 107368 ----a-w- c:\windows\system32\xinput1_3.dll
2013-12-07 09:35 . 2007-04-04 17:53 81768 ----a-w- c:\windows\SysWow64\xinput1_3.dll
2013-12-07 09:06 . 2013-12-26 13:56 -------- d-----w- c:\program files (x86)\Common Files\Steam
2013-12-07 09:06 . 2013-12-29 21:25 -------- d-----w- c:\program files (x86)\Steam
2013-12-07 08:48 . 2013-12-07 08:48 -------- d-----w- C:\Games
2013-12-07 08:43 . 2013-12-07 08:43 -------- d-----w- c:\program files (x86)\Seznam.cz
2013-12-07 08:43 . 2013-12-31 09:53 -------- d-----w- c:\users\Petr\AppData\Roaming\Seznam.cz
2013-12-07 08:42 . 2013-12-07 08:42 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-12-07 08:42 . 2013-12-07 08:47 -------- d-----w- c:\users\Petr\AppData\Roaming\DAEMON Tools Lite
2013-12-07 08:42 . 2013-12-07 08:42 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2013-12-07 08:38 . 2013-12-07 08:46 -------- d-----w- c:\programdata\DAEMON Tools Lite
2013-12-06 19:34 . 2013-12-06 20:33 -------- d-----w- c:\program files (x86)\VirtualDJ
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-14 21:21 . 2013-11-19 18:46 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-10 02:13 . 2013-11-20 16:31 982232 ----a-w- c:\windows\SysWow64\nvspcap.dll
2013-12-10 02:13 . 2013-11-20 16:31 1100248 ----a-w- c:\windows\system32\nvspcap64.dll
2013-12-05 08:42 . 2013-11-20 16:26 35104 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-12-04 00:53 . 2013-11-21 18:55 78304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-04 00:53 . 2013-11-21 18:55 694240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-27 19:32 . 2013-11-27 19:33 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-19 10:21 . 2013-11-22 14:54 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-19 01:32 . 2013-11-19 01:32 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2013-11-19 01:31 . 2013-11-19 01:31 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-11-19 01:26 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-11-14 11:58 . 2013-11-20 16:26 18293608 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-11-14 11:58 . 2013-11-20 16:26 15862272 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-11-14 11:58 . 2012-11-14 23:52 1436528 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-11-14 11:58 . 2013-11-20 16:26 9619872 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-11-14 11:58 . 2013-11-20 16:26 32544 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2013-11-14 11:58 . 2012-11-14 23:52 1242400 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2013-11-14 11:58 . 2013-11-20 16:26 11514624 ----a-w- c:\windows\system32\nvopencl.dll
2013-11-14 11:58 . 2013-11-20 16:26 30361888 ----a-w- c:\windows\system32\nvoglv64.dll
2013-11-14 11:58 . 2013-11-20 16:26 22951200 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-11-14 11:58 . 2013-11-20 16:26 317472 ----a-w- c:\windows\system32\nvoglshim64.dll
2013-11-14 11:58 . 2013-11-20 16:26 266984 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2013-11-14 11:58 . 2013-11-20 16:26 12613408 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-11-14 11:58 . 2012-11-14 23:52 168616 ----a-w- c:\windows\system32\nvinitx.dll
2013-11-14 11:58 . 2012-11-14 23:52 141336 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-11-14 11:58 . 2013-11-20 16:26 707360 ----a-w- c:\windows\system32\NvFBC64.dll
2013-11-14 11:58 . 2013-11-20 16:26 657184 ----a-w- c:\windows\system32\NvIFR64.dll
2013-11-14 11:58 . 2013-11-20 16:26 609568 ----a-w- c:\windows\SysWow64\NvFBC.dll
2013-11-14 11:58 . 2013-11-20 16:26 562464 ----a-w- c:\windows\SysWow64\NvIFR.dll
2013-11-14 11:58 . 2013-11-20 16:26 357152 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2013-11-14 11:58 . 2013-11-20 16:26 314656 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2013-11-14 11:58 . 2013-11-20 16:26 479520 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2013-11-14 11:58 . 2013-11-20 16:26 405280 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2013-11-14 11:58 . 2013-11-20 16:26 1884448 ----a-w- c:\windows\system32\nvdispco6433182.dll
2013-11-14 11:58 . 2013-11-20 16:26 18208624 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-11-14 11:58 . 2013-11-20 16:26 1511712 ----a-w- c:\windows\system32\nvdispgenco6433182.dll
2013-11-14 11:58 . 2013-11-20 16:26 3132704 ----a-w- c:\windows\system32\nvcuvid.dll
2013-11-14 11:58 . 2013-11-20 16:26 3125024 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-11-14 11:58 . 2013-11-20 16:26 2947872 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-11-14 11:58 . 2013-11-20 16:26 2747680 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-11-14 11:58 . 2013-11-20 16:26 15218504 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-11-14 11:58 . 2013-11-20 16:26 9691888 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-11-14 11:58 . 2013-11-20 16:26 11600432 ----a-w- c:\windows\system32\nvcuda.dll
2013-11-14 11:58 . 2013-11-20 16:26 25257248 ----a-w- c:\windows\system32\nvcompiler.dll
2013-11-14 11:58 . 2013-11-20 16:26 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-11-14 11:58 . 2012-11-14 23:52 3069608 ----a-w- c:\windows\system32\nvapi64.dll
2013-11-14 11:58 . 2012-11-14 23:52 2697248 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-11-11 15:02 . 2012-11-14 23:53 6674208 ----a-w- c:\windows\system32\nvcpl.dll
2013-11-11 15:02 . 2012-11-14 23:53 3490080 ----a-w- c:\windows\system32\nvsvc64.dll
2013-11-11 15:01 . 2012-11-14 23:53 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-11-11 15:01 . 2012-11-14 23:53 67072 ----a-w- c:\windows\system32\nv3dappshextr.dll
2013-11-11 15:01 . 2012-11-14 23:53 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-11-11 15:01 . 2012-11-14 23:53 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-11-11 15:01 . 2012-11-14 23:53 219424 ----a-w- c:\windows\system32\nvmctray.dll
2013-11-11 15:01 . 2012-11-14 23:53 1065248 ----a-w- c:\windows\system32\nv3dappshext.dll
2013-11-11 15:01 . 2012-11-14 23:53 598304 ----a-w- c:\windows\SysWow64\oemdspif.dll
2013-11-11 15:01 . 2012-11-14 23:53 3467927 ----a-w- c:\windows\system32\nvcoproc.bin
2013-10-10 11:53 . 2013-11-19 17:54 96600 ----a-w- c:\windows\system32\drivers\wfplwfs.sys
2013-10-10 09:21 . 2013-11-19 17:54 1160192 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-10 09:20 . 2013-11-19 17:54 723968 ----a-w- c:\windows\system32\BFE.DLL
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-12-23 11:44 222832 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-12-23 11:44 222832 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-12-23 11:44 222832 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-12-06 20203904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-08-23 56128]
"331BigDog"="c:\program files (x86)\USB Camera\VM331STI.EXE" [2012-05-02 548864]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2012-07-26 508656]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2012-07-27 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2012-07-27 167024]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2012-04-19 217088]
"RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"msbjvnSrv"="c:\windows\inf\msbjvn.vbe" [2013-08-27 1558]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-9-7 1346936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 usb3Hub;USB-IF USB 3.0 Hub;c:\windows\System32\drivers\usb3Hub.sys;c:\windows\SYSNATIVE\drivers\usb3Hub.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R3 XHCIPort;USB-IF xHCI USB Host Controller;c:\windows\System32\drivers\XHCIPort.sys;c:\windows\SYSNATIVE\drivers\XHCIPort.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [x]
S2 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys;c:\windows\SYSNATIVE\drivers\AcpiVpc.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\System32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
S3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys;c:\windows\SYSNATIVE\drivers\jmcr.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
S3 NETwNe64;@oem19.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;c:\windows\system32\DRIVERS\NETwew00.sys;c:\windows\SYSNATIVE\DRIVERS\NETwew00.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 vm331avs;Digital Camera 1;c:\windows\System32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 11:59 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002Core.job
- c:\users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-31 21:58]
.
2014-01-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002UA.job
- c:\users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-31 21:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-12-23 11:44 261744 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-12-23 11:44 261744 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-12-23 11:44 261744 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-25 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-25 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-25 441152]
"SynLenovoGestureMgr"="c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-09-14 12921488]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-09-14 1214608]
"OnekeyStudio"="c:\program files\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-08-10 4196432]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-11-15 17080376]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-11-15 191544]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-14 1028384]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/?clid=13415
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 94.74.192.252 94.74.192.244
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
c:\windows\SysWOW64\RunDll32.exe
c:\program files\Lenovo\Bluetooth Software\Bluetooth Headset Helper.exe
c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-01-05 19:52:47 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-01-05 18:52
ComboFix2.txt 2013-12-31 12:18
.
Před spuštěním: 700 151 300 096 bytes free
Po spuštění: 700 547 371 008 bytes free
.
- - End Of File - - 19F8960637AD64CA0A559CFA7C02C622
Vir policie Vyřešeno
Re: Vir policie
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 19:54:30, on 5. 1. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\Lenovo\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Petr\Downloads\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331STI.EXE
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [msbjvnSrv] C:\WINDOWS\inf\msbjvn.vbe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @oem15.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 11402 bytes
Scan saved at 19:54:30, on 5. 1. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\Lenovo\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Petr\Downloads\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331STI.EXE
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [msbjvnSrv] C:\WINDOWS\inf\msbjvn.vbe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @oem15.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 11402 bytes
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Vir policie
Odinstaluj:
Seznam.cz
BingBar
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Seznam.cz
BingBar
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Kód: Vybrat vše
O4 - HKLM\..\Run: [msbjvnSrv] C:\WINDOWS\inf\msbjvn.vbe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Kód: Vybrat vše
ClearJavaCache::
KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002UA.job
C:\WINDOWS\inf\msbjvn.vbe
Folder::
c:\program files (x86)\Skype\Updater
c:\users\Petr\AppData\Local\Google\Update
Driver::
SkypeUpdate
RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Vir policie
odinstalováno
Fixnuté:
O4 - HKLM\..\Run: [msbjvnSrv] C:\WINDOWS\inf\msbjvn.vbe
Nenalezené:
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
Fixnuté:
O4 - HKLM\..\Run: [msbjvnSrv] C:\WINDOWS\inf\msbjvn.vbe
Nenalezené:
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
Re: Vir policie
ComboFix 13-12-31.01 - Petr . 01. 2014 13:55:33.3.4 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.3962.2247 [GMT 1:00]
Spuštěný z: c:\users\Petr\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Petr\Desktop\CFScript.txt
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\inf\msbjvn.vbe"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\users\Petr\AppData\Local\Google\Update
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler.exe
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\GoogleUpdate.exe
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateBroker.exe
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateHelper.msi
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateSetup.exe
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdate.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_am.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_ar.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_bg.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_bn.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_ca.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_cs.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_da.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_de.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_el.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_en-GB.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_en.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_es-419.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_es.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_et.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_fa.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_fi.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_fil.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_fr.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_gu.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_hi.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_hr.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_hu.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_id.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_is.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_it.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_iw.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_ja.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_kn.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_ko.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_lt.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_lv.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_ml.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_mr.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_ms.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_nl.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_no.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_pl.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_pt-BR.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_pt-PT.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_ro.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_ru.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_sk.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_sl.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_sr.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_sv.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_sw.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_ta.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_te.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_th.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_tr.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_uk.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_ur.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_vi.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_zh-CN.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_zh-TW.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\psmachine.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\psuser.dll
c:\users\Petr\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.3\GoogleUpdateSetup.exe
c:\users\Petr\AppData\Local\Google\Update\Download\{D0AB2EBC-931B-4013-9FEB-C9C4C2225C8C}\4.9.1.16010\googletalkpluginaccel.msi
c:\users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-10 do 2014-01-10 )))))))))))))))))))))))))))))))
.
.
2014-01-10 13:02 . 2014-01-10 13:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-09 20:40 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{75E328F5-DB9E-400E-AE2F-6EBFBD3B374B}\mpengine.dll
2014-01-05 18:44 . 2014-01-10 13:05 -------- d-----w- c:\users\Petr\AppData\Local\temp
2013-12-30 11:56 . 2013-12-30 11:56 -------- d-----w- c:\windows\ERUNT
2013-12-30 11:52 . 2013-12-31 10:36 33024 ----a-w- c:\windows\system32\drivers\USBCAMD2.sys.bak
2013-12-30 11:51 . 2013-12-31 10:34 172264 ----a-w- c:\windows\system32\drivers\ksecpkg.sys.bak
2013-12-29 21:45 . 2013-12-30 11:24 -------- d-----w- c:\program files\office.tmp
2013-12-29 21:35 . 2013-12-30 11:23 -------- d-----w- C:\AdwCleaner
2013-12-27 12:08 . 2013-12-27 12:08 236208 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10229.bin
2013-12-26 10:35 . 2014-01-09 19:03 -------- d-----r- c:\users\Petr\Disk Google
2013-12-23 11:17 . 2013-12-23 11:03 566480 ------w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2013-12-21 00:47 . 2013-12-21 00:47 -------- d-----w- c:\users\Petr\.android
2013-12-21 00:47 . 2013-12-28 21:26 -------- d-----w- c:\users\Petr\AppData\Local\cache
2013-12-21 00:47 . 2013-12-28 21:02 -------- d-----w- c:\users\Petr\AppData\Local\genienext
2013-12-21 00:44 . 2013-12-21 00:45 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2013-12-19 16:35 . 2013-12-19 16:37 -------- d-----w- c:\users\Petr\AppData\Local\NVIDIA Corporation
2013-12-19 16:33 . 2013-12-19 16:33 -------- d-----w- c:\windows\LastGood.Tmp
2013-12-19 16:32 . 2013-12-05 08:42 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-12-19 16:32 . 2013-12-05 08:42 32544 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-12-14 10:51 . 2013-11-01 01:45 23350272 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-14 10:51 . 2013-11-01 01:16 22615040 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-13 19:36 . 2013-10-27 22:41 965000 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6D186A3D-1F6B-44ED-A98F-8A7A65CAC186}\gapaengine.dll
2013-12-13 19:34 . 2013-10-25 06:19 1084928 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-12-13 19:34 . 2013-10-25 06:17 2648576 ----a-w- c:\windows\system32\iertutil.dll
2013-12-13 19:34 . 2013-10-25 06:17 3959808 ----a-w- c:\windows\system32\jscript9.dll
2013-12-13 19:34 . 2013-10-25 04:43 2877952 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-12-13 19:34 . 2013-10-25 06:19 484352 ----a-w- c:\program files\Internet Explorer\ieinstal.exe
2013-12-13 19:34 . 2013-10-25 06:19 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2013-12-13 19:34 . 2013-10-25 06:19 915968 ----a-w- c:\windows\system32\uxtheme.dll
2013-12-13 19:34 . 2013-10-25 06:17 365568 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2013-12-13 19:34 . 2013-10-25 04:45 469504 ----a-w- c:\program files (x86)\Internet Explorer\ieinstal.exe
2013-12-13 19:34 . 2013-10-25 04:43 245248 ----a-w- c:\program files (x86)\Internet Explorer\IEShims.dll
2013-12-13 19:30 . 2013-11-06 23:18 4036608 ----a-w- c:\windows\system32\win32k.sys
2013-12-13 19:30 . 2013-09-28 03:35 288768 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-13 19:30 . 2013-10-10 09:32 115712 ----a-w- c:\windows\SysWow64\cscript.exe
2013-12-13 19:30 . 2013-10-10 09:30 162304 ----a-w- c:\windows\SysWow64\scrobj.dll
2013-12-13 19:30 . 2013-10-10 09:30 156160 ----a-w- c:\windows\SysWow64\scrrun.dll
2013-12-13 19:30 . 2013-10-10 09:24 143872 ----a-w- c:\windows\system32\wshom.ocx
2013-12-13 19:30 . 2013-10-10 09:23 146944 ----a-w- c:\windows\system32\cscript.exe
2013-12-13 19:30 . 2013-10-10 09:22 222720 ----a-w- c:\windows\system32\scrobj.dll
2013-12-13 19:30 . 2013-10-10 09:22 194048 ----a-w- c:\windows\system32\scrrun.dll
2013-12-13 19:30 . 2013-11-01 05:38 312320 ----a-w- c:\windows\system32\msieftp.dll
2013-12-13 19:30 . 2013-11-01 03:49 273408 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-13 19:30 . 2013-11-23 06:43 420864 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-13 19:30 . 2013-11-23 05:05 368640 ----a-w- c:\windows\SysWow64\WMPhoto.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-14 21:21 . 2013-11-19 18:46 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-10 02:13 . 2013-11-20 16:31 982232 ----a-w- c:\windows\SysWow64\nvspcap.dll
2013-12-10 02:13 . 2013-11-20 16:31 1100248 ----a-w- c:\windows\system32\nvspcap64.dll
2013-12-07 08:42 . 2013-12-07 08:42 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-12-05 08:42 . 2013-11-20 16:26 35104 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-12-04 00:53 . 2013-11-21 18:55 78304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-04 00:53 . 2013-11-21 18:55 694240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-27 19:32 . 2013-11-27 19:33 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-19 10:21 . 2013-11-22 14:54 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-19 01:32 . 2013-11-19 01:32 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2013-11-19 01:31 . 2013-11-19 01:31 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-11-19 01:26 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-11-14 11:58 . 2013-11-20 16:26 18293608 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-11-14 11:58 . 2013-11-20 16:26 15862272 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-11-14 11:58 . 2012-11-14 23:52 1436528 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-11-14 11:58 . 2013-11-20 16:26 9619872 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-11-14 11:58 . 2013-11-20 16:26 32544 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2013-11-14 11:58 . 2012-11-14 23:52 1242400 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2013-11-14 11:58 . 2013-11-20 16:26 11514624 ----a-w- c:\windows\system32\nvopencl.dll
2013-11-14 11:58 . 2013-11-20 16:26 30361888 ----a-w- c:\windows\system32\nvoglv64.dll
2013-11-14 11:58 . 2013-11-20 16:26 22951200 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-11-14 11:58 . 2013-11-20 16:26 317472 ----a-w- c:\windows\system32\nvoglshim64.dll
2013-11-14 11:58 . 2013-11-20 16:26 266984 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2013-11-14 11:58 . 2013-11-20 16:26 12613408 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-11-14 11:58 . 2012-11-14 23:52 168616 ----a-w- c:\windows\system32\nvinitx.dll
2013-11-14 11:58 . 2012-11-14 23:52 141336 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-11-14 11:58 . 2013-11-20 16:26 707360 ----a-w- c:\windows\system32\NvFBC64.dll
2013-11-14 11:58 . 2013-11-20 16:26 657184 ----a-w- c:\windows\system32\NvIFR64.dll
2013-11-14 11:58 . 2013-11-20 16:26 609568 ----a-w- c:\windows\SysWow64\NvFBC.dll
2013-11-14 11:58 . 2013-11-20 16:26 562464 ----a-w- c:\windows\SysWow64\NvIFR.dll
2013-11-14 11:58 . 2013-11-20 16:26 357152 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2013-11-14 11:58 . 2013-11-20 16:26 314656 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2013-11-14 11:58 . 2013-11-20 16:26 479520 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2013-11-14 11:58 . 2013-11-20 16:26 405280 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2013-11-14 11:58 . 2013-11-20 16:26 1884448 ----a-w- c:\windows\system32\nvdispco6433182.dll
2013-11-14 11:58 . 2013-11-20 16:26 18208624 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-11-14 11:58 . 2013-11-20 16:26 1511712 ----a-w- c:\windows\system32\nvdispgenco6433182.dll
2013-11-14 11:58 . 2013-11-20 16:26 3132704 ----a-w- c:\windows\system32\nvcuvid.dll
2013-11-14 11:58 . 2013-11-20 16:26 3125024 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-11-14 11:58 . 2013-11-20 16:26 2947872 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-11-14 11:58 . 2013-11-20 16:26 2747680 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-11-14 11:58 . 2013-11-20 16:26 15218504 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-11-14 11:58 . 2013-11-20 16:26 9691888 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-11-14 11:58 . 2013-11-20 16:26 11600432 ----a-w- c:\windows\system32\nvcuda.dll
2013-11-14 11:58 . 2013-11-20 16:26 25257248 ----a-w- c:\windows\system32\nvcompiler.dll
2013-11-14 11:58 . 2013-11-20 16:26 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-11-14 11:58 . 2012-11-14 23:52 3069608 ----a-w- c:\windows\system32\nvapi64.dll
2013-11-14 11:58 . 2012-11-14 23:52 2697248 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-11-11 15:02 . 2012-11-14 23:53 6674208 ----a-w- c:\windows\system32\nvcpl.dll
2013-11-11 15:02 . 2012-11-14 23:53 3490080 ----a-w- c:\windows\system32\nvsvc64.dll
2013-11-11 15:01 . 2012-11-14 23:53 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-11-11 15:01 . 2012-11-14 23:53 67072 ----a-w- c:\windows\system32\nv3dappshextr.dll
2013-11-11 15:01 . 2012-11-14 23:53 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-11-11 15:01 . 2012-11-14 23:53 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-11-11 15:01 . 2012-11-14 23:53 219424 ----a-w- c:\windows\system32\nvmctray.dll
2013-11-11 15:01 . 2012-11-14 23:53 1065248 ----a-w- c:\windows\system32\nv3dappshext.dll
2013-11-11 15:01 . 2012-11-14 23:53 598304 ----a-w- c:\windows\SysWow64\oemdspif.dll
2013-11-11 15:01 . 2012-11-14 23:53 3467927 ----a-w- c:\windows\system32\nvcoproc.bin
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-12-23 11:44 222832 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-12-23 11:44 222832 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-12-23 11:44 222832 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-12-06 20203904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-08-23 56128]
"331BigDog"="c:\program files (x86)\USB Camera\VM331STI.EXE" [2012-05-02 548864]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2012-07-26 508656]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2012-07-27 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2012-07-27 167024]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2012-04-19 217088]
"RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"msbjvnSrv"="c:\windows\inf\msbjvn.vbe" [2013-08-27 1558]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-9-7 1346936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 usb3Hub;USB-IF USB 3.0 Hub;c:\windows\System32\drivers\usb3Hub.sys;c:\windows\SYSNATIVE\drivers\usb3Hub.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R3 XHCIPort;USB-IF xHCI USB Host Controller;c:\windows\System32\drivers\XHCIPort.sys;c:\windows\SYSNATIVE\drivers\XHCIPort.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S2 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys;c:\windows\SYSNATIVE\drivers\AcpiVpc.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\System32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
S3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys;c:\windows\SYSNATIVE\drivers\jmcr.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
S3 NETwNe64;@oem19.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;c:\windows\system32\DRIVERS\NETwew00.sys;c:\windows\SYSNATIVE\DRIVERS\NETwew00.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 vm331avs;Digital Camera 1;c:\windows\System32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 11:59 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-12-23 11:44 261744 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-12-23 11:44 261744 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-12-23 11:44 261744 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-25 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-25 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-25 441152]
"SynLenovoGestureMgr"="c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-09-14 12921488]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-09-14 1214608]
"OnekeyStudio"="c:\program files\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-08-10 4196432]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-11-15 17080376]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-11-15 191544]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-14 1028384]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 94.74.192.252 94.74.192.244
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
c:\windows\SysWOW64\RunDll32.exe
c:\program files\Lenovo\Bluetooth Software\Bluetooth Headset Helper.exe
c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-01-10 14:12:21 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-01-10 13:12
ComboFix2.txt 2014-01-05 18:52
ComboFix3.txt 2013-12-31 12:18
.
Před spuštěním: 697 980 731 392 bytes free
Po spuštění: 698 033 721 344 bytes free
.
- - End Of File - - F589369CCB17AF56FA9DCD8BDA0C04E4
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.3962.2247 [GMT 1:00]
Spuštěný z: c:\users\Petr\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Petr\Desktop\CFScript.txt
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\inf\msbjvn.vbe"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3164711548-3657898618-3245913010-1002UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\users\Petr\AppData\Local\Google\Update
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler.exe
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\GoogleUpdate.exe
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateBroker.exe
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateHelper.msi
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateSetup.exe
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdate.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_am.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_ar.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_bg.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_bn.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_ca.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_cs.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_da.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_de.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_el.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_en-GB.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_en.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_es-419.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_es.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_et.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_fa.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_fi.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_fil.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_fr.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_gu.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_hi.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_hr.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_hu.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_id.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_is.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_it.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_iw.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_ja.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_kn.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_ko.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_lt.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_lv.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_ml.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_mr.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_ms.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_nl.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_no.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_pl.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_pt-BR.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_pt-PT.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_ro.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_ru.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_sk.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_sl.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_sr.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_sv.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_sw.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_ta.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_te.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_th.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_tr.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_uk.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_ur.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_vi.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_zh-CN.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\goopdateres_zh-TW.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\psmachine.dll
c:\users\Petr\AppData\Local\Google\Update\1.3.22.3\psuser.dll
c:\users\Petr\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.3\GoogleUpdateSetup.exe
c:\users\Petr\AppData\Local\Google\Update\Download\{D0AB2EBC-931B-4013-9FEB-C9C4C2225C8C}\4.9.1.16010\googletalkpluginaccel.msi
c:\users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-10 do 2014-01-10 )))))))))))))))))))))))))))))))
.
.
2014-01-10 13:02 . 2014-01-10 13:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-09 20:40 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{75E328F5-DB9E-400E-AE2F-6EBFBD3B374B}\mpengine.dll
2014-01-05 18:44 . 2014-01-10 13:05 -------- d-----w- c:\users\Petr\AppData\Local\temp
2013-12-30 11:56 . 2013-12-30 11:56 -------- d-----w- c:\windows\ERUNT
2013-12-30 11:52 . 2013-12-31 10:36 33024 ----a-w- c:\windows\system32\drivers\USBCAMD2.sys.bak
2013-12-30 11:51 . 2013-12-31 10:34 172264 ----a-w- c:\windows\system32\drivers\ksecpkg.sys.bak
2013-12-29 21:45 . 2013-12-30 11:24 -------- d-----w- c:\program files\office.tmp
2013-12-29 21:35 . 2013-12-30 11:23 -------- d-----w- C:\AdwCleaner
2013-12-27 12:08 . 2013-12-27 12:08 236208 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10229.bin
2013-12-26 10:35 . 2014-01-09 19:03 -------- d-----r- c:\users\Petr\Disk Google
2013-12-23 11:17 . 2013-12-23 11:03 566480 ------w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2013-12-21 00:47 . 2013-12-21 00:47 -------- d-----w- c:\users\Petr\.android
2013-12-21 00:47 . 2013-12-28 21:26 -------- d-----w- c:\users\Petr\AppData\Local\cache
2013-12-21 00:47 . 2013-12-28 21:02 -------- d-----w- c:\users\Petr\AppData\Local\genienext
2013-12-21 00:44 . 2013-12-21 00:45 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2013-12-19 16:35 . 2013-12-19 16:37 -------- d-----w- c:\users\Petr\AppData\Local\NVIDIA Corporation
2013-12-19 16:33 . 2013-12-19 16:33 -------- d-----w- c:\windows\LastGood.Tmp
2013-12-19 16:32 . 2013-12-05 08:42 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-12-19 16:32 . 2013-12-05 08:42 32544 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-12-14 10:51 . 2013-11-01 01:45 23350272 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-14 10:51 . 2013-11-01 01:16 22615040 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-13 19:36 . 2013-10-27 22:41 965000 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6D186A3D-1F6B-44ED-A98F-8A7A65CAC186}\gapaengine.dll
2013-12-13 19:34 . 2013-10-25 06:19 1084928 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-12-13 19:34 . 2013-10-25 06:17 2648576 ----a-w- c:\windows\system32\iertutil.dll
2013-12-13 19:34 . 2013-10-25 06:17 3959808 ----a-w- c:\windows\system32\jscript9.dll
2013-12-13 19:34 . 2013-10-25 04:43 2877952 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-12-13 19:34 . 2013-10-25 06:19 484352 ----a-w- c:\program files\Internet Explorer\ieinstal.exe
2013-12-13 19:34 . 2013-10-25 06:19 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2013-12-13 19:34 . 2013-10-25 06:19 915968 ----a-w- c:\windows\system32\uxtheme.dll
2013-12-13 19:34 . 2013-10-25 06:17 365568 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2013-12-13 19:34 . 2013-10-25 04:45 469504 ----a-w- c:\program files (x86)\Internet Explorer\ieinstal.exe
2013-12-13 19:34 . 2013-10-25 04:43 245248 ----a-w- c:\program files (x86)\Internet Explorer\IEShims.dll
2013-12-13 19:30 . 2013-11-06 23:18 4036608 ----a-w- c:\windows\system32\win32k.sys
2013-12-13 19:30 . 2013-09-28 03:35 288768 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-13 19:30 . 2013-10-10 09:32 115712 ----a-w- c:\windows\SysWow64\cscript.exe
2013-12-13 19:30 . 2013-10-10 09:30 162304 ----a-w- c:\windows\SysWow64\scrobj.dll
2013-12-13 19:30 . 2013-10-10 09:30 156160 ----a-w- c:\windows\SysWow64\scrrun.dll
2013-12-13 19:30 . 2013-10-10 09:24 143872 ----a-w- c:\windows\system32\wshom.ocx
2013-12-13 19:30 . 2013-10-10 09:23 146944 ----a-w- c:\windows\system32\cscript.exe
2013-12-13 19:30 . 2013-10-10 09:22 222720 ----a-w- c:\windows\system32\scrobj.dll
2013-12-13 19:30 . 2013-10-10 09:22 194048 ----a-w- c:\windows\system32\scrrun.dll
2013-12-13 19:30 . 2013-11-01 05:38 312320 ----a-w- c:\windows\system32\msieftp.dll
2013-12-13 19:30 . 2013-11-01 03:49 273408 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-13 19:30 . 2013-11-23 06:43 420864 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-13 19:30 . 2013-11-23 05:05 368640 ----a-w- c:\windows\SysWow64\WMPhoto.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-14 21:21 . 2013-11-19 18:46 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-10 02:13 . 2013-11-20 16:31 982232 ----a-w- c:\windows\SysWow64\nvspcap.dll
2013-12-10 02:13 . 2013-11-20 16:31 1100248 ----a-w- c:\windows\system32\nvspcap64.dll
2013-12-07 08:42 . 2013-12-07 08:42 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-12-05 08:42 . 2013-11-20 16:26 35104 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-12-04 00:53 . 2013-11-21 18:55 78304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-04 00:53 . 2013-11-21 18:55 694240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-27 19:32 . 2013-11-27 19:33 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-19 10:21 . 2013-11-22 14:54 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-19 01:32 . 2013-11-19 01:32 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2013-11-19 01:31 . 2013-11-19 01:31 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-11-19 01:26 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-11-14 11:58 . 2013-11-20 16:26 18293608 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-11-14 11:58 . 2013-11-20 16:26 15862272 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-11-14 11:58 . 2012-11-14 23:52 1436528 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-11-14 11:58 . 2013-11-20 16:26 9619872 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-11-14 11:58 . 2013-11-20 16:26 32544 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2013-11-14 11:58 . 2012-11-14 23:52 1242400 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2013-11-14 11:58 . 2013-11-20 16:26 11514624 ----a-w- c:\windows\system32\nvopencl.dll
2013-11-14 11:58 . 2013-11-20 16:26 30361888 ----a-w- c:\windows\system32\nvoglv64.dll
2013-11-14 11:58 . 2013-11-20 16:26 22951200 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-11-14 11:58 . 2013-11-20 16:26 317472 ----a-w- c:\windows\system32\nvoglshim64.dll
2013-11-14 11:58 . 2013-11-20 16:26 266984 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2013-11-14 11:58 . 2013-11-20 16:26 12613408 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-11-14 11:58 . 2012-11-14 23:52 168616 ----a-w- c:\windows\system32\nvinitx.dll
2013-11-14 11:58 . 2012-11-14 23:52 141336 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-11-14 11:58 . 2013-11-20 16:26 707360 ----a-w- c:\windows\system32\NvFBC64.dll
2013-11-14 11:58 . 2013-11-20 16:26 657184 ----a-w- c:\windows\system32\NvIFR64.dll
2013-11-14 11:58 . 2013-11-20 16:26 609568 ----a-w- c:\windows\SysWow64\NvFBC.dll
2013-11-14 11:58 . 2013-11-20 16:26 562464 ----a-w- c:\windows\SysWow64\NvIFR.dll
2013-11-14 11:58 . 2013-11-20 16:26 357152 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2013-11-14 11:58 . 2013-11-20 16:26 314656 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2013-11-14 11:58 . 2013-11-20 16:26 479520 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2013-11-14 11:58 . 2013-11-20 16:26 405280 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2013-11-14 11:58 . 2013-11-20 16:26 1884448 ----a-w- c:\windows\system32\nvdispco6433182.dll
2013-11-14 11:58 . 2013-11-20 16:26 18208624 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-11-14 11:58 . 2013-11-20 16:26 1511712 ----a-w- c:\windows\system32\nvdispgenco6433182.dll
2013-11-14 11:58 . 2013-11-20 16:26 3132704 ----a-w- c:\windows\system32\nvcuvid.dll
2013-11-14 11:58 . 2013-11-20 16:26 3125024 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-11-14 11:58 . 2013-11-20 16:26 2947872 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-11-14 11:58 . 2013-11-20 16:26 2747680 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-11-14 11:58 . 2013-11-20 16:26 15218504 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-11-14 11:58 . 2013-11-20 16:26 9691888 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-11-14 11:58 . 2013-11-20 16:26 11600432 ----a-w- c:\windows\system32\nvcuda.dll
2013-11-14 11:58 . 2013-11-20 16:26 25257248 ----a-w- c:\windows\system32\nvcompiler.dll
2013-11-14 11:58 . 2013-11-20 16:26 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-11-14 11:58 . 2012-11-14 23:52 3069608 ----a-w- c:\windows\system32\nvapi64.dll
2013-11-14 11:58 . 2012-11-14 23:52 2697248 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-11-11 15:02 . 2012-11-14 23:53 6674208 ----a-w- c:\windows\system32\nvcpl.dll
2013-11-11 15:02 . 2012-11-14 23:53 3490080 ----a-w- c:\windows\system32\nvsvc64.dll
2013-11-11 15:01 . 2012-11-14 23:53 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-11-11 15:01 . 2012-11-14 23:53 67072 ----a-w- c:\windows\system32\nv3dappshextr.dll
2013-11-11 15:01 . 2012-11-14 23:53 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-11-11 15:01 . 2012-11-14 23:53 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-11-11 15:01 . 2012-11-14 23:53 219424 ----a-w- c:\windows\system32\nvmctray.dll
2013-11-11 15:01 . 2012-11-14 23:53 1065248 ----a-w- c:\windows\system32\nv3dappshext.dll
2013-11-11 15:01 . 2012-11-14 23:53 598304 ----a-w- c:\windows\SysWow64\oemdspif.dll
2013-11-11 15:01 . 2012-11-14 23:53 3467927 ----a-w- c:\windows\system32\nvcoproc.bin
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-12-23 11:44 222832 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-12-23 11:44 222832 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-12-23 11:44 222832 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-12-06 20203904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-08-23 56128]
"331BigDog"="c:\program files (x86)\USB Camera\VM331STI.EXE" [2012-05-02 548864]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2012-07-26 508656]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2012-07-27 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2012-07-27 167024]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2012-04-19 217088]
"RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"msbjvnSrv"="c:\windows\inf\msbjvn.vbe" [2013-08-27 1558]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-9-7 1346936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 usb3Hub;USB-IF USB 3.0 Hub;c:\windows\System32\drivers\usb3Hub.sys;c:\windows\SYSNATIVE\drivers\usb3Hub.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R3 XHCIPort;USB-IF xHCI USB Host Controller;c:\windows\System32\drivers\XHCIPort.sys;c:\windows\SYSNATIVE\drivers\XHCIPort.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S2 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys;c:\windows\SYSNATIVE\drivers\AcpiVpc.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\System32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
S3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys;c:\windows\SYSNATIVE\drivers\jmcr.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
S3 NETwNe64;@oem19.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;c:\windows\system32\DRIVERS\NETwew00.sys;c:\windows\SYSNATIVE\DRIVERS\NETwew00.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 vm331avs;Digital Camera 1;c:\windows\System32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 11:59 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-12-23 11:44 261744 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-12-23 11:44 261744 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-12-23 11:44 261744 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-25 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-25 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-25 441152]
"SynLenovoGestureMgr"="c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-09-14 12921488]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-09-14 1214608]
"OnekeyStudio"="c:\program files\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-08-10 4196432]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-11-15 17080376]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-11-15 191544]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-14 1028384]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 94.74.192.252 94.74.192.244
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
c:\windows\SysWOW64\RunDll32.exe
c:\program files\Lenovo\Bluetooth Software\Bluetooth Headset Helper.exe
c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-01-10 14:12:21 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-01-10 13:12
ComboFix2.txt 2014-01-05 18:52
ComboFix3.txt 2013-12-31 12:18
.
Před spuštěním: 697 980 731 392 bytes free
Po spuštění: 698 033 721 344 bytes free
.
- - End Of File - - F589369CCB17AF56FA9DCD8BDA0C04E4
Re: Vir policie
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 14:13:23, on 10. 1. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\SysWOW64\RunDll32.exe
C:\Program Files\Lenovo\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Petr\Downloads\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331STI.EXE
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [msbjvnSrv] C:\WINDOWS\inf\msbjvn.vbe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @oem15.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 10606 bytes
Scan saved at 14:13:23, on 10. 1. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\SysWOW64\RunDll32.exe
C:\Program Files\Lenovo\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Petr\Downloads\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331STI.EXE
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [msbjvnSrv] C:\WINDOWS\inf\msbjvn.vbe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @oem15.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 10606 bytes
Re: Vir policie
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-01-10 14:15:06
-----------------------------
14:15:06.280 OS Version: Windows x64 6.1.7600
14:15:06.280 Number of processors: 4 586 0x3A09
14:15:06.280 ComputerName: IDEA-PC UserName: Petr
14:15:06.296 Initialze error 1
14:15:08.203 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000003b
14:15:08.203 Disk 0 Vendor: ST1000LM024_HN-M101MBB 2AR10001 Size: 953869MB BusType: 11
14:15:08.219 Disk 0 MBR read successfully
14:15:08.234 Disk 0 MBR scan
14:15:08.234 Disk 0 unknown MBR code
14:15:08.234 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
14:15:08.234 Disk 0 scanning C:\WINDOWS\system32\drivers
14:15:08.250 Service scanning
14:15:09.034 Modules scanning
14:15:09.034 Disk 0 trace - called modules:
14:15:09.034 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys
14:15:09.049 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80062e15b0]
14:15:09.049 3 CLASSPNP.SYS[fffff880020e5e0a] -> nt!IofCallDriver -> \Device\0000003b[0xfffffa80049f4060]
14:15:09.049 Scan finished successfully
14:15:17.878 Disk 0 MBR has been saved successfully to "C:\Users\Petr\Desktop\MBR.dat"
14:15:17.878 The log file has been saved successfully to "C:\Users\Petr\Desktop\aswMBR.txt"
Run date: 2014-01-10 14:15:06
-----------------------------
14:15:06.280 OS Version: Windows x64 6.1.7600
14:15:06.280 Number of processors: 4 586 0x3A09
14:15:06.280 ComputerName: IDEA-PC UserName: Petr
14:15:06.296 Initialze error 1
14:15:08.203 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000003b
14:15:08.203 Disk 0 Vendor: ST1000LM024_HN-M101MBB 2AR10001 Size: 953869MB BusType: 11
14:15:08.219 Disk 0 MBR read successfully
14:15:08.234 Disk 0 MBR scan
14:15:08.234 Disk 0 unknown MBR code
14:15:08.234 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
14:15:08.234 Disk 0 scanning C:\WINDOWS\system32\drivers
14:15:08.250 Service scanning
14:15:09.034 Modules scanning
14:15:09.034 Disk 0 trace - called modules:
14:15:09.034 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys
14:15:09.049 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80062e15b0]
14:15:09.049 3 CLASSPNP.SYS[fffff880020e5e0a] -> nt!IofCallDriver -> \Device\0000003b[0xfffffa80049f4060]
14:15:09.049 Scan finished successfully
14:15:17.878 Disk 0 MBR has been saved successfully to "C:\Users\Petr\Desktop\MBR.dat"
14:15:17.878 The log file has been saved successfully to "C:\Users\Petr\Desktop\aswMBR.txt"
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Vir policie
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
c:\windows\inf\msbjvn.vbe
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Nebo na:
http://www.virscan.org/
Toto otestuj na Virustotal
c:\windows\inf\msbjvn.vbe
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Nebo na:
http://www.virscan.org/
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Vir policie
To povolení je proto, kdyby ten soubor byl skryt.
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Kód: Vybrat vše
KillAll::
File::
c:\windows\inf\msbjvn.vbe
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"msbjvnSrv"=-
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: Vir policie
ComboFix 13-12-31.01 - Petr . 01. 2014 19:13:15.4.4 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.3962.2533 [GMT 1:00]
Spuštěný z: c:\users\Petr\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Petr\Desktop\CFScript.txt
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\inf\msbjvn.vbe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Petr\AppData\Local\Temp\_MEI100002\_ctypes.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\_elementtree.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\_hashlib.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\_multiprocessing.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\_socket.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\_ssl.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\pyexpat.pyd
c:\users\Petr\AppData\Local\temp\_MEI100002\pysqlite2._sqlite.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\python27.dll
c:\users\Petr\AppData\Local\Temp\_MEI100002\pythoncom27.dll
c:\users\Petr\AppData\Local\Temp\_MEI100002\PyWinTypes27.dll
c:\users\Petr\AppData\Local\temp\_MEI100002\select.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\unicodedata.pyd
c:\users\Petr\AppData\Local\temp\_MEI100002\win32api.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\win32com.shell.shell.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\win32crypt.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\win32event.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\win32file.pyd
c:\users\Petr\AppData\Local\temp\_MEI100002\win32inet.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\win32pdh.pyd
c:\users\Petr\AppData\Local\temp\_MEI100002\win32pipe.pyd
c:\users\Petr\AppData\Local\temp\_MEI100002\win32process.pyd
c:\users\Petr\AppData\Local\temp\_MEI100002\win32profile.pyd
c:\users\Petr\AppData\Local\temp\_MEI100002\win32security.pyd
c:\users\Petr\AppData\Local\temp\_MEI100002\win32ts.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\windows._lib_cacheinvalidation.pyd
c:\users\Petr\AppData\Local\temp\_MEI100002\wx._controls_.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\wx._core_.pyd
c:\users\Petr\AppData\Local\temp\_MEI100002\wx._gdi_.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\wx._html2.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\wx._misc_.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\wx._windows_.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\wx._wizard.pyd
c:\users\Petr\AppData\Local\temp\_MEI100002\wxbase294u_net_vc90.dll
c:\users\Petr\AppData\Local\Temp\_MEI100002\wxbase294u_vc90.dll
c:\users\Petr\AppData\Local\Temp\_MEI100002\wxmsw294u_adv_vc90.dll
c:\users\Petr\AppData\Local\Temp\_MEI100002\wxmsw294u_core_vc90.dll
c:\users\Petr\AppData\Local\Temp\_MEI100002\wxmsw294u_html_vc90.dll
c:\users\Petr\AppData\Local\Temp\_MEI100002\wxmsw294u_webview_vc90.dll
c:\windows\inf\msbjvn.vbe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-12 do 2014-01-12 )))))))))))))))))))))))))))))))
.
.
2014-01-12 18:20 . 2014-01-12 18:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-12 17:34 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E8E6CB94-4F25-43C9-8B9C-066ACB105D36}\mpengine.dll
2014-01-10 15:38 . 2014-01-10 15:38 -------- d-----w- c:\windows\Sun
2014-01-10 13:14 . 2014-01-10 13:14 -------- d-----w- c:\users\Petr\AppData\Local\ElevatedDiagnostics
2014-01-05 18:44 . 2014-01-12 18:23 -------- d-----w- c:\users\Petr\AppData\Local\temp
2013-12-30 11:56 . 2013-12-30 11:56 -------- d-----w- c:\windows\ERUNT
2013-12-30 11:52 . 2013-12-31 10:36 33024 ----a-w- c:\windows\system32\drivers\USBCAMD2.sys.bak
2013-12-30 11:51 . 2013-12-31 10:34 172264 ----a-w- c:\windows\system32\drivers\ksecpkg.sys.bak
2013-12-29 21:45 . 2013-12-30 11:24 -------- d-----w- c:\program files\office.tmp
2013-12-29 21:35 . 2013-12-30 11:23 -------- d-----w- C:\AdwCleaner
2013-12-27 12:08 . 2013-12-27 12:08 236208 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10229.bin
2013-12-26 10:35 . 2014-01-12 17:24 -------- d-----r- c:\users\Petr\Disk Google
2013-12-23 11:17 . 2013-12-23 11:03 566480 ------w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2013-12-21 00:47 . 2013-12-21 00:47 -------- d-----w- c:\users\Petr\.android
2013-12-21 00:47 . 2013-12-28 21:26 -------- d-----w- c:\users\Petr\AppData\Local\cache
2013-12-21 00:47 . 2013-12-28 21:02 -------- d-----w- c:\users\Petr\AppData\Local\genienext
2013-12-21 00:44 . 2013-12-21 00:45 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2013-12-19 16:35 . 2013-12-19 16:37 -------- d-----w- c:\users\Petr\AppData\Local\NVIDIA Corporation
2013-12-19 16:33 . 2013-12-19 16:33 -------- d-----w- c:\windows\LastGood.Tmp
2013-12-19 16:32 . 2013-12-05 08:42 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-12-19 16:32 . 2013-12-05 08:42 32544 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-12-14 10:51 . 2013-11-01 01:45 23350272 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-14 10:51 . 2013-11-01 01:16 22615040 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-13 19:36 . 2013-10-27 22:41 965000 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6D186A3D-1F6B-44ED-A98F-8A7A65CAC186}\gapaengine.dll
2013-12-13 19:34 . 2013-10-25 06:19 1084928 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-12-13 19:34 . 2013-10-25 06:17 2648576 ----a-w- c:\windows\system32\iertutil.dll
2013-12-13 19:34 . 2013-10-25 06:17 3959808 ----a-w- c:\windows\system32\jscript9.dll
2013-12-13 19:34 . 2013-10-25 04:43 2877952 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-12-13 19:34 . 2013-10-25 06:19 484352 ----a-w- c:\program files\Internet Explorer\ieinstal.exe
2013-12-13 19:34 . 2013-10-25 06:19 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2013-12-13 19:34 . 2013-10-25 06:19 915968 ----a-w- c:\windows\system32\uxtheme.dll
2013-12-13 19:34 . 2013-10-25 06:17 365568 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2013-12-13 19:34 . 2013-10-25 04:45 469504 ----a-w- c:\program files (x86)\Internet Explorer\ieinstal.exe
2013-12-13 19:34 . 2013-10-25 04:43 245248 ----a-w- c:\program files (x86)\Internet Explorer\IEShims.dll
2013-12-13 19:30 . 2013-11-06 23:18 4036608 ----a-w- c:\windows\system32\win32k.sys
2013-12-13 19:30 . 2013-09-28 03:35 288768 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-13 19:30 . 2013-10-10 09:32 115712 ----a-w- c:\windows\SysWow64\cscript.exe
2013-12-13 19:30 . 2013-10-10 09:30 162304 ----a-w- c:\windows\SysWow64\scrobj.dll
2013-12-13 19:30 . 2013-10-10 09:30 156160 ----a-w- c:\windows\SysWow64\scrrun.dll
2013-12-13 19:30 . 2013-10-10 09:24 143872 ----a-w- c:\windows\system32\wshom.ocx
2013-12-13 19:30 . 2013-10-10 09:23 146944 ----a-w- c:\windows\system32\cscript.exe
2013-12-13 19:30 . 2013-10-10 09:22 222720 ----a-w- c:\windows\system32\scrobj.dll
2013-12-13 19:30 . 2013-10-10 09:22 194048 ----a-w- c:\windows\system32\scrrun.dll
2013-12-13 19:30 . 2013-11-01 05:38 312320 ----a-w- c:\windows\system32\msieftp.dll
2013-12-13 19:30 . 2013-11-01 03:49 273408 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-13 19:30 . 2013-11-23 06:43 420864 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-13 19:30 . 2013-11-23 05:05 368640 ----a-w- c:\windows\SysWow64\WMPhoto.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-14 21:21 . 2013-11-19 18:46 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-10 02:13 . 2013-11-20 16:31 982232 ----a-w- c:\windows\SysWow64\nvspcap.dll
2013-12-10 02:13 . 2013-11-20 16:31 1100248 ----a-w- c:\windows\system32\nvspcap64.dll
2013-12-07 08:42 . 2013-12-07 08:42 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-12-05 08:42 . 2013-11-20 16:26 35104 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-12-04 00:53 . 2013-11-21 18:55 78304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-04 00:53 . 2013-11-21 18:55 694240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-27 19:32 . 2013-11-27 19:33 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-19 10:21 . 2013-11-22 14:54 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-19 01:32 . 2013-11-19 01:32 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2013-11-19 01:31 . 2013-11-19 01:31 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-11-19 01:26 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-11-14 11:58 . 2013-11-20 16:26 18293608 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-11-14 11:58 . 2013-11-20 16:26 15862272 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-11-14 11:58 . 2012-11-14 23:52 1436528 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-11-14 11:58 . 2013-11-20 16:26 9619872 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-11-14 11:58 . 2013-11-20 16:26 32544 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2013-11-14 11:58 . 2012-11-14 23:52 1242400 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2013-11-14 11:58 . 2013-11-20 16:26 11514624 ----a-w- c:\windows\system32\nvopencl.dll
2013-11-14 11:58 . 2013-11-20 16:26 30361888 ----a-w- c:\windows\system32\nvoglv64.dll
2013-11-14 11:58 . 2013-11-20 16:26 22951200 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-11-14 11:58 . 2013-11-20 16:26 317472 ----a-w- c:\windows\system32\nvoglshim64.dll
2013-11-14 11:58 . 2013-11-20 16:26 266984 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2013-11-14 11:58 . 2013-11-20 16:26 12613408 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-11-14 11:58 . 2012-11-14 23:52 168616 ----a-w- c:\windows\system32\nvinitx.dll
2013-11-14 11:58 . 2012-11-14 23:52 141336 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-11-14 11:58 . 2013-11-20 16:26 707360 ----a-w- c:\windows\system32\NvFBC64.dll
2013-11-14 11:58 . 2013-11-20 16:26 657184 ----a-w- c:\windows\system32\NvIFR64.dll
2013-11-14 11:58 . 2013-11-20 16:26 609568 ----a-w- c:\windows\SysWow64\NvFBC.dll
2013-11-14 11:58 . 2013-11-20 16:26 562464 ----a-w- c:\windows\SysWow64\NvIFR.dll
2013-11-14 11:58 . 2013-11-20 16:26 357152 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2013-11-14 11:58 . 2013-11-20 16:26 314656 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2013-11-14 11:58 . 2013-11-20 16:26 479520 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2013-11-14 11:58 . 2013-11-20 16:26 405280 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2013-11-14 11:58 . 2013-11-20 16:26 1884448 ----a-w- c:\windows\system32\nvdispco6433182.dll
2013-11-14 11:58 . 2013-11-20 16:26 18208624 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-11-14 11:58 . 2013-11-20 16:26 1511712 ----a-w- c:\windows\system32\nvdispgenco6433182.dll
2013-11-14 11:58 . 2013-11-20 16:26 3132704 ----a-w- c:\windows\system32\nvcuvid.dll
2013-11-14 11:58 . 2013-11-20 16:26 3125024 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-11-14 11:58 . 2013-11-20 16:26 2947872 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-11-14 11:58 . 2013-11-20 16:26 2747680 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-11-14 11:58 . 2013-11-20 16:26 15218504 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-11-14 11:58 . 2013-11-20 16:26 9691888 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-11-14 11:58 . 2013-11-20 16:26 11600432 ----a-w- c:\windows\system32\nvcuda.dll
2013-11-14 11:58 . 2013-11-20 16:26 25257248 ----a-w- c:\windows\system32\nvcompiler.dll
2013-11-14 11:58 . 2013-11-20 16:26 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-11-14 11:58 . 2012-11-14 23:52 3069608 ----a-w- c:\windows\system32\nvapi64.dll
2013-11-14 11:58 . 2012-11-14 23:52 2697248 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-11-11 15:02 . 2012-11-14 23:53 6674208 ----a-w- c:\windows\system32\nvcpl.dll
2013-11-11 15:02 . 2012-11-14 23:53 3490080 ----a-w- c:\windows\system32\nvsvc64.dll
2013-11-11 15:01 . 2012-11-14 23:53 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-11-11 15:01 . 2012-11-14 23:53 67072 ----a-w- c:\windows\system32\nv3dappshextr.dll
2013-11-11 15:01 . 2012-11-14 23:53 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-11-11 15:01 . 2012-11-14 23:53 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-11-11 15:01 . 2012-11-14 23:53 219424 ----a-w- c:\windows\system32\nvmctray.dll
2013-11-11 15:01 . 2012-11-14 23:53 1065248 ----a-w- c:\windows\system32\nv3dappshext.dll
2013-11-11 15:01 . 2012-11-14 23:53 598304 ----a-w- c:\windows\SysWow64\oemdspif.dll
2013-11-11 15:01 . 2012-11-14 23:53 3467927 ----a-w- c:\windows\system32\nvcoproc.bin
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-12-23 11:44 222832 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-12-23 11:44 222832 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-12-23 11:44 222832 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-12-06 20203904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-08-23 56128]
"331BigDog"="c:\program files (x86)\USB Camera\VM331STI.EXE" [2012-05-02 548864]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2012-07-26 508656]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2012-07-27 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2012-07-27 167024]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2012-04-19 217088]
"RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-9-7 1346936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 usb3Hub;USB-IF USB 3.0 Hub;c:\windows\System32\drivers\usb3Hub.sys;c:\windows\SYSNATIVE\drivers\usb3Hub.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R3 XHCIPort;USB-IF xHCI USB Host Controller;c:\windows\System32\drivers\XHCIPort.sys;c:\windows\SYSNATIVE\drivers\XHCIPort.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S2 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys;c:\windows\SYSNATIVE\drivers\AcpiVpc.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\System32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
S3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys;c:\windows\SYSNATIVE\drivers\jmcr.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
S3 NETwNe64;@oem19.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;c:\windows\system32\DRIVERS\NETwew00.sys;c:\windows\SYSNATIVE\DRIVERS\NETwew00.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 vm331avs;Digital Camera 1;c:\windows\System32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 11:59 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-12-23 11:44 261744 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-12-23 11:44 261744 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-12-23 11:44 261744 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-25 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-25 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-25 441152]
"SynLenovoGestureMgr"="c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-09-14 12921488]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-09-14 1214608]
"OnekeyStudio"="c:\program files\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-08-10 4196432]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-11-15 17080376]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-11-15 191544]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-14 1028384]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 94.74.192.252 94.74.192.244
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
c:\windows\SysWOW64\RunDll32.exe
c:\program files\Lenovo\Bluetooth Software\Bluetooth Headset Helper.exe
c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-01-12 19:29:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-01-12 18:29
ComboFix2.txt 2014-01-10 13:12
ComboFix3.txt 2014-01-05 18:52
ComboFix4.txt 2013-12-31 12:18
.
Před spuštěním: 698 972 094 464 bytes free
Po spuštění: 699 248 287 744 bytes free
.
- - End Of File - - BA94D5EDB321C193A79EA552773B9302
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.3962.2533 [GMT 1:00]
Spuštěný z: c:\users\Petr\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Petr\Desktop\CFScript.txt
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\inf\msbjvn.vbe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Petr\AppData\Local\Temp\_MEI100002\_ctypes.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\_elementtree.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\_hashlib.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\_multiprocessing.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\_socket.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\_ssl.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\pyexpat.pyd
c:\users\Petr\AppData\Local\temp\_MEI100002\pysqlite2._sqlite.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\python27.dll
c:\users\Petr\AppData\Local\Temp\_MEI100002\pythoncom27.dll
c:\users\Petr\AppData\Local\Temp\_MEI100002\PyWinTypes27.dll
c:\users\Petr\AppData\Local\temp\_MEI100002\select.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\unicodedata.pyd
c:\users\Petr\AppData\Local\temp\_MEI100002\win32api.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\win32com.shell.shell.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\win32crypt.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\win32event.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\win32file.pyd
c:\users\Petr\AppData\Local\temp\_MEI100002\win32inet.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\win32pdh.pyd
c:\users\Petr\AppData\Local\temp\_MEI100002\win32pipe.pyd
c:\users\Petr\AppData\Local\temp\_MEI100002\win32process.pyd
c:\users\Petr\AppData\Local\temp\_MEI100002\win32profile.pyd
c:\users\Petr\AppData\Local\temp\_MEI100002\win32security.pyd
c:\users\Petr\AppData\Local\temp\_MEI100002\win32ts.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\windows._lib_cacheinvalidation.pyd
c:\users\Petr\AppData\Local\temp\_MEI100002\wx._controls_.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\wx._core_.pyd
c:\users\Petr\AppData\Local\temp\_MEI100002\wx._gdi_.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\wx._html2.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\wx._misc_.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\wx._windows_.pyd
c:\users\Petr\AppData\Local\Temp\_MEI100002\wx._wizard.pyd
c:\users\Petr\AppData\Local\temp\_MEI100002\wxbase294u_net_vc90.dll
c:\users\Petr\AppData\Local\Temp\_MEI100002\wxbase294u_vc90.dll
c:\users\Petr\AppData\Local\Temp\_MEI100002\wxmsw294u_adv_vc90.dll
c:\users\Petr\AppData\Local\Temp\_MEI100002\wxmsw294u_core_vc90.dll
c:\users\Petr\AppData\Local\Temp\_MEI100002\wxmsw294u_html_vc90.dll
c:\users\Petr\AppData\Local\Temp\_MEI100002\wxmsw294u_webview_vc90.dll
c:\windows\inf\msbjvn.vbe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-12 do 2014-01-12 )))))))))))))))))))))))))))))))
.
.
2014-01-12 18:20 . 2014-01-12 18:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-12 17:34 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E8E6CB94-4F25-43C9-8B9C-066ACB105D36}\mpengine.dll
2014-01-10 15:38 . 2014-01-10 15:38 -------- d-----w- c:\windows\Sun
2014-01-10 13:14 . 2014-01-10 13:14 -------- d-----w- c:\users\Petr\AppData\Local\ElevatedDiagnostics
2014-01-05 18:44 . 2014-01-12 18:23 -------- d-----w- c:\users\Petr\AppData\Local\temp
2013-12-30 11:56 . 2013-12-30 11:56 -------- d-----w- c:\windows\ERUNT
2013-12-30 11:52 . 2013-12-31 10:36 33024 ----a-w- c:\windows\system32\drivers\USBCAMD2.sys.bak
2013-12-30 11:51 . 2013-12-31 10:34 172264 ----a-w- c:\windows\system32\drivers\ksecpkg.sys.bak
2013-12-29 21:45 . 2013-12-30 11:24 -------- d-----w- c:\program files\office.tmp
2013-12-29 21:35 . 2013-12-30 11:23 -------- d-----w- C:\AdwCleaner
2013-12-27 12:08 . 2013-12-27 12:08 236208 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10229.bin
2013-12-26 10:35 . 2014-01-12 17:24 -------- d-----r- c:\users\Petr\Disk Google
2013-12-23 11:17 . 2013-12-23 11:03 566480 ------w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2013-12-21 00:47 . 2013-12-21 00:47 -------- d-----w- c:\users\Petr\.android
2013-12-21 00:47 . 2013-12-28 21:26 -------- d-----w- c:\users\Petr\AppData\Local\cache
2013-12-21 00:47 . 2013-12-28 21:02 -------- d-----w- c:\users\Petr\AppData\Local\genienext
2013-12-21 00:44 . 2013-12-21 00:45 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2013-12-19 16:35 . 2013-12-19 16:37 -------- d-----w- c:\users\Petr\AppData\Local\NVIDIA Corporation
2013-12-19 16:33 . 2013-12-19 16:33 -------- d-----w- c:\windows\LastGood.Tmp
2013-12-19 16:32 . 2013-12-05 08:42 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-12-19 16:32 . 2013-12-05 08:42 32544 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-12-14 10:51 . 2013-11-01 01:45 23350272 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-14 10:51 . 2013-11-01 01:16 22615040 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-13 19:36 . 2013-10-27 22:41 965000 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6D186A3D-1F6B-44ED-A98F-8A7A65CAC186}\gapaengine.dll
2013-12-13 19:34 . 2013-10-25 06:19 1084928 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-12-13 19:34 . 2013-10-25 06:17 2648576 ----a-w- c:\windows\system32\iertutil.dll
2013-12-13 19:34 . 2013-10-25 06:17 3959808 ----a-w- c:\windows\system32\jscript9.dll
2013-12-13 19:34 . 2013-10-25 04:43 2877952 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-12-13 19:34 . 2013-10-25 06:19 484352 ----a-w- c:\program files\Internet Explorer\ieinstal.exe
2013-12-13 19:34 . 2013-10-25 06:19 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2013-12-13 19:34 . 2013-10-25 06:19 915968 ----a-w- c:\windows\system32\uxtheme.dll
2013-12-13 19:34 . 2013-10-25 06:17 365568 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2013-12-13 19:34 . 2013-10-25 04:45 469504 ----a-w- c:\program files (x86)\Internet Explorer\ieinstal.exe
2013-12-13 19:34 . 2013-10-25 04:43 245248 ----a-w- c:\program files (x86)\Internet Explorer\IEShims.dll
2013-12-13 19:30 . 2013-11-06 23:18 4036608 ----a-w- c:\windows\system32\win32k.sys
2013-12-13 19:30 . 2013-09-28 03:35 288768 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-13 19:30 . 2013-10-10 09:32 115712 ----a-w- c:\windows\SysWow64\cscript.exe
2013-12-13 19:30 . 2013-10-10 09:30 162304 ----a-w- c:\windows\SysWow64\scrobj.dll
2013-12-13 19:30 . 2013-10-10 09:30 156160 ----a-w- c:\windows\SysWow64\scrrun.dll
2013-12-13 19:30 . 2013-10-10 09:24 143872 ----a-w- c:\windows\system32\wshom.ocx
2013-12-13 19:30 . 2013-10-10 09:23 146944 ----a-w- c:\windows\system32\cscript.exe
2013-12-13 19:30 . 2013-10-10 09:22 222720 ----a-w- c:\windows\system32\scrobj.dll
2013-12-13 19:30 . 2013-10-10 09:22 194048 ----a-w- c:\windows\system32\scrrun.dll
2013-12-13 19:30 . 2013-11-01 05:38 312320 ----a-w- c:\windows\system32\msieftp.dll
2013-12-13 19:30 . 2013-11-01 03:49 273408 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-13 19:30 . 2013-11-23 06:43 420864 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-13 19:30 . 2013-11-23 05:05 368640 ----a-w- c:\windows\SysWow64\WMPhoto.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-14 21:21 . 2013-11-19 18:46 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-10 02:13 . 2013-11-20 16:31 982232 ----a-w- c:\windows\SysWow64\nvspcap.dll
2013-12-10 02:13 . 2013-11-20 16:31 1100248 ----a-w- c:\windows\system32\nvspcap64.dll
2013-12-07 08:42 . 2013-12-07 08:42 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-12-05 08:42 . 2013-11-20 16:26 35104 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-12-04 00:53 . 2013-11-21 18:55 78304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-04 00:53 . 2013-11-21 18:55 694240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-27 19:32 . 2013-11-27 19:33 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-19 10:21 . 2013-11-22 14:54 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-19 01:32 . 2013-11-19 01:32 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2013-11-19 01:31 . 2013-11-19 01:31 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-11-19 01:26 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-11-14 11:58 . 2013-11-20 16:26 18293608 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-11-14 11:58 . 2013-11-20 16:26 15862272 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-11-14 11:58 . 2012-11-14 23:52 1436528 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-11-14 11:58 . 2013-11-20 16:26 9619872 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-11-14 11:58 . 2013-11-20 16:26 32544 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2013-11-14 11:58 . 2012-11-14 23:52 1242400 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2013-11-14 11:58 . 2013-11-20 16:26 11514624 ----a-w- c:\windows\system32\nvopencl.dll
2013-11-14 11:58 . 2013-11-20 16:26 30361888 ----a-w- c:\windows\system32\nvoglv64.dll
2013-11-14 11:58 . 2013-11-20 16:26 22951200 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-11-14 11:58 . 2013-11-20 16:26 317472 ----a-w- c:\windows\system32\nvoglshim64.dll
2013-11-14 11:58 . 2013-11-20 16:26 266984 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2013-11-14 11:58 . 2013-11-20 16:26 12613408 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-11-14 11:58 . 2012-11-14 23:52 168616 ----a-w- c:\windows\system32\nvinitx.dll
2013-11-14 11:58 . 2012-11-14 23:52 141336 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-11-14 11:58 . 2013-11-20 16:26 707360 ----a-w- c:\windows\system32\NvFBC64.dll
2013-11-14 11:58 . 2013-11-20 16:26 657184 ----a-w- c:\windows\system32\NvIFR64.dll
2013-11-14 11:58 . 2013-11-20 16:26 609568 ----a-w- c:\windows\SysWow64\NvFBC.dll
2013-11-14 11:58 . 2013-11-20 16:26 562464 ----a-w- c:\windows\SysWow64\NvIFR.dll
2013-11-14 11:58 . 2013-11-20 16:26 357152 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2013-11-14 11:58 . 2013-11-20 16:26 314656 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2013-11-14 11:58 . 2013-11-20 16:26 479520 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2013-11-14 11:58 . 2013-11-20 16:26 405280 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2013-11-14 11:58 . 2013-11-20 16:26 1884448 ----a-w- c:\windows\system32\nvdispco6433182.dll
2013-11-14 11:58 . 2013-11-20 16:26 18208624 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-11-14 11:58 . 2013-11-20 16:26 1511712 ----a-w- c:\windows\system32\nvdispgenco6433182.dll
2013-11-14 11:58 . 2013-11-20 16:26 3132704 ----a-w- c:\windows\system32\nvcuvid.dll
2013-11-14 11:58 . 2013-11-20 16:26 3125024 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-11-14 11:58 . 2013-11-20 16:26 2947872 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-11-14 11:58 . 2013-11-20 16:26 2747680 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-11-14 11:58 . 2013-11-20 16:26 15218504 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-11-14 11:58 . 2013-11-20 16:26 9691888 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-11-14 11:58 . 2013-11-20 16:26 11600432 ----a-w- c:\windows\system32\nvcuda.dll
2013-11-14 11:58 . 2013-11-20 16:26 25257248 ----a-w- c:\windows\system32\nvcompiler.dll
2013-11-14 11:58 . 2013-11-20 16:26 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-11-14 11:58 . 2012-11-14 23:52 3069608 ----a-w- c:\windows\system32\nvapi64.dll
2013-11-14 11:58 . 2012-11-14 23:52 2697248 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-11-11 15:02 . 2012-11-14 23:53 6674208 ----a-w- c:\windows\system32\nvcpl.dll
2013-11-11 15:02 . 2012-11-14 23:53 3490080 ----a-w- c:\windows\system32\nvsvc64.dll
2013-11-11 15:01 . 2012-11-14 23:53 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-11-11 15:01 . 2012-11-14 23:53 67072 ----a-w- c:\windows\system32\nv3dappshextr.dll
2013-11-11 15:01 . 2012-11-14 23:53 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-11-11 15:01 . 2012-11-14 23:53 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-11-11 15:01 . 2012-11-14 23:53 219424 ----a-w- c:\windows\system32\nvmctray.dll
2013-11-11 15:01 . 2012-11-14 23:53 1065248 ----a-w- c:\windows\system32\nv3dappshext.dll
2013-11-11 15:01 . 2012-11-14 23:53 598304 ----a-w- c:\windows\SysWow64\oemdspif.dll
2013-11-11 15:01 . 2012-11-14 23:53 3467927 ----a-w- c:\windows\system32\nvcoproc.bin
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-12-23 11:44 222832 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-12-23 11:44 222832 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-12-23 11:44 222832 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-12-06 20203904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-08-23 56128]
"331BigDog"="c:\program files (x86)\USB Camera\VM331STI.EXE" [2012-05-02 548864]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2012-07-26 508656]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2012-07-27 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2012-07-27 167024]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2012-04-19 217088]
"RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-9-7 1346936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 usb3Hub;USB-IF USB 3.0 Hub;c:\windows\System32\drivers\usb3Hub.sys;c:\windows\SYSNATIVE\drivers\usb3Hub.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R3 XHCIPort;USB-IF xHCI USB Host Controller;c:\windows\System32\drivers\XHCIPort.sys;c:\windows\SYSNATIVE\drivers\XHCIPort.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S2 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys;c:\windows\SYSNATIVE\drivers\AcpiVpc.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\System32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
S3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys;c:\windows\SYSNATIVE\drivers\jmcr.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
S3 NETwNe64;@oem19.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;c:\windows\system32\DRIVERS\NETwew00.sys;c:\windows\SYSNATIVE\DRIVERS\NETwew00.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 vm331avs;Digital Camera 1;c:\windows\System32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 11:59 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-12-23 11:44 261744 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-12-23 11:44 261744 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-12-23 11:44 261744 ----a-w- c:\users\Petr\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-12-06 14:47 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-25 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-25 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-25 441152]
"SynLenovoGestureMgr"="c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-09-14 12921488]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-09-14 1214608]
"OnekeyStudio"="c:\program files\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-08-10 4196432]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-11-15 17080376]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-11-15 191544]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-14 1028384]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 94.74.192.252 94.74.192.244
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
c:\windows\SysWOW64\RunDll32.exe
c:\program files\Lenovo\Bluetooth Software\Bluetooth Headset Helper.exe
c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-01-12 19:29:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-01-12 18:29
ComboFix2.txt 2014-01-10 13:12
ComboFix3.txt 2014-01-05 18:52
ComboFix4.txt 2013-12-31 12:18
.
Před spuštěním: 698 972 094 464 bytes free
Po spuštění: 699 248 287 744 bytes free
.
- - End Of File - - BA94D5EDB321C193A79EA552773B9302
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Vir policie
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Vlož nový log z HJT + info o problémech.
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Vlož nový log z HJT + info o problémech.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 93 hostů