Problémy poškozené foto, dokumenty Notebook Lenovo Z500 Vyřešeno

[Pajin88]

Dobrý den,
Chtěl bych se s vámi poradit a požádat Vás o radu a pomoc.

Mám Notebook Lenovo idea pad Z500 i Core i7 s 1TB SSD diskem mám jej cca 4 měsíce OS win 8. cca po 2 měsících se začli poškozovat data nejdříve sem to dával za vinu virů jsem v UK a každý den na veřejných wifinách mé zabazpečení sem měl jen co poskytuje Microosft tedy defendra doteď mi to stačilo. Ale moje podezření je že odchází HDD jelikož jsem v cizině notebook jsem kupoval v česku nemám cestu se do čech teď vracet takže na záruční servis kvůli dignostice nepojedu.

Oč bych chtěl požádat tedy je, zda mi tady někdo nepomůže s otestovaním HDD. na viry pokud by šlo otestovat hdd kompletně ne jen naviry ale na chyby budu rád Děkuji

p.s. měl by to být ssd disk Seagate.

Mám poškozené s každého Alba několik fotek. nějnovější fotky nejdou otevřít žádné. plus také dokumenty textové či pdf soubory.
fotky jak soubory RAW tak JPG. co je nejhorší že to schytla i vložená SD karta ve čtečce.. takže to možná přeci jen bude VIR. opravdu nevím..

Děkuji.
log vložen

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:03:21, on 19. 10. 2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
D:\Programky\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
D:\Programky\Maxthon\Bin\Maxthon.exe
D:\Programky\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
D:\Programky\TMMonitor.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
D:\Programky\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
D:\Programky\Maxthon\Bin\Maxthon.exe
D:\Programky\Skype\Phone\Skype.exe
D:\Programky\Skype\Phone\Skype.exe
D:\Programky\Maxthon\Bin\Maxthon.exe
D:\Programky\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.delta-search.com/?babsrc=HP ... 4&tsp=4983
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 94.229.32.82:8088
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Programky\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [StartW8Button] D:\Programky\StartW8\bin\StartW8Button.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Programky\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programky\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [icq] C:\Users\Micky and Minnie\AppData\Roaming\ICQM\icq.exe -CU
O4 - HKCU\..\Run: [Regedit32] C:\Windows\system32\regedit.exe
O4 - Global Startup: HDDHealth.lnk = D:\Programky\HDD Health\hddhealth.exe
O4 - Global Startup: TMMonitor.lnk = D:\Programky\TMMonitor.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O8 - Extra context menu item: Odeslat do Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Programky\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Micky and Minnie\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Micky and Minnie\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra button: Odeslat do Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Odeslat do Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - D:\Programky\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~2\movies~1\safety~1\safety~2.dll c:\progra~2\nvidia~1\3dvisi~1\nvstinit.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - D:\Programky\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - D:\Programky\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HDDHealth - Unknown owner - D:\Programky\HDD Health\HDDHealthService.exe
O23 - Service: Úložná technologie Intel® Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: SafetyNut Manager (SafetyNutManager) - SafetyNut Inc. - C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype C2C Service - Unknown owner - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - D:\Programky\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StartW8Service - SODATSW spol. s .r.o. - D:\Programky\StartW8\bin\StartW8Service.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - D:\Programky\TeamViewer 8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 16203 bytes

[Reklama]

[guest]

Logy nepatří do Code.

[Orcus]

Vlož jsem log z Crystal Disk Info aprotokoly událostí.

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

===================================================

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

====================================================

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

====================================================

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

[Pajin88]

Děkuji za věnování pozornosti mému problému snažil jsem s epostupovat dle pokynů jen zmíněné programy jsem nedával na plochu nemám to rát věřím, že to nebude, ale žádný problém

Malwarebytes' Anti-Malware log:

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
http://www.malwarebytes.org

Verze: v2013.10.19.02

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16721
Micky and Minnie :: LENOVOZ500 [administrátor]

Ochrana: Povolena

19. 10. 2013 12:28:05
MBAM-log-2013-10-19 (13-53-08).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 208999
Uplynulý čas: 7 minut, 14 sekund

Nalezené procesy v paměti: 2
C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe (PUP.Optional.SafetyNut.A) -> 1892 -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetynut.exe (PUP.Optional.SafetyNut.A) -> 9500 -> Nebyla provedena žádná instrukce.

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 9
HKLM\SYSTEM\CurrentControlSet\Services\SafetyNutManager (PUP.Optional.SafetyNut.A) -> Nebyla provedena žádná instrukce.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2889516D-BE44-77A3-3EF5-3E28D482F27D} (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C44351DD-F182-43C2-34B7-E54F65B30040} (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\DEFAULT TAB (PUP.Optional.DefaultTab.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\DEFAULT TAB (PUP.Optional.DefaultTab.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\SAFETYNUT (PUP.Optional.SafetyNut.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 4
HKCU\SOFTWARE\Default Tab|Version (PUP.Optional.DefaultTab.A) -> Data: 2.2.16.0 -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Regedit32 (Trojan.Agent) -> Data: C:\Windows\system32\regedit.exe -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Default Tab|Version (PUP.Optional.DefaultTab.A) -> Data: 2.2.16.0 -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\SafetyNut|browser (PUP.Optional.SafetyNut.A) -> Data: cr -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 2
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.MoviesToolBar.A) -> Špatný: (c:\progra~2\movies~1\safety~1\safety~2.dll) Dobrý: () -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.StartPage) -> Špatný: (http://www1.delta-search.com/?babsrc=HP ... 4&tsp=4983) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.

Nalezené složky: 7
C:\Users\Micky and Minnie\AppData\Roaming\SpeedAnalysis2 (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\SafetyNut (PUP.Optional.SafetyNut.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Tarma Installer (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
C:\Users\Micky and Minnie\AppData\Roaming\File Scout (PUP.Optional.FileScout.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Movies Toolbar\SafetyNut (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Movies Toolbar\SafetyNut\SRTOOL~1 (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64 (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 32
C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe (PUP.Optional.SafetyNut.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetynut.exe (PUP.Optional.SafetyNut.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\InstallMate\{CA0A3D3A-A3D6-46AF-A444-EBF411E91FCC}\Setup.exe (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\InstallMate\{CA0A3D3A-A3D6-46AF-A444-EBF411E91FCC}\TsuDll.dll (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\InstallMate\{CC8EC71D-1D1E-4BAF-A944-553C176DE5EB}\Setup.exe (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\InstallMate\{CC8EC71D-1D1E-4BAF-A944-553C176DE5EB}\TsuDll.dll (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
C:\Users\Micky and Minnie\AppData\Roaming\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> Nebyla provedena žádná instrukce.
C:\Users\Micky and Minnie\AppData\Local\Temp\nsg7B28.tmp\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Micky and Minnie\AppData\Roaming\SpeedAnalysis2\speedanalysis.crx (PUP.Optional.SpeedAnalysis.A) -> Nebyla provedena žádná instrukce.
C:\Users\Micky and Minnie\AppData\Roaming\speedanalysis.ico (PUP.Optional.SpeedAnalysis2.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Wincert\win64cert.dll (PUP.Optional.Datamngr.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Wincert\win32prop.dll (PUP.Optional.Datamngr.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Wincert\win64prop.dll (PUP.Optional.Datamngr.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\SafetyNut\coordinator.cfg (PUP.Optional.SafetyNut.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\SafetyNut\COORDI~1.CFG (PUP.Optional.SafetyNut.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\SafetyNut\general.cfg (PUP.Optional.SafetyNut.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\SafetyNut\S-1-5-21-972540561-1704939325-1529438176-1001.cfg (PUP.Optional.SafetyNut.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\SafetyNut\S-1-5-32.cfg (PUP.Optional.SafetyNut.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\regedit.exe (Trojan.Agent) -> Nebyla provedena žádná instrukce.
C:\Users\Micky and Minnie\AppData\Roaming\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Movies Toolbar\SafetyNut\Helper.dll (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Movies Toolbar\SafetyNut\Internet Explorer Settings.exe (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetycrt.dll (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetyldr.dll (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetynut.dll (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetynut_ie.dll (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Movies Toolbar\SafetyNut\Uninstall.exe (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64\Internet Explorer Settings.exe (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64\safetycrt.dll (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64\safetyldr.dll (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64\safetynut.dll (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64\safetynut_ie.dll (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.

(konec)

AdwCleaner Log:

# AdwCleaner v3.008 - Report created 19/10/2013 at 13:55:54
# Updated 17/10/2013 by Xplode
# Operating System : Windows 8 Pro (64 bits)
# Username : Micky and Minnie - LENOVOZ500
# Running from : D:\Instalačky programu\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\Micky and Minnie\AppData\Roaming\speedanalysis.ico
File Found : C:\Windows\System32\roboot64.exe
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\Movies Toolbar
Folder Found C:\Program Files (x86)\MyPC Backup
Folder Found C:\Program Files (x86)\MyPC Backup
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\Browser Manager
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Found C:\ProgramData\savaEnshare
Folder Found C:\ProgramData\Tarma Installer
Folder Found C:\Users\Micky and Minnie\AppData\Local\SwvUpdater
Folder Found C:\Users\Micky and Minnie\AppData\LocalLow\Conduit
Folder Found C:\Users\Micky and Minnie\AppData\LocalLow\Minibar
Folder Found C:\Users\Micky and Minnie\AppData\Roaming\DefaultTab
Folder Found C:\Users\Micky and Minnie\AppData\Roaming\dvdvideosoftiehelpers
Folder Found C:\Users\Micky and Minnie\AppData\Roaming\file scout
Folder Found C:\Users\Micky and Minnie\AppData\Roaming\Media Finder
Folder Found C:\Users\Micky and Minnie\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Found C:\Users\Micky and Minnie\AppData\Roaming\PerformerSoft
Folder Found C:\Users\Micky and Minnie\AppData\Roaming\SpeedAnalysis2

***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\wincert\win64c~1.dll
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\lyricspal
Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\AppDataLow\Software\smartbar
Key Found : HKCU\Software\BI
Key Found : HKCU\Software\Default Tab
Key Found : HKCU\Software\filescout
Key Found : HKCU\Software\MediaFinder
Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\1ClickDownload
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\BI
Key Found : [x64] HKCU\Software\Default Tab
Key Found : [x64] HKCU\Software\filescout
Key Found : [x64] HKCU\Software\MediaFinder
Key Found : [x64] HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Found : HKLM\SOFTWARE\Classes\MF
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Default Tab
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKLM\Software\PIP
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Value Found : HKCU\Software\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www1.delta-search.com/?babsrc=HP ... 4&tsp=4983

*************************

AdwCleaner[R0].txt - [5796 octets] - [19/10/2013 13:55:54]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5856 octets] ##########

Junkware Removal Tool Log :

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 8 Pro x64
Ran by Micky and Minnie on so 19. 10. 2013 at 14:02:14,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-972540561-1704939325-1529438176-1001\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\default tab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\mediafinder
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\lyricspal
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\search settings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\download with &media finder
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-972540561-1704939325-1529438176-1001\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\default tab
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mf
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasmancs
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{06720EE3-699F-45A2-B59A-68120BFE54A1}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\ProgramData\wincert"
Successfully deleted: [Folder] "C:\Users\Micky and Minnie\AppData\Roaming\defaulttab"
Successfully deleted: [Folder] "C:\Users\Micky and Minnie\AppData\Roaming\dvdvideosoftiehelpers"
Successfully deleted: [Folder] "C:\Users\Micky and Minnie\AppData\Roaming\file scout"
Successfully deleted: [Folder] "C:\Users\Micky and Minnie\AppData\Roaming\media finder"
Successfully deleted: [Folder] "C:\Users\Micky and Minnie\AppData\Roaming\performersoft"
Successfully deleted: [Folder] "C:\Users\Micky and Minnie\appdata\local\swvupdater"
Successfully deleted: [Folder] "C:\Users\Micky and Minnie\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Micky and Minnie\appdata\locallow\minibar"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Failed to delete: [Folder] "C:\Program Files (x86)\movies toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 19. 10. 2013 at 14:12:01,11
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Žbeky]

Když napíšeme na plochu, myslíme na plochu a ne někam jinam. Některé programy na to úplně spoléhají, takže to není napsané jen tak zbůhdarma....

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“)
Klikni na „ Delete“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt), jeho obsah sem celý vlož.

Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Stáhni si RogueKiller
32bit:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a WIN7 spusť program jako správce, u XP poklepáním.
- Počkej až skončí Prescan.
- Zkontroluj, zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
- Potom klikni na „Prohledat“.
- Program skenuje PC. Po proskenování klikni na „Zpráva“ - celý obsah logu sem zkopíruj.
Pokud je program blokován, zkus ho spustit několikrát. Pokud dále program nepůjde spustit, přejmenuj ho na winlogon.exe.

[Pajin88]

AdwCleaner log :
# AdwCleaner v3.008 - Report created 19/10/2013 at 18:08:04
# Updated 17/10/2013 by Xplode
# Operating System : Windows 8 Pro (64 bits)
# Username : Micky and Minnie - LENOVOZ500
# Running from : C:\Users\Micky and Minnie\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

[#] Folder Deleted : C:\ProgramData\Browser Manager
Folder Deleted : C:\ProgramData\savaEnshare
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Deleted : C:\Program Files (x86)\Movies Toolbar
Folder Deleted : C:\Users\Micky and Minnie\AppData\Local\eSupport.com
Folder Deleted : C:\Users\Micky and Minnie\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Users\Micky and Minnie\AppData\Roaming\SpeedAnalysis2
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Micky and Minnie\AppData\Roaming\speedanalysis.ico

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\Software\PIP
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\wincert\win64c~1.dll

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537


*************************

AdwCleaner[R0].txt - [5988 octets] - [19/10/2013 13:55:54]
AdwCleaner[R1].txt - [3911 octets] - [19/10/2013 18:06:50]
AdwCleaner[S0].txt - [3736 octets] - [19/10/2013 18:08:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3796 octets] ##########

MbAM log :
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.10.19.02

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16721
Micky and Minnie :: LENOVOZ500 [administrátor]

Ochrana: Povolena

19. 10. 2013 18:15:00
mbam-log-2013-10-19 (18-15-00).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 231225
Uplynulý čas: 5 minut, 41 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2889516D-BE44-77A3-3EF5-3E28D482F27D} (PUP.Optional.Tarma.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C44351DD-F182-43C2-34B7-E54F65B30040} (PUP.Optional.Tarma.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\SAFETYNUT (PUP.Optional.SafetyNut.A) -> Přesun do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Regedit32 (Trojan.Agent) -> Data: C:\Windows\system32\regedit.exe -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\SafetyNut|browser (PUP.Optional.SafetyNut.A) -> Data: cr -> Přesun do karantény a smazání se zdařilo.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 1
C:\ProgramData\SafetyNut (PUP.Optional.SafetyNut.A) -> Přesun do karantény a smazání se zdařilo.

Nalezené soubory: 10
C:\ProgramData\InstallMate\{CA0A3D3A-A3D6-46AF-A444-EBF411E91FCC}\Setup.exe (PUP.Optional.Tarma.A) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\InstallMate\{CA0A3D3A-A3D6-46AF-A444-EBF411E91FCC}\TsuDll.dll (PUP.Optional.Tarma.A) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\InstallMate\{CC8EC71D-1D1E-4BAF-A944-553C176DE5EB}\Setup.exe (PUP.Optional.Tarma.A) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\InstallMate\{CC8EC71D-1D1E-4BAF-A944-553C176DE5EB}\TsuDll.dll (PUP.Optional.Tarma.A) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\SafetyNut\coordinator.cfg (PUP.Optional.SafetyNut.A) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\SafetyNut\COORDI~1.CFG (PUP.Optional.SafetyNut.A) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\SafetyNut\general.cfg (PUP.Optional.SafetyNut.A) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\SafetyNut\S-1-5-21-972540561-1704939325-1529438176-1001.cfg (PUP.Optional.SafetyNut.A) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\SafetyNut\S-1-5-32.cfg (PUP.Optional.SafetyNut.A) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\System32\regedit.exe (Trojan.Agent) -> Přesun do karantény a smazání se zdařilo.

(konec)

RogueKiller log :

RogueKiller V8.7.4 _x64_ [Oct 16 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 8 (6.2.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Micky and Minnie [Práva správce]
Mód : Kontrola -- Datum : 10/19/2013 18:31:54
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] RTFTrack.exe -- C:\Windows\RTFTrack.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 11 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : icq (C:\Users\Micky and Minnie\AppData\Roaming\ICQM\icq.exe -CU [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-972540561-1704939325-1529438176-1001\[...]\Run : icq (C:\Users\Micky and Minnie\AppData\Roaming\ICQM\icq.exe -CU [7]) -> NALEZENO
[PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyServer (94.229.32.82:8088) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - ST1000LM014-1EJ164 +++++
--- User ---
[MBR] 6f56d9387825a7817f58ad0f2b4d27b7
[BSP] e5564d3a591cf8403f708aa9e7a52e9a : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 350 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 718848 | Size: 80516 Mo
2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 165615616 | Size: 873000 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) (Standardní diskové jednotky) - SDHC Card +++++
--- User ---
[MBR] 92b2d99644dc17fce5ccd294954d7f25
[BSP] fe90c666f4e607f639e97fa75b6d5a6d : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 8192 | Size: 30955 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_S_10192013_183154.txt >>

[memphisto]

¨Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.

[Pajin88]

RogueKiller LOG:
RogueKiller V8.7.4 _x64_ [Oct 16 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 8 (6.2.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Micky and Minnie [Práva správce]
Mód : Odebrat -- Datum : 10/19/2013 19:18:53
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 10 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : icq (C:\Users\Micky and Minnie\AppData\Roaming\ICQM\icq.exe -CU [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKUS\S-1-5-21-972540561-1704939325-1529438176-1001\[...]\Run : icq (C:\Users\Micky and Minnie\AppData\Roaming\ICQM\icq.exe -CU [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - ST1000LM014-1EJ164 +++++
--- User ---
[MBR] 6f56d9387825a7817f58ad0f2b4d27b7
[BSP] e5564d3a591cf8403f708aa9e7a52e9a : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 350 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 718848 | Size: 80516 Mo
2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 165615616 | Size: 873000 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) (Standardní diskové jednotky) - SDHC Card +++++
--- User ---
[MBR] 92b2d99644dc17fce5ccd294954d7f25
[BSP] fe90c666f4e607f639e97fa75b6d5a6d : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 8192 | Size: 30955 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_D_10192013_191853.txt >>
RKreport[0]_S_10192013_183154.txt;RKreport[0]_S_10192013_191837.txt

Combofix LOG:
ComboFix 13-10-19.02 - Micky and Minnie . 10. 2013 19:22:09.4.8 - x64
Microsoft Windows 8 Pro 6.2.9200.0.1250.420.1029.18.3958.1413 [GMT 1:00]
Spuštěný z: c:\users\Micky and Minnie\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-19 do 2013-10-19 )))))))))))))))))))))))))))))))
.
.
2013-10-19 18:26 . 2013-10-19 18:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-19 16:42 . 2013-10-19 16:42 31136 ----a-w- c:\windows\system32\drivers\HWiNFO64A.SYS
2013-10-19 16:40 . 2013-10-19 16:40 -------- d-----w- c:\users\Micky and Minnie\AppData\Local\NVIDIA
2013-10-19 16:32 . 2013-10-19 16:32 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-10-19 16:32 . 2013-10-19 16:32 -------- d-----w- c:\users\UpdatusUser
2013-10-19 16:31 . 2013-10-19 16:31 -------- d-----w- c:\windows\SysWow64\NV
2013-10-19 16:31 . 2013-10-19 16:31 -------- d-----w- c:\windows\system32\NV
2013-10-19 16:31 . 2013-09-12 07:25 3452192 ----a-w- c:\windows\system32\nvsvc64.dll
2013-10-19 16:31 . 2013-09-12 07:25 920864 ----a-w- c:\windows\system32\nvvsvc.exe
2013-10-19 16:31 . 2013-09-12 07:25 67072 ----a-w- c:\windows\system32\nv3dappshextr.dll
2013-10-19 16:31 . 2013-09-12 07:25 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-10-19 16:31 . 2013-09-12 07:25 1042208 ----a-w- c:\windows\system32\nv3dappshext.dll
2013-10-19 16:31 . 2013-09-12 07:25 6599968 ----a-w- c:\windows\system32\nvcpl.dll
2013-10-19 16:31 . 2013-09-12 07:25 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-10-19 16:31 . 2013-09-12 07:25 219424 ----a-w- c:\windows\system32\nvmctray.dll
2013-10-19 16:31 . 2013-09-11 22:06 3361114 ----a-w- c:\windows\system32\nvcoproc.bin
2013-10-19 16:31 . 2013-09-12 07:25 580384 ----a-w- c:\windows\SysWow64\oemdspif.dll
2013-10-19 16:30 . 2013-10-19 16:33 -------- d-----w- c:\programdata\NVIDIA Corporation
2013-10-19 15:56 . 2013-10-19 16:32 -------- d-----w- c:\program files\NVIDIA Corporation
2013-10-19 15:55 . 2013-10-19 15:55 -------- d-----w- C:\NVIDIA
2013-10-19 15:49 . 2013-10-19 15:49 -------- d-----w- c:\users\Micky and Minnie\AppData\Roaming\Seagate
2013-10-19 15:47 . 2013-10-19 15:47 -------- d-----w- c:\programdata\Seagate
2013-10-19 15:47 . 2013-10-19 15:47 971360 ----a-w- c:\windows\system32\drivers\timntr.sys
2013-10-19 15:46 . 2013-10-19 15:46 141920 ----a-w- c:\windows\system32\drivers\vsflt53.sys
2013-10-19 15:46 . 2013-10-19 15:46 -------- d-----w- c:\program files (x86)\Common Files\Seagate
2013-10-19 15:46 . 2013-10-19 15:46 -------- d-----w- c:\program files (x86)\Seagate
2013-10-19 15:16 . 2013-10-19 15:16 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2013-10-19 15:08 . 2013-10-19 15:08 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-10-19 15:07 . 2013-10-08 06:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-19 14:57 . 2013-10-19 17:13 -------- d-----w- c:\users\Micky and Minnie\AppData\Local\Adobe
2013-10-19 14:55 . 2013-10-19 14:55 21712 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS
2013-10-19 13:02 . 2013-10-19 13:02 -------- d-----w- c:\windows\ERUNT
2013-10-19 12:53 . 2013-10-19 17:08 -------- d-----w- C:\AdwCleaner
2013-10-19 11:26 . 2013-10-19 11:26 -------- d-----w- c:\users\Micky and Minnie\AppData\Roaming\Malwarebytes
2013-10-19 11:26 . 2013-10-19 11:26 -------- d-----w- c:\programdata\Malwarebytes
2013-10-19 11:26 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-10-19 01:49 . 2013-10-19 01:49 388096 ----a-r- c:\users\Micky and Minnie\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-10-19 00:42 . 2013-10-19 00:42 -------- d-----w- c:\users\Micky and Minnie\AppData\Roaming\HDDHealth
2013-10-15 16:51 . 2013-10-15 16:51 290992 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10221.bin
2013-10-13 20:02 . 2013-10-13 20:02 -------- d-----w- c:\programdata\McAfee
2013-10-11 13:35 . 2013-10-11 13:35 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Soubory cookie
2013-10-11 13:35 . 2013-10-11 13:35 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Nabídka Start
2013-10-11 13:35 . 2013-10-11 13:35 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Data aplikací
2013-10-11 13:35 . 2013-10-12 13:39 -------- d-----w- c:\programdata\ArcSoft
2013-10-11 13:35 . 2013-10-11 13:36 -------- d-----w- c:\users\Micky and Minnie\AppData\Roaming\ArcSoft
2013-10-11 13:35 . 2006-11-14 10:31 22784 ----a-w- c:\windows\SysWow64\drivers\afc.sys
2013-10-11 13:34 . 2013-10-11 13:34 -------- d-----w- c:\program files (x86)\Common Files\ArcSoft
2013-10-11 13:34 . 2005-07-16 01:35 245408 ----a-w- c:\windows\SysWow64\unicows.dll
2013-10-11 13:34 . 2003-03-18 21:14 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2013-10-11 13:34 . 2003-02-21 03:42 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2013-10-11 13:33 . 2003-04-16 11:26 614532 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2013-10-11 13:33 . 2001-09-05 03:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2013-10-11 13:33 . 2001-09-05 03:18 225280 ------w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2013-10-11 13:33 . 2001-09-05 03:14 176128 ------w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2013-10-11 13:33 . 2001-09-05 03:13 32768 ------w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2013-10-11 13:15 . 2007-06-16 11:30 238 ----a-w- c:\windows\system32\AF15IRTBL.bin
2013-10-11 08:35 . 2013-10-11 08:35 -------- d-----w- c:\users\Micky and Minnie\AppData\Roaming\Avira
2013-10-11 08:29 . 2013-10-11 08:27 82136 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-10-11 08:29 . 2013-10-11 08:27 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-10-11 08:29 . 2013-10-11 08:27 132088 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-10-11 08:29 . 2013-10-11 08:27 105344 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-10-11 08:29 . 2013-10-11 08:29 -------- d-----w- c:\programdata\Avira
2013-10-11 01:01 . 2013-10-11 01:01 -------- d-----w- c:\program files\Microsoft.NET
2013-10-11 00:54 . 2013-08-03 06:40 1374208 ----a-w- c:\windows\system32\wdc.dll
2013-10-11 00:54 . 2013-08-03 06:40 462336 ----a-w- c:\windows\system32\sysmon.ocx
2013-10-11 00:54 . 2013-08-03 06:40 566784 ----a-w- c:\windows\system32\wvc.dll
2013-10-11 00:54 . 2013-08-03 05:14 399360 ----a-w- c:\windows\SysWow64\sysmon.ocx
2013-10-11 00:54 . 2013-08-03 05:13 1245696 ----a-w- c:\windows\SysWow64\wdc.dll
2013-10-11 00:54 . 2013-08-03 05:13 437248 ----a-w- c:\windows\SysWow64\wvc.dll
2013-10-11 00:48 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{72B6B4C4-EBAD-4730-BB27-74D756D672F3}\mpengine.dll
2013-10-11 00:39 . 2012-09-01 17:01 647736 ----a-w- c:\windows\system32\drivers\iaStorA.sys
2013-10-11 00:32 . 2013-10-11 00:32 -------- d-----w- C:\Dell
2013-10-11 00:17 . 2013-10-11 00:17 -------- d-----w- c:\users\Micky and Minnie\SystemRequirementsLab
2013-10-10 23:03 . 2009-01-25 12:14 17272 ----a-w- c:\windows\system32\sdnclean64.exe
2013-10-10 23:03 . 2013-10-10 23:07 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2013-10-10 00:02 . 2013-09-22 22:54 3959296 ----a-w- c:\windows\system32\jscript9.dll
2013-10-10 00:01 . 2013-07-19 22:13 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 00:01 . 2013-07-19 22:13 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 23:01 . 2013-10-11 09:41 -------- d-----w- c:\users\Micky and Minnie\AppData\Local\LogMeIn Rescue Calling Card
2013-10-09 23:00 . 2013-10-11 08:03 -------- d-----w- c:\program files (x86)\LogMeIn Rescue Calling Card
2013-10-09 22:59 . 2013-10-10 23:09 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-10-09 20:49 . 2013-10-09 20:49 -------- d-----w- C:\found.001
2013-10-09 20:35 . 2013-10-12 09:18 -------- d-----w- c:\users\Micky and Minnie\AppData\Local\LogMeIn Rescue Applet
2013-09-21 20:18 . 2013-09-21 20:18 -------- d-----w- c:\program files (x86)\PANDORA.TV
2013-09-19 23:30 . 2013-09-19 23:30 -------- d-----w- C:\found.000
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-02 01:38 . 2012-07-26 08:14 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-02 01:38 . 2012-07-26 08:14 694232 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-26 00:46 . 2013-06-18 19:28 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-08-27 13:43 . 2013-08-23 09:02 466944 ------w- c:\windows\Setup1.exe
2013-08-27 13:43 . 2013-08-23 09:02 73216 ----a-w- c:\windows\ST6UNST.EXE
2013-08-23 09:05 . 2013-08-23 09:05 45056 ----a-r- c:\users\Micky and Minnie\AppData\Roaming\Microsoft\Installer\{885A63EA-382B-4DD4-A755-14809B8557D6}\ARPPRODUCTICON.exe
2013-08-20 04:06 . 2013-09-04 20:37 941720 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D66BAEFF-7AF5-4AD2-9BBD-492E26C31BFA}\gapaengine.dll
2013-08-19 00:35 . 2013-08-19 00:35 389120 ----a-w- c:\windows\SysWow64\RegistryHelperLM.ocx
2013-08-16 05:41 . 2013-09-11 20:49 58200 ----a-w- c:\windows\system32\drivers\dam.sys
2013-08-16 05:39 . 2013-09-11 20:49 2371728 ----a-w- c:\windows\system32\WSService.dll
2013-08-16 05:32 . 2013-09-11 20:49 209200 ----a-w- c:\windows\system32\NotificationUI.exe
2013-08-16 05:22 . 2013-09-11 20:49 4917760 ----a-w- c:\windows\system32\sppsvc.exe
2013-08-16 05:21 . 2013-09-11 20:49 49664 ----a-w- c:\windows\system32\wups.dll
2013-08-16 05:21 . 2013-09-11 20:49 49152 ----a-w- c:\windows\system32\wups2.dll
2013-08-16 05:21 . 2013-09-11 20:49 688640 ----a-w- c:\windows\system32\WSShared.dll
2013-08-16 05:21 . 2013-09-11 20:49 183808 ----a-w- c:\windows\system32\WSSync.dll
2013-08-16 05:21 . 2013-09-11 20:49 204800 ----a-w- c:\windows\system32\WSClient.dll
2013-08-16 05:21 . 2013-09-11 20:49 198656 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.dll
2013-08-16 05:21 . 2013-09-11 20:49 163840 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-16 05:21 . 2013-09-11 20:49 1164288 ----a-w- c:\windows\system32\sppobjs.dll
2013-08-16 05:21 . 2013-09-11 20:49 368640 ----a-w- c:\windows\system32\sppwinob.dll
2013-08-16 05:21 . 2013-09-11 20:49 81408 ----a-w- c:\windows\system32\setupcln.dll
2013-08-16 05:21 . 2013-09-11 20:49 120320 ----a-w- c:\windows\system32\sppc.dll
2013-08-16 05:20 . 2013-09-11 20:49 105984 ----a-w- c:\windows\system32\WinSetupUI.dll
2013-08-15 22:43 . 2013-09-11 20:49 20992 ----a-w- c:\windows\SysWow64\wups.dll
2013-08-15 22:43 . 2013-09-11 20:49 562688 ----a-w- c:\windows\SysWow64\WSShared.dll
2013-08-15 22:43 . 2013-09-11 20:49 159232 ----a-w- c:\windows\SysWow64\WSSync.dll
2013-08-15 22:43 . 2013-09-11 20:49 143872 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.dll
2013-08-15 22:43 . 2013-09-11 20:49 167424 ----a-w- c:\windows\SysWow64\WSClient.dll
2013-08-15 22:43 . 2013-09-11 20:49 83968 ----a-w- c:\windows\SysWow64\OEMLicense.dll
2013-08-15 22:43 . 2013-09-11 20:49 124928 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-15 22:42 . 2013-09-11 20:49 76800 ----a-w- c:\windows\SysWow64\setupcln.dll
2013-08-15 22:42 . 2013-09-11 20:49 91648 ----a-w- c:\windows\SysWow64\sppc.dll
2013-08-09 20:00 . 2013-06-19 08:00 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-08-07 05:15 . 2013-09-16 19:18 144896 ----a-w- c:\windows\system32\tssdisai.dll
2013-07-28 18:26 . 2013-07-28 18:25 35635536 ----a-w- c:\users\Micky and Minnie\icq_rfrset.exe
2013-07-27 03:58 . 2012-07-26 07:24 2207232 ----a-w- c:\windows\SysWow64\PrintConfig.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-09-13 05:05 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-09-13 05:05 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-09-13 05:05 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="d:\programky\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-09-12 56128]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2012-07-25 508656]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2012-04-27 2637784]
"StartW8Button"="d:\programky\StartW8\bin\StartW8Button.exe" [2013-08-28 59784]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2013-05-16 3830224]
"avgnt"="d:\programky\Avira\AntiVir Desktop\avgnt.exe" [2013-10-11 347192]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"DiscWizardMonitor.exe"="d:\programky\SeagateDisc\DiscWizardMonitor.exe" [2011-06-30 2638152]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
HDDHealth.lnk - d:\programky\HDD Health\hddhealth.exe [2013-10-19 3246944]
TMMonitor.lnk - d:\programky\TMMonitor.exe [2013-10-11 258048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R2 SafetyNutManager;SafetyNut Manager;c:\program files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe;c:\program files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;d:\programky\Skype\Updater\Updater.exe;d:\programky\Skype\Updater\Updater.exe [x]
R3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 androidusb;ADB Interface Driver;c:\windows\System32\Drivers\androidusb.sys;c:\windows\SYSNATIVE\Drivers\androidusb.sys [x]
R3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
R3 HWHandSet;HWUSBSERSP;c:\windows\system32\DRIVERS\hw_quusbmdm.sys;c:\windows\SYSNATIVE\DRIVERS\hw_quusbmdm.sys [x]
R3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys;c:\windows\SYSNATIVE\DRIVERS\vididr.sys [x]
S0 vidsflt53;Acronis Disk Storage Filter (53);c:\windows\system32\DRIVERS\vsflt53.sys;c:\windows\SYSNATIVE\DRIVERS\vsflt53.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;d:\programky\Avira\AntiVir Desktop\sched.exe;d:\programky\Avira\AntiVir Desktop\sched.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 HDDHealth;HDDHealth;d:\programky\HDD Health\HDDHealthService.exe;d:\programky\HDD Health\HDDHealthService.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel® Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMService;MBAMService;d:\programky\Malwarebytes' Anti-Malware\mbamservice.exe;d:\programky\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\KMPService.exe;c:\program files (x86)\PANDORA.TV\PanService\KMPService.exe [x]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S2 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files (x86)\Common Files\Seagate\Schedule2\schedul2.exe;c:\program files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [x]
S2 StartW8Service;StartW8Service;d:\programky\StartW8\bin\StartW8Service.exe;d:\programky\StartW8\bin\StartW8Service.exe [x]
S2 TeamViewer8;TeamViewer 8;d:\programky\TeamViewer 8\TeamViewer_Service.exe;d:\programky\TeamViewer 8\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys;c:\windows\SYSNATIVE\drivers\AcpiVpc.sys [x]
S3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\System32\drivers\AMPPAL.sys;c:\windows\SYSNATIVE\drivers\AMPPAL.sys [x]
S3 ausbmon;Advanced USB Port Monitor Filter Driver;c:\windows\system32\drivers\ausbmon.sys;c:\windows\SYSNATIVE\drivers\ausbmon.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\System32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NETwNe64;@oem5.inf,___ %NIC_Service_DispName_WIN8_64%;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 8 64 Bit;c:\windows\system32\DRIVERS\NETwew00.sys;c:\windows\SYSNATIVE\DRIVERS\NETwew00.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 rtsuvc;Lenovo EasyCamera;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
S3 usb3Hub;USB-IF USB 3.0 Hub;c:\windows\System32\drivers\usb3Hub.sys;c:\windows\SYSNATIVE\drivers\usb3Hub.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S3 XHCIPort;USB-IF xHCI USB Host Controller;c:\windows\System32\drivers\XHCIPort.sys;c:\windows\SYSNATIVE\drivers\XHCIPort.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2013-09-05 14:04 215416 ----a-w- c:\program files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-13 20:02]
.
2013-10-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-20 15:58]
.
2013-10-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-20 15:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-09-13 05:02 2328264 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-09-13 05:02 2328264 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-09-13 05:02 2328264 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-09-25 16:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-09-25 16:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-09-25 16:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-09-25 16:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-09-25 16:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-09-28 13197456]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-09-27 1230992]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2012-08-27 11577216]
"OnekeyStudio"="c:\program files\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-08-10 4196432]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2013-06-18 17080376]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2013-06-18 191544]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-19 172168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-19 400008]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-19 441992]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2012-04-27 395384]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"RtsFT"="RTFTrack.exe" [2012-10-17 6334096]
"Seagate Scheduler2 Service"="c:\program files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe" [2011-06-30 395152]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-08-27 1028896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = 94.229.32.82:8088
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Odeslat do Bluetooth - c:\program files (x86)\Intel\Bluetooth\btSendToObject.htm
IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
IE: Send to Bluetooth - c:\program files (x86)\Intel\Bluetooth\btSendToObject.htm
TCP: DhcpNameServer = 192.168.0.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
.
.
------- Asociace souborů -------
.
JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
Notify-SDWinLogon - SDWinLogon.dll
AddRemove-IT9130 DriverInstaller_12.2.3.1 - c:\users\MICKYA~1\AppData\Local\Temp\\DriverInstall64.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Celkový čas: 2013-10-19 19:29:07
ComboFix-quarantined-files.txt 2013-10-19 18:29
ComboFix2.txt 2013-10-11 16:30
ComboFix3.txt 2013-10-11 07:59
ComboFix4.txt 2013-10-10 08:32
.
Před spuštěním: 32 974 295 040 bytes free
Po spuštění: 33 044 946 944 bytes free
.
- - End Of File - - 12CCEE2A3CC94B33506B2F88EE57DB0A

[Pajin88]

Objevil se nový problém od doby co jsem použil program malwarebytes. který mám nyní pořd na pozadí spuštěn mi vyhazuje co chviličku hlášku.
Po skončení kontroly mi tento program každou chvilku vyhazuje hlášku že zablokoval přístup na podezřelou stránku 111.111.111.111.

Děkuji za pochopení a prosím o dořešení :(..

[jaro3]

Odinstaluj:
Spybot - Search & Destroy 2

pak znovu Combofix.

[Pajin88]

Ahoj, dle pokynu dávám zde
Combofix LOG:
ComboFix 13-10-19.02 - Micky and Minnie . 10. 2013 10:58:44.5.8 - x64
Microsoft Windows 8 Pro 6.2.9200.0.1250.420.1029.18.3958.1863 [GMT 1:00]
Spuštěný z: c:\users\Micky and Minnie\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-20 do 2013-10-20 )))))))))))))))))))))))))))))))
.
.
2013-10-20 10:03 . 2013-10-20 10:03 -------- d-----w- c:\users\hedev\AppData\Local\temp
2013-10-20 10:03 . 2013-10-20 10:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-19 23:08 . 2013-10-19 23:49 -------- d-----w- c:\users\Micky and Minnie\AppData\Local\CrashDumps
2013-10-19 16:42 . 2013-10-19 16:42 31136 ----a-w- c:\windows\system32\drivers\HWiNFO64A.SYS
2013-10-19 16:40 . 2013-10-19 16:40 -------- d-----w- c:\users\Micky and Minnie\AppData\Local\NVIDIA
2013-10-19 16:32 . 2013-10-19 16:32 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-10-19 16:32 . 2013-10-19 16:32 -------- d-----w- c:\users\UpdatusUser
2013-10-19 16:31 . 2013-10-19 16:31 -------- d-----w- c:\windows\SysWow64\NV
2013-10-19 16:31 . 2013-10-19 16:31 -------- d-----w- c:\windows\system32\NV
2013-10-19 16:31 . 2013-09-12 07:25 3452192 ----a-w- c:\windows\system32\nvsvc64.dll
2013-10-19 16:31 . 2013-09-12 07:25 920864 ----a-w- c:\windows\system32\nvvsvc.exe
2013-10-19 16:31 . 2013-09-12 07:25 67072 ----a-w- c:\windows\system32\nv3dappshextr.dll
2013-10-19 16:31 . 2013-09-12 07:25 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-10-19 16:31 . 2013-09-12 07:25 1042208 ----a-w- c:\windows\system32\nv3dappshext.dll
2013-10-19 16:31 . 2013-09-12 07:25 6599968 ----a-w- c:\windows\system32\nvcpl.dll
2013-10-19 16:31 . 2013-09-12 07:25 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-10-19 16:31 . 2013-09-12 07:25 219424 ----a-w- c:\windows\system32\nvmctray.dll
2013-10-19 16:31 . 2013-09-11 22:06 3361114 ----a-w- c:\windows\system32\nvcoproc.bin
2013-10-19 16:31 . 2013-09-12 07:25 580384 ----a-w- c:\windows\SysWow64\oemdspif.dll
2013-10-19 16:30 . 2013-10-19 16:33 -------- d-----w- c:\programdata\NVIDIA Corporation
2013-10-19 15:56 . 2013-10-19 16:32 -------- d-----w- c:\program files\NVIDIA Corporation
2013-10-19 15:55 . 2013-10-19 15:55 -------- d-----w- C:\NVIDIA
2013-10-19 15:49 . 2013-10-19 15:49 -------- d-----w- c:\users\Micky and Minnie\AppData\Roaming\Seagate
2013-10-19 15:47 . 2013-10-19 15:47 -------- d-----w- c:\programdata\Seagate
2013-10-19 15:47 . 2013-10-19 15:47 971360 ----a-w- c:\windows\system32\drivers\timntr.sys
2013-10-19 15:46 . 2013-10-19 15:46 141920 ----a-w- c:\windows\system32\drivers\vsflt53.sys
2013-10-19 15:46 . 2013-10-19 15:46 -------- d-----w- c:\program files (x86)\Common Files\Seagate
2013-10-19 15:46 . 2013-10-19 15:46 -------- d-----w- c:\program files (x86)\Seagate
2013-10-19 15:16 . 2013-10-19 15:16 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2013-10-19 15:08 . 2013-10-19 15:08 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-10-19 15:07 . 2013-10-08 06:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-19 14:57 . 2013-10-20 01:00 -------- d-----w- c:\users\Micky and Minnie\AppData\Local\Adobe
2013-10-19 14:55 . 2013-10-19 14:55 21712 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS
2013-10-19 13:02 . 2013-10-19 13:02 -------- d-----w- c:\windows\ERUNT
2013-10-19 12:53 . 2013-10-19 17:08 -------- d-----w- C:\AdwCleaner
2013-10-19 11:26 . 2013-10-19 11:26 -------- d-----w- c:\users\Micky and Minnie\AppData\Roaming\Malwarebytes
2013-10-19 11:26 . 2013-10-19 11:26 -------- d-----w- c:\programdata\Malwarebytes
2013-10-19 11:26 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-10-19 01:49 . 2013-10-19 01:49 388096 ----a-r- c:\users\Micky and Minnie\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-10-19 00:42 . 2013-10-19 00:42 -------- d-----w- c:\users\Micky and Minnie\AppData\Roaming\HDDHealth
2013-10-15 16:51 . 2013-10-15 16:51 290992 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10221.bin
2013-10-13 20:02 . 2013-10-13 20:02 -------- d-----w- c:\programdata\McAfee
2013-10-11 13:35 . 2013-10-11 13:35 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Soubory cookie
2013-10-11 13:35 . 2013-10-11 13:35 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Nabídka Start
2013-10-11 13:35 . 2013-10-11 13:35 -------- d-sh--we c:\windows\SysWow64\config\systemprofile\Data aplikací
2013-10-11 13:35 . 2013-10-12 13:39 -------- d-----w- c:\programdata\ArcSoft
2013-10-11 13:35 . 2013-10-11 13:36 -------- d-----w- c:\users\Micky and Minnie\AppData\Roaming\ArcSoft
2013-10-11 13:35 . 2006-11-14 10:31 22784 ----a-w- c:\windows\SysWow64\drivers\afc.sys
2013-10-11 13:34 . 2013-10-11 13:34 -------- d-----w- c:\program files (x86)\Common Files\ArcSoft
2013-10-11 13:34 . 2005-07-16 01:35 245408 ----a-w- c:\windows\SysWow64\unicows.dll
2013-10-11 13:34 . 2003-03-18 21:14 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2013-10-11 13:34 . 2003-02-21 03:42 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2013-10-11 13:33 . 2003-04-16 11:26 614532 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2013-10-11 13:33 . 2001-09-05 03:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2013-10-11 13:33 . 2001-09-05 03:18 225280 ------w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2013-10-11 13:33 . 2001-09-05 03:14 176128 ------w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2013-10-11 13:33 . 2001-09-05 03:13 32768 ------w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2013-10-11 13:15 . 2007-06-16 11:30 238 ----a-w- c:\windows\system32\AF15IRTBL.bin
2013-10-11 08:35 . 2013-10-11 08:35 -------- d-----w- c:\users\Micky and Minnie\AppData\Roaming\Avira
2013-10-11 08:29 . 2013-10-11 08:27 82136 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-10-11 08:29 . 2013-10-11 08:27 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-10-11 08:29 . 2013-10-11 08:27 132088 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-10-11 08:29 . 2013-10-11 08:27 105344 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-10-11 08:29 . 2013-10-11 08:29 -------- d-----w- c:\programdata\Avira
2013-10-11 01:01 . 2013-10-11 01:01 -------- d-----w- c:\program files\Microsoft.NET
2013-10-11 00:54 . 2013-08-03 06:40 1374208 ----a-w- c:\windows\system32\wdc.dll
2013-10-11 00:54 . 2013-08-03 06:40 462336 ----a-w- c:\windows\system32\sysmon.ocx
2013-10-11 00:54 . 2013-08-03 06:40 566784 ----a-w- c:\windows\system32\wvc.dll
2013-10-11 00:54 . 2013-08-03 05:14 399360 ----a-w- c:\windows\SysWow64\sysmon.ocx
2013-10-11 00:54 . 2013-08-03 05:13 1245696 ----a-w- c:\windows\SysWow64\wdc.dll
2013-10-11 00:54 . 2013-08-03 05:13 437248 ----a-w- c:\windows\SysWow64\wvc.dll
2013-10-11 00:48 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{72B6B4C4-EBAD-4730-BB27-74D756D672F3}\mpengine.dll
2013-10-11 00:39 . 2012-09-01 17:01 647736 ----a-w- c:\windows\system32\drivers\iaStorA.sys
2013-10-11 00:32 . 2013-10-11 00:32 -------- d-----w- C:\Dell
2013-10-11 00:17 . 2013-10-11 00:17 -------- d-----w- c:\users\Micky and Minnie\SystemRequirementsLab
2013-10-10 23:03 . 2013-10-20 09:56 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2013-10-10 00:02 . 2013-09-22 22:54 3959296 ----a-w- c:\windows\system32\jscript9.dll
2013-10-10 00:01 . 2013-07-19 22:13 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 00:01 . 2013-07-19 22:13 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 23:01 . 2013-10-11 09:41 -------- d-----w- c:\users\Micky and Minnie\AppData\Local\LogMeIn Rescue Calling Card
2013-10-09 23:00 . 2013-10-11 08:03 -------- d-----w- c:\program files (x86)\LogMeIn Rescue Calling Card
2013-10-09 22:59 . 2013-10-20 00:23 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-10-09 20:49 . 2013-10-09 20:49 -------- d-----w- C:\found.001
2013-10-09 20:35 . 2013-10-12 09:18 -------- d-----w- c:\users\Micky and Minnie\AppData\Local\LogMeIn Rescue Applet
2013-09-21 20:18 . 2013-09-21 20:18 -------- d-----w- c:\program files (x86)\PANDORA.TV
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-02 01:38 . 2012-07-26 08:14 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-02 01:38 . 2012-07-26 08:14 694232 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-26 00:46 . 2013-06-18 19:28 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-08-27 13:43 . 2013-08-23 09:02 466944 ------w- c:\windows\Setup1.exe
2013-08-27 13:43 . 2013-08-23 09:02 73216 ----a-w- c:\windows\ST6UNST.EXE
2013-08-23 09:05 . 2013-08-23 09:05 45056 ----a-r- c:\users\Micky and Minnie\AppData\Roaming\Microsoft\Installer\{885A63EA-382B-4DD4-A755-14809B8557D6}\ARPPRODUCTICON.exe
2013-08-20 04:06 . 2013-09-04 20:37 941720 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D66BAEFF-7AF5-4AD2-9BBD-492E26C31BFA}\gapaengine.dll
2013-08-19 00:35 . 2013-08-19 00:35 389120 ----a-w- c:\windows\SysWow64\RegistryHelperLM.ocx
2013-08-16 05:41 . 2013-09-11 20:49 58200 ----a-w- c:\windows\system32\drivers\dam.sys
2013-08-16 05:39 . 2013-09-11 20:49 2371728 ----a-w- c:\windows\system32\WSService.dll
2013-08-16 05:32 . 2013-09-11 20:49 209200 ----a-w- c:\windows\system32\NotificationUI.exe
2013-08-16 05:22 . 2013-09-11 20:49 4917760 ----a-w- c:\windows\system32\sppsvc.exe
2013-08-16 05:21 . 2013-09-11 20:49 49664 ----a-w- c:\windows\system32\wups.dll
2013-08-16 05:21 . 2013-09-11 20:49 49152 ----a-w- c:\windows\system32\wups2.dll
2013-08-16 05:21 . 2013-09-11 20:49 688640 ----a-w- c:\windows\system32\WSShared.dll
2013-08-16 05:21 . 2013-09-11 20:49 183808 ----a-w- c:\windows\system32\WSSync.dll
2013-08-16 05:21 . 2013-09-11 20:49 204800 ----a-w- c:\windows\system32\WSClient.dll
2013-08-16 05:21 . 2013-09-11 20:49 198656 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.dll
2013-08-16 05:21 . 2013-09-11 20:49 163840 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-16 05:21 . 2013-09-11 20:49 1164288 ----a-w- c:\windows\system32\sppobjs.dll
2013-08-16 05:21 . 2013-09-11 20:49 368640 ----a-w- c:\windows\system32\sppwinob.dll
2013-08-16 05:21 . 2013-09-11 20:49 81408 ----a-w- c:\windows\system32\setupcln.dll
2013-08-16 05:21 . 2013-09-11 20:49 120320 ----a-w- c:\windows\system32\sppc.dll
2013-08-16 05:20 . 2013-09-11 20:49 105984 ----a-w- c:\windows\system32\WinSetupUI.dll
2013-08-15 22:43 . 2013-09-11 20:49 20992 ----a-w- c:\windows\SysWow64\wups.dll
2013-08-15 22:43 . 2013-09-11 20:49 562688 ----a-w- c:\windows\SysWow64\WSShared.dll
2013-08-15 22:43 . 2013-09-11 20:49 159232 ----a-w- c:\windows\SysWow64\WSSync.dll
2013-08-15 22:43 . 2013-09-11 20:49 143872 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.dll
2013-08-15 22:43 . 2013-09-11 20:49 167424 ----a-w- c:\windows\SysWow64\WSClient.dll
2013-08-15 22:43 . 2013-09-11 20:49 83968 ----a-w- c:\windows\SysWow64\OEMLicense.dll
2013-08-15 22:43 . 2013-09-11 20:49 124928 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-15 22:42 . 2013-09-11 20:49 76800 ----a-w- c:\windows\SysWow64\setupcln.dll
2013-08-15 22:42 . 2013-09-11 20:49 91648 ----a-w- c:\windows\SysWow64\sppc.dll
2013-08-09 20:00 . 2013-06-19 08:00 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-08-07 05:15 . 2013-09-16 19:18 144896 ----a-w- c:\windows\system32\tssdisai.dll
2013-07-28 18:26 . 2013-07-28 18:25 35635536 ----a-w- c:\users\Micky and Minnie\icq_rfrset.exe
2013-07-27 03:58 . 2012-07-26 07:24 2207232 ----a-w- c:\windows\SysWow64\PrintConfig.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-09-13 05:05 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-09-13 05:05 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-09-13 05:05 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="d:\programky\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-09-12 56128]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2012-07-25 508656]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2012-04-27 2637784]
"StartW8Button"="d:\programky\StartW8\bin\StartW8Button.exe" [2013-08-28 59784]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"avgnt"="d:\programky\Avira\AntiVir Desktop\avgnt.exe" [2013-10-11 347192]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"DiscWizardMonitor.exe"="d:\programky\SeagateDisc\DiscWizardMonitor.exe" [2011-06-30 2638152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R2 MBAMService;MBAMService;d:\programky\Malwarebytes' Anti-Malware\mbamservice.exe;d:\programky\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SafetyNutManager;SafetyNut Manager;c:\program files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe;c:\program files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;d:\programky\Skype\Updater\Updater.exe;d:\programky\Skype\Updater\Updater.exe [x]
R3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 androidusb;ADB Interface Driver;c:\windows\System32\Drivers\androidusb.sys;c:\windows\SYSNATIVE\Drivers\androidusb.sys [x]
R3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
R3 HWHandSet;HWUSBSERSP;c:\windows\system32\DRIVERS\hw_quusbmdm.sys;c:\windows\SYSNATIVE\DRIVERS\hw_quusbmdm.sys [x]
R3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys;c:\windows\SYSNATIVE\DRIVERS\vididr.sys [x]
S0 vidsflt53;Acronis Disk Storage Filter (53);c:\windows\system32\DRIVERS\vsflt53.sys;c:\windows\SYSNATIVE\DRIVERS\vsflt53.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;d:\programky\Avira\AntiVir Desktop\sched.exe;d:\programky\Avira\AntiVir Desktop\sched.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 HDDHealth;HDDHealth;d:\programky\HDD Health\HDDHealthService.exe;d:\programky\HDD Health\HDDHealthService.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel® Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\KMPService.exe;c:\program files (x86)\PANDORA.TV\PanService\KMPService.exe [x]
S2 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files (x86)\Common Files\Seagate\Schedule2\schedul2.exe;c:\program files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [x]
S2 StartW8Service;StartW8Service;d:\programky\StartW8\bin\StartW8Service.exe;d:\programky\StartW8\bin\StartW8Service.exe [x]
S2 TeamViewer8;TeamViewer 8;d:\programky\TeamViewer 8\TeamViewer_Service.exe;d:\programky\TeamViewer 8\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys;c:\windows\SYSNATIVE\drivers\AcpiVpc.sys [x]
S3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\System32\drivers\AMPPAL.sys;c:\windows\SYSNATIVE\drivers\AMPPAL.sys [x]
S3 ausbmon;Advanced USB Port Monitor Filter Driver;c:\windows\system32\drivers\ausbmon.sys;c:\windows\SYSNATIVE\drivers\ausbmon.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\System32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
S3 NETwNe64;@oem5.inf,___ %NIC_Service_DispName_WIN8_64%;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 8 64 Bit;c:\windows\system32\DRIVERS\NETwew00.sys;c:\windows\SYSNATIVE\DRIVERS\NETwew00.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 rtsuvc;Lenovo EasyCamera;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
S3 usb3Hub;USB-IF USB 3.0 Hub;c:\windows\System32\drivers\usb3Hub.sys;c:\windows\SYSNATIVE\drivers\usb3Hub.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S3 XHCIPort;USB-IF xHCI USB Host Controller;c:\windows\System32\drivers\XHCIPort.sys;c:\windows\SYSNATIVE\drivers\XHCIPort.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2013-09-05 14:04 215416 ----a-w- c:\program files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-13 20:02]
.
2013-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-20 15:58]
.
2013-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-20 15:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-09-13 05:02 2328264 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-09-13 05:02 2328264 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-09-13 05:02 2328264 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-09-25 16:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-09-25 16:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-09-25 16:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-09-25 16:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-09-25 16:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-09-28 13197456]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-09-27 1230992]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2012-08-27 11577216]
"OnekeyStudio"="c:\program files\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-08-10 4196432]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2013-06-18 17080376]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2013-06-18 191544]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-19 172168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-19 400008]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-19 441992]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2012-04-27 395384]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"RtsFT"="RTFTrack.exe" [2012-10-17 6334096]
"Seagate Scheduler2 Service"="c:\program files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe" [2011-06-30 395152]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-08-27 1028896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = 94.229.32.82:8088
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Odeslat do Bluetooth - c:\program files (x86)\Intel\Bluetooth\btSendToObject.htm
IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
IE: Send to Bluetooth - c:\program files (x86)\Intel\Bluetooth\btSendToObject.htm
TCP: DhcpNameServer = 192.168.0.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
.
.
------- Asociace souborů -------
.
JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
AddRemove-IT9130 DriverInstaller_12.2.3.1 - c:\users\MICKYA~1\AppData\Local\Temp\\DriverInstall64.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Celkový čas: 2013-10-20 11:05:40
ComboFix-quarantined-files.txt 2013-10-20 10:05
ComboFix2.txt 2013-10-19 18:29
ComboFix3.txt 2013-10-11 16:30
ComboFix4.txt 2013-10-11 07:59
ComboFix5.txt 2013-10-20 09:57
.
Před spuštěním: 33 142 542 336 bytes free
Po spuštění: 32 877 400 064 bytes free
.
- - End Of File - - 321E17833009BAF56E55BA11A4DC5D79

[memphisto]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
SecCenter::
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

Folder::
c:\programdata\McAfee
c:\program files (x86)\Spybot - Search & Destroy 2
c:\programdata\Spybot - Search & Destroy
d:\programky\Skype\Updater

Driver::
SkypeUpdate

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu