# AdwCleaner v4.111 - Logfile created 08/03/2015 at 09:56:21
# Updated 18/02/2015 by Xplode
# Database : 2015-03-05.1 [Server]
# Operating system : Windows 8 (x64)
# Username : Radovan - IDEA-PC
# Running from : C:\Users\Radovan\Desktop\AdwCleaner.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\Roll Around
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
-\\ Internet Explorer v10.0.9200.17183
-\\ Mozilla Firefox v36.0.1 (x86 cs)
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [800 bytes] - [07/03/2015 15:04:47]
AdwCleaner[R1].txt - [858 bytes] - [08/03/2015 09:54:33]
AdwCleaner[S0].txt - [788 bytes] - [08/03/2015 09:56:21]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [846 bytes] ##########
Prosím o kontrolu PC jede strašně pomalu
Re: Prosím o kontrolu PC jede strašně pomalu
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows 8 x64
Ran by Radovan on ne 08. 03. 2015 at 10:01:32,73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 08. 03. 2015 at 10:03:02,26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows 8 x64
Ran by Radovan on ne 08. 03. 2015 at 10:01:32,73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 08. 03. 2015 at 10:03:02,26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: Prosím o kontrolu PC jede strašně pomalu
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 8. 3. 2015
Scan Time: 10:04:10
Logfile: 8.3.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.03.08.04
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 8
CPU: x64
File System: NTFS
User: Radovan
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 385225
Time Elapsed: 8 min, 43 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 1
PUP.Optional.Popeler, C:\Users\Radovan\Downloads\Clash%20of%20Clans.exe, , [9b79a1a292f83afc3f76358f0401a957],
Physical Sectors: 0
(No malicious items detected)
(end)
www.malwarebytes.org
Scan Date: 8. 3. 2015
Scan Time: 10:04:10
Logfile: 8.3.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.03.08.04
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 8
CPU: x64
File System: NTFS
User: Radovan
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 385225
Time Elapsed: 8 min, 43 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 1
PUP.Optional.Popeler, C:\Users\Radovan\Downloads\Clash%20of%20Clans.exe, , [9b79a1a292f83afc3f76358f0401a957],
Physical Sectors: 0
(No malicious items detected)
(end)
Re: Prosím o kontrolu PC jede strašně pomalu
RogueKiller V10.5.1.0 (x64) [Mar 5 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 8 (6.2.9200 ) 64 bits version
Spuštěno : Normální režim
Uživatel : Radovan [Práva správce]
Started from : C:\Users\Radovan\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 03/08/2015 10:30:50
¤¤¤ Procesy : 1 ¤¤¤
[Suspicious.Path] rundll32.exe(3212) -- C:\Users\Radovan\AppData\Local\Temp\1871KrakenDevProps.dll[7] -> Uvolněno
¤¤¤ Registry : 6 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 86.61.133.1 84.16.96.2 [(Unknown Country?) (XX)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 86.61.133.1 84.16.96.2 [(Unknown Country?) (XX)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{041207A4-2165-47C6-A9C3-FBC9470865AA} | DhcpNameServer : 86.61.133.1 84.16.96.2 [(Unknown Country?) (XX)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{FB4FFF65-2333-45EF-9713-D9B0FB9C6411} | DhcpNameServer : 86.61.133.1 84.16.96.2 [(Unknown Country?) (XX)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{041207A4-2165-47C6-A9C3-FBC9470865AA} | DhcpNameServer : 86.61.133.1 84.16.96.2 [(Unknown Country?) (XX)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{FB4FFF65-2333-45EF-9713-D9B0FB9C6411} | DhcpNameServer : 86.61.133.1 84.16.96.2 [(Unknown Country?) (XX)][CZECH REPUBLIC (CZ)] -> Nalezeno
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
¤¤¤ Antirootkit : 4 (Driver: Nahrán) ¤¤¤
[IAT:Inl(Hook.IEAT)] (firefox.exe) KERNEL32.DLL - LoadLibraryW : C:\Users\Radovan\AppData\Local\Temp\1871KrakenDevProps.dll @ 0x6d705330 (ret )
[IAT:Inl(Hook.IEAT)] (firefox.exe) KERNEL32.DLL - LoadLibraryExA : C:\Users\Radovan\AppData\Local\Temp\1871KrakenDevProps.dll @ 0x6d7054c0 (ret )
[IAT:Inl(Hook.IEAT)] (firefox.exe) KERNEL32.DLL - LoadLibraryExW : C:\Users\Radovan\AppData\Local\Temp\1871KrakenDevProps.dll @ 0x6d7056c0 (ret )
[IAT:Inl(Hook.IEAT)] (firefox.exe) KERNEL32.DLL - LoadLibraryA : C:\Users\Radovan\AppData\Local\Temp\1871KrakenDevProps.dll @ 0x6d7051a0 (ret )
¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] orn23ccy.default : user_pref("browser.startup.homepage", "www.seznam.cz"); -> Nalezeno
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000LM024 HN-M101MBB +++++
--- User ---
[MBR] 6f03cfa3829d9644561fe6a7d5edc08e
[BSP] 6929dd86c9854102e594ca0a27ec6a7b : Empty MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 1000 MB
1 - [SYSTEM][MAN-MOUNT] EFI system partition | Offset (sectors): 2050048 | Size: 260 MB
2 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2582528 | Size: 1000 MB
3 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 4630528 | Size: 128 MB
4 - Basic data partition | Offset (sectors): 4892672 | Size: 905400 MB
5 - Basic data partition | Offset (sectors): 1859151872 | Size: 25600 MB
6 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1911580672 | Size: 20480 MB
User = LL1 ... OK
User = LL2 ... OK
============================================
RKreport_DEL_02252015_202435.log - RKreport_SCN_02252015_095514.log - RKreport_SCN_02252015_202321.log
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 8 (6.2.9200 ) 64 bits version
Spuštěno : Normální režim
Uživatel : Radovan [Práva správce]
Started from : C:\Users\Radovan\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 03/08/2015 10:30:50
¤¤¤ Procesy : 1 ¤¤¤
[Suspicious.Path] rundll32.exe(3212) -- C:\Users\Radovan\AppData\Local\Temp\1871KrakenDevProps.dll[7] -> Uvolněno
¤¤¤ Registry : 6 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 86.61.133.1 84.16.96.2 [(Unknown Country?) (XX)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 86.61.133.1 84.16.96.2 [(Unknown Country?) (XX)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{041207A4-2165-47C6-A9C3-FBC9470865AA} | DhcpNameServer : 86.61.133.1 84.16.96.2 [(Unknown Country?) (XX)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{FB4FFF65-2333-45EF-9713-D9B0FB9C6411} | DhcpNameServer : 86.61.133.1 84.16.96.2 [(Unknown Country?) (XX)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{041207A4-2165-47C6-A9C3-FBC9470865AA} | DhcpNameServer : 86.61.133.1 84.16.96.2 [(Unknown Country?) (XX)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{FB4FFF65-2333-45EF-9713-D9B0FB9C6411} | DhcpNameServer : 86.61.133.1 84.16.96.2 [(Unknown Country?) (XX)][CZECH REPUBLIC (CZ)] -> Nalezeno
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
¤¤¤ Antirootkit : 4 (Driver: Nahrán) ¤¤¤
[IAT:Inl(Hook.IEAT)] (firefox.exe) KERNEL32.DLL - LoadLibraryW : C:\Users\Radovan\AppData\Local\Temp\1871KrakenDevProps.dll @ 0x6d705330 (ret )
[IAT:Inl(Hook.IEAT)] (firefox.exe) KERNEL32.DLL - LoadLibraryExA : C:\Users\Radovan\AppData\Local\Temp\1871KrakenDevProps.dll @ 0x6d7054c0 (ret )
[IAT:Inl(Hook.IEAT)] (firefox.exe) KERNEL32.DLL - LoadLibraryExW : C:\Users\Radovan\AppData\Local\Temp\1871KrakenDevProps.dll @ 0x6d7056c0 (ret )
[IAT:Inl(Hook.IEAT)] (firefox.exe) KERNEL32.DLL - LoadLibraryA : C:\Users\Radovan\AppData\Local\Temp\1871KrakenDevProps.dll @ 0x6d7051a0 (ret )
¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] orn23ccy.default : user_pref("browser.startup.homepage", "www.seznam.cz"); -> Nalezeno
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000LM024 HN-M101MBB +++++
--- User ---
[MBR] 6f03cfa3829d9644561fe6a7d5edc08e
[BSP] 6929dd86c9854102e594ca0a27ec6a7b : Empty MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 1000 MB
1 - [SYSTEM][MAN-MOUNT] EFI system partition | Offset (sectors): 2050048 | Size: 260 MB
2 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2582528 | Size: 1000 MB
3 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 4630528 | Size: 128 MB
4 - Basic data partition | Offset (sectors): 4892672 | Size: 905400 MB
5 - Basic data partition | Offset (sectors): 1859151872 | Size: 25600 MB
6 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1911580672 | Size: 20480 MB
User = LL1 ... OK
User = LL2 ... OK
============================================
RKreport_DEL_02252015_202435.log - RKreport_SCN_02252015_095514.log - RKreport_SCN_02252015_202321.log
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu PC jede strašně pomalu
Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Vypni antivir
Stáhni
Zoek.exe
a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:
klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Vypni antivir
Stáhni
Zoek.exe
a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:
Kód: Vybrat vše
autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts; klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu PC jede strašně pomalu
RogueKiller V10.5.1.0 (x64) [Mar 5 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 8 (6.2.9200 ) 64 bits version
Spuštěno : Normální režim
Uživatel : Radovan [Práva správce]
Started from : C:\Users\Radovan\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 03/13/2015 20:56:04
¤¤¤ Procesy : 1 ¤¤¤
[Suspicious.Path] rundll32.exe(3940) -- C:\Users\Radovan\AppData\Local\Temp\1871KrakenDevProps.dll[7] -> Uvolněno
¤¤¤ Registry : 6 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 86.61.133.1 84.16.96.2 [(Unknown Country?) (XX)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 86.61.133.1 84.16.96.2 [(Unknown Country?) (XX)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{041207A4-2165-47C6-A9C3-FBC9470865AA} | DhcpNameServer : 86.61.133.1 84.16.96.2 [(Unknown Country?) (XX)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{FB4FFF65-2333-45EF-9713-D9B0FB9C6411} | DhcpNameServer : 86.61.133.1 84.16.96.2 [(Unknown Country?) (XX)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{041207A4-2165-47C6-A9C3-FBC9470865AA} | DhcpNameServer : 86.61.133.1 84.16.96.2 [(Unknown Country?) (XX)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{FB4FFF65-2333-45EF-9713-D9B0FB9C6411} | DhcpNameServer : 86.61.133.1 84.16.96.2 [(Unknown Country?) (XX)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\windows\System32\drivers\etc\hosts] 127.0.0.1 localhost -> Smazáno
¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤
¤¤¤ Webové prohlížeče : 2 ¤¤¤
[FIREFX:Addon] orn23ccy.default : Adblock Plus [{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] -> Smazáno
[PUM.HomePage][FIREFX:Config] orn23ccy.default : user_pref("browser.startup.homepage", "www.seznam.cz"); -> Nahrazeno (about:home)
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000LM024 HN-M101MBB +++++
--- User ---
[MBR] 6f03cfa3829d9644561fe6a7d5edc08e
[BSP] 6929dd86c9854102e594ca0a27ec6a7b : Empty MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 1000 MB
1 - [SYSTEM][MAN-MOUNT] EFI system partition | Offset (sectors): 2050048 | Size: 260 MB
2 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2582528 | Size: 1000 MB
3 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 4630528 | Size: 128 MB
4 - Basic data partition | Offset (sectors): 4892672 | Size: 905400 MB
5 - Basic data partition | Offset (sectors): 1859151872 | Size: 25600 MB
6 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1911580672 | Size: 20480 MB
User = LL1 ... OK
User = LL2 ... OK
============================================
RKreport_DEL_02252015_202435.log - RKreport_SCN_02252015_095514.log - RKreport_SCN_02252015_202321.log - RKreport_SCN_03082015_103050.log
RKreport_SCN_03132015_205442.log
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 8 (6.2.9200 ) 64 bits version
Spuštěno : Normální režim
Uživatel : Radovan [Práva správce]
Started from : C:\Users\Radovan\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 03/13/2015 20:56:04
¤¤¤ Procesy : 1 ¤¤¤
[Suspicious.Path] rundll32.exe(3940) -- C:\Users\Radovan\AppData\Local\Temp\1871KrakenDevProps.dll[7] -> Uvolněno
¤¤¤ Registry : 6 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 86.61.133.1 84.16.96.2 [(Unknown Country?) (XX)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 86.61.133.1 84.16.96.2 [(Unknown Country?) (XX)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{041207A4-2165-47C6-A9C3-FBC9470865AA} | DhcpNameServer : 86.61.133.1 84.16.96.2 [(Unknown Country?) (XX)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{FB4FFF65-2333-45EF-9713-D9B0FB9C6411} | DhcpNameServer : 86.61.133.1 84.16.96.2 [(Unknown Country?) (XX)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{041207A4-2165-47C6-A9C3-FBC9470865AA} | DhcpNameServer : 86.61.133.1 84.16.96.2 [(Unknown Country?) (XX)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{FB4FFF65-2333-45EF-9713-D9B0FB9C6411} | DhcpNameServer : 86.61.133.1 84.16.96.2 [(Unknown Country?) (XX)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\windows\System32\drivers\etc\hosts] 127.0.0.1 localhost -> Smazáno
¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤
¤¤¤ Webové prohlížeče : 2 ¤¤¤
[FIREFX:Addon] orn23ccy.default : Adblock Plus [{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] -> Smazáno
[PUM.HomePage][FIREFX:Config] orn23ccy.default : user_pref("browser.startup.homepage", "www.seznam.cz"); -> Nahrazeno (about:home)
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000LM024 HN-M101MBB +++++
--- User ---
[MBR] 6f03cfa3829d9644561fe6a7d5edc08e
[BSP] 6929dd86c9854102e594ca0a27ec6a7b : Empty MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 1000 MB
1 - [SYSTEM][MAN-MOUNT] EFI system partition | Offset (sectors): 2050048 | Size: 260 MB
2 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2582528 | Size: 1000 MB
3 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 4630528 | Size: 128 MB
4 - Basic data partition | Offset (sectors): 4892672 | Size: 905400 MB
5 - Basic data partition | Offset (sectors): 1859151872 | Size: 25600 MB
6 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1911580672 | Size: 20480 MB
User = LL1 ... OK
User = LL2 ... OK
============================================
RKreport_DEL_02252015_202435.log - RKreport_SCN_02252015_095514.log - RKreport_SCN_02252015_202321.log - RKreport_SCN_03082015_103050.log
RKreport_SCN_03132015_205442.log
Re: Prosím o kontrolu PC jede strašně pomalu
Zbytek úkolů sem dám později musím odejít.
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu PC jede strašně pomalu
OK.
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Prosím o kontrolu PC jede strašně pomalu
Zoek.exe v5.0.0.0 Updated 13-March-2015
Tool run by Radovan on so 14. 03. 2015 at 8:42:30,50.
Microsoft Windows 8 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Radovan\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
14. 3. 2015 8:43:30 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\Users\Radovan\AppData\Local\CrashDumps deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Radovan\AppData\Roaming\Mozilla\Firefox\Profiles\orn23ccy.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.seznam.cz/");
Added to C:\Users\Radovan\AppData\Roaming\Mozilla\Firefox\Profiles\orn23ccy.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Deleting Files \ Folders ======================
C:\PROGRA~3\ProductData deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
C:\Users\Radovan\AppData\Roaming\Mozilla\Firefox\Profiles\orn23ccy.default\Invalidprefs.js deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Radovan\AppData\Roaming\Mozilla\Firefox\Profiles\orn23ccy.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Radovan\AppData\Roaming\Mozilla\Firefox\Profiles\orn23ccy.default
C62322C77D1AAB77B1CF1130FCC3673A - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll - Shockwave Flash
==== Chromium Look ======================
Chrome Currency Converter - Radovan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\anbfhidldjknonaihbalghlebaijealk
AdBlock - Radovan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom
AVG Secure Search - Radovan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
==== Chromium Fix ======================
C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Radovan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Radovan\AppData\Local\Mozilla\Firefox\Profiles\orn23ccy.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=12 folders=7 24742 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\Radovan\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\Radovan\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on so 14. 03. 2015 at 8:53:39,34 ======================
Tool run by Radovan on so 14. 03. 2015 at 8:42:30,50.
Microsoft Windows 8 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Radovan\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
14. 3. 2015 8:43:30 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\Users\Radovan\AppData\Local\CrashDumps deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Radovan\AppData\Roaming\Mozilla\Firefox\Profiles\orn23ccy.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.seznam.cz/");
Added to C:\Users\Radovan\AppData\Roaming\Mozilla\Firefox\Profiles\orn23ccy.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Deleting Files \ Folders ======================
C:\PROGRA~3\ProductData deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
C:\Users\Radovan\AppData\Roaming\Mozilla\Firefox\Profiles\orn23ccy.default\Invalidprefs.js deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Radovan\AppData\Roaming\Mozilla\Firefox\Profiles\orn23ccy.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Radovan\AppData\Roaming\Mozilla\Firefox\Profiles\orn23ccy.default
C62322C77D1AAB77B1CF1130FCC3673A - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll - Shockwave Flash
==== Chromium Look ======================
Chrome Currency Converter - Radovan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\anbfhidldjknonaihbalghlebaijealk
AdBlock - Radovan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom
AVG Secure Search - Radovan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
==== Chromium Fix ======================
C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Radovan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Radovan\AppData\Local\Mozilla\Firefox\Profiles\orn23ccy.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Radovan\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=12 folders=7 24742 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\Radovan\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\Radovan\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on so 14. 03. 2015 at 8:53:39,34 ======================
Re: Prosím o kontrolu PC jede strašně pomalu
ComboFix 15-03-09.01 - Radovan . 03. 2015 9:00.1.4 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.8058.6632 [GMT 1:00]
Spuštěný z: c:\users\Radovan\Desktop\ComboFix.exe
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Radovan\AppData\Local\Temp\1871KrakenDevProps.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-02-14 do 2015-03-14 )))))))))))))))))))))))))))))))
.
.
2015-03-14 08:06 . 2015-03-14 08:06 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-03-14 08:06 . 2015-03-14 08:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-03-14 07:52 . 2015-03-14 07:42 24064 ----a-w- c:\windows\zoek-delete.exe
2015-03-14 07:42 . 2015-03-14 07:51 -------- d-----w- C:\zoek_backup
2015-03-09 18:09 . 2015-03-09 18:09 -------- d-----w- c:\windows\LastGood
2015-03-08 10:09 . 2015-03-08 10:09 99288 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
2015-03-08 10:09 . 2015-03-08 10:09 1795952 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2015-03-08 10:09 . 2015-03-08 10:09 66264 ----a-w- c:\windows\system32\btwdi.dll
2015-03-08 10:09 . 2015-03-08 10:09 2251992 ----a-w- c:\windows\system32\BtwRSupportService.exe
2015-03-08 10:09 . 2015-03-08 10:09 166104 ----a-w- c:\windows\system32\drivers\btwampfl.sys
2015-03-08 10:09 . 2015-03-08 10:09 2232024 ----a-w- c:\windows\system32\BcmBtRSupport.dll
2015-03-08 10:09 . 2015-03-08 10:09 170712 ----a-w- c:\windows\system32\drivers\bcbtums.sys
2015-03-08 10:08 . 2015-03-08 10:08 9890008 ----a-w- c:\windows\SysWow64\RsCRIcon.dll
2015-03-08 10:08 . 2015-03-08 10:08 331992 ----a-w- c:\windows\system32\drivers\RtsUVStor.sys
2015-03-08 10:04 . 2015-03-08 10:04 26528 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2015-03-08 10:04 . 2015-03-08 10:04 -------- d-----w- c:\programdata\IObit
2015-03-08 10:01 . 2015-03-08 10:01 -------- d-----w- c:\program files (x86)\Driver Checker
2015-03-07 15:27 . 2015-03-03 13:17 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-03-07 14:04 . 2015-03-08 08:56 -------- d-----w- C:\AdwCleaner
2015-03-04 19:53 . 2015-03-06 19:39 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2015-03-03 21:24 . 2015-03-03 21:24 -------- d-----w- C:\_OTL
2015-03-01 10:00 . 2015-03-04 07:14 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2015-02-27 08:37 . 2015-02-27 08:37 -------- d-----w- c:\program files\CCleaner
2015-02-25 08:41 . 2015-03-13 19:45 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-02-25 08:41 . 2015-02-25 08:41 -------- d-----w- c:\programdata\RogueKiller
2015-02-24 17:07 . 2014-12-10 20:43 129600 ----a-w- c:\windows\system32\drivers\rzpnk.sys
2015-02-24 15:54 . 2014-07-15 22:51 71168 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
2015-02-24 15:37 . 2012-10-12 06:13 109568 ----a-w- c:\windows\system32\dskquota.dll
2015-02-24 15:37 . 2012-10-12 05:39 82944 ----a-w- c:\windows\SysWow64\dskquota.dll
2015-02-24 15:35 . 2014-07-03 01:59 1824784 ----a-w- c:\windows\system32\ntdll.dll
2015-02-24 15:34 . 2013-07-08 22:46 414208 ----a-w- c:\windows\system32\wwanconn.dll
2015-02-24 15:32 . 2014-04-29 22:32 126464 ----a-w- c:\windows\system32\Robocopy.exe
2015-02-24 15:30 . 2014-07-17 01:45 61440 ----a-w- c:\windows\system32\drivers\en-US\srv2.sys.mui
2015-02-24 15:29 . 2012-11-06 04:18 11459584 ----a-w- c:\windows\system32\glcndFilter.dll
2015-02-24 15:25 . 2014-05-29 04:04 94552 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-02-24 15:25 . 2014-03-01 08:07 1075200 ----a-w- c:\windows\SysWow64\gpedit.dll
2015-02-24 15:25 . 2014-03-01 09:47 1258496 ----a-w- c:\windows\system32\kernel32.dll
2015-02-24 15:25 . 2014-03-01 09:47 1120768 ----a-w- c:\windows\system32\gpedit.dll
2015-02-24 15:25 . 2014-02-15 04:15 78336 ----a-w- c:\windows\system32\drivers\IPMIDrv.sys
2015-02-24 15:25 . 2013-11-25 23:17 83968 ----a-w- c:\windows\system32\drivers\hidclass.sys
2015-02-24 14:52 . 2015-03-08 09:04 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-02-24 14:51 . 2015-02-24 14:51 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-02-24 14:51 . 2015-02-24 14:51 -------- d-----w- c:\programdata\Malwarebytes
2015-02-24 14:51 . 2014-11-21 05:14 64216 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-02-24 14:51 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-02-24 14:51 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-02-24 14:15 . 2015-02-03 19:29 714184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-24 14:15 . 2015-02-03 19:29 106440 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-24 14:07 . 2015-02-24 14:07 -------- d-s---w- c:\windows\system32\CompatTel
2015-02-24 14:07 . 2015-02-24 14:07 -------- d-----w- c:\windows\system32\appraiser
2015-02-24 13:36 . 2014-10-09 04:00 69632 ----a-w- c:\windows\system32\vsstrace.dll
2015-02-24 13:36 . 2014-10-09 03:59 52224 ----a-w- c:\windows\SysWow64\vsstrace.dll
2015-02-24 13:36 . 2014-10-09 03:59 1195520 ----a-w- c:\windows\SysWow64\vssapi.dll
2015-02-24 13:36 . 2014-10-09 04:00 1484288 ----a-w- c:\windows\system32\VSSVC.exe
2015-02-24 13:36 . 2014-10-09 04:00 1519104 ----a-w- c:\windows\system32\vssapi.dll
2015-02-24 13:15 . 2013-10-31 05:56 915968 ----a-w- c:\windows\system32\MPSSVC.dll
2015-02-24 13:15 . 2013-10-31 05:56 758784 ----a-w- c:\windows\system32\FirewallAPI.dll
2015-02-24 13:15 . 2013-10-31 04:01 550400 ----a-w- c:\windows\SysWow64\FirewallAPI.dll
2015-02-24 13:15 . 2013-10-13 20:49 100696 ----a-w- c:\windows\system32\drivers\disk.sys
2015-02-24 13:15 . 2013-08-27 05:21 227840 ----a-w- c:\windows\system32\WebClnt.dll
2015-02-24 13:15 . 2013-10-31 03:42 74752 ----a-w- c:\windows\system32\drivers\mpsdrv.sys
2015-02-24 13:15 . 2013-08-27 05:19 104448 ----a-w- c:\windows\system32\davclnt.dll
2015-02-24 13:15 . 2013-08-26 22:29 199168 ----a-w- c:\windows\SysWow64\WebClnt.dll
2015-02-24 13:15 . 2013-08-26 22:28 86016 ----a-w- c:\windows\SysWow64\davclnt.dll
2015-02-24 13:15 . 2012-10-11 05:44 105984 ----a-w- c:\windows\system32\icfupgd.dll
2015-02-24 13:15 . 2012-10-11 05:46 24576 ----a-w- c:\windows\system32\wfapigp.dll
2015-02-24 13:15 . 2012-10-11 05:07 19968 ----a-w- c:\windows\SysWow64\wfapigp.dll
2015-02-24 13:01 . 2010-06-02 03:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2015-02-24 13:01 . 2010-06-02 03:55 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll
2015-02-24 13:01 . 2010-06-02 03:55 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll
2015-02-24 13:01 . 2010-06-02 03:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll
2015-02-24 13:01 . 2010-06-02 03:55 239960 ----a-w- c:\windows\SysWow64\xactengine3_7.dll
2015-02-24 13:01 . 2010-06-02 03:55 176984 ----a-w- c:\windows\system32\xactengine3_7.dll
2015-02-24 13:01 . 2010-05-26 10:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2015-02-24 12:17 . 2015-02-24 12:17 -------- d--h--r- c:\users\Public\AccountPictures
2015-02-24 10:49 . 2015-02-24 10:52 -------- d-----w- c:\windows\system32\MRT
2015-02-24 10:43 . 2013-04-09 04:51 3552768 ----a-w- c:\windows\system32\tquery.dll
2015-02-24 10:42 . 2013-05-04 06:59 13644288 ----a-w- c:\windows\system32\Windows.UI.Xaml.dll
2015-02-24 10:42 . 2013-05-04 06:57 1131520 ----a-w- c:\windows\system32\AppXDeploymentServer.dll
2015-02-24 10:42 . 2013-05-04 04:57 10788864 ----a-w- c:\windows\SysWow64\Windows.UI.Xaml.dll
2015-02-24 10:42 . 2013-05-04 06:58 328192 ----a-w- c:\windows\system32\ubpm.dll
2015-02-24 10:42 . 2013-05-04 06:58 1332736 ----a-w- c:\windows\system32\sysmain.dll
2015-02-24 10:42 . 2013-05-04 06:57 389120 ----a-w- c:\windows\system32\BCP47Langs.dll
2015-02-24 10:42 . 2013-05-04 04:47 427520 ----a-w- c:\windows\system32\drivers\rdbss.sys
2015-02-24 10:42 . 2013-05-04 06:58 1820672 ----a-w- c:\program files\Windows Photo Viewer\PhotoViewer.dll
2015-02-24 10:42 . 2013-05-04 06:58 470528 ----a-w- c:\windows\system32\netprofmsvc.dll
2015-02-24 10:42 . 2013-05-04 04:57 247296 ----a-w- c:\windows\SysWow64\ubpm.dll
2015-02-24 10:40 . 2013-03-02 08:22 357888 ----a-w- c:\windows\SysWow64\netcfgx.dll
2015-02-24 10:39 . 2012-08-31 00:52 17888 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2015-02-24 10:39 . 2012-08-31 00:53 17888 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2015-02-24 10:36 . 2014-10-11 07:44 3248640 ----a-w- c:\windows\system32\rdpcorets.dll
2015-02-24 10:36 . 2012-10-12 08:08 27880 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2015-02-24 10:36 . 2014-05-03 03:34 235520 ----a-w- c:\windows\system32\rdpudd.dll
2015-02-24 10:36 . 2012-10-12 06:14 36352 ----a-w- c:\windows\system32\rfxvmt.dll
2015-02-24 10:35 . 2012-10-10 07:04 94208 ----a-w- c:\windows\system32\synceng.dll
2015-02-24 10:35 . 2012-10-10 06:31 72192 ----a-w- c:\windows\SysWow64\synceng.dll
2015-02-24 10:35 . 2014-07-31 23:40 1287680 ----a-w- c:\windows\system32\schedsvc.dll
2015-02-24 10:34 . 2014-10-30 07:20 1890816 ----a-w- c:\windows\system32\crypt32.dll
2015-02-24 10:34 . 2014-10-30 05:22 1569792 ----a-w- c:\windows\SysWow64\crypt32.dll
2015-02-24 10:34 . 2013-06-22 05:45 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2015-02-24 10:34 . 2013-06-22 05:45 54488 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2015-02-24 10:34 . 2014-08-09 08:29 144896 ----a-w- c:\windows\system32\tssdisai.dll
2015-02-24 10:34 . 2014-08-09 08:30 148480 ----a-w- c:\windows\system32\poqexec.exe
2015-02-24 10:32 . 2015-01-12 06:49 1084928 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2015-02-24 10:29 . 2014-06-10 22:44 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2015-02-24 10:29 . 2014-06-10 22:43 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2015-02-24 10:29 . 2014-12-08 06:48 391168 ----a-w- c:\windows\system32\scesrv.dll
2015-02-24 10:29 . 2014-12-08 05:04 318464 ----a-w- c:\windows\SysWow64\scesrv.dll
2015-02-24 10:27 . 2014-07-24 03:33 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-02-24 10:27 . 2014-07-24 03:33 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2015-02-24 10:24 . 2014-06-05 01:12 678600 ----a-w- c:\windows\system32\msvcp120_clr0400.dll
2015-02-24 10:22 . 2014-12-19 06:48 210432 ----a-w- c:\windows\system32\profsvc.dll
2015-02-24 10:19 . 2014-06-02 22:42 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2015-02-24 10:19 . 2014-06-02 22:42 1029120 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2015-02-24 10:19 . 2014-06-02 22:33 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2015-02-24 10:19 . 2014-06-02 22:33 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2015-02-24 10:19 . 2014-06-02 22:33 1306624 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2015-02-24 10:19 . 2014-06-02 22:33 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2015-02-24 10:19 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2015-02-24 10:19 . 2014-06-02 22:33 627712 ----a-w- c:\program files\Windows Journal\MSPVWCTL.DLL
2015-02-24 10:19 . 2014-06-02 22:33 881152 ----a-w- c:\program files\Windows Journal\InkSeg.dll
2015-02-24 10:19 . 2014-06-02 22:33 336384 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkDiv.dll
2015-02-24 10:19 . 2014-06-02 22:33 265216 ----a-w- c:\windows\system32\InkEd.dll
2015-02-24 10:15 . 2014-10-11 07:45 10115072 ----a-w- c:\windows\system32\twinui.dll
2015-02-24 10:15 . 2014-10-11 05:58 8858624 ----a-w- c:\windows\SysWow64\twinui.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-24 12:39 . 2015-02-24 12:39 269992 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10248.bin
2015-02-24 12:01 . 2015-02-24 12:01 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2015-02-24 12:01 . 2015-02-24 12:01 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2015-02-24 07:05 . 2012-07-26 08:13 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-02-02 03:57 . 2015-02-02 03:57 80384 ----a-w- c:\windows\system32\RazerCoinstaller.dll
2015-01-29 00:07 . 2015-03-07 19:50 11910896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DA94032F-B5BE-46F7-B855-054AE1C9968D}\mpengine.dll
2014-12-30 09:28 . 2014-12-30 09:28 990720 ----a-w- c:\windows\SysWow64\rzdevicedll.dll
2014-12-30 09:28 . 2014-12-30 09:28 78848 ----a-w- c:\windows\SysWow64\rzvirtualdev.dll
2014-12-30 09:28 . 2014-12-30 09:28 89088 ----a-w- c:\windows\SysWow64\rzdevinfo.dll
2014-12-30 09:28 . 2014-12-30 09:28 155136 ----a-w- c:\windows\SysWow64\rztouchdll.dll
2014-12-30 09:28 . 2014-12-30 09:28 117248 ----a-w- c:\windows\SysWow64\rzdisplaydll.dll
2014-12-30 09:28 . 2014-12-30 09:28 419840 ----a-w- c:\windows\SysWow64\rzaudiodll.dll
2014-12-19 03:22 . 2014-12-19 03:22 9728 ----a-w- c:\windows\SysWow64\RzStats.IPC.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2015-02-18 2874048]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-02-19 7416088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2012-07-26 508656]
"331BigDog"="c:\program files (x86)\USB Camera\VM331STI.EXE" [2012-05-02 548864]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2012-07-27 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2012-07-27 167024]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2012-04-19 217088]
"RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
"Intel AppUp(SM) center"="c:\program files (x86)\Intel\IntelAppStore\bin\ismagent.exe" [2012-07-12 155488]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2015-01-06 585536]
"KrakenLauncher"="c:\program files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenSysAudioLauncher.exe" [2014-06-12 1486128]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-11-16 525080]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Razer Game Scanner Service;Razer Game Scanner;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [x]
S2 RzKLService;RzKLService;c:\program files (x86)\Razer\Razer Cortex\RzKLService.exe;c:\program files (x86)\Razer\Razer Cortex\RzKLService.exe [x]
S2 rzpmgrk;rzpmgrk;c:\windows\system32\drivers\rzpmgrk.sys;c:\windows\SYSNATIVE\drivers\rzpmgrk.sys [x]
S2 rzpnk;rzpnk;c:\windows\system32\drivers\rzpnk.sys;c:\windows\SYSNATIVE\drivers\rzpnk.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys;c:\windows\SYSNATIVE\drivers\AcpiVpc.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btwampfl;btwampfl;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 vm331avs;Digital Camera 1;c:\windows\System32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2015-03-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-04 16:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-07 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-07 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-07 440640]
"SmartAudio"="c:\program files\CONEXANT\SAII\SACpl.exe" [2012-06-13 1647616]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2012-06-15 887968]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2013-02-20 17079376]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2013-02-20 191568]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 86.61.133.1 84.16.96.2
FF - ProfilePath - c:\users\Radovan\AppData\Roaming\Mozilla\Firefox\Profiles\orn23ccy.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Steam\bin\steamwebhelper.exe
c:\program files (x86)\Common Files\Steam\SteamService.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\SysWOW64\RunDll32.exe
.
**************************************************************************
.
Celkový čas: 2015-03-14 09:13:43 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-03-14 08:13
.
Před spuštěním: 880 224 747 520 bytes free
Po spuštění: 880 165 502 976 bytes free
.
- - End Of File - - 51B30C5D00FBABBA2E2622FBCA3D498B
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.8058.6632 [GMT 1:00]
Spuštěný z: c:\users\Radovan\Desktop\ComboFix.exe
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Radovan\AppData\Local\Temp\1871KrakenDevProps.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-02-14 do 2015-03-14 )))))))))))))))))))))))))))))))
.
.
2015-03-14 08:06 . 2015-03-14 08:06 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-03-14 08:06 . 2015-03-14 08:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-03-14 07:52 . 2015-03-14 07:42 24064 ----a-w- c:\windows\zoek-delete.exe
2015-03-14 07:42 . 2015-03-14 07:51 -------- d-----w- C:\zoek_backup
2015-03-09 18:09 . 2015-03-09 18:09 -------- d-----w- c:\windows\LastGood
2015-03-08 10:09 . 2015-03-08 10:09 99288 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
2015-03-08 10:09 . 2015-03-08 10:09 1795952 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2015-03-08 10:09 . 2015-03-08 10:09 66264 ----a-w- c:\windows\system32\btwdi.dll
2015-03-08 10:09 . 2015-03-08 10:09 2251992 ----a-w- c:\windows\system32\BtwRSupportService.exe
2015-03-08 10:09 . 2015-03-08 10:09 166104 ----a-w- c:\windows\system32\drivers\btwampfl.sys
2015-03-08 10:09 . 2015-03-08 10:09 2232024 ----a-w- c:\windows\system32\BcmBtRSupport.dll
2015-03-08 10:09 . 2015-03-08 10:09 170712 ----a-w- c:\windows\system32\drivers\bcbtums.sys
2015-03-08 10:08 . 2015-03-08 10:08 9890008 ----a-w- c:\windows\SysWow64\RsCRIcon.dll
2015-03-08 10:08 . 2015-03-08 10:08 331992 ----a-w- c:\windows\system32\drivers\RtsUVStor.sys
2015-03-08 10:04 . 2015-03-08 10:04 26528 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2015-03-08 10:04 . 2015-03-08 10:04 -------- d-----w- c:\programdata\IObit
2015-03-08 10:01 . 2015-03-08 10:01 -------- d-----w- c:\program files (x86)\Driver Checker
2015-03-07 15:27 . 2015-03-03 13:17 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-03-07 14:04 . 2015-03-08 08:56 -------- d-----w- C:\AdwCleaner
2015-03-04 19:53 . 2015-03-06 19:39 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2015-03-03 21:24 . 2015-03-03 21:24 -------- d-----w- C:\_OTL
2015-03-01 10:00 . 2015-03-04 07:14 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2015-02-27 08:37 . 2015-02-27 08:37 -------- d-----w- c:\program files\CCleaner
2015-02-25 08:41 . 2015-03-13 19:45 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-02-25 08:41 . 2015-02-25 08:41 -------- d-----w- c:\programdata\RogueKiller
2015-02-24 17:07 . 2014-12-10 20:43 129600 ----a-w- c:\windows\system32\drivers\rzpnk.sys
2015-02-24 15:54 . 2014-07-15 22:51 71168 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
2015-02-24 15:37 . 2012-10-12 06:13 109568 ----a-w- c:\windows\system32\dskquota.dll
2015-02-24 15:37 . 2012-10-12 05:39 82944 ----a-w- c:\windows\SysWow64\dskquota.dll
2015-02-24 15:35 . 2014-07-03 01:59 1824784 ----a-w- c:\windows\system32\ntdll.dll
2015-02-24 15:34 . 2013-07-08 22:46 414208 ----a-w- c:\windows\system32\wwanconn.dll
2015-02-24 15:32 . 2014-04-29 22:32 126464 ----a-w- c:\windows\system32\Robocopy.exe
2015-02-24 15:30 . 2014-07-17 01:45 61440 ----a-w- c:\windows\system32\drivers\en-US\srv2.sys.mui
2015-02-24 15:29 . 2012-11-06 04:18 11459584 ----a-w- c:\windows\system32\glcndFilter.dll
2015-02-24 15:25 . 2014-05-29 04:04 94552 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-02-24 15:25 . 2014-03-01 08:07 1075200 ----a-w- c:\windows\SysWow64\gpedit.dll
2015-02-24 15:25 . 2014-03-01 09:47 1258496 ----a-w- c:\windows\system32\kernel32.dll
2015-02-24 15:25 . 2014-03-01 09:47 1120768 ----a-w- c:\windows\system32\gpedit.dll
2015-02-24 15:25 . 2014-02-15 04:15 78336 ----a-w- c:\windows\system32\drivers\IPMIDrv.sys
2015-02-24 15:25 . 2013-11-25 23:17 83968 ----a-w- c:\windows\system32\drivers\hidclass.sys
2015-02-24 14:52 . 2015-03-08 09:04 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-02-24 14:51 . 2015-02-24 14:51 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-02-24 14:51 . 2015-02-24 14:51 -------- d-----w- c:\programdata\Malwarebytes
2015-02-24 14:51 . 2014-11-21 05:14 64216 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-02-24 14:51 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-02-24 14:51 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-02-24 14:15 . 2015-02-03 19:29 714184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-24 14:15 . 2015-02-03 19:29 106440 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-24 14:07 . 2015-02-24 14:07 -------- d-s---w- c:\windows\system32\CompatTel
2015-02-24 14:07 . 2015-02-24 14:07 -------- d-----w- c:\windows\system32\appraiser
2015-02-24 13:36 . 2014-10-09 04:00 69632 ----a-w- c:\windows\system32\vsstrace.dll
2015-02-24 13:36 . 2014-10-09 03:59 52224 ----a-w- c:\windows\SysWow64\vsstrace.dll
2015-02-24 13:36 . 2014-10-09 03:59 1195520 ----a-w- c:\windows\SysWow64\vssapi.dll
2015-02-24 13:36 . 2014-10-09 04:00 1484288 ----a-w- c:\windows\system32\VSSVC.exe
2015-02-24 13:36 . 2014-10-09 04:00 1519104 ----a-w- c:\windows\system32\vssapi.dll
2015-02-24 13:15 . 2013-10-31 05:56 915968 ----a-w- c:\windows\system32\MPSSVC.dll
2015-02-24 13:15 . 2013-10-31 05:56 758784 ----a-w- c:\windows\system32\FirewallAPI.dll
2015-02-24 13:15 . 2013-10-31 04:01 550400 ----a-w- c:\windows\SysWow64\FirewallAPI.dll
2015-02-24 13:15 . 2013-10-13 20:49 100696 ----a-w- c:\windows\system32\drivers\disk.sys
2015-02-24 13:15 . 2013-08-27 05:21 227840 ----a-w- c:\windows\system32\WebClnt.dll
2015-02-24 13:15 . 2013-10-31 03:42 74752 ----a-w- c:\windows\system32\drivers\mpsdrv.sys
2015-02-24 13:15 . 2013-08-27 05:19 104448 ----a-w- c:\windows\system32\davclnt.dll
2015-02-24 13:15 . 2013-08-26 22:29 199168 ----a-w- c:\windows\SysWow64\WebClnt.dll
2015-02-24 13:15 . 2013-08-26 22:28 86016 ----a-w- c:\windows\SysWow64\davclnt.dll
2015-02-24 13:15 . 2012-10-11 05:44 105984 ----a-w- c:\windows\system32\icfupgd.dll
2015-02-24 13:15 . 2012-10-11 05:46 24576 ----a-w- c:\windows\system32\wfapigp.dll
2015-02-24 13:15 . 2012-10-11 05:07 19968 ----a-w- c:\windows\SysWow64\wfapigp.dll
2015-02-24 13:01 . 2010-06-02 03:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2015-02-24 13:01 . 2010-06-02 03:55 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll
2015-02-24 13:01 . 2010-06-02 03:55 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll
2015-02-24 13:01 . 2010-06-02 03:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll
2015-02-24 13:01 . 2010-06-02 03:55 239960 ----a-w- c:\windows\SysWow64\xactengine3_7.dll
2015-02-24 13:01 . 2010-06-02 03:55 176984 ----a-w- c:\windows\system32\xactengine3_7.dll
2015-02-24 13:01 . 2010-05-26 10:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2015-02-24 12:17 . 2015-02-24 12:17 -------- d--h--r- c:\users\Public\AccountPictures
2015-02-24 10:49 . 2015-02-24 10:52 -------- d-----w- c:\windows\system32\MRT
2015-02-24 10:43 . 2013-04-09 04:51 3552768 ----a-w- c:\windows\system32\tquery.dll
2015-02-24 10:42 . 2013-05-04 06:59 13644288 ----a-w- c:\windows\system32\Windows.UI.Xaml.dll
2015-02-24 10:42 . 2013-05-04 06:57 1131520 ----a-w- c:\windows\system32\AppXDeploymentServer.dll
2015-02-24 10:42 . 2013-05-04 04:57 10788864 ----a-w- c:\windows\SysWow64\Windows.UI.Xaml.dll
2015-02-24 10:42 . 2013-05-04 06:58 328192 ----a-w- c:\windows\system32\ubpm.dll
2015-02-24 10:42 . 2013-05-04 06:58 1332736 ----a-w- c:\windows\system32\sysmain.dll
2015-02-24 10:42 . 2013-05-04 06:57 389120 ----a-w- c:\windows\system32\BCP47Langs.dll
2015-02-24 10:42 . 2013-05-04 04:47 427520 ----a-w- c:\windows\system32\drivers\rdbss.sys
2015-02-24 10:42 . 2013-05-04 06:58 1820672 ----a-w- c:\program files\Windows Photo Viewer\PhotoViewer.dll
2015-02-24 10:42 . 2013-05-04 06:58 470528 ----a-w- c:\windows\system32\netprofmsvc.dll
2015-02-24 10:42 . 2013-05-04 04:57 247296 ----a-w- c:\windows\SysWow64\ubpm.dll
2015-02-24 10:40 . 2013-03-02 08:22 357888 ----a-w- c:\windows\SysWow64\netcfgx.dll
2015-02-24 10:39 . 2012-08-31 00:52 17888 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2015-02-24 10:39 . 2012-08-31 00:53 17888 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2015-02-24 10:36 . 2014-10-11 07:44 3248640 ----a-w- c:\windows\system32\rdpcorets.dll
2015-02-24 10:36 . 2012-10-12 08:08 27880 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2015-02-24 10:36 . 2014-05-03 03:34 235520 ----a-w- c:\windows\system32\rdpudd.dll
2015-02-24 10:36 . 2012-10-12 06:14 36352 ----a-w- c:\windows\system32\rfxvmt.dll
2015-02-24 10:35 . 2012-10-10 07:04 94208 ----a-w- c:\windows\system32\synceng.dll
2015-02-24 10:35 . 2012-10-10 06:31 72192 ----a-w- c:\windows\SysWow64\synceng.dll
2015-02-24 10:35 . 2014-07-31 23:40 1287680 ----a-w- c:\windows\system32\schedsvc.dll
2015-02-24 10:34 . 2014-10-30 07:20 1890816 ----a-w- c:\windows\system32\crypt32.dll
2015-02-24 10:34 . 2014-10-30 05:22 1569792 ----a-w- c:\windows\SysWow64\crypt32.dll
2015-02-24 10:34 . 2013-06-22 05:45 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2015-02-24 10:34 . 2013-06-22 05:45 54488 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2015-02-24 10:34 . 2014-08-09 08:29 144896 ----a-w- c:\windows\system32\tssdisai.dll
2015-02-24 10:34 . 2014-08-09 08:30 148480 ----a-w- c:\windows\system32\poqexec.exe
2015-02-24 10:32 . 2015-01-12 06:49 1084928 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2015-02-24 10:29 . 2014-06-10 22:44 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2015-02-24 10:29 . 2014-06-10 22:43 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2015-02-24 10:29 . 2014-12-08 06:48 391168 ----a-w- c:\windows\system32\scesrv.dll
2015-02-24 10:29 . 2014-12-08 05:04 318464 ----a-w- c:\windows\SysWow64\scesrv.dll
2015-02-24 10:27 . 2014-07-24 03:33 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-02-24 10:27 . 2014-07-24 03:33 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2015-02-24 10:24 . 2014-06-05 01:12 678600 ----a-w- c:\windows\system32\msvcp120_clr0400.dll
2015-02-24 10:22 . 2014-12-19 06:48 210432 ----a-w- c:\windows\system32\profsvc.dll
2015-02-24 10:19 . 2014-06-02 22:42 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2015-02-24 10:19 . 2014-06-02 22:42 1029120 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2015-02-24 10:19 . 2014-06-02 22:33 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2015-02-24 10:19 . 2014-06-02 22:33 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2015-02-24 10:19 . 2014-06-02 22:33 1306624 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2015-02-24 10:19 . 2014-06-02 22:33 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2015-02-24 10:19 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2015-02-24 10:19 . 2014-06-02 22:33 627712 ----a-w- c:\program files\Windows Journal\MSPVWCTL.DLL
2015-02-24 10:19 . 2014-06-02 22:33 881152 ----a-w- c:\program files\Windows Journal\InkSeg.dll
2015-02-24 10:19 . 2014-06-02 22:33 336384 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkDiv.dll
2015-02-24 10:19 . 2014-06-02 22:33 265216 ----a-w- c:\windows\system32\InkEd.dll
2015-02-24 10:15 . 2014-10-11 07:45 10115072 ----a-w- c:\windows\system32\twinui.dll
2015-02-24 10:15 . 2014-10-11 05:58 8858624 ----a-w- c:\windows\SysWow64\twinui.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-24 12:39 . 2015-02-24 12:39 269992 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10248.bin
2015-02-24 12:01 . 2015-02-24 12:01 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2015-02-24 12:01 . 2015-02-24 12:01 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2015-02-24 07:05 . 2012-07-26 08:13 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-02-02 03:57 . 2015-02-02 03:57 80384 ----a-w- c:\windows\system32\RazerCoinstaller.dll
2015-01-29 00:07 . 2015-03-07 19:50 11910896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DA94032F-B5BE-46F7-B855-054AE1C9968D}\mpengine.dll
2014-12-30 09:28 . 2014-12-30 09:28 990720 ----a-w- c:\windows\SysWow64\rzdevicedll.dll
2014-12-30 09:28 . 2014-12-30 09:28 78848 ----a-w- c:\windows\SysWow64\rzvirtualdev.dll
2014-12-30 09:28 . 2014-12-30 09:28 89088 ----a-w- c:\windows\SysWow64\rzdevinfo.dll
2014-12-30 09:28 . 2014-12-30 09:28 155136 ----a-w- c:\windows\SysWow64\rztouchdll.dll
2014-12-30 09:28 . 2014-12-30 09:28 117248 ----a-w- c:\windows\SysWow64\rzdisplaydll.dll
2014-12-30 09:28 . 2014-12-30 09:28 419840 ----a-w- c:\windows\SysWow64\rzaudiodll.dll
2014-12-19 03:22 . 2014-12-19 03:22 9728 ----a-w- c:\windows\SysWow64\RzStats.IPC.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2015-02-18 2874048]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-02-19 7416088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2012-07-26 508656]
"331BigDog"="c:\program files (x86)\USB Camera\VM331STI.EXE" [2012-05-02 548864]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2012-07-27 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2012-07-27 167024]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2012-04-19 217088]
"RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
"Intel AppUp(SM) center"="c:\program files (x86)\Intel\IntelAppStore\bin\ismagent.exe" [2012-07-12 155488]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2015-01-06 585536]
"KrakenLauncher"="c:\program files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenSysAudioLauncher.exe" [2014-06-12 1486128]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-11-16 525080]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Razer Game Scanner Service;Razer Game Scanner;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [x]
S2 RzKLService;RzKLService;c:\program files (x86)\Razer\Razer Cortex\RzKLService.exe;c:\program files (x86)\Razer\Razer Cortex\RzKLService.exe [x]
S2 rzpmgrk;rzpmgrk;c:\windows\system32\drivers\rzpmgrk.sys;c:\windows\SYSNATIVE\drivers\rzpmgrk.sys [x]
S2 rzpnk;rzpnk;c:\windows\system32\drivers\rzpnk.sys;c:\windows\SYSNATIVE\drivers\rzpnk.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys;c:\windows\SYSNATIVE\drivers\AcpiVpc.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btwampfl;btwampfl;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 vm331avs;Digital Camera 1;c:\windows\System32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2015-03-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-04 16:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-07 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-07 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-07 440640]
"SmartAudio"="c:\program files\CONEXANT\SAII\SACpl.exe" [2012-06-13 1647616]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2012-06-15 887968]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2013-02-20 17079376]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2013-02-20 191568]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 86.61.133.1 84.16.96.2
FF - ProfilePath - c:\users\Radovan\AppData\Roaming\Mozilla\Firefox\Profiles\orn23ccy.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Steam\bin\steamwebhelper.exe
c:\program files (x86)\Common Files\Steam\SteamService.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\SysWOW64\RunDll32.exe
.
**************************************************************************
.
Celkový čas: 2015-03-14 09:13:43 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-03-14 08:13
.
Před spuštěním: 880 224 747 520 bytes free
Po spuštění: 880 165 502 976 bytes free
.
- - End Of File - - 51B30C5D00FBABBA2E2622FBCA3D498B
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu PC jede strašně pomalu
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Kód: Vybrat vše
ClearJavaCache::
KillAll::
Folder::
c:\program files (x86)\Skype\Updater
Driver::
SkypeUpdate
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu PC jede strašně pomalu
ComboFix 15-03-09.01 - Radovan . 03. 2015 22:47:48.2.4 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.8058.6480 [GMT 1:00]
Spuštěný z: c:\users\Radovan\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Radovan\Desktop\CFScript.txt
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\users\Radovan\AppData\Local\Temp\1871KrakenDevProps.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-02-14 do 2015-03-14 )))))))))))))))))))))))))))))))
.
.
2015-03-14 22:12 . 2015-03-14 22:12 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-03-14 22:12 . 2015-03-14 22:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-03-14 07:52 . 2015-03-14 07:42 24064 ----a-w- c:\windows\zoek-delete.exe
2015-03-14 07:42 . 2015-03-14 07:51 -------- d-----w- C:\zoek_backup
2015-03-09 18:09 . 2015-03-09 18:09 -------- d-----w- c:\windows\LastGood
2015-03-08 10:09 . 2015-03-08 10:09 99288 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
2015-03-08 10:09 . 2015-03-08 10:09 1795952 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2015-03-08 10:09 . 2015-03-08 10:09 66264 ----a-w- c:\windows\system32\btwdi.dll
2015-03-08 10:09 . 2015-03-08 10:09 2251992 ----a-w- c:\windows\system32\BtwRSupportService.exe
2015-03-08 10:09 . 2015-03-08 10:09 166104 ----a-w- c:\windows\system32\drivers\btwampfl.sys
2015-03-08 10:09 . 2015-03-08 10:09 2232024 ----a-w- c:\windows\system32\BcmBtRSupport.dll
2015-03-08 10:09 . 2015-03-08 10:09 170712 ----a-w- c:\windows\system32\drivers\bcbtums.sys
2015-03-08 10:08 . 2015-03-08 10:08 9890008 ----a-w- c:\windows\SysWow64\RsCRIcon.dll
2015-03-08 10:08 . 2015-03-08 10:08 331992 ----a-w- c:\windows\system32\drivers\RtsUVStor.sys
2015-03-08 10:04 . 2015-03-08 10:04 26528 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2015-03-08 10:04 . 2015-03-08 10:04 -------- d-----w- c:\programdata\IObit
2015-03-08 10:01 . 2015-03-08 10:01 -------- d-----w- c:\program files (x86)\Driver Checker
2015-03-07 19:50 . 2015-01-29 00:07 11910896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DA94032F-B5BE-46F7-B855-054AE1C9968D}\mpengine.dll
2015-03-07 15:27 . 2014-09-10 14:30 1188440 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{70D3C06C-8F91-414B-AF32-B2B0F41B1A76}\gapaengine.dll
2015-03-07 15:27 . 2015-03-03 13:17 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-03-07 14:04 . 2015-03-08 08:56 -------- d-----w- C:\AdwCleaner
2015-03-04 19:53 . 2015-03-06 19:39 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2015-03-03 21:24 . 2015-03-03 21:24 -------- d-----w- C:\_OTL
2015-03-01 10:00 . 2015-03-04 07:14 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2015-02-27 08:37 . 2015-02-27 08:37 -------- d-----w- c:\program files\CCleaner
2015-02-25 08:41 . 2015-03-13 19:45 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-02-25 08:41 . 2015-02-25 08:41 -------- d-----w- c:\programdata\RogueKiller
2015-02-24 17:07 . 2014-12-10 20:43 129600 ----a-w- c:\windows\system32\drivers\rzpnk.sys
2015-02-24 15:54 . 2014-07-15 22:51 71168 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
2015-02-24 15:37 . 2012-10-12 06:13 109568 ----a-w- c:\windows\system32\dskquota.dll
2015-02-24 15:37 . 2012-10-12 05:39 82944 ----a-w- c:\windows\SysWow64\dskquota.dll
2015-02-24 15:35 . 2014-07-03 01:59 1824784 ----a-w- c:\windows\system32\ntdll.dll
2015-02-24 15:34 . 2013-06-29 06:15 195416 ----a-w- c:\windows\system32\drivers\sdbus.sys
2015-02-24 15:32 . 2014-04-29 22:32 126464 ----a-w- c:\windows\system32\Robocopy.exe
2015-02-24 15:30 . 2014-07-17 01:45 61440 ----a-w- c:\windows\system32\drivers\en-US\srv2.sys.mui
2015-02-24 15:29 . 2012-11-06 04:18 11459584 ----a-w- c:\windows\system32\glcndFilter.dll
2015-02-24 15:25 . 2014-05-29 04:04 94552 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-02-24 15:25 . 2014-03-01 08:07 1075200 ----a-w- c:\windows\SysWow64\gpedit.dll
2015-02-24 15:25 . 2014-03-01 09:47 1258496 ----a-w- c:\windows\system32\kernel32.dll
2015-02-24 15:25 . 2014-03-01 09:47 1120768 ----a-w- c:\windows\system32\gpedit.dll
2015-02-24 15:25 . 2014-02-15 04:15 78336 ----a-w- c:\windows\system32\drivers\IPMIDrv.sys
2015-02-24 15:25 . 2013-11-25 23:17 83968 ----a-w- c:\windows\system32\drivers\hidclass.sys
2015-02-24 14:52 . 2015-03-08 09:04 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-02-24 14:51 . 2015-02-24 14:51 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-02-24 14:51 . 2015-02-24 14:51 -------- d-----w- c:\programdata\Malwarebytes
2015-02-24 14:51 . 2014-11-21 05:14 64216 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-02-24 14:51 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-02-24 14:51 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-02-24 14:15 . 2015-02-03 19:29 714184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-24 14:15 . 2015-02-03 19:29 106440 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-24 14:07 . 2015-02-24 14:07 -------- d-s---w- c:\windows\system32\CompatTel
2015-02-24 14:07 . 2015-02-24 14:07 -------- d-----w- c:\windows\system32\appraiser
2015-02-24 13:36 . 2014-10-09 04:00 69632 ----a-w- c:\windows\system32\vsstrace.dll
2015-02-24 13:36 . 2014-10-09 03:59 52224 ----a-w- c:\windows\SysWow64\vsstrace.dll
2015-02-24 13:36 . 2014-10-09 03:59 1195520 ----a-w- c:\windows\SysWow64\vssapi.dll
2015-02-24 13:36 . 2014-10-09 04:00 1484288 ----a-w- c:\windows\system32\VSSVC.exe
2015-02-24 13:36 . 2014-10-09 04:00 1519104 ----a-w- c:\windows\system32\vssapi.dll
2015-02-24 13:15 . 2013-10-31 05:56 915968 ----a-w- c:\windows\system32\MPSSVC.dll
2015-02-24 13:15 . 2013-10-31 05:56 758784 ----a-w- c:\windows\system32\FirewallAPI.dll
2015-02-24 13:15 . 2013-10-31 04:01 550400 ----a-w- c:\windows\SysWow64\FirewallAPI.dll
2015-02-24 13:15 . 2013-10-13 20:49 100696 ----a-w- c:\windows\system32\drivers\disk.sys
2015-02-24 13:15 . 2013-08-27 05:21 227840 ----a-w- c:\windows\system32\WebClnt.dll
2015-02-24 13:15 . 2013-10-31 03:42 74752 ----a-w- c:\windows\system32\drivers\mpsdrv.sys
2015-02-24 13:15 . 2013-08-27 05:19 104448 ----a-w- c:\windows\system32\davclnt.dll
2015-02-24 13:15 . 2013-08-26 22:29 199168 ----a-w- c:\windows\SysWow64\WebClnt.dll
2015-02-24 13:15 . 2013-08-26 22:28 86016 ----a-w- c:\windows\SysWow64\davclnt.dll
2015-02-24 13:15 . 2012-10-11 05:44 105984 ----a-w- c:\windows\system32\icfupgd.dll
2015-02-24 13:15 . 2012-10-11 05:46 24576 ----a-w- c:\windows\system32\wfapigp.dll
2015-02-24 13:15 . 2012-10-11 05:07 19968 ----a-w- c:\windows\SysWow64\wfapigp.dll
2015-02-24 13:01 . 2010-06-02 03:55 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll
2015-02-24 13:01 . 2010-06-02 03:55 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll
2015-02-24 13:01 . 2010-06-02 03:55 239960 ----a-w- c:\windows\SysWow64\xactengine3_7.dll
2015-02-24 13:01 . 2010-05-26 10:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2015-02-24 12:39 . 2015-02-24 12:39 269992 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10248.bin
2015-02-24 12:17 . 2015-02-24 12:17 -------- d--h--r- c:\users\Public\AccountPictures
2015-02-24 10:49 . 2015-02-24 10:52 -------- d-----w- c:\windows\system32\MRT
2015-02-24 10:44 . 2014-11-15 05:12 176640 ----a-w- c:\windows\system32\storewuauth.dll
2015-02-24 10:44 . 2014-11-15 03:54 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-02-24 10:44 . 2014-11-15 03:53 128000 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-02-24 10:44 . 2014-11-15 03:53 86528 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-02-24 10:44 . 2014-11-15 03:53 630272 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-02-24 10:42 . 2013-05-04 06:57 1131520 ----a-w- c:\windows\system32\AppXDeploymentServer.dll
2015-02-24 10:42 . 2013-05-04 04:57 10788864 ----a-w- c:\windows\SysWow64\Windows.UI.Xaml.dll
2015-02-24 10:42 . 2013-05-04 06:58 328192 ----a-w- c:\windows\system32\ubpm.dll
2015-02-24 10:42 . 2013-05-04 06:58 1332736 ----a-w- c:\windows\system32\sysmain.dll
2015-02-24 10:42 . 2013-05-04 06:57 389120 ----a-w- c:\windows\system32\BCP47Langs.dll
2015-02-24 10:42 . 2013-05-04 04:47 427520 ----a-w- c:\windows\system32\drivers\rdbss.sys
2015-02-24 10:42 . 2013-05-04 06:58 1820672 ----a-w- c:\program files\Windows Photo Viewer\PhotoViewer.dll
2015-02-24 10:42 . 2013-05-04 06:58 470528 ----a-w- c:\windows\system32\netprofmsvc.dll
2015-02-24 10:42 . 2013-05-04 04:57 247296 ----a-w- c:\windows\SysWow64\ubpm.dll
2015-02-24 10:40 . 2013-03-02 08:22 357888 ----a-w- c:\windows\SysWow64\netcfgx.dll
2015-02-24 10:39 . 2012-08-31 00:52 17888 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2015-02-24 10:39 . 2012-08-31 00:53 17888 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2015-02-24 10:36 . 2014-10-11 07:44 3248640 ----a-w- c:\windows\system32\rdpcorets.dll
2015-02-24 10:36 . 2012-10-12 08:08 27880 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2015-02-24 10:36 . 2014-05-03 03:34 235520 ----a-w- c:\windows\system32\rdpudd.dll
2015-02-24 10:36 . 2012-10-12 06:14 36352 ----a-w- c:\windows\system32\rfxvmt.dll
2015-02-24 10:35 . 2012-10-10 07:04 94208 ----a-w- c:\windows\system32\synceng.dll
2015-02-24 10:35 . 2012-10-10 06:31 72192 ----a-w- c:\windows\SysWow64\synceng.dll
2015-02-24 10:35 . 2014-07-31 23:40 1287680 ----a-w- c:\windows\system32\schedsvc.dll
2015-02-24 10:34 . 2014-10-30 07:20 1890816 ----a-w- c:\windows\system32\crypt32.dll
2015-02-24 10:34 . 2014-10-30 05:22 1569792 ----a-w- c:\windows\SysWow64\crypt32.dll
2015-02-24 10:34 . 2013-06-22 05:45 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2015-02-24 10:34 . 2013-06-22 05:45 54488 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2015-02-24 10:34 . 2014-08-09 08:29 144896 ----a-w- c:\windows\system32\tssdisai.dll
2015-02-24 10:34 . 2014-08-09 08:30 148480 ----a-w- c:\windows\system32\poqexec.exe
2015-02-24 10:32 . 2015-01-12 06:49 1084928 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2015-02-24 10:29 . 2014-06-10 22:44 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2015-02-24 10:29 . 2014-06-10 22:43 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2015-02-24 10:29 . 2014-12-08 06:48 391168 ----a-w- c:\windows\system32\scesrv.dll
2015-02-24 10:29 . 2014-12-08 05:04 318464 ----a-w- c:\windows\SysWow64\scesrv.dll
2015-02-24 10:27 . 2014-07-24 03:33 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-02-24 10:27 . 2014-07-24 03:33 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2015-02-24 10:24 . 2014-06-05 01:12 678600 ----a-w- c:\windows\system32\msvcp120_clr0400.dll
2015-02-24 10:22 . 2014-12-19 06:48 210432 ----a-w- c:\windows\system32\profsvc.dll
2015-02-24 10:19 . 2014-06-02 22:42 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2015-02-24 10:19 . 2014-06-02 22:42 1029120 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2015-02-24 10:19 . 2014-06-02 22:33 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2015-02-24 10:19 . 2014-06-02 22:33 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2015-02-24 10:19 . 2014-06-02 22:33 1306624 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2015-02-24 10:19 . 2014-06-02 22:33 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2015-02-24 10:19 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2015-02-24 10:19 . 2014-06-02 22:33 627712 ----a-w- c:\program files\Windows Journal\MSPVWCTL.DLL
2015-02-24 10:19 . 2014-06-02 22:33 881152 ----a-w- c:\program files\Windows Journal\InkSeg.dll
2015-02-24 10:19 . 2014-06-02 22:33 336384 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkDiv.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-24 12:01 . 2015-02-24 12:01 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2015-02-24 12:01 . 2015-02-24 12:01 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2015-02-24 07:05 . 2012-07-26 08:13 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-02-02 03:57 . 2015-02-02 03:57 80384 ----a-w- c:\windows\system32\RazerCoinstaller.dll
2015-01-12 06:49 . 2015-02-24 10:33 2237952 ----a-w- c:\windows\system32\wininet.dll
2015-01-12 06:49 . 2015-02-24 10:11 1627648 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-12-30 09:28 . 2014-12-30 09:28 990720 ----a-w- c:\windows\SysWow64\rzdevicedll.dll
2014-12-30 09:28 . 2014-12-30 09:28 78848 ----a-w- c:\windows\SysWow64\rzvirtualdev.dll
2014-12-30 09:28 . 2014-12-30 09:28 89088 ----a-w- c:\windows\SysWow64\rzdevinfo.dll
2014-12-30 09:28 . 2014-12-30 09:28 155136 ----a-w- c:\windows\SysWow64\rztouchdll.dll
2014-12-30 09:28 . 2014-12-30 09:28 117248 ----a-w- c:\windows\SysWow64\rzdisplaydll.dll
2014-12-30 09:28 . 2014-12-30 09:28 419840 ----a-w- c:\windows\SysWow64\rzaudiodll.dll
2014-12-19 03:22 . 2014-12-19 03:22 9728 ----a-w- c:\windows\SysWow64\RzStats.IPC.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2015-02-18 2874048]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-02-19 7416088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2012-07-26 508656]
"331BigDog"="c:\program files (x86)\USB Camera\VM331STI.EXE" [2012-05-02 548864]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2012-07-27 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2012-07-27 167024]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2012-04-19 217088]
"RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
"Intel AppUp(SM) center"="c:\program files (x86)\Intel\IntelAppStore\bin\ismagent.exe" [2012-07-12 155488]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2015-01-06 585536]
"KrakenLauncher"="c:\program files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenSysAudioLauncher.exe" [2014-06-12 1486128]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-11-16 525080]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Razer Game Scanner Service;Razer Game Scanner;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [x]
S2 RzKLService;RzKLService;c:\program files (x86)\Razer\Razer Cortex\RzKLService.exe;c:\program files (x86)\Razer\Razer Cortex\RzKLService.exe [x]
S2 rzpmgrk;rzpmgrk;c:\windows\system32\drivers\rzpmgrk.sys;c:\windows\SYSNATIVE\drivers\rzpmgrk.sys [x]
S2 rzpnk;rzpnk;c:\windows\system32\drivers\rzpnk.sys;c:\windows\SYSNATIVE\drivers\rzpnk.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys;c:\windows\SYSNATIVE\drivers\AcpiVpc.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btwampfl;btwampfl;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 vm331avs;Digital Camera 1;c:\windows\System32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2015-03-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-04 16:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-07 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-07 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-07 440640]
"SmartAudio"="c:\program files\CONEXANT\SAII\SACpl.exe" [2012-06-13 1647616]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2012-06-15 887968]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2013-02-20 17079376]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2013-02-20 191568]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 86.61.133.1 84.16.96.2
FF - ProfilePath - c:\users\Radovan\AppData\Roaming\Mozilla\Firefox\Profiles\orn23ccy.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\SysWOW64\RunDll32.exe
.
**************************************************************************
.
Celkový čas: 2015-03-14 23:20:19 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-03-14 22:20
ComboFix2.txt 2015-03-14 08:13
.
Před spuštěním: 879 429 599 232 bytes free
Po spuštění: 879 275 417 600 bytes free
.
- - End Of File - - 8193A3A3B8A65750A472E94D66AA37E9
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.8058.6480 [GMT 1:00]
Spuštěný z: c:\users\Radovan\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Radovan\Desktop\CFScript.txt
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\users\Radovan\AppData\Local\Temp\1871KrakenDevProps.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-02-14 do 2015-03-14 )))))))))))))))))))))))))))))))
.
.
2015-03-14 22:12 . 2015-03-14 22:12 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-03-14 22:12 . 2015-03-14 22:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-03-14 07:52 . 2015-03-14 07:42 24064 ----a-w- c:\windows\zoek-delete.exe
2015-03-14 07:42 . 2015-03-14 07:51 -------- d-----w- C:\zoek_backup
2015-03-09 18:09 . 2015-03-09 18:09 -------- d-----w- c:\windows\LastGood
2015-03-08 10:09 . 2015-03-08 10:09 99288 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
2015-03-08 10:09 . 2015-03-08 10:09 1795952 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2015-03-08 10:09 . 2015-03-08 10:09 66264 ----a-w- c:\windows\system32\btwdi.dll
2015-03-08 10:09 . 2015-03-08 10:09 2251992 ----a-w- c:\windows\system32\BtwRSupportService.exe
2015-03-08 10:09 . 2015-03-08 10:09 166104 ----a-w- c:\windows\system32\drivers\btwampfl.sys
2015-03-08 10:09 . 2015-03-08 10:09 2232024 ----a-w- c:\windows\system32\BcmBtRSupport.dll
2015-03-08 10:09 . 2015-03-08 10:09 170712 ----a-w- c:\windows\system32\drivers\bcbtums.sys
2015-03-08 10:08 . 2015-03-08 10:08 9890008 ----a-w- c:\windows\SysWow64\RsCRIcon.dll
2015-03-08 10:08 . 2015-03-08 10:08 331992 ----a-w- c:\windows\system32\drivers\RtsUVStor.sys
2015-03-08 10:04 . 2015-03-08 10:04 26528 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2015-03-08 10:04 . 2015-03-08 10:04 -------- d-----w- c:\programdata\IObit
2015-03-08 10:01 . 2015-03-08 10:01 -------- d-----w- c:\program files (x86)\Driver Checker
2015-03-07 19:50 . 2015-01-29 00:07 11910896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DA94032F-B5BE-46F7-B855-054AE1C9968D}\mpengine.dll
2015-03-07 15:27 . 2014-09-10 14:30 1188440 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{70D3C06C-8F91-414B-AF32-B2B0F41B1A76}\gapaengine.dll
2015-03-07 15:27 . 2015-03-03 13:17 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-03-07 14:04 . 2015-03-08 08:56 -------- d-----w- C:\AdwCleaner
2015-03-04 19:53 . 2015-03-06 19:39 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2015-03-03 21:24 . 2015-03-03 21:24 -------- d-----w- C:\_OTL
2015-03-01 10:00 . 2015-03-04 07:14 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2015-02-27 08:37 . 2015-02-27 08:37 -------- d-----w- c:\program files\CCleaner
2015-02-25 08:41 . 2015-03-13 19:45 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-02-25 08:41 . 2015-02-25 08:41 -------- d-----w- c:\programdata\RogueKiller
2015-02-24 17:07 . 2014-12-10 20:43 129600 ----a-w- c:\windows\system32\drivers\rzpnk.sys
2015-02-24 15:54 . 2014-07-15 22:51 71168 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
2015-02-24 15:37 . 2012-10-12 06:13 109568 ----a-w- c:\windows\system32\dskquota.dll
2015-02-24 15:37 . 2012-10-12 05:39 82944 ----a-w- c:\windows\SysWow64\dskquota.dll
2015-02-24 15:35 . 2014-07-03 01:59 1824784 ----a-w- c:\windows\system32\ntdll.dll
2015-02-24 15:34 . 2013-06-29 06:15 195416 ----a-w- c:\windows\system32\drivers\sdbus.sys
2015-02-24 15:32 . 2014-04-29 22:32 126464 ----a-w- c:\windows\system32\Robocopy.exe
2015-02-24 15:30 . 2014-07-17 01:45 61440 ----a-w- c:\windows\system32\drivers\en-US\srv2.sys.mui
2015-02-24 15:29 . 2012-11-06 04:18 11459584 ----a-w- c:\windows\system32\glcndFilter.dll
2015-02-24 15:25 . 2014-05-29 04:04 94552 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-02-24 15:25 . 2014-03-01 08:07 1075200 ----a-w- c:\windows\SysWow64\gpedit.dll
2015-02-24 15:25 . 2014-03-01 09:47 1258496 ----a-w- c:\windows\system32\kernel32.dll
2015-02-24 15:25 . 2014-03-01 09:47 1120768 ----a-w- c:\windows\system32\gpedit.dll
2015-02-24 15:25 . 2014-02-15 04:15 78336 ----a-w- c:\windows\system32\drivers\IPMIDrv.sys
2015-02-24 15:25 . 2013-11-25 23:17 83968 ----a-w- c:\windows\system32\drivers\hidclass.sys
2015-02-24 14:52 . 2015-03-08 09:04 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-02-24 14:51 . 2015-02-24 14:51 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-02-24 14:51 . 2015-02-24 14:51 -------- d-----w- c:\programdata\Malwarebytes
2015-02-24 14:51 . 2014-11-21 05:14 64216 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-02-24 14:51 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-02-24 14:51 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-02-24 14:15 . 2015-02-03 19:29 714184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-24 14:15 . 2015-02-03 19:29 106440 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-24 14:07 . 2015-02-24 14:07 -------- d-s---w- c:\windows\system32\CompatTel
2015-02-24 14:07 . 2015-02-24 14:07 -------- d-----w- c:\windows\system32\appraiser
2015-02-24 13:36 . 2014-10-09 04:00 69632 ----a-w- c:\windows\system32\vsstrace.dll
2015-02-24 13:36 . 2014-10-09 03:59 52224 ----a-w- c:\windows\SysWow64\vsstrace.dll
2015-02-24 13:36 . 2014-10-09 03:59 1195520 ----a-w- c:\windows\SysWow64\vssapi.dll
2015-02-24 13:36 . 2014-10-09 04:00 1484288 ----a-w- c:\windows\system32\VSSVC.exe
2015-02-24 13:36 . 2014-10-09 04:00 1519104 ----a-w- c:\windows\system32\vssapi.dll
2015-02-24 13:15 . 2013-10-31 05:56 915968 ----a-w- c:\windows\system32\MPSSVC.dll
2015-02-24 13:15 . 2013-10-31 05:56 758784 ----a-w- c:\windows\system32\FirewallAPI.dll
2015-02-24 13:15 . 2013-10-31 04:01 550400 ----a-w- c:\windows\SysWow64\FirewallAPI.dll
2015-02-24 13:15 . 2013-10-13 20:49 100696 ----a-w- c:\windows\system32\drivers\disk.sys
2015-02-24 13:15 . 2013-08-27 05:21 227840 ----a-w- c:\windows\system32\WebClnt.dll
2015-02-24 13:15 . 2013-10-31 03:42 74752 ----a-w- c:\windows\system32\drivers\mpsdrv.sys
2015-02-24 13:15 . 2013-08-27 05:19 104448 ----a-w- c:\windows\system32\davclnt.dll
2015-02-24 13:15 . 2013-08-26 22:29 199168 ----a-w- c:\windows\SysWow64\WebClnt.dll
2015-02-24 13:15 . 2013-08-26 22:28 86016 ----a-w- c:\windows\SysWow64\davclnt.dll
2015-02-24 13:15 . 2012-10-11 05:44 105984 ----a-w- c:\windows\system32\icfupgd.dll
2015-02-24 13:15 . 2012-10-11 05:46 24576 ----a-w- c:\windows\system32\wfapigp.dll
2015-02-24 13:15 . 2012-10-11 05:07 19968 ----a-w- c:\windows\SysWow64\wfapigp.dll
2015-02-24 13:01 . 2010-06-02 03:55 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll
2015-02-24 13:01 . 2010-06-02 03:55 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll
2015-02-24 13:01 . 2010-06-02 03:55 239960 ----a-w- c:\windows\SysWow64\xactengine3_7.dll
2015-02-24 13:01 . 2010-05-26 10:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2015-02-24 12:39 . 2015-02-24 12:39 269992 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10248.bin
2015-02-24 12:17 . 2015-02-24 12:17 -------- d--h--r- c:\users\Public\AccountPictures
2015-02-24 10:49 . 2015-02-24 10:52 -------- d-----w- c:\windows\system32\MRT
2015-02-24 10:44 . 2014-11-15 05:12 176640 ----a-w- c:\windows\system32\storewuauth.dll
2015-02-24 10:44 . 2014-11-15 03:54 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-02-24 10:44 . 2014-11-15 03:53 128000 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-02-24 10:44 . 2014-11-15 03:53 86528 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-02-24 10:44 . 2014-11-15 03:53 630272 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-02-24 10:42 . 2013-05-04 06:57 1131520 ----a-w- c:\windows\system32\AppXDeploymentServer.dll
2015-02-24 10:42 . 2013-05-04 04:57 10788864 ----a-w- c:\windows\SysWow64\Windows.UI.Xaml.dll
2015-02-24 10:42 . 2013-05-04 06:58 328192 ----a-w- c:\windows\system32\ubpm.dll
2015-02-24 10:42 . 2013-05-04 06:58 1332736 ----a-w- c:\windows\system32\sysmain.dll
2015-02-24 10:42 . 2013-05-04 06:57 389120 ----a-w- c:\windows\system32\BCP47Langs.dll
2015-02-24 10:42 . 2013-05-04 04:47 427520 ----a-w- c:\windows\system32\drivers\rdbss.sys
2015-02-24 10:42 . 2013-05-04 06:58 1820672 ----a-w- c:\program files\Windows Photo Viewer\PhotoViewer.dll
2015-02-24 10:42 . 2013-05-04 06:58 470528 ----a-w- c:\windows\system32\netprofmsvc.dll
2015-02-24 10:42 . 2013-05-04 04:57 247296 ----a-w- c:\windows\SysWow64\ubpm.dll
2015-02-24 10:40 . 2013-03-02 08:22 357888 ----a-w- c:\windows\SysWow64\netcfgx.dll
2015-02-24 10:39 . 2012-08-31 00:52 17888 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2015-02-24 10:39 . 2012-08-31 00:53 17888 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2015-02-24 10:36 . 2014-10-11 07:44 3248640 ----a-w- c:\windows\system32\rdpcorets.dll
2015-02-24 10:36 . 2012-10-12 08:08 27880 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2015-02-24 10:36 . 2014-05-03 03:34 235520 ----a-w- c:\windows\system32\rdpudd.dll
2015-02-24 10:36 . 2012-10-12 06:14 36352 ----a-w- c:\windows\system32\rfxvmt.dll
2015-02-24 10:35 . 2012-10-10 07:04 94208 ----a-w- c:\windows\system32\synceng.dll
2015-02-24 10:35 . 2012-10-10 06:31 72192 ----a-w- c:\windows\SysWow64\synceng.dll
2015-02-24 10:35 . 2014-07-31 23:40 1287680 ----a-w- c:\windows\system32\schedsvc.dll
2015-02-24 10:34 . 2014-10-30 07:20 1890816 ----a-w- c:\windows\system32\crypt32.dll
2015-02-24 10:34 . 2014-10-30 05:22 1569792 ----a-w- c:\windows\SysWow64\crypt32.dll
2015-02-24 10:34 . 2013-06-22 05:45 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2015-02-24 10:34 . 2013-06-22 05:45 54488 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2015-02-24 10:34 . 2014-08-09 08:29 144896 ----a-w- c:\windows\system32\tssdisai.dll
2015-02-24 10:34 . 2014-08-09 08:30 148480 ----a-w- c:\windows\system32\poqexec.exe
2015-02-24 10:32 . 2015-01-12 06:49 1084928 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2015-02-24 10:29 . 2014-06-10 22:44 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2015-02-24 10:29 . 2014-06-10 22:43 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2015-02-24 10:29 . 2014-12-08 06:48 391168 ----a-w- c:\windows\system32\scesrv.dll
2015-02-24 10:29 . 2014-12-08 05:04 318464 ----a-w- c:\windows\SysWow64\scesrv.dll
2015-02-24 10:27 . 2014-07-24 03:33 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-02-24 10:27 . 2014-07-24 03:33 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2015-02-24 10:24 . 2014-06-05 01:12 678600 ----a-w- c:\windows\system32\msvcp120_clr0400.dll
2015-02-24 10:22 . 2014-12-19 06:48 210432 ----a-w- c:\windows\system32\profsvc.dll
2015-02-24 10:19 . 2014-06-02 22:42 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2015-02-24 10:19 . 2014-06-02 22:42 1029120 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2015-02-24 10:19 . 2014-06-02 22:33 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2015-02-24 10:19 . 2014-06-02 22:33 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2015-02-24 10:19 . 2014-06-02 22:33 1306624 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2015-02-24 10:19 . 2014-06-02 22:33 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2015-02-24 10:19 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2015-02-24 10:19 . 2014-06-02 22:33 627712 ----a-w- c:\program files\Windows Journal\MSPVWCTL.DLL
2015-02-24 10:19 . 2014-06-02 22:33 881152 ----a-w- c:\program files\Windows Journal\InkSeg.dll
2015-02-24 10:19 . 2014-06-02 22:33 336384 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkDiv.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-24 12:01 . 2015-02-24 12:01 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2015-02-24 12:01 . 2015-02-24 12:01 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2015-02-24 07:05 . 2012-07-26 08:13 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-02-02 03:57 . 2015-02-02 03:57 80384 ----a-w- c:\windows\system32\RazerCoinstaller.dll
2015-01-12 06:49 . 2015-02-24 10:33 2237952 ----a-w- c:\windows\system32\wininet.dll
2015-01-12 06:49 . 2015-02-24 10:11 1627648 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-12-30 09:28 . 2014-12-30 09:28 990720 ----a-w- c:\windows\SysWow64\rzdevicedll.dll
2014-12-30 09:28 . 2014-12-30 09:28 78848 ----a-w- c:\windows\SysWow64\rzvirtualdev.dll
2014-12-30 09:28 . 2014-12-30 09:28 89088 ----a-w- c:\windows\SysWow64\rzdevinfo.dll
2014-12-30 09:28 . 2014-12-30 09:28 155136 ----a-w- c:\windows\SysWow64\rztouchdll.dll
2014-12-30 09:28 . 2014-12-30 09:28 117248 ----a-w- c:\windows\SysWow64\rzdisplaydll.dll
2014-12-30 09:28 . 2014-12-30 09:28 419840 ----a-w- c:\windows\SysWow64\rzaudiodll.dll
2014-12-19 03:22 . 2014-12-19 03:22 9728 ----a-w- c:\windows\SysWow64\RzStats.IPC.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2015-02-18 2874048]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-02-19 7416088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2012-07-26 508656]
"331BigDog"="c:\program files (x86)\USB Camera\VM331STI.EXE" [2012-05-02 548864]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2012-07-27 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2012-07-27 167024]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2012-04-19 217088]
"RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
"Intel AppUp(SM) center"="c:\program files (x86)\Intel\IntelAppStore\bin\ismagent.exe" [2012-07-12 155488]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2015-01-06 585536]
"KrakenLauncher"="c:\program files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenSysAudioLauncher.exe" [2014-06-12 1486128]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-11-16 525080]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Razer Game Scanner Service;Razer Game Scanner;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [x]
S2 RzKLService;RzKLService;c:\program files (x86)\Razer\Razer Cortex\RzKLService.exe;c:\program files (x86)\Razer\Razer Cortex\RzKLService.exe [x]
S2 rzpmgrk;rzpmgrk;c:\windows\system32\drivers\rzpmgrk.sys;c:\windows\SYSNATIVE\drivers\rzpmgrk.sys [x]
S2 rzpnk;rzpnk;c:\windows\system32\drivers\rzpnk.sys;c:\windows\SYSNATIVE\drivers\rzpnk.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys;c:\windows\SYSNATIVE\drivers\AcpiVpc.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btwampfl;btwampfl;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 vm331avs;Digital Camera 1;c:\windows\System32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2015-03-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-04 16:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-07 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-07 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-07 440640]
"SmartAudio"="c:\program files\CONEXANT\SAII\SACpl.exe" [2012-06-13 1647616]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2012-06-15 887968]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2013-02-20 17079376]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2013-02-20 191568]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 86.61.133.1 84.16.96.2
FF - ProfilePath - c:\users\Radovan\AppData\Roaming\Mozilla\Firefox\Profiles\orn23ccy.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\SysWOW64\RunDll32.exe
.
**************************************************************************
.
Celkový čas: 2015-03-14 23:20:19 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-03-14 22:20
ComboFix2.txt 2015-03-14 08:13
.
Před spuštěním: 879 429 599 232 bytes free
Po spuštění: 879 275 417 600 bytes free
.
- - End Of File - - 8193A3A3B8A65750A472E94D66AA37E9
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 85 hostů