ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
====================================================
Vyčisti systém CCleanerem
====================================================
Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix
ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.
Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt
Co problémy? + nový log z HJT
kontrola logu Vyřešeno
- Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: kontrola logu
Láska hřeje, ale uhlí je uhlí.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.

Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: kontrola logu
# DelFix v10.8 - Logfile created 14/09/2014 at 15:49:52
# Updated 29/07/2014 by Xplode
# Username : Petr - IDEA-PC
# Operating System : Windows 8 (64 bits)
~ Removing disinfection tools ...
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\ComboFix.txt
Deleted : C:\TDSSKiller.3.0.0.40_12.09.2014_14.44.31_log.txt
Deleted : C:\zoek-results.log
Deleted : C:\Users\Petr\Desktop\adwcleaner_3.309.exe
Deleted : C:\Users\Petr\Desktop\aswMBR.txt
Deleted : C:\Users\Petr\Desktop\JRT.exe
Deleted : C:\Users\Petr\Desktop\MBR.dat
Deleted : C:\Users\Petr\Desktop\tdsskiller.exe
Deleted : C:\Users\Petr\Desktop\zoek.exe
Deleted : C:\Users\Petr\Downloads\adwcleaner_3.309.exe
Deleted : C:\Users\Petr\Downloads\aswmbr.exe
Deleted : C:\Users\Petr\Downloads\ComboFix.exe
Deleted : C:\Users\Petr\Downloads\JRT.exe
Deleted : C:\Users\Petr\Downloads\HijackThis.exe
Deleted : C:\Users\Petr\Downloads\hijackthis.log
Deleted : C:\Users\Petr\Downloads\RogueKillerX64.exe
Deleted : C:\Users\Petr\Downloads\tdsskiller (1).exe
Deleted : C:\Users\Petr\Downloads\tdsskiller.exe
Deleted : C:\Users\Petr\Downloads\zoek.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
~ Cleaning system restore ...
Deleted : RP #3 [ComboFix created restore point | 09/14/2014 13:44:53]
New restore point created !
########## - EOF - ##########
# Updated 29/07/2014 by Xplode
# Username : Petr - IDEA-PC
# Operating System : Windows 8 (64 bits)
~ Removing disinfection tools ...
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\ComboFix.txt
Deleted : C:\TDSSKiller.3.0.0.40_12.09.2014_14.44.31_log.txt
Deleted : C:\zoek-results.log
Deleted : C:\Users\Petr\Desktop\adwcleaner_3.309.exe
Deleted : C:\Users\Petr\Desktop\aswMBR.txt
Deleted : C:\Users\Petr\Desktop\JRT.exe
Deleted : C:\Users\Petr\Desktop\MBR.dat
Deleted : C:\Users\Petr\Desktop\tdsskiller.exe
Deleted : C:\Users\Petr\Desktop\zoek.exe
Deleted : C:\Users\Petr\Downloads\adwcleaner_3.309.exe
Deleted : C:\Users\Petr\Downloads\aswmbr.exe
Deleted : C:\Users\Petr\Downloads\ComboFix.exe
Deleted : C:\Users\Petr\Downloads\JRT.exe
Deleted : C:\Users\Petr\Downloads\HijackThis.exe
Deleted : C:\Users\Petr\Downloads\hijackthis.log
Deleted : C:\Users\Petr\Downloads\RogueKillerX64.exe
Deleted : C:\Users\Petr\Downloads\tdsskiller (1).exe
Deleted : C:\Users\Petr\Downloads\tdsskiller.exe
Deleted : C:\Users\Petr\Downloads\zoek.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
~ Cleaning system restore ...
Deleted : RP #3 [ComboFix created restore point | 09/14/2014 13:44:53]
New restore point created !
########## - EOF - ##########
Re: kontrola logu
Myslím že tu žádný problém už není !
Počítač je jako novej!
LOG:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:01:07, on 14. 9. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17028)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files\Lenovo\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Petr\Downloads\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331STI.EXE
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [mncwgqgmlSrv] C:\windows\system32\mncwgqgml.vbe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Global Startup: Bluetooth.lnk = ?
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: @oem15.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service (BcmBtRSupport) - Unknown owner - C:\windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 10823 bytes
Počítač je jako novej!
LOG:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:01:07, on 14. 9. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17028)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files\Lenovo\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Petr\Downloads\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331STI.EXE
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [mncwgqgmlSrv] C:\windows\system32\mncwgqgml.vbe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Global Startup: Bluetooth.lnk = ?
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: @oem15.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service (BcmBtRSupport) - Unknown owner - C:\windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 10823 bytes
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: kontrola logu
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Ještě tam něco je.
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Návod
Kód: Vybrat vše
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [mncwgqgmlSrv] C:\windows\system32\mncwgqgml.vbe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Petr\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
Ještě tam něco je.
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: kontrola logu
ComboFix 14-09-14.01 - Petr . 09. 2014 16:48:43.1.4 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.3962.2483 [GMT 2:00]
Spuštěný z: c:\users\Petr\Downloads\ComboFix.exe
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-08-15 do 2014-09-15 )))))))))))))))))))))))))))))))
.
.
2014-09-14 18:31 . 2014-09-14 18:31 -------- d-----w- c:\users\Petr\.android
2014-09-12 17:22 . 2014-08-20 18:43 11319192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CB5A04CB-55FC-419E-A1FE-94A330D59025}\mpengine.dll
2014-09-12 13:26 . 2014-09-12 13:26 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-09-12 13:26 . 2014-09-13 13:26 -------- d-----r- c:\program files (x86)\Skype
2014-09-11 11:51 . 2014-09-11 11:52 305832 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10246.bin
2014-09-10 15:16 . 2014-09-10 14:57 24064 ----a-w- c:\windows\zoek-delete.exe
2014-09-10 15:16 . 2014-09-15 14:56 -------- d-----w- c:\users\Petr\AppData\Local\Temp
2014-09-10 11:42 . 2014-09-10 11:42 -------- d-----w- c:\windows\ERUNT
2014-09-10 11:25 . 2014-09-14 13:47 -------- d-----w- c:\users\Petr\AppData\Local\CrashDumps
2014-09-10 11:22 . 2014-09-10 17:52 36456 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-09-10 11:22 . 2014-09-10 11:22 -------- d-----w- c:\programdata\RogueKiller
2014-09-10 10:51 . 2014-09-10 10:51 -------- d-----w- c:\users\Petr\AppData\Local\Broadcom
2014-09-10 10:50 . 2014-09-10 10:50 -------- d-----w- c:\users\Petr\AppData\Local\Adobe
2014-09-09 17:07 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-09-04 14:51 . 2014-09-04 15:04 -------- d-----w- c:\program files (x86)\BlueStacks
2014-09-04 14:51 . 2014-09-04 14:51 -------- d-----w- c:\programdata\BlueStacks
2014-08-25 09:57 . 2014-08-25 09:57 -------- d-----w- c:\program files (x86)\Microsoft
2014-08-25 09:56 . 2014-08-25 09:56 -------- d--h--r- c:\users\Petr\AppData\Roaming\SecuROM
2014-08-24 14:15 . 2014-08-24 14:15 -------- d-----w- c:\program files (x86)\Audacity
2014-08-24 08:08 . 2014-08-24 08:08 -------- d-----w- c:\users\Petr\AppData\Local\Rockstar Games
2014-08-24 08:01 . 2014-08-24 08:01 -------- d-----w- c:\windows\SysWow64\xlive
2014-08-24 08:01 . 2014-08-24 08:01 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2014-08-23 17:18 . 2014-08-23 17:18 -------- d-----w- c:\program files (x86)\ABAllA
2014-08-21 17:51 . 2014-08-21 17:51 -------- d-----w- c:\program files (x86)\Steinberg
2014-08-20 09:56 . 2014-08-20 09:56 -------- d-----w- c:\users\Petr\minecraft
2014-08-20 09:41 . 2014-08-20 10:28 -------- d-----w- c:\users\Petr\AppData\Roaming\McTitan Aglaria
2014-08-20 09:05 . 2006-09-13 23:21 2240 ----a-w- c:\windows\LENDIG.sys
2014-08-20 09:05 . 2014-08-20 09:05 -------- d-----w- c:\program files\Steinberg
2014-08-20 09:01 . 2014-08-20 09:01 -------- d-----w- c:\program files\vstplugins
2014-08-19 22:21 . 2014-08-19 22:21 -------- d-----w- c:\users\Petr\AppData\Roaming\Publish Providers
2014-08-19 22:06 . 2014-08-19 22:12 -------- d-----w- c:\users\Petr\AppData\Local\Sony
2014-08-19 22:06 . 2014-08-19 22:06 -------- d-----w- c:\programdata\Sony
2014-08-19 22:06 . 2014-08-19 22:06 -------- d-----w- c:\program files\Sony
2014-08-19 22:06 . 2014-08-19 22:06 -------- d-----w- c:\program files (x86)\Sony
2014-08-19 22:05 . 2014-09-06 12:15 -------- d-----w- c:\users\Petr\AppData\Roaming\Sony
2014-08-19 08:28 . 2014-08-31 12:29 -------- d-----w- c:\users\Petr\AppData\Roaming\.minecraft
2014-08-19 07:29 . 2014-08-19 07:29 28260 ----a-w- c:\users\Petr\cc_20140819_092933.reg
2014-08-17 15:34 . 2014-08-17 15:34 -------- d-----w- c:\users\Petr\AppData\Local\The Witcher 2
2014-08-17 14:43 . 2014-08-17 14:43 -------- d-----w- c:\program files (x86)\GOG.com
2014-08-17 14:09 . 2014-08-17 14:09 -------- d-----w- c:\program files (x86)\Manual
2014-08-17 14:09 . 2009-10-23 21:00 5811712 ----a-w- c:\program files (x86)\Nexus.dll
2014-08-17 14:09 . 2014-08-17 14:09 -------- d-----w- c:\program files (x86)\Uninstall Nexus
2014-08-17 09:20 . 2014-08-17 09:20 -------- d-----w- c:\program files (x86)\Common Files\reFX
2014-08-16 17:38 . 2014-08-16 17:38 -------- d-----w- c:\users\Petr\AppData\Roaming\AVG
2014-08-16 17:35 . 2014-08-17 10:56 -------- d-----w- c:\programdata\AVG
2014-08-16 17:35 . 2014-08-16 17:35 -------- d-sh--w- c:\programdata\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-08-16 17:34 . 2014-08-16 17:34 -------- d--h--w- c:\programdata\Common Files
2014-08-16 17:33 . 2014-08-16 17:34 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-09 17:20 . 2014-07-24 14:00 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-16 18:54 . 2014-07-16 18:54 98304 ----a-w- c:\windows\SysWow64\CmdLineExt.dll
2014-07-12 16:55 . 2014-07-12 16:55 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-11 18:06 . 2014-07-11 18:06 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-07-11 14:44 . 2014-07-11 14:44 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2014-07-11 14:44 . 2014-07-11 14:44 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2014-06-30 22:42 . 2014-07-11 17:59 394240 ----a-w- c:\windows\system32\devinv.dll
2014-06-30 22:42 . 2014-07-11 17:59 702464 ----a-w- c:\windows\system32\aepdu.dll
2014-06-30 22:42 . 2014-07-11 17:59 87552 ----a-w- c:\windows\system32\aepic.dll
2014-06-28 03:35 . 2014-07-11 17:59 556544 ----a-w- c:\windows\system32\aeinv.dll
2014-06-26 20:53 . 2014-07-13 06:03 703968 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-26 20:53 . 2014-07-13 06:03 105440 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-26 15:40 . 2014-07-11 17:01 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-06-21 07:40 . 2014-07-16 13:46 139792 ----a-w- c:\windows\SysWow64\GFSDK_SSAO.win64.dll
2014-06-19 02:12 . 2014-07-11 17:55 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2014-06-19 02:12 . 2014-07-11 17:55 2239488 ----a-w- c:\windows\system32\wininet.dll
2014-06-19 02:12 . 2014-07-11 17:55 915968 ----a-w- c:\windows\system32\uxtheme.dll
2014-06-19 02:12 . 2014-07-11 17:55 53760 ----a-w- c:\windows\system32\UXInit.dll
2014-06-19 02:12 . 2014-07-11 17:55 1366528 ----a-w- c:\windows\system32\urlmon.dll
2014-06-19 02:11 . 2014-07-11 17:55 197120 ----a-w- c:\windows\system32\msrating.dll
2014-06-19 02:11 . 2014-07-11 17:55 97792 ----a-w- c:\windows\system32\mshtmled.dll
2014-06-19 02:11 . 2014-07-11 17:55 19277312 ----a-w- c:\windows\system32\mshtml.dll
2014-06-19 02:10 . 2014-07-11 17:55 603136 ----a-w- c:\windows\system32\msfeeds.dll
2014-06-19 02:10 . 2014-07-11 17:55 3959296 ----a-w- c:\windows\system32\jscript9.dll
2014-06-19 02:10 . 2014-07-11 17:55 53760 ----a-w- c:\windows\system32\jsproxy.dll
2014-06-19 02:10 . 2014-07-11 17:55 855552 ----a-w- c:\windows\system32\jscript.dll
2014-06-19 02:10 . 2014-07-11 17:55 255488 ----a-w- c:\windows\system32\iedkcs32.dll
2014-06-19 02:10 . 2014-07-11 17:55 15369728 ----a-w- c:\windows\system32\ieframe.dll
2014-06-19 02:10 . 2014-07-11 17:55 2650624 ----a-w- c:\windows\system32\iertutil.dll
2014-06-19 02:10 . 2014-07-11 17:55 136704 ----a-w- c:\windows\system32\iesysprep.dll
2014-06-19 02:10 . 2014-07-11 17:55 39936 ----a-w- c:\windows\system32\iernonce.dll
2014-06-19 02:10 . 2014-07-11 17:55 67072 ----a-w- c:\windows\system32\iesetup.dll
2014-06-19 02:10 . 2014-07-11 17:55 281600 ----a-w- c:\windows\system32\dxtrans.dll
2014-06-19 02:10 . 2014-07-11 17:55 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2014-06-19 02:09 . 2014-07-11 17:55 1508864 ----a-w- c:\windows\system32\inetcpl.cpl
2014-06-19 00:53 . 2014-07-11 17:55 1766400 ----a-w- c:\windows\SysWow64\wininet.dll
2014-06-19 00:53 . 2014-07-11 17:55 44032 ----a-w- c:\windows\SysWow64\UXInit.dll
2014-06-19 00:52 . 2014-07-11 17:55 2863616 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-06-19 00:52 . 2014-07-11 17:55 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-06-19 00:52 . 2014-07-11 17:55 61440 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-06-19 00:52 . 2014-07-11 17:55 1440768 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-06-19 00:33 . 2014-07-11 17:55 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2014-06-19 00:30 . 2014-07-11 17:55 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-06-18 22:05 . 2014-07-11 17:55 534528 ----a-w- c:\windows\SysWow64\uxtheme.dll
2014-06-17 23:27 . 2014-07-11 17:28 1440256 ----a-w- c:\windows\SysWow64\osk.exe
2014-06-17 23:24 . 2014-07-11 17:28 1557504 ----a-w- c:\windows\system32\osk.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-09-04 852808]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-08-27 22041192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-08-23 56128]
"331BigDog"="c:\program files (x86)\USB Camera\VM331STI.EXE" [2012-05-02 548864]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2012-07-26 508656]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2012-07-27 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2012-07-27 167024]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2012-04-19 217088]
"RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896]
"mncwgqgmlSrv"="c:\windows\system32\mncwgqgml.vbe" [2014-03-05 7670]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2014-08-13 835288]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-9-7 1346936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [x]
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 RL_MIXAGE_IE_MIDI;Mixage Interface Edition WDM MIDI Device;c:\windows\system32\drivers\rlmxgiem.sys;c:\windows\SYSNATIVE\drivers\rlmxgiem.sys [x]
R3 RL_MIXAGE_IE_USB;usb-audio.de driver for Reloop Mixage Interface Edition;c:\windows\System32\Drivers\rlmxgieu.sys;c:\windows\SYSNATIVE\Drivers\rlmxgieu.sys [x]
R3 RL_MIXAGE_IE_WDM;Mixage Interface Edition WDM Audio;c:\windows\system32\drivers\rlmxgiea.sys;c:\windows\SYSNATIVE\drivers\rlmxgiea.sys [x]
R3 usb3Hub;USB-IF USB 3.0 Hub;c:\windows\System32\drivers\usb3Hub.sys;c:\windows\SYSNATIVE\drivers\usb3Hub.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R3 XHCIPort;USB-IF xHCI USB Host Controller;c:\windows\System32\drivers\XHCIPort.sys;c:\windows\SYSNATIVE\drivers\XHCIPort.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S2 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RzKLService;RzKLService;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys;c:\windows\SYSNATIVE\drivers\AcpiVpc.sys [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\System32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
S3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys;c:\windows\SYSNATIVE\drivers\jmcr.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
S3 NETwNe64;@oem19.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;c:\windows\system32\DRIVERS\NETwew00.sys;c:\windows\SYSNATIVE\DRIVERS\NETwew00.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 vm331avs;Digital Camera 1;c:\windows\System32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-12 10:50 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-25 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-25 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-25 441152]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-09-14 12921488]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-09-14 1214608]
"OnekeyStudio"="c:\program files\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-08-10 4196432]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-11-15 17080376]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-11-15 191544]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-05-29 2350880]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-05-29 1279480]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"M-Audio Taskbar Icon"="c:\windows\system32\M-AudioTaskBarIcon.exe" [2010-12-07 798728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 94.74.192.252 94.74.192.244
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-SynLenovoGestureMgr - c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe
AddRemove-{95716cce-fc71-413f-8ad5-56c2892d4b3a} - c:\programdata\Package Cache\{95716cce-fc71-413f-8ad5-56c2892d4b3a}\vcredist_x86.exe
AddRemove-{a1909659-0a08-4554-8af1-2175904903a1} - c:\programdata\Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3164711548-3657898618-3245913010-1002CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:e5,84,62,39,58,b8,dc,73,55,69,1f,eb,eb,5e,2d,9f,cd,fe,0d,aa,82,
9d,ef,3c,e1,e6,5a,32,d1,e4,23,80,27,65,a5,fc,bc,7f,8f,4a,c6,f3,54,aa,1c,d8,\
"rkeysecu"=hex:c5,15,ee,f9,45,8c,e5,3c,3f,8b,5b,c6,27,8e,69,94
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
Celkový čas: 2014-09-15 16:59:01
ComboFix-quarantined-files.txt 2014-09-15 14:59
.
Před spuštěním: 587 874 631 680 bytes free
Po spuštění: 587 822 444 544 bytes free
.
- - End Of File - - 3D43E3B481415FE76FC1E256873B9E80
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.3962.2483 [GMT 2:00]
Spuštěný z: c:\users\Petr\Downloads\ComboFix.exe
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-08-15 do 2014-09-15 )))))))))))))))))))))))))))))))
.
.
2014-09-14 18:31 . 2014-09-14 18:31 -------- d-----w- c:\users\Petr\.android
2014-09-12 17:22 . 2014-08-20 18:43 11319192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CB5A04CB-55FC-419E-A1FE-94A330D59025}\mpengine.dll
2014-09-12 13:26 . 2014-09-12 13:26 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-09-12 13:26 . 2014-09-13 13:26 -------- d-----r- c:\program files (x86)\Skype
2014-09-11 11:51 . 2014-09-11 11:52 305832 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10246.bin
2014-09-10 15:16 . 2014-09-10 14:57 24064 ----a-w- c:\windows\zoek-delete.exe
2014-09-10 15:16 . 2014-09-15 14:56 -------- d-----w- c:\users\Petr\AppData\Local\Temp
2014-09-10 11:42 . 2014-09-10 11:42 -------- d-----w- c:\windows\ERUNT
2014-09-10 11:25 . 2014-09-14 13:47 -------- d-----w- c:\users\Petr\AppData\Local\CrashDumps
2014-09-10 11:22 . 2014-09-10 17:52 36456 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-09-10 11:22 . 2014-09-10 11:22 -------- d-----w- c:\programdata\RogueKiller
2014-09-10 10:51 . 2014-09-10 10:51 -------- d-----w- c:\users\Petr\AppData\Local\Broadcom
2014-09-10 10:50 . 2014-09-10 10:50 -------- d-----w- c:\users\Petr\AppData\Local\Adobe
2014-09-09 17:07 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-09-04 14:51 . 2014-09-04 15:04 -------- d-----w- c:\program files (x86)\BlueStacks
2014-09-04 14:51 . 2014-09-04 14:51 -------- d-----w- c:\programdata\BlueStacks
2014-08-25 09:57 . 2014-08-25 09:57 -------- d-----w- c:\program files (x86)\Microsoft
2014-08-25 09:56 . 2014-08-25 09:56 -------- d--h--r- c:\users\Petr\AppData\Roaming\SecuROM
2014-08-24 14:15 . 2014-08-24 14:15 -------- d-----w- c:\program files (x86)\Audacity
2014-08-24 08:08 . 2014-08-24 08:08 -------- d-----w- c:\users\Petr\AppData\Local\Rockstar Games
2014-08-24 08:01 . 2014-08-24 08:01 -------- d-----w- c:\windows\SysWow64\xlive
2014-08-24 08:01 . 2014-08-24 08:01 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2014-08-23 17:18 . 2014-08-23 17:18 -------- d-----w- c:\program files (x86)\ABAllA
2014-08-21 17:51 . 2014-08-21 17:51 -------- d-----w- c:\program files (x86)\Steinberg
2014-08-20 09:56 . 2014-08-20 09:56 -------- d-----w- c:\users\Petr\minecraft
2014-08-20 09:41 . 2014-08-20 10:28 -------- d-----w- c:\users\Petr\AppData\Roaming\McTitan Aglaria
2014-08-20 09:05 . 2006-09-13 23:21 2240 ----a-w- c:\windows\LENDIG.sys
2014-08-20 09:05 . 2014-08-20 09:05 -------- d-----w- c:\program files\Steinberg
2014-08-20 09:01 . 2014-08-20 09:01 -------- d-----w- c:\program files\vstplugins
2014-08-19 22:21 . 2014-08-19 22:21 -------- d-----w- c:\users\Petr\AppData\Roaming\Publish Providers
2014-08-19 22:06 . 2014-08-19 22:12 -------- d-----w- c:\users\Petr\AppData\Local\Sony
2014-08-19 22:06 . 2014-08-19 22:06 -------- d-----w- c:\programdata\Sony
2014-08-19 22:06 . 2014-08-19 22:06 -------- d-----w- c:\program files\Sony
2014-08-19 22:06 . 2014-08-19 22:06 -------- d-----w- c:\program files (x86)\Sony
2014-08-19 22:05 . 2014-09-06 12:15 -------- d-----w- c:\users\Petr\AppData\Roaming\Sony
2014-08-19 08:28 . 2014-08-31 12:29 -------- d-----w- c:\users\Petr\AppData\Roaming\.minecraft
2014-08-19 07:29 . 2014-08-19 07:29 28260 ----a-w- c:\users\Petr\cc_20140819_092933.reg
2014-08-17 15:34 . 2014-08-17 15:34 -------- d-----w- c:\users\Petr\AppData\Local\The Witcher 2
2014-08-17 14:43 . 2014-08-17 14:43 -------- d-----w- c:\program files (x86)\GOG.com
2014-08-17 14:09 . 2014-08-17 14:09 -------- d-----w- c:\program files (x86)\Manual
2014-08-17 14:09 . 2009-10-23 21:00 5811712 ----a-w- c:\program files (x86)\Nexus.dll
2014-08-17 14:09 . 2014-08-17 14:09 -------- d-----w- c:\program files (x86)\Uninstall Nexus
2014-08-17 09:20 . 2014-08-17 09:20 -------- d-----w- c:\program files (x86)\Common Files\reFX
2014-08-16 17:38 . 2014-08-16 17:38 -------- d-----w- c:\users\Petr\AppData\Roaming\AVG
2014-08-16 17:35 . 2014-08-17 10:56 -------- d-----w- c:\programdata\AVG
2014-08-16 17:35 . 2014-08-16 17:35 -------- d-sh--w- c:\programdata\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-08-16 17:34 . 2014-08-16 17:34 -------- d--h--w- c:\programdata\Common Files
2014-08-16 17:33 . 2014-08-16 17:34 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-09 17:20 . 2014-07-24 14:00 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-16 18:54 . 2014-07-16 18:54 98304 ----a-w- c:\windows\SysWow64\CmdLineExt.dll
2014-07-12 16:55 . 2014-07-12 16:55 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-11 18:06 . 2014-07-11 18:06 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-07-11 14:44 . 2014-07-11 14:44 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2014-07-11 14:44 . 2014-07-11 14:44 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2014-06-30 22:42 . 2014-07-11 17:59 394240 ----a-w- c:\windows\system32\devinv.dll
2014-06-30 22:42 . 2014-07-11 17:59 702464 ----a-w- c:\windows\system32\aepdu.dll
2014-06-30 22:42 . 2014-07-11 17:59 87552 ----a-w- c:\windows\system32\aepic.dll
2014-06-28 03:35 . 2014-07-11 17:59 556544 ----a-w- c:\windows\system32\aeinv.dll
2014-06-26 20:53 . 2014-07-13 06:03 703968 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-26 20:53 . 2014-07-13 06:03 105440 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-26 15:40 . 2014-07-11 17:01 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-06-21 07:40 . 2014-07-16 13:46 139792 ----a-w- c:\windows\SysWow64\GFSDK_SSAO.win64.dll
2014-06-19 02:12 . 2014-07-11 17:55 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2014-06-19 02:12 . 2014-07-11 17:55 2239488 ----a-w- c:\windows\system32\wininet.dll
2014-06-19 02:12 . 2014-07-11 17:55 915968 ----a-w- c:\windows\system32\uxtheme.dll
2014-06-19 02:12 . 2014-07-11 17:55 53760 ----a-w- c:\windows\system32\UXInit.dll
2014-06-19 02:12 . 2014-07-11 17:55 1366528 ----a-w- c:\windows\system32\urlmon.dll
2014-06-19 02:11 . 2014-07-11 17:55 197120 ----a-w- c:\windows\system32\msrating.dll
2014-06-19 02:11 . 2014-07-11 17:55 97792 ----a-w- c:\windows\system32\mshtmled.dll
2014-06-19 02:11 . 2014-07-11 17:55 19277312 ----a-w- c:\windows\system32\mshtml.dll
2014-06-19 02:10 . 2014-07-11 17:55 603136 ----a-w- c:\windows\system32\msfeeds.dll
2014-06-19 02:10 . 2014-07-11 17:55 3959296 ----a-w- c:\windows\system32\jscript9.dll
2014-06-19 02:10 . 2014-07-11 17:55 53760 ----a-w- c:\windows\system32\jsproxy.dll
2014-06-19 02:10 . 2014-07-11 17:55 855552 ----a-w- c:\windows\system32\jscript.dll
2014-06-19 02:10 . 2014-07-11 17:55 255488 ----a-w- c:\windows\system32\iedkcs32.dll
2014-06-19 02:10 . 2014-07-11 17:55 15369728 ----a-w- c:\windows\system32\ieframe.dll
2014-06-19 02:10 . 2014-07-11 17:55 2650624 ----a-w- c:\windows\system32\iertutil.dll
2014-06-19 02:10 . 2014-07-11 17:55 136704 ----a-w- c:\windows\system32\iesysprep.dll
2014-06-19 02:10 . 2014-07-11 17:55 39936 ----a-w- c:\windows\system32\iernonce.dll
2014-06-19 02:10 . 2014-07-11 17:55 67072 ----a-w- c:\windows\system32\iesetup.dll
2014-06-19 02:10 . 2014-07-11 17:55 281600 ----a-w- c:\windows\system32\dxtrans.dll
2014-06-19 02:10 . 2014-07-11 17:55 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2014-06-19 02:09 . 2014-07-11 17:55 1508864 ----a-w- c:\windows\system32\inetcpl.cpl
2014-06-19 00:53 . 2014-07-11 17:55 1766400 ----a-w- c:\windows\SysWow64\wininet.dll
2014-06-19 00:53 . 2014-07-11 17:55 44032 ----a-w- c:\windows\SysWow64\UXInit.dll
2014-06-19 00:52 . 2014-07-11 17:55 2863616 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-06-19 00:52 . 2014-07-11 17:55 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-06-19 00:52 . 2014-07-11 17:55 61440 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-06-19 00:52 . 2014-07-11 17:55 1440768 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-06-19 00:33 . 2014-07-11 17:55 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2014-06-19 00:30 . 2014-07-11 17:55 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-06-18 22:05 . 2014-07-11 17:55 534528 ----a-w- c:\windows\SysWow64\uxtheme.dll
2014-06-17 23:27 . 2014-07-11 17:28 1440256 ----a-w- c:\windows\SysWow64\osk.exe
2014-06-17 23:24 . 2014-07-11 17:28 1557504 ----a-w- c:\windows\system32\osk.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-09-04 852808]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-08-27 22041192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-08-23 56128]
"331BigDog"="c:\program files (x86)\USB Camera\VM331STI.EXE" [2012-05-02 548864]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2012-07-26 508656]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2012-07-27 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2012-07-27 167024]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2012-04-19 217088]
"RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896]
"mncwgqgmlSrv"="c:\windows\system32\mncwgqgml.vbe" [2014-03-05 7670]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2014-08-13 835288]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-9-7 1346936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [x]
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 RL_MIXAGE_IE_MIDI;Mixage Interface Edition WDM MIDI Device;c:\windows\system32\drivers\rlmxgiem.sys;c:\windows\SYSNATIVE\drivers\rlmxgiem.sys [x]
R3 RL_MIXAGE_IE_USB;usb-audio.de driver for Reloop Mixage Interface Edition;c:\windows\System32\Drivers\rlmxgieu.sys;c:\windows\SYSNATIVE\Drivers\rlmxgieu.sys [x]
R3 RL_MIXAGE_IE_WDM;Mixage Interface Edition WDM Audio;c:\windows\system32\drivers\rlmxgiea.sys;c:\windows\SYSNATIVE\drivers\rlmxgiea.sys [x]
R3 usb3Hub;USB-IF USB 3.0 Hub;c:\windows\System32\drivers\usb3Hub.sys;c:\windows\SYSNATIVE\drivers\usb3Hub.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R3 XHCIPort;USB-IF xHCI USB Host Controller;c:\windows\System32\drivers\XHCIPort.sys;c:\windows\SYSNATIVE\drivers\XHCIPort.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S2 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RzKLService;RzKLService;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys;c:\windows\SYSNATIVE\drivers\AcpiVpc.sys [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\System32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
S3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys;c:\windows\SYSNATIVE\drivers\jmcr.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
S3 NETwNe64;@oem19.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;c:\windows\system32\DRIVERS\NETwew00.sys;c:\windows\SYSNATIVE\DRIVERS\NETwew00.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 vm331avs;Digital Camera 1;c:\windows\System32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-12 10:50 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-25 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-25 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-25 441152]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-09-14 12921488]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-09-14 1214608]
"OnekeyStudio"="c:\program files\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-08-10 4196432]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-11-15 17080376]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-11-15 191544]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-05-29 2350880]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-05-29 1279480]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"M-Audio Taskbar Icon"="c:\windows\system32\M-AudioTaskBarIcon.exe" [2010-12-07 798728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 94.74.192.252 94.74.192.244
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-SynLenovoGestureMgr - c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe
AddRemove-{95716cce-fc71-413f-8ad5-56c2892d4b3a} - c:\programdata\Package Cache\{95716cce-fc71-413f-8ad5-56c2892d4b3a}\vcredist_x86.exe
AddRemove-{a1909659-0a08-4554-8af1-2175904903a1} - c:\programdata\Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3164711548-3657898618-3245913010-1002CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:e5,84,62,39,58,b8,dc,73,55,69,1f,eb,eb,5e,2d,9f,cd,fe,0d,aa,82,
9d,ef,3c,e1,e6,5a,32,d1,e4,23,80,27,65,a5,fc,bc,7f,8f,4a,c6,f3,54,aa,1c,d8,\
"rkeysecu"=hex:c5,15,ee,f9,45,8c,e5,3c,3f,8b,5b,c6,27,8e,69,94
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
Celkový čas: 2014-09-15 16:59:01
ComboFix-quarantined-files.txt 2014-09-15 14:59
.
Před spuštěním: 587 874 631 680 bytes free
Po spuštění: 587 822 444 544 bytes free
.
- - End Of File - - 3D43E3B481415FE76FC1E256873B9E80
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: kontrola logu
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Doinstaluj si free antivir (Avast , Avira nebo AVG).
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Kód: Vybrat vše
KillAll::
File::
c:\windows\system32\mncwgqgml.vbe
Folder::
c:\programdata\AVG
c:\programdata\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"mncwgqgmlSrv"=-
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Doinstaluj si free antivir (Avast , Avira nebo AVG).
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: kontrola logu
ComboFix 14-09-16.01 - Petr . 09. 2014 20:59:49.2.4 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.3962.2554 [GMT 2:00]
Spuštěný z: c:\users\Petr\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Petr\Desktop\CFScript.txt
AV: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\mncwgqgml.vbe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
c:\programdata\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}\{D3742F82-1C1A-4DCC-ABBD-0E831C0185CC}.msi
c:\programdata\AVG
c:\programdata\AVG\AWL\AvgRep.xml
c:\programdata\AVG\AWL\Program Statistics\ProgramStatistics.2013.tudb
c:\programdata\AVG\AWL\TUProgMan.10.tudb
c:\programdata\AVG\AWL\TUProgManagerCache.10.tudb
c:\programdata\AVG\AWL\TUTuningIndex.10.2.tudb
c:\programdata\AVG\AWL\TUUtilitiesSvc.13.tudb
c:\programdata\AVG\AWL000BC38E859ED74722C138D87C9B5494.xml
c:\programdata\AVG\AWL2014\TUProgRating.10.tudb
c:\programdata\AVG\AWL2014\TUReportData.10.tudb
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-08-15 do 2014-09-15 )))))))))))))))))))))))))))))))
.
.
2014-09-15 19:08 . 2014-09-15 19:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-09-12 17:22 . 2014-08-20 18:43 11319192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CB5A04CB-55FC-419E-A1FE-94A330D59025}\mpengine.dll
2014-09-12 13:26 . 2014-09-12 13:26 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-09-12 13:26 . 2014-09-13 13:26 -------- d-----r- c:\program files (x86)\Skype
2014-09-11 11:51 . 2014-09-11 11:52 305832 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10246.bin
2014-09-10 15:16 . 2014-09-10 14:57 24064 ----a-w- c:\windows\zoek-delete.exe
2014-09-10 15:16 . 2014-09-15 19:05 -------- d-----w- c:\users\Petr\AppData\Local\Temp
2014-09-10 11:42 . 2014-09-10 11:42 -------- d-----w- c:\windows\ERUNT
2014-09-10 11:25 . 2014-09-14 13:47 -------- d-----w- c:\users\Petr\AppData\Local\CrashDumps
2014-09-10 11:22 . 2014-09-10 17:52 36456 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-09-10 11:22 . 2014-09-10 11:22 -------- d-----w- c:\programdata\RogueKiller
2014-09-10 10:51 . 2014-09-10 10:51 -------- d-----w- c:\users\Petr\AppData\Local\Broadcom
2014-09-10 10:50 . 2014-09-10 10:50 -------- d-----w- c:\users\Petr\AppData\Local\Adobe
2014-09-09 17:07 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-09-04 14:51 . 2014-09-04 15:04 -------- d-----w- c:\program files (x86)\BlueStacks
2014-09-04 14:51 . 2014-09-04 14:51 -------- d-----w- c:\programdata\BlueStacks
2014-08-25 09:57 . 2014-08-25 09:57 -------- d-----w- c:\program files (x86)\Microsoft
2014-08-25 09:56 . 2014-08-25 09:56 -------- d--h--r- c:\users\Petr\AppData\Roaming\SecuROM
2014-08-24 14:15 . 2014-08-24 14:15 -------- d-----w- c:\program files (x86)\Audacity
2014-08-24 08:08 . 2014-08-24 08:08 -------- d-----w- c:\users\Petr\AppData\Local\Rockstar Games
2014-08-24 08:01 . 2014-08-24 08:01 -------- d-----w- c:\windows\SysWow64\xlive
2014-08-24 08:01 . 2014-08-24 08:01 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2014-08-23 17:18 . 2014-08-23 17:18 -------- d-----w- c:\program files (x86)\ABAllA
2014-08-21 17:51 . 2014-08-21 17:51 -------- d-----w- c:\program files (x86)\Steinberg
2014-08-20 09:56 . 2014-08-20 09:56 -------- d-----w- c:\users\Petr\minecraft
2014-08-20 09:41 . 2014-08-20 10:28 -------- d-----w- c:\users\Petr\AppData\Roaming\McTitan Aglaria
2014-08-20 09:05 . 2006-09-13 23:21 2240 ----a-w- c:\windows\LENDIG.sys
2014-08-20 09:05 . 2014-08-20 09:05 -------- d-----w- c:\program files\Steinberg
2014-08-20 09:01 . 2014-08-20 09:01 -------- d-----w- c:\program files\vstplugins
2014-08-19 22:21 . 2014-08-19 22:21 -------- d-----w- c:\users\Petr\AppData\Roaming\Publish Providers
2014-08-19 22:06 . 2014-08-19 22:12 -------- d-----w- c:\users\Petr\AppData\Local\Sony
2014-08-19 22:06 . 2014-08-19 22:06 -------- d-----w- c:\programdata\Sony
2014-08-19 22:06 . 2014-08-19 22:06 -------- d-----w- c:\program files\Sony
2014-08-19 22:06 . 2014-08-19 22:06 -------- d-----w- c:\program files (x86)\Sony
2014-08-19 22:05 . 2014-09-06 12:15 -------- d-----w- c:\users\Petr\AppData\Roaming\Sony
2014-08-19 08:28 . 2014-08-31 12:29 -------- d-----w- c:\users\Petr\AppData\Roaming\.minecraft
2014-08-19 07:29 . 2014-08-19 07:29 28260 ----a-w- c:\users\Petr\cc_20140819_092933.reg
2014-08-17 15:34 . 2014-08-17 15:34 -------- d-----w- c:\users\Petr\AppData\Local\The Witcher 2
2014-08-17 14:43 . 2014-08-17 14:43 -------- d-----w- c:\program files (x86)\GOG.com
2014-08-17 14:09 . 2014-08-17 14:09 -------- d-----w- c:\program files (x86)\Manual
2014-08-17 14:09 . 2009-10-23 21:00 5811712 ----a-w- c:\program files (x86)\Nexus.dll
2014-08-17 14:09 . 2014-08-17 14:09 -------- d-----w- c:\program files (x86)\Uninstall Nexus
2014-08-17 09:20 . 2014-08-17 09:20 -------- d-----w- c:\program files (x86)\Common Files\reFX
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-09 17:20 . 2014-07-24 14:00 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-16 18:54 . 2014-07-16 18:54 98304 ----a-w- c:\windows\SysWow64\CmdLineExt.dll
2014-07-12 16:55 . 2014-07-12 16:55 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-11 18:06 . 2014-07-11 18:06 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-07-11 14:44 . 2014-07-11 14:44 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2014-07-11 14:44 . 2014-07-11 14:44 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2014-06-30 22:42 . 2014-07-11 17:59 394240 ----a-w- c:\windows\system32\devinv.dll
2014-06-30 22:42 . 2014-07-11 17:59 702464 ----a-w- c:\windows\system32\aepdu.dll
2014-06-30 22:42 . 2014-07-11 17:59 87552 ----a-w- c:\windows\system32\aepic.dll
2014-06-28 03:35 . 2014-07-11 17:59 556544 ----a-w- c:\windows\system32\aeinv.dll
2014-06-26 20:53 . 2014-07-13 06:03 703968 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-26 20:53 . 2014-07-13 06:03 105440 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-26 15:40 . 2014-07-11 17:01 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-06-21 07:40 . 2014-07-16 13:46 139792 ----a-w- c:\windows\SysWow64\GFSDK_SSAO.win64.dll
2014-06-19 02:12 . 2014-07-11 17:55 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2014-06-19 02:12 . 2014-07-11 17:55 2239488 ----a-w- c:\windows\system32\wininet.dll
2014-06-19 02:12 . 2014-07-11 17:55 915968 ----a-w- c:\windows\system32\uxtheme.dll
2014-06-19 02:12 . 2014-07-11 17:55 53760 ----a-w- c:\windows\system32\UXInit.dll
2014-06-19 02:12 . 2014-07-11 17:55 1366528 ----a-w- c:\windows\system32\urlmon.dll
2014-06-19 02:11 . 2014-07-11 17:55 197120 ----a-w- c:\windows\system32\msrating.dll
2014-06-19 02:11 . 2014-07-11 17:55 97792 ----a-w- c:\windows\system32\mshtmled.dll
2014-06-19 02:11 . 2014-07-11 17:55 19277312 ----a-w- c:\windows\system32\mshtml.dll
2014-06-19 02:10 . 2014-07-11 17:55 603136 ----a-w- c:\windows\system32\msfeeds.dll
2014-06-19 02:10 . 2014-07-11 17:55 3959296 ----a-w- c:\windows\system32\jscript9.dll
2014-06-19 02:10 . 2014-07-11 17:55 53760 ----a-w- c:\windows\system32\jsproxy.dll
2014-06-19 02:10 . 2014-07-11 17:55 855552 ----a-w- c:\windows\system32\jscript.dll
2014-06-19 02:10 . 2014-07-11 17:55 255488 ----a-w- c:\windows\system32\iedkcs32.dll
2014-06-19 02:10 . 2014-07-11 17:55 15369728 ----a-w- c:\windows\system32\ieframe.dll
2014-06-19 02:10 . 2014-07-11 17:55 2650624 ----a-w- c:\windows\system32\iertutil.dll
2014-06-19 02:10 . 2014-07-11 17:55 136704 ----a-w- c:\windows\system32\iesysprep.dll
2014-06-19 02:10 . 2014-07-11 17:55 39936 ----a-w- c:\windows\system32\iernonce.dll
2014-06-19 02:10 . 2014-07-11 17:55 67072 ----a-w- c:\windows\system32\iesetup.dll
2014-06-19 02:10 . 2014-07-11 17:55 281600 ----a-w- c:\windows\system32\dxtrans.dll
2014-06-19 02:10 . 2014-07-11 17:55 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2014-06-19 02:09 . 2014-07-11 17:55 1508864 ----a-w- c:\windows\system32\inetcpl.cpl
2014-06-19 00:53 . 2014-07-11 17:55 1766400 ----a-w- c:\windows\SysWow64\wininet.dll
2014-06-19 00:53 . 2014-07-11 17:55 44032 ----a-w- c:\windows\SysWow64\UXInit.dll
2014-06-19 00:52 . 2014-07-11 17:55 2863616 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-06-19 00:52 . 2014-07-11 17:55 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-06-19 00:52 . 2014-07-11 17:55 61440 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-06-19 00:52 . 2014-07-11 17:55 1440768 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-06-19 00:33 . 2014-07-11 17:55 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2014-06-19 00:30 . 2014-07-11 17:55 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-06-18 22:05 . 2014-07-11 17:55 534528 ----a-w- c:\windows\SysWow64\uxtheme.dll
2014-06-17 23:27 . 2014-07-11 17:28 1440256 ----a-w- c:\windows\SysWow64\osk.exe
2014-06-17 23:24 . 2014-07-11 17:28 1557504 ----a-w- c:\windows\system32\osk.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-09-04 852808]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-08-27 22041192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-08-23 56128]
"331BigDog"="c:\program files (x86)\USB Camera\VM331STI.EXE" [2012-05-02 548864]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2012-07-26 508656]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2012-07-27 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2012-07-27 167024]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2012-04-19 217088]
"RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2014-08-13 835288]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-9-7 1346936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 RL_MIXAGE_IE_MIDI;Mixage Interface Edition WDM MIDI Device;c:\windows\system32\drivers\rlmxgiem.sys;c:\windows\SYSNATIVE\drivers\rlmxgiem.sys [x]
R3 RL_MIXAGE_IE_USB;usb-audio.de driver for Reloop Mixage Interface Edition;c:\windows\System32\Drivers\rlmxgieu.sys;c:\windows\SYSNATIVE\Drivers\rlmxgieu.sys [x]
R3 RL_MIXAGE_IE_WDM;Mixage Interface Edition WDM Audio;c:\windows\system32\drivers\rlmxgiea.sys;c:\windows\SYSNATIVE\drivers\rlmxgiea.sys [x]
R3 usb3Hub;USB-IF USB 3.0 Hub;c:\windows\System32\drivers\usb3Hub.sys;c:\windows\SYSNATIVE\drivers\usb3Hub.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R3 XHCIPort;USB-IF xHCI USB Host Controller;c:\windows\System32\drivers\XHCIPort.sys;c:\windows\SYSNATIVE\drivers\XHCIPort.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [x]
S2 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RzKLService;RzKLService;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys;c:\windows\SYSNATIVE\drivers\AcpiVpc.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\System32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
S3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys;c:\windows\SYSNATIVE\drivers\jmcr.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
S3 NETwNe64;@oem19.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;c:\windows\system32\DRIVERS\NETwew00.sys;c:\windows\SYSNATIVE\DRIVERS\NETwew00.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 vm331avs;Digital Camera 1;c:\windows\System32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-12 10:50 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-25 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-25 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-25 441152]
"SynLenovoGestureMgr"="c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-09-14 12921488]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-09-14 1214608]
"OnekeyStudio"="c:\program files\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-08-10 4196432]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-11-15 17080376]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-11-15 191544]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-05-29 2350880]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-05-29 1279480]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"M-Audio Taskbar Icon"="c:\windows\system32\M-AudioTaskBarIcon.exe" [2010-12-07 798728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 94.74.192.252 94.74.192.244
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-{95716cce-fc71-413f-8ad5-56c2892d4b3a} - c:\programdata\Package Cache\{95716cce-fc71-413f-8ad5-56c2892d4b3a}\vcredist_x86.exe
AddRemove-{a1909659-0a08-4554-8af1-2175904903a1} - c:\programdata\Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3164711548-3657898618-3245913010-1002CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:e5,84,62,39,58,b8,dc,73,55,69,1f,eb,eb,5e,2d,9f,cd,fe,0d,aa,82,
9d,ef,3c,e1,e6,5a,32,d1,e4,23,80,27,65,a5,fc,bc,7f,8f,4a,c6,f3,54,aa,1c,d8,\
"rkeysecu"=hex:c5,15,ee,f9,45,8c,e5,3c,3f,8b,5b,c6,27,8e,69,94
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\SysWOW64\RunDll32.exe
c:\program files\Lenovo\Bluetooth Software\Bluetooth Headset Helper.exe
c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-09-15 21:19:03 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-09-15 19:19
ComboFix2.txt 2014-09-15 14:59
.
Před spuštěním: 587 901 648 896 bytes free
Po spuštění: 587 853 389 824 bytes free
.
- - End Of File - - 627C0E4036F510C398E7566ADFE94D00
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.3962.2554 [GMT 2:00]
Spuštěný z: c:\users\Petr\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Petr\Desktop\CFScript.txt
AV: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\mncwgqgml.vbe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
c:\programdata\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}\{D3742F82-1C1A-4DCC-ABBD-0E831C0185CC}.msi
c:\programdata\AVG
c:\programdata\AVG\AWL\AvgRep.xml
c:\programdata\AVG\AWL\Program Statistics\ProgramStatistics.2013.tudb
c:\programdata\AVG\AWL\TUProgMan.10.tudb
c:\programdata\AVG\AWL\TUProgManagerCache.10.tudb
c:\programdata\AVG\AWL\TUTuningIndex.10.2.tudb
c:\programdata\AVG\AWL\TUUtilitiesSvc.13.tudb
c:\programdata\AVG\AWL000BC38E859ED74722C138D87C9B5494.xml
c:\programdata\AVG\AWL2014\TUProgRating.10.tudb
c:\programdata\AVG\AWL2014\TUReportData.10.tudb
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-08-15 do 2014-09-15 )))))))))))))))))))))))))))))))
.
.
2014-09-15 19:08 . 2014-09-15 19:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-09-12 17:22 . 2014-08-20 18:43 11319192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CB5A04CB-55FC-419E-A1FE-94A330D59025}\mpengine.dll
2014-09-12 13:26 . 2014-09-12 13:26 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-09-12 13:26 . 2014-09-13 13:26 -------- d-----r- c:\program files (x86)\Skype
2014-09-11 11:51 . 2014-09-11 11:52 305832 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10246.bin
2014-09-10 15:16 . 2014-09-10 14:57 24064 ----a-w- c:\windows\zoek-delete.exe
2014-09-10 15:16 . 2014-09-15 19:05 -------- d-----w- c:\users\Petr\AppData\Local\Temp
2014-09-10 11:42 . 2014-09-10 11:42 -------- d-----w- c:\windows\ERUNT
2014-09-10 11:25 . 2014-09-14 13:47 -------- d-----w- c:\users\Petr\AppData\Local\CrashDumps
2014-09-10 11:22 . 2014-09-10 17:52 36456 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-09-10 11:22 . 2014-09-10 11:22 -------- d-----w- c:\programdata\RogueKiller
2014-09-10 10:51 . 2014-09-10 10:51 -------- d-----w- c:\users\Petr\AppData\Local\Broadcom
2014-09-10 10:50 . 2014-09-10 10:50 -------- d-----w- c:\users\Petr\AppData\Local\Adobe
2014-09-09 17:07 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-09-04 14:51 . 2014-09-04 15:04 -------- d-----w- c:\program files (x86)\BlueStacks
2014-09-04 14:51 . 2014-09-04 14:51 -------- d-----w- c:\programdata\BlueStacks
2014-08-25 09:57 . 2014-08-25 09:57 -------- d-----w- c:\program files (x86)\Microsoft
2014-08-25 09:56 . 2014-08-25 09:56 -------- d--h--r- c:\users\Petr\AppData\Roaming\SecuROM
2014-08-24 14:15 . 2014-08-24 14:15 -------- d-----w- c:\program files (x86)\Audacity
2014-08-24 08:08 . 2014-08-24 08:08 -------- d-----w- c:\users\Petr\AppData\Local\Rockstar Games
2014-08-24 08:01 . 2014-08-24 08:01 -------- d-----w- c:\windows\SysWow64\xlive
2014-08-24 08:01 . 2014-08-24 08:01 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2014-08-23 17:18 . 2014-08-23 17:18 -------- d-----w- c:\program files (x86)\ABAllA
2014-08-21 17:51 . 2014-08-21 17:51 -------- d-----w- c:\program files (x86)\Steinberg
2014-08-20 09:56 . 2014-08-20 09:56 -------- d-----w- c:\users\Petr\minecraft
2014-08-20 09:41 . 2014-08-20 10:28 -------- d-----w- c:\users\Petr\AppData\Roaming\McTitan Aglaria
2014-08-20 09:05 . 2006-09-13 23:21 2240 ----a-w- c:\windows\LENDIG.sys
2014-08-20 09:05 . 2014-08-20 09:05 -------- d-----w- c:\program files\Steinberg
2014-08-20 09:01 . 2014-08-20 09:01 -------- d-----w- c:\program files\vstplugins
2014-08-19 22:21 . 2014-08-19 22:21 -------- d-----w- c:\users\Petr\AppData\Roaming\Publish Providers
2014-08-19 22:06 . 2014-08-19 22:12 -------- d-----w- c:\users\Petr\AppData\Local\Sony
2014-08-19 22:06 . 2014-08-19 22:06 -------- d-----w- c:\programdata\Sony
2014-08-19 22:06 . 2014-08-19 22:06 -------- d-----w- c:\program files\Sony
2014-08-19 22:06 . 2014-08-19 22:06 -------- d-----w- c:\program files (x86)\Sony
2014-08-19 22:05 . 2014-09-06 12:15 -------- d-----w- c:\users\Petr\AppData\Roaming\Sony
2014-08-19 08:28 . 2014-08-31 12:29 -------- d-----w- c:\users\Petr\AppData\Roaming\.minecraft
2014-08-19 07:29 . 2014-08-19 07:29 28260 ----a-w- c:\users\Petr\cc_20140819_092933.reg
2014-08-17 15:34 . 2014-08-17 15:34 -------- d-----w- c:\users\Petr\AppData\Local\The Witcher 2
2014-08-17 14:43 . 2014-08-17 14:43 -------- d-----w- c:\program files (x86)\GOG.com
2014-08-17 14:09 . 2014-08-17 14:09 -------- d-----w- c:\program files (x86)\Manual
2014-08-17 14:09 . 2009-10-23 21:00 5811712 ----a-w- c:\program files (x86)\Nexus.dll
2014-08-17 14:09 . 2014-08-17 14:09 -------- d-----w- c:\program files (x86)\Uninstall Nexus
2014-08-17 09:20 . 2014-08-17 09:20 -------- d-----w- c:\program files (x86)\Common Files\reFX
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-09 17:20 . 2014-07-24 14:00 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-16 18:54 . 2014-07-16 18:54 98304 ----a-w- c:\windows\SysWow64\CmdLineExt.dll
2014-07-12 16:55 . 2014-07-12 16:55 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-11 18:06 . 2014-07-11 18:06 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-07-11 14:44 . 2014-07-11 14:44 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2014-07-11 14:44 . 2014-07-11 14:44 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2014-06-30 22:42 . 2014-07-11 17:59 394240 ----a-w- c:\windows\system32\devinv.dll
2014-06-30 22:42 . 2014-07-11 17:59 702464 ----a-w- c:\windows\system32\aepdu.dll
2014-06-30 22:42 . 2014-07-11 17:59 87552 ----a-w- c:\windows\system32\aepic.dll
2014-06-28 03:35 . 2014-07-11 17:59 556544 ----a-w- c:\windows\system32\aeinv.dll
2014-06-26 20:53 . 2014-07-13 06:03 703968 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-26 20:53 . 2014-07-13 06:03 105440 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-26 15:40 . 2014-07-11 17:01 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-06-21 07:40 . 2014-07-16 13:46 139792 ----a-w- c:\windows\SysWow64\GFSDK_SSAO.win64.dll
2014-06-19 02:12 . 2014-07-11 17:55 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2014-06-19 02:12 . 2014-07-11 17:55 2239488 ----a-w- c:\windows\system32\wininet.dll
2014-06-19 02:12 . 2014-07-11 17:55 915968 ----a-w- c:\windows\system32\uxtheme.dll
2014-06-19 02:12 . 2014-07-11 17:55 53760 ----a-w- c:\windows\system32\UXInit.dll
2014-06-19 02:12 . 2014-07-11 17:55 1366528 ----a-w- c:\windows\system32\urlmon.dll
2014-06-19 02:11 . 2014-07-11 17:55 197120 ----a-w- c:\windows\system32\msrating.dll
2014-06-19 02:11 . 2014-07-11 17:55 97792 ----a-w- c:\windows\system32\mshtmled.dll
2014-06-19 02:11 . 2014-07-11 17:55 19277312 ----a-w- c:\windows\system32\mshtml.dll
2014-06-19 02:10 . 2014-07-11 17:55 603136 ----a-w- c:\windows\system32\msfeeds.dll
2014-06-19 02:10 . 2014-07-11 17:55 3959296 ----a-w- c:\windows\system32\jscript9.dll
2014-06-19 02:10 . 2014-07-11 17:55 53760 ----a-w- c:\windows\system32\jsproxy.dll
2014-06-19 02:10 . 2014-07-11 17:55 855552 ----a-w- c:\windows\system32\jscript.dll
2014-06-19 02:10 . 2014-07-11 17:55 255488 ----a-w- c:\windows\system32\iedkcs32.dll
2014-06-19 02:10 . 2014-07-11 17:55 15369728 ----a-w- c:\windows\system32\ieframe.dll
2014-06-19 02:10 . 2014-07-11 17:55 2650624 ----a-w- c:\windows\system32\iertutil.dll
2014-06-19 02:10 . 2014-07-11 17:55 136704 ----a-w- c:\windows\system32\iesysprep.dll
2014-06-19 02:10 . 2014-07-11 17:55 39936 ----a-w- c:\windows\system32\iernonce.dll
2014-06-19 02:10 . 2014-07-11 17:55 67072 ----a-w- c:\windows\system32\iesetup.dll
2014-06-19 02:10 . 2014-07-11 17:55 281600 ----a-w- c:\windows\system32\dxtrans.dll
2014-06-19 02:10 . 2014-07-11 17:55 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2014-06-19 02:09 . 2014-07-11 17:55 1508864 ----a-w- c:\windows\system32\inetcpl.cpl
2014-06-19 00:53 . 2014-07-11 17:55 1766400 ----a-w- c:\windows\SysWow64\wininet.dll
2014-06-19 00:53 . 2014-07-11 17:55 44032 ----a-w- c:\windows\SysWow64\UXInit.dll
2014-06-19 00:52 . 2014-07-11 17:55 2863616 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-06-19 00:52 . 2014-07-11 17:55 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-06-19 00:52 . 2014-07-11 17:55 61440 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-06-19 00:52 . 2014-07-11 17:55 1440768 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-06-19 00:33 . 2014-07-11 17:55 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2014-06-19 00:30 . 2014-07-11 17:55 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-06-18 22:05 . 2014-07-11 17:55 534528 ----a-w- c:\windows\SysWow64\uxtheme.dll
2014-06-17 23:27 . 2014-07-11 17:28 1440256 ----a-w- c:\windows\SysWow64\osk.exe
2014-06-17 23:24 . 2014-07-11 17:28 1557504 ----a-w- c:\windows\system32\osk.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-09-04 852808]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-08-27 22041192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-08-23 56128]
"331BigDog"="c:\program files (x86)\USB Camera\VM331STI.EXE" [2012-05-02 548864]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2012-07-26 508656]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2012-07-27 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2012-07-27 167024]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2012-04-19 217088]
"RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2014-08-13 835288]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-9-7 1346936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 RL_MIXAGE_IE_MIDI;Mixage Interface Edition WDM MIDI Device;c:\windows\system32\drivers\rlmxgiem.sys;c:\windows\SYSNATIVE\drivers\rlmxgiem.sys [x]
R3 RL_MIXAGE_IE_USB;usb-audio.de driver for Reloop Mixage Interface Edition;c:\windows\System32\Drivers\rlmxgieu.sys;c:\windows\SYSNATIVE\Drivers\rlmxgieu.sys [x]
R3 RL_MIXAGE_IE_WDM;Mixage Interface Edition WDM Audio;c:\windows\system32\drivers\rlmxgiea.sys;c:\windows\SYSNATIVE\drivers\rlmxgiea.sys [x]
R3 usb3Hub;USB-IF USB 3.0 Hub;c:\windows\System32\drivers\usb3Hub.sys;c:\windows\SYSNATIVE\drivers\usb3Hub.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R3 XHCIPort;USB-IF xHCI USB Host Controller;c:\windows\System32\drivers\XHCIPort.sys;c:\windows\SYSNATIVE\drivers\XHCIPort.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [x]
S2 BcmBtRSupport;Bluetooth Radio Control Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RzKLService;RzKLService;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys;c:\windows\SYSNATIVE\drivers\AcpiVpc.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\System32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
S3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys;c:\windows\SYSNATIVE\drivers\jmcr.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
S3 NETwNe64;@oem19.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;c:\windows\system32\DRIVERS\NETwew00.sys;c:\windows\SYSNATIVE\DRIVERS\NETwew00.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 vm331avs;Digital Camera 1;c:\windows\System32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-12 10:50 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-25 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-25 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-25 441152]
"SynLenovoGestureMgr"="c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-09-14 12921488]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-09-14 1214608]
"OnekeyStudio"="c:\program files\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-08-10 4196432]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-11-15 17080376]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-11-15 191544]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-05-29 2350880]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-05-29 1279480]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"M-Audio Taskbar Icon"="c:\windows\system32\M-AudioTaskBarIcon.exe" [2010-12-07 798728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 94.74.192.252 94.74.192.244
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-{95716cce-fc71-413f-8ad5-56c2892d4b3a} - c:\programdata\Package Cache\{95716cce-fc71-413f-8ad5-56c2892d4b3a}\vcredist_x86.exe
AddRemove-{a1909659-0a08-4554-8af1-2175904903a1} - c:\programdata\Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3164711548-3657898618-3245913010-1002CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:e5,84,62,39,58,b8,dc,73,55,69,1f,eb,eb,5e,2d,9f,cd,fe,0d,aa,82,
9d,ef,3c,e1,e6,5a,32,d1,e4,23,80,27,65,a5,fc,bc,7f,8f,4a,c6,f3,54,aa,1c,d8,\
"rkeysecu"=hex:c5,15,ee,f9,45,8c,e5,3c,3f,8b,5b,c6,27,8e,69,94
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\SysWOW64\RunDll32.exe
c:\program files\Lenovo\Bluetooth Software\Bluetooth Headset Helper.exe
c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-09-15 21:19:03 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-09-15 19:19
ComboFix2.txt 2014-09-15 14:59
.
Před spuštěním: 587 901 648 896 bytes free
Po spuštění: 587 853 389 824 bytes free
.
- - End Of File - - 627C0E4036F510C398E7566ADFE94D00
Re: kontrola logu
aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-09-15 21:20:25
-----------------------------
21:20:25.784 OS Version: Windows x64 6.2.9200
21:20:25.784 Number of processors: 4 586 0x3A09
21:20:25.785 ComputerName: IDEA-PC UserName: Petr
21:20:28.542 Initialize success
21:20:28.557 VM: initialized successfully
21:20:28.604 VM: Intel CPU BiosDisabled
21:20:31.931 VM: disk I/O iaStorA.sys
21:20:36.438 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000037
21:20:36.438 Disk 0 Vendor: ST1000LM024_HN-M101MBB 2AR10001 Size: 953869MB BusType: 11
21:20:36.594 Disk 0 MBR read successfully
21:20:36.594 Disk 0 MBR scan
21:20:36.594 Disk 0 unknown MBR code
21:20:36.609 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
21:20:36.641 Disk 0 scanning C:\windows\system32\drivers
21:20:45.016 Service scanning
21:21:01.876 Modules scanning
21:21:01.876 Disk 0 trace - called modules:
21:21:01.908 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys
21:21:01.923 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80062dc060]
21:21:01.923 3 CLASSPNP.SYS[fffff88000a53e0a] -> nt!IofCallDriver -> \Device\00000037[0xfffffa8004ad67f0]
21:21:01.923 Scan finished successfully
21:21:50.426 Disk 0 MBR has been saved successfully to "C:\Users\Petr\Desktop\MBR.dat"
21:21:50.426 The log file has been saved successfully to "C:\Users\Petr\Desktop\aswMBR.txt"
Run date: 2014-09-15 21:20:25
-----------------------------
21:20:25.784 OS Version: Windows x64 6.2.9200
21:20:25.784 Number of processors: 4 586 0x3A09
21:20:25.785 ComputerName: IDEA-PC UserName: Petr
21:20:28.542 Initialize success
21:20:28.557 VM: initialized successfully
21:20:28.604 VM: Intel CPU BiosDisabled
21:20:31.931 VM: disk I/O iaStorA.sys
21:20:36.438 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000037
21:20:36.438 Disk 0 Vendor: ST1000LM024_HN-M101MBB 2AR10001 Size: 953869MB BusType: 11
21:20:36.594 Disk 0 MBR read successfully
21:20:36.594 Disk 0 MBR scan
21:20:36.594 Disk 0 unknown MBR code
21:20:36.609 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
21:20:36.641 Disk 0 scanning C:\windows\system32\drivers
21:20:45.016 Service scanning
21:21:01.876 Modules scanning
21:21:01.876 Disk 0 trace - called modules:
21:21:01.908 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys
21:21:01.923 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80062dc060]
21:21:01.923 3 CLASSPNP.SYS[fffff88000a53e0a] -> nt!IofCallDriver -> \Device\00000037[0xfffffa8004ad67f0]
21:21:01.923 Scan finished successfully
21:21:50.426 Disk 0 MBR has been saved successfully to "C:\Users\Petr\Desktop\MBR.dat"
21:21:50.426 The log file has been saved successfully to "C:\Users\Petr\Desktop\aswMBR.txt"
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: kontrola logu
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: kontrola logu Vyřešeno
Myslím že je už všechno v pořádku!
Děkuju všem za skvěle odvedenou práci ! :)
Děkuju všem za skvěle odvedenou práci ! :)
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 114 hostů