Nějaké pěkné svinstvo :/

Zpráva

Saturas · #1 Příspěvek od **Saturas** » 01 úno 2014 14:15

Dobrý den,

Mám dosti nepříjemý problém, mám čistě reinstalovaný PC a i přesto v něm mám virus.
Poznal jsem už pomoci spousty logu, antivirů a pod. že je zakopaný v users -> schovaný v appdata/launch a jmenuje se services.exe

Pokud jsem použil Combofix, či jiný program, virus se sice vymazal, ale po restartnutí PC se opět vrací.
Dle vašeho návodu, jsem zakázal obnovu systému, ale problém přetrvává.

Nejzajímavější je, že tento vir asi přišel instalací programu Daemon.
Při každém spuštění PC se mi totiž samovolně spustí instalace Daemonu nějaké verze, a vypíše se, že daemon už byl aktualizován na novější verzi.

Primární bordel co virus dělá je ten, že nelze psát na klavesnici t z háčkem a pod... ale objeví se toto -> ˇˇ <- při stisknuté klávesy signalizující háček.
Ovšem taky mi virus smazal kompletní historii prohlížeče a některých programů...

Zde najdete můj log:

https://docs.google.com/document/d/1-Ra ... _rloQ/edit

#2 Příspěvek od **vyosek** » 01 úno 2014 14:20

Zdravim

:arrow:Co se tyce ComboFixu, ktery jste pouzil, tak na zaklade licence a pravidel fora ptam, umite s nim pracovat (spusteni, rozlusteni logu, napsani skriptu)?

Licencni podminky ComboFixu hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"
Obrázek

Nebezpeci CFka

Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
Maze stopy po haveti, takze v logu z RSIT neni nic videt
Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal

Saturas · #3 Příspěvek od **Saturas** » 01 úno 2014 14:46

Combofix jsem používal čistě jen k vytvoření logu, další úpravy jsem neprováděl.

Jakmile mi vytvořil log, tak dle mého názoru havět smazal, protože ihned jsem mohl klasicky psát háčky nad t, takže jsem již dále nepostupoval.
Ovšem při restartu jak jsem zmínil, se znova vše začalo opakovat.

#4 Příspěvek od **vyosek** » 01 úno 2014 15:01

CF neni jen tak na hrani a tvorbu logu, je to profesionalni nastroj, ktery se pouziva az na doporuceni, jelikoz jeho log je potreba temer vzdy docistit.

Dejte mi sem jeho log, najdete jej v c:\combofix.txt

Saturas · #5 Příspěvek od **Saturas** » 01 úno 2014 15:05

Zde je můj naposled prováděný CF log

ComboFix 14-01-29.01 - Saturas 01.02.2014 11:09:38.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3996.2629 [GMT 1:00]
Spuštěný z: c:\users\Saturas\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
ADS - Windows: deleted 0 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Saturas\AppData\Roaming\2OFLHMVLPK.exe
c:\users\Saturas\AppData\Roaming\Log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-01-01 do 2014-02-01 )))))))))))))))))))))))))))))))
.
.
2014-02-01 10:16 . 2014-02-01 10:16 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-02-01 10:16 . 2014-02-01 10:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-31 22:08 . 2013-12-16 00:54 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3151A578-822E-4E9F-B67D-5ACD004232D7}\mpengine.dll
2014-01-30 23:32 . 2014-01-30 23:32 -------- d-----w- c:\windows\SysWow64\C2MP
2014-01-30 12:17 . 2013-12-16 00:54 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-30 00:17 . 2014-01-30 00:17 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-01-29 21:05 . 2014-01-29 21:05 -------- d-----w- c:\program files (x86)\GameSpy
2014-01-29 21:04 . 2014-01-29 21:04 -------- d-----w- c:\windows\SysWow64\URTTEMP
2014-01-29 21:03 . 2014-01-29 21:03 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-01-29 21:03 . 2014-01-29 21:03 669184 ----a-w- c:\windows\SysWow64\pbsvc.exe
2014-01-29 21:03 . 2014-01-29 21:03 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-01-29 21:01 . 2007-03-05 11:42 15128 ----a-w- c:\windows\SysWow64\x3daudio1_1.dll
2014-01-29 19:48 . 2014-01-29 19:50 -------- d-----w- c:\programdata\ProductData
2014-01-29 19:48 . 2014-01-29 19:48 -------- d-----w- c:\programdata\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-29 17:28 . 2014-01-29 17:28 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2014-01-29 17:17 . 2014-01-29 17:17 -------- d-----w- c:\program files (x86)\Hijack
2014-01-29 16:55 . 2014-01-29 16:55 -------- d-----w- c:\program files\Lavasoft
2014-01-29 16:55 . 2014-01-29 16:55 -------- d-----w- c:\program files\Common Files\Lavasoft
2014-01-29 16:54 . 2014-01-29 16:54 -------- d-----w- c:\programdata\Lavasoft
2014-01-29 09:51 . 2014-01-29 09:51 99288 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
2014-01-29 09:51 . 2014-01-29 09:51 1795952 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2014-01-28 22:28 . 2014-01-28 22:28 -------- d-----w- c:\programdata\Electronic Arts
2014-01-28 22:28 . 2014-01-28 22:28 -------- d-----w- c:\programdata\EA Core
2014-01-28 22:13 . 2014-01-28 22:13 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-01-28 22:12 . 2014-01-29 18:38 -------- d-----w- c:\program files (x86)\DAEMON Tools Pro
2014-01-28 22:07 . 2014-01-29 18:35 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2014-01-28 21:43 . 2010-05-26 10:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
2014-01-28 21:43 . 2010-05-26 10:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll
2014-01-28 21:43 . 2010-05-26 10:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll
2014-01-28 21:43 . 2010-05-26 10:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll
2014-01-28 21:43 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
2014-01-28 21:43 . 2010-05-26 10:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2014-01-28 21:42 . 2013-12-10 02:14 1100248 ----a-w- c:\windows\system32\nvspcap64.dll
2014-01-28 21:42 . 2013-12-10 02:15 982232 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-01-28 21:41 . 2014-01-28 21:41 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-01-28 21:40 . 2014-01-29 18:36 -------- d-----w- c:\windows\SysWow64\NV
2014-01-28 21:40 . 2014-01-29 18:36 -------- d-----w- c:\windows\system32\NV
2014-01-28 21:31 . 2014-01-29 18:21 -------- d-----w- C:\NVIDIA
2014-01-28 20:19 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2014-01-28 20:19 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2014-01-28 20:19 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-01-28 20:19 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-01-28 20:19 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2014-01-28 20:19 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2014-01-28 17:06 . 2014-01-29 18:35 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2014-01-28 16:59 . 2013-01-04 06:11 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-01-28 16:58 . 2014-01-29 18:36 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2014-01-28 16:57 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2014-01-28 16:57 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-01-28 16:53 . 2014-01-29 18:24 -------- d-----w- c:\program files\Microsoft Office
2014-01-28 16:52 . 2014-01-29 18:23 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2014-01-28 16:51 . 2014-01-30 00:20 -------- d-----w- c:\programdata\Microsoft Help
2014-01-28 16:51 . 2014-01-29 18:20 -------- d-----r- C:\MSOCache
2014-01-28 16:50 . 2014-01-29 18:36 -------- d-----w- c:\windows\SysWow64\Wat
2014-01-28 16:50 . 2014-01-29 18:36 -------- d-----w- c:\windows\system32\Wat
2014-01-28 16:34 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-01-28 16:34 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-01-28 16:34 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-01-28 16:34 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-01-28 16:33 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-01-28 16:30 . 2014-01-29 18:36 -------- d-----w- c:\programdata\DAEMON Tools Lite
2014-01-28 16:23 . 2014-01-28 16:23 -------- d-----w- c:\windows\Migration
2014-01-28 16:22 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll
2014-01-28 16:22 . 2009-09-04 16:29 2582888 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2014-01-28 16:22 . 2009-09-04 16:29 235344 ----a-w- c:\windows\SysWow64\d3dx11_42.dll
2014-01-28 16:22 . 2009-09-04 16:29 5501792 ----a-w- c:\windows\SysWow64\d3dcsx_42.dll
2014-01-28 16:22 . 2009-09-04 16:29 5554512 ----a-w- c:\windows\system32\d3dcsx_42.dll
2014-01-28 16:22 . 2009-09-04 16:29 285024 ----a-w- c:\windows\system32\d3dx11_42.dll
2014-01-28 16:22 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll
2014-01-28 16:22 . 2009-09-04 16:29 2475352 ----a-w- c:\windows\system32\D3DX9_42.dll
2014-01-28 16:22 . 2007-04-04 17:54 107368 ----a-w- c:\windows\system32\xinput1_3.dll
2014-01-28 16:22 . 2007-04-04 17:53 81768 ----a-w- c:\windows\SysWow64\xinput1_3.dll
2014-01-28 15:24 . 2014-01-28 22:02 -------- d-----w- c:\programdata\DAEMON Tools Pro
2014-01-28 14:43 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2014-01-28 14:43 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2014-01-28 14:40 . 2014-01-28 14:40 -------- d-----w- c:\program files (x86)\TeamViewer
2014-01-28 14:30 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2014-01-28 14:27 . 2014-01-28 14:27 -------- d-----w- c:\program files\Microsoft Silverlight
2014-01-28 14:27 . 2014-01-28 14:27 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-01-28 14:17 . 2014-01-28 14:17 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-01-28 14:17 . 2014-01-28 14:17 -------- d-----r- c:\program files (x86)\Skype
2014-01-28 14:17 . 2014-01-28 14:18 -------- d-----w- c:\programdata\Skype
2014-01-28 14:03 . 2014-01-28 14:03 -------- d-----w- c:\program files (x86)\TeamSpeak 3 Client
2014-01-28 14:02 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-01-28 14:02 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-01-28 14:02 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-01-28 14:02 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-01-28 14:02 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-01-28 14:02 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-01-28 14:02 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-01-28 13:53 . 2014-01-29 18:36 -------- d-----w- c:\program files (x86)\QIP Infium JadrisPack
2014-01-28 13:40 . 2014-01-28 13:41 -------- d-----w- c:\program files\WinRAR
2014-01-28 13:39 . 2014-01-28 13:39 64624 ----a-w- c:\windows\system32\drivers\HECIx64.sys
2014-01-28 13:35 . 2014-01-29 19:48 -------- d-----w- c:\programdata\IObit
2014-01-28 13:35 . 2014-01-29 19:50 -------- d-----w- c:\program files (x86)\IObit
2014-01-28 13:34 . 2014-01-28 13:34 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-28 13:34 . 2014-01-28 13:34 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-28 13:34 . 2014-01-28 13:34 -------- d-----w- c:\windows\SysWow64\Macromed
2014-01-28 13:34 . 2014-01-28 13:34 -------- d-----w- c:\windows\system32\Macromed
2014-01-28 13:28 . 2014-01-28 13:45 -------- d-----w- C:\ldiag
2014-01-28 13:27 . 2014-01-28 13:27 -------- d-----w- C:\drivers
2014-01-28 13:24 . 2014-01-28 13:28 -------- d-----w- c:\windows\system32\MRT
2014-01-28 13:18 . 2014-01-28 13:18 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2014-01-28 12:27 . 2014-01-28 12:26 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8CD41E79-EFBD-409D-80D5-95953964058D}\gapaengine.dll
2014-01-28 12:25 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2014-01-28 12:25 . 2013-03-31 22:52 1887232 ----a-w- c:\windows\system32\d3d11.dll
2014-01-28 12:23 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2014-01-28 12:22 . 2013-10-04 02:24 1930752 ----a-w- c:\windows\system32\authui.dll
2014-01-28 12:21 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2014-01-28 12:21 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
2014-01-28 12:21 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-01-28 12:20 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
2014-01-28 12:19 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
2014-01-28 12:17 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2014-01-28 12:17 . 2013-05-10 03:20 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2014-01-28 12:15 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2014-01-28 12:14 . 2013-07-09 05:52 224256 ----a-w- c:\windows\system32\wintrust.dll
2014-01-28 12:14 . 2013-07-09 04:52 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2014-01-28 12:13 . 2012-08-11 00:56 715776 ----a-w- c:\windows\system32\kerberos.dll
2014-01-28 12:13 . 2012-08-10 23:56 542208 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-01-28 12:11 . 2013-09-28 01:09 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2014-01-28 12:10 . 2013-10-03 02:23 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-01-28 12:09 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2014-01-28 12:04 . 2014-01-31 23:05 -------- d-----w- c:\program files (x86)\totalcmd
2014-01-28 11:54 . 2014-01-28 11:54 -------- d-----w- c:\program files (x86)\Microsoft Security Client
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-28 11:39 . 2010-06-24 18:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-01-16 08:59 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2013-12-26 18:42 . 2013-12-26 18:42 1884448 ----a-w- c:\windows\system32\nvdispco6432762.dll
2013-12-26 18:42 . 2013-12-26 18:42 1515296 ----a-w- c:\windows\system32\nvdispgenco6432762.dll
2013-12-19 20:33 . 2012-08-04 05:33 3071656 ----a-w- c:\windows\system32\nvapi64.dll
2013-12-19 20:33 . 2012-08-04 05:33 168616 ----a-w- c:\windows\system32\nvinitx.dll
2013-12-19 20:33 . 2012-08-04 05:33 1436528 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-12-19 20:33 . 2012-08-04 05:33 141336 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-12-19 18:53 . 2012-08-04 05:33 6671648 ----a-w- c:\windows\system32\nvcpl.dll
2013-12-19 18:53 . 2012-08-04 05:33 3490080 ----a-w- c:\windows\system32\nvsvc64.dll
2013-12-19 18:53 . 2012-08-04 05:33 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-12-19 18:53 . 2012-08-04 05:33 67072 ----a-w- c:\windows\system32\nv3dappshextr.dll
2013-12-19 18:53 . 2012-08-04 05:33 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-12-19 18:53 . 2012-08-04 05:33 386336 ----a-w- c:\windows\system32\nvmctray.dll
2013-12-19 18:53 . 2012-08-04 05:33 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-12-19 18:53 . 2012-08-04 05:33 1065248 ----a-w- c:\windows\system32\nv3dappshext.dll
2013-12-19 18:53 . 2012-08-04 05:33 598304 ----a-w- c:\windows\SysWow64\oemdspif.dll
2013-12-19 05:01 . 2012-08-04 05:33 3539040 ----a-w- c:\windows\system32\nvcoproc.bin
2013-11-07 00:52 . 2013-11-07 00:52 279000 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
2013-11-07 00:52 . 2013-11-07 00:52 515544 ----a-w- c:\windows\system32\igfxsrvc.exe
2013-11-07 00:52 . 2013-11-07 00:52 439296 ----a-w- c:\windows\system32\igfxrrus.lrc
2013-11-07 00:52 . 2013-11-07 00:52 439296 ----a-w- c:\windows\system32\igfxrrom.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrsky.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrptg.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrplk.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437760 ----a-w- c:\windows\system32\igfxrsve.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437760 ----a-w- c:\windows\system32\igfxrslv.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437760 ----a-w- c:\windows\system32\igfxrptb.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437760 ----a-w- c:\windows\system32\igfxrnor.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437248 ----a-w- c:\windows\system32\igfxrtha.lrc
2013-11-07 00:52 . 2013-11-07 00:52 410624 ----a-w- c:\windows\system32\igfxTMM.dll
2013-11-07 00:52 . 2013-11-07 00:52 272928 ----a-w- c:\windows\system32\igvpkrng600.bin
2013-11-07 00:52 . 2013-11-07 00:52 216064 ----a-w- c:\windows\system32\iglhcp64.dll
2013-11-07 00:52 . 2013-11-07 00:52 180224 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2013-11-07 00:52 . 2013-11-07 00:52 171992 ----a-w- c:\windows\system32\igfxtray.exe
2013-11-07 00:52 . 2013-11-07 00:52 116224 ----a-w- c:\windows\system32\igfxCoIn_v3347.dll
2013-11-07 00:52 . 2012-07-11 01:13 64000 ----a-w- c:\windows\system32\igfxsrvc.dll
2013-11-07 00:52 . 2013-11-07 00:52 440320 ----a-w- c:\windows\system32\igfxrell.lrc
2013-11-07 00:52 . 2013-11-07 00:52 439808 ----a-w- c:\windows\system32\igfxrfra.lrc
2013-11-07 00:52 . 2013-11-07 00:52 439808 ----a-w- c:\windows\system32\igfxresn.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrnld.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrita.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438272 ----a-w- c:\windows\system32\igfxrhun.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438272 ----a-w- c:\windows\system32\igfxrfin.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437248 ----a-w- c:\windows\system32\igfxrdan.lrc
2013-11-07 00:52 . 2013-11-07 00:52 435712 ----a-w- c:\windows\system32\igfxrheb.lrc
2013-11-07 00:52 . 2013-11-07 00:52 435712 ----a-w- c:\windows\system32\igfxrara.lrc
2013-11-07 00:52 . 2013-11-07 00:52 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc
2013-11-07 00:52 . 2013-11-07 00:52 431104 ----a-w- c:\windows\system32\igfxrkor.lrc
2013-11-07 00:52 . 2013-11-07 00:52 429056 ----a-w- c:\windows\system32\igfxrcht.lrc
2013-11-07 00:52 . 2013-11-07 00:52 428544 ----a-w- c:\windows\system32\igfxrchs.lrc
2013-11-07 00:52 . 2013-11-07 00:52 384512 ----a-w- c:\windows\system32\igfxpph.dll
2013-11-07 00:52 . 2013-11-07 00:52 286208 ----a-w- c:\windows\system32\igfxrenu.lrc
2013-11-07 00:52 . 2012-07-11 01:13 9007616 ----a-w- c:\windows\system32\igfxress.dll
2013-11-07 00:52 . 2013-11-07 00:52 9728 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2013-11-07 00:52 . 2013-11-07 00:52 931840 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2013-11-07 00:52 . 2013-11-07 00:52 575488 ----a-w- c:\windows\system32\igfx11cmrt64.dll
2013-11-07 00:52 . 2013-11-07 00:52 542720 ----a-w- c:\windows\SysWow64\igfx11cmrt32.dll
2013-11-07 00:52 . 2013-11-07 00:52 442880 ----a-w- c:\windows\system32\igfxdev.dll
2013-11-07 00:52 . 2013-11-07 00:52 442328 ----a-w- c:\windows\system32\igfxpers.exe
2013-11-07 00:52 . 2013-11-07 00:52 3511296 ----a-w- c:\windows\system32\igfxcmjit64.dll
2013-11-07 00:52 . 2013-11-07 00:52 330752 ----a-w- c:\windows\SysWow64\igfxdv32.dll
2013-11-07 00:52 . 2013-11-07 00:52 3121152 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll
2013-11-07 00:52 . 2013-11-07 00:52 28672 ----a-w- c:\windows\system32\igfxexps.dll
2013-11-07 00:52 . 2013-11-07 00:52 254936 ----a-w- c:\windows\system32\igfxext.exe
2013-11-07 00:52 . 2013-11-07 00:52 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2013-11-07 00:52 . 2013-11-07 00:52 142336 ----a-w- c:\windows\system32\igfxdo.dll
2013-11-07 00:52 . 2013-11-07 00:52 126976 ----a-w- c:\windows\system32\igfxcpl.cpl
2013-11-07 00:52 . 2013-11-07 00:52 1040384 ----a-w- c:\windows\system32\igfxcmrt64.dll
2013-11-07 00:52 . 2012-07-11 01:13 12617216 ----a-w- c:\windows\system32\igdumd64.dll
2013-11-07 00:52 . 2013-11-07 00:52 11049472 ----a-w- c:\windows\SysWow64\igdumd32.dll
2013-11-07 00:52 . 2013-11-07 00:52 5363200 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2013-11-07 00:52 . 2013-11-07 00:52 98304 ----a-w- c:\windows\system32\igdde64.dll
2013-11-07 00:52 . 2013-11-07 00:52 77312 ----a-w- c:\windows\SysWow64\igdde32.dll
2013-11-07 00:52 . 2013-11-07 00:52 963452 ----a-w- c:\windows\system32\igcodeckrng600.bin
2013-11-07 00:52 . 2012-07-11 01:13 12859392 ----a-w- c:\windows\system32\igd10umd64.dll
2013-11-07 00:52 . 2012-07-11 01:13 11176448 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2013-11-07 00:52 . 2013-11-07 00:52 13031424 ----a-w- c:\windows\system32\ig4icd64.dll
2013-11-07 00:52 . 2013-11-07 00:52 5904856 ----a-w- c:\windows\system32\GfxUI.exe
2013-11-07 00:52 . 2013-11-07 00:52 399832 ----a-w- c:\windows\system32\hkcmd.exe
2013-11-07 00:52 . 2013-11-07 00:52 175104 ----a-w- c:\windows\system32\gfxSrvc.dll
2013-11-07 00:52 . 2013-11-07 00:52 10812928 ----a-w- c:\windows\SysWow64\ig4icd32.dll
2013-11-07 00:52 . 2012-07-11 01:13 110592 ----a-w- c:\windows\system32\hccutils.dll
2013-11-07 00:52 . 2013-11-07 00:52 185816 ----a-w- c:\windows\system32\difx64.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HS4HD3EE"="c:\users\Saturas\AppData\Roaming\HS4HD3EE.exe" [2012-11-01 39230464]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-30 284440]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-21 291648]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2011-12-21 507744]
"331BigDog"="c:\program files (x86)\USB Camera\VM331_STI.EXE" [2011-11-24 548864]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-29 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-29 228448]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-2-2 1380128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 LSCWinService;LSCWinService;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 DamageGuard;DamageGuard;c:\windows\system32\DRIVERS\DamageGuardX64.sys;c:\windows\SYSNATIVE\DRIVERS\DamageGuardX64.sys [x]
R4 DamageGuardSvc;Lenovo Instant Reset Service;c:\program files\Lenovo\Instant Reset\DamageGuardSvc.exe;c:\program files\Lenovo\Instant Reset\DamageGuardSvc.exe [x]
R4 dgFltr;dgFltr;c:\windows\system32\drivers\dgFltrX64.sys;c:\windows\SYSNATIVE\drivers\dgFltrX64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE;c:\windows\SysWOW64\NLSSRV32.EXE [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-02-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-28 13:34]
.
2014-02-01 c:\windows\Tasks\Driver Booster Update.job
- c:\program files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-01-28 13:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-12-15 564352]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-08-04 8079408]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-08-04 6202416]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2012-08-04 206176]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-11-07 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-11-07 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-11-07 442328]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=KMOH&bmod=KMOH
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.1 10.0.1.1
FF - ProfilePath - c:\users\Saturas\AppData\Roaming\Mozilla\Firefox\Profiles\l8c3tzhd.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1057210448-4000741998-3937858363-1001\Software\SecuROM\License information*]
"datasecu"=hex:e6,28,dc,07,69,7c,fc,c2,8c,f4,26,e8,df,0f,38,74,91,0f,3d,99,04,
72,5d,28,f6,6e,22,95,88,ac,e7,b8,b4,94,45,83,ee,bc,69,49,41,c2,09,0e,86,05,\
"rkeysecu"=hex:3f,b3,50,f8,36,d0,34,dd,16,c3,e5,75,92,c1,cd,4c
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-02-01 11:18:17
ComboFix-quarantined-files.txt 2014-02-01 10:18
ComboFix2.txt 2014-01-31 22:02
ComboFix3.txt 2014-01-30 10:04
ComboFix4.txt 2014-01-29 20:23
.
Před spuštěním: Volných bajtů: 111 492 358 144
Po spuštění: Volných bajtů: 114 762 309 632
.
- - End Of File - - D064820FBEC65134E67559645550F745

#6 Příspěvek od **vyosek** » 01 úno 2014 15:31

Koukam ze si CF spoustite jak na bezicim pasu

Zabalte mi obsah slozky c:\qoobox a nekam uploadnete

Saturas · #7 Příspěvek od **Saturas** » 01 úno 2014 15:41

http://leteckaposta.cz/290818257

#8 Příspěvek od **vyosek** » 01 úno 2014 16:14

Odinstalujte Driver Booster, Live Update a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Collect::
c:\users\Saturas\AppData\Roaming\HS4HD3EE.exe

Folder::
c:\program files (x86)\IObit
c:\programdata\IObit
c:\program files\Lavasoft
c:\program files\Common Files\Lavasoft
c:\programdata\Lavasoft

File::
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\Driver Booster Update.job

Driver::
LiveUpdateSvc

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HS4HD3EE"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdatePRCShortCut"=-
"BCSSync"=-
"Adobe ARM"=-

RegNull::
[HKEY_USERS\S-1-5-21-1057210448-4000741998-3937858363-1001\Software\SecuROM\License information*]

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

ClearJavaCache::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Saturas · #9 Příspěvek od **Saturas** » 01 úno 2014 17:23

Log po provedení pokynů:

https://docs.google.com/document/d/1-Ra ... _rloQ/edit

#10 Příspěvek od **vyosek** » 02 úno 2014 01:57

Jeste jeden CFScript, postup stejny

Kód: Vybrat vše

KillAll::

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]

Folder::
c:\program files (x86)\IObit

Reboot::

Saturas · #11 Příspěvek od **Saturas** » 02 úno 2014 02:57

A ještě jednou log

dComboFix 14-01-29.01 - Saturas 02.02.2014 2:13.6.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3996.2770 [GMT 1:00]
Spuštěný z: c:\users\Saturas\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Saturas\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
ADS - Windows: deleted 0 bytes in 1 streams.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-01-02 do 2014-02-02 )))))))))))))))))))))))))))))))
.
.
2014-02-02 01:18 . 2014-02-02 01:18 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-02-02 01:18 . 2014-02-02 01:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-01 16:41 . 2013-12-16 00:54 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8E34EB75-3B7F-46D0-82B6-C21F79477FF7}\mpengine.dll
2014-02-01 13:00 . 2014-02-01 13:02 -------- d-----w- C:\FRST
2014-02-01 10:21 . 2013-12-16 00:54 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-30 23:32 . 2014-01-30 23:32 -------- d-----w- c:\windows\SysWow64\C2MP
2014-01-30 00:17 . 2014-01-30 00:17 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-01-29 21:05 . 2014-01-29 21:05 -------- d-----w- c:\program files (x86)\GameSpy
2014-01-29 21:04 . 2014-01-29 21:04 -------- d-----w- c:\windows\SysWow64\URTTEMP
2014-01-29 21:03 . 2014-01-29 21:03 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-01-29 21:03 . 2014-01-29 21:03 669184 ----a-w- c:\windows\SysWow64\pbsvc.exe
2014-01-29 21:03 . 2014-01-29 21:03 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-01-29 21:01 . 2007-03-05 11:42 15128 ----a-w- c:\windows\SysWow64\x3daudio1_1.dll
2014-01-29 19:48 . 2014-01-29 19:50 -------- d-----w- c:\programdata\ProductData
2014-01-29 19:48 . 2014-01-29 19:48 -------- d-----w- c:\programdata\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-29 17:28 . 2014-01-29 17:28 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2014-01-29 17:17 . 2014-01-29 17:17 -------- d-----w- c:\program files (x86)\Hijack
2014-01-29 09:51 . 2014-01-29 09:51 99288 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
2014-01-29 09:51 . 2014-01-29 09:51 1795952 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2014-01-28 22:28 . 2014-01-28 22:28 -------- d-----w- c:\programdata\Electronic Arts
2014-01-28 22:28 . 2014-01-28 22:28 -------- d-----w- c:\programdata\EA Core
2014-01-28 22:13 . 2014-01-28 22:13 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-01-28 22:12 . 2014-01-29 18:38 -------- d-----w- c:\program files (x86)\DAEMON Tools Pro
2014-01-28 22:07 . 2014-01-29 18:35 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2014-01-28 21:43 . 2010-05-26 10:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
2014-01-28 21:43 . 2010-05-26 10:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll
2014-01-28 21:43 . 2010-05-26 10:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll
2014-01-28 21:43 . 2010-05-26 10:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll
2014-01-28 21:43 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
2014-01-28 21:43 . 2010-05-26 10:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2014-01-28 21:42 . 2013-12-10 02:14 1100248 ----a-w- c:\windows\system32\nvspcap64.dll
2014-01-28 21:42 . 2013-12-10 02:15 982232 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-01-28 21:41 . 2014-01-28 21:41 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-01-28 21:40 . 2014-01-29 18:36 -------- d-----w- c:\windows\SysWow64\NV
2014-01-28 21:40 . 2014-01-29 18:36 -------- d-----w- c:\windows\system32\NV
2014-01-28 21:31 . 2014-01-29 18:21 -------- d-----w- C:\NVIDIA
2014-01-28 20:19 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2014-01-28 20:19 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2014-01-28 20:19 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-01-28 20:19 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-01-28 20:19 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2014-01-28 20:19 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2014-01-28 17:06 . 2014-01-29 18:35 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2014-01-28 16:59 . 2013-01-04 06:11 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-01-28 16:58 . 2014-01-29 18:36 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2014-01-28 16:57 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2014-01-28 16:57 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-01-28 16:53 . 2014-01-29 18:24 -------- d-----w- c:\program files\Microsoft Office
2014-01-28 16:52 . 2014-01-29 18:23 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2014-01-28 16:51 . 2014-01-30 00:20 -------- d-----w- c:\programdata\Microsoft Help
2014-01-28 16:51 . 2014-01-29 18:20 -------- d-----r- C:\MSOCache
2014-01-28 16:50 . 2014-01-29 18:36 -------- d-----w- c:\windows\SysWow64\Wat
2014-01-28 16:50 . 2014-01-29 18:36 -------- d-----w- c:\windows\system32\Wat
2014-01-28 16:34 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-01-28 16:34 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-01-28 16:34 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-01-28 16:34 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-01-28 16:33 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-01-28 16:30 . 2014-01-29 18:36 -------- d-----w- c:\programdata\DAEMON Tools Lite
2014-01-28 16:23 . 2014-01-28 16:23 -------- d-----w- c:\windows\Migration
2014-01-28 16:22 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll
2014-01-28 16:22 . 2009-09-04 16:29 2582888 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2014-01-28 16:22 . 2009-09-04 16:29 235344 ----a-w- c:\windows\SysWow64\d3dx11_42.dll
2014-01-28 16:22 . 2009-09-04 16:29 5501792 ----a-w- c:\windows\SysWow64\d3dcsx_42.dll
2014-01-28 16:22 . 2009-09-04 16:29 5554512 ----a-w- c:\windows\system32\d3dcsx_42.dll
2014-01-28 16:22 . 2009-09-04 16:29 285024 ----a-w- c:\windows\system32\d3dx11_42.dll
2014-01-28 16:22 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll
2014-01-28 16:22 . 2009-09-04 16:29 2475352 ----a-w- c:\windows\system32\D3DX9_42.dll
2014-01-28 16:22 . 2007-04-04 17:54 107368 ----a-w- c:\windows\system32\xinput1_3.dll
2014-01-28 16:22 . 2007-04-04 17:53 81768 ----a-w- c:\windows\SysWow64\xinput1_3.dll
2014-01-28 15:24 . 2014-01-28 22:02 -------- d-----w- c:\programdata\DAEMON Tools Pro
2014-01-28 14:43 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2014-01-28 14:43 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2014-01-28 14:40 . 2014-01-28 14:40 -------- d-----w- c:\program files (x86)\TeamViewer
2014-01-28 14:30 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2014-01-28 14:27 . 2014-01-28 14:27 -------- d-----w- c:\program files\Microsoft Silverlight
2014-01-28 14:27 . 2014-01-28 14:27 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-01-28 14:17 . 2014-01-28 14:17 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-01-28 14:17 . 2014-01-28 14:17 -------- d-----r- c:\program files (x86)\Skype
2014-01-28 14:17 . 2014-01-28 14:18 -------- d-----w- c:\programdata\Skype
2014-01-28 14:03 . 2014-01-28 14:03 -------- d-----w- c:\program files (x86)\TeamSpeak 3 Client
2014-01-28 14:02 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-01-28 14:02 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-01-28 14:02 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-01-28 14:02 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-01-28 14:02 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-01-28 14:02 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-01-28 14:02 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-01-28 13:53 . 2014-01-29 18:36 -------- d-----w- c:\program files (x86)\QIP Infium JadrisPack
2014-01-28 13:40 . 2014-01-28 13:41 -------- d-----w- c:\program files\WinRAR
2014-01-28 13:39 . 2014-01-28 13:39 64624 ----a-w- c:\windows\system32\drivers\HECIx64.sys
2014-01-28 13:34 . 2014-01-28 13:34 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-28 13:34 . 2014-01-28 13:34 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-28 13:34 . 2014-01-28 13:34 -------- d-----w- c:\windows\SysWow64\Macromed
2014-01-28 13:34 . 2014-01-28 13:34 -------- d-----w- c:\windows\system32\Macromed
2014-01-28 13:28 . 2014-01-28 13:45 -------- d-----w- C:\ldiag
2014-01-28 13:27 . 2014-01-28 13:27 -------- d-----w- C:\drivers
2014-01-28 13:24 . 2014-01-28 13:28 -------- d-----w- c:\windows\system32\MRT
2014-01-28 13:18 . 2014-01-28 13:18 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2014-01-28 12:27 . 2014-01-28 12:26 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8CD41E79-EFBD-409D-80D5-95953964058D}\gapaengine.dll
2014-01-28 12:25 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2014-01-28 12:25 . 2013-03-31 22:52 1887232 ----a-w- c:\windows\system32\d3d11.dll
2014-01-28 12:23 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2014-01-28 12:22 . 2013-10-04 02:24 1930752 ----a-w- c:\windows\system32\authui.dll
2014-01-28 12:21 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2014-01-28 12:21 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
2014-01-28 12:21 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-01-28 12:20 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
2014-01-28 12:19 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
2014-01-28 12:17 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2014-01-28 12:17 . 2013-05-10 03:20 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2014-01-28 12:15 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2014-01-28 12:14 . 2013-07-09 05:52 224256 ----a-w- c:\windows\system32\wintrust.dll
2014-01-28 12:14 . 2013-07-09 04:52 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2014-01-28 12:13 . 2012-08-11 00:56 715776 ----a-w- c:\windows\system32\kerberos.dll
2014-01-28 12:13 . 2012-08-10 23:56 542208 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-01-28 12:11 . 2013-09-28 01:09 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2014-01-28 12:10 . 2013-10-03 02:23 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-01-28 12:09 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2014-01-28 12:04 . 2014-01-31 23:05 -------- d-----w- c:\program files (x86)\totalcmd
2014-01-28 11:54 . 2014-01-28 11:54 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2014-01-28 11:54 . 2014-01-28 11:54 -------- d-----w- c:\program files\Microsoft Security Client
2014-01-28 11:48 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2014-01-28 11:48 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2014-01-28 11:48 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-28 11:39 . 2010-06-24 18:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-01-16 08:59 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2013-12-26 18:42 . 2013-12-26 18:42 1884448 ----a-w- c:\windows\system32\nvdispco6432762.dll
2013-12-26 18:42 . 2013-12-26 18:42 1515296 ----a-w- c:\windows\system32\nvdispgenco6432762.dll
2013-12-19 20:33 . 2012-08-04 05:33 3071656 ----a-w- c:\windows\system32\nvapi64.dll
2013-12-19 20:33 . 2012-08-04 05:33 168616 ----a-w- c:\windows\system32\nvinitx.dll
2013-12-19 20:33 . 2012-08-04 05:33 1436528 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-12-19 20:33 . 2012-08-04 05:33 141336 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-12-19 18:53 . 2012-08-04 05:33 6671648 ----a-w- c:\windows\system32\nvcpl.dll
2013-12-19 18:53 . 2012-08-04 05:33 3490080 ----a-w- c:\windows\system32\nvsvc64.dll
2013-12-19 18:53 . 2012-08-04 05:33 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-12-19 18:53 . 2012-08-04 05:33 67072 ----a-w- c:\windows\system32\nv3dappshextr.dll
2013-12-19 18:53 . 2012-08-04 05:33 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-12-19 18:53 . 2012-08-04 05:33 386336 ----a-w- c:\windows\system32\nvmctray.dll
2013-12-19 18:53 . 2012-08-04 05:33 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-12-19 18:53 . 2012-08-04 05:33 1065248 ----a-w- c:\windows\system32\nv3dappshext.dll
2013-12-19 18:53 . 2012-08-04 05:33 598304 ----a-w- c:\windows\SysWow64\oemdspif.dll
2013-12-19 05:01 . 2012-08-04 05:33 3539040 ----a-w- c:\windows\system32\nvcoproc.bin
2013-11-07 00:52 . 2013-11-07 00:52 279000 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
2013-11-07 00:52 . 2013-11-07 00:52 515544 ----a-w- c:\windows\system32\igfxsrvc.exe
2013-11-07 00:52 . 2013-11-07 00:52 439296 ----a-w- c:\windows\system32\igfxrrus.lrc
2013-11-07 00:52 . 2013-11-07 00:52 439296 ----a-w- c:\windows\system32\igfxrrom.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrsky.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrptg.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrplk.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437760 ----a-w- c:\windows\system32\igfxrtrk.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437760 ----a-w- c:\windows\system32\igfxrsve.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437760 ----a-w- c:\windows\system32\igfxrslv.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437760 ----a-w- c:\windows\system32\igfxrptb.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437760 ----a-w- c:\windows\system32\igfxrnor.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437248 ----a-w- c:\windows\system32\igfxrtha.lrc
2013-11-07 00:52 . 2013-11-07 00:52 410624 ----a-w- c:\windows\system32\igfxTMM.dll
2013-11-07 00:52 . 2013-11-07 00:52 272928 ----a-w- c:\windows\system32\igvpkrng600.bin
2013-11-07 00:52 . 2013-11-07 00:52 216064 ----a-w- c:\windows\system32\iglhcp64.dll
2013-11-07 00:52 . 2013-11-07 00:52 180224 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2013-11-07 00:52 . 2013-11-07 00:52 171992 ----a-w- c:\windows\system32\igfxtray.exe
2013-11-07 00:52 . 2013-11-07 00:52 116224 ----a-w- c:\windows\system32\igfxCoIn_v3347.dll
2013-11-07 00:52 . 2012-07-11 01:13 64000 ----a-w- c:\windows\system32\igfxsrvc.dll
2013-11-07 00:52 . 2013-11-07 00:52 440320 ----a-w- c:\windows\system32\igfxrell.lrc
2013-11-07 00:52 . 2013-11-07 00:52 439808 ----a-w- c:\windows\system32\igfxrfra.lrc
2013-11-07 00:52 . 2013-11-07 00:52 439808 ----a-w- c:\windows\system32\igfxresn.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrnld.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrita.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrhrv.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438784 ----a-w- c:\windows\system32\igfxrdeu.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438272 ----a-w- c:\windows\system32\igfxrhun.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438272 ----a-w- c:\windows\system32\igfxrfin.lrc
2013-11-07 00:52 . 2013-11-07 00:52 438272 ----a-w- c:\windows\system32\igfxrcsy.lrc
2013-11-07 00:52 . 2013-11-07 00:52 437248 ----a-w- c:\windows\system32\igfxrdan.lrc
2013-11-07 00:52 . 2013-11-07 00:52 435712 ----a-w- c:\windows\system32\igfxrheb.lrc
2013-11-07 00:52 . 2013-11-07 00:52 435712 ----a-w- c:\windows\system32\igfxrara.lrc
2013-11-07 00:52 . 2013-11-07 00:52 432128 ----a-w- c:\windows\system32\igfxrjpn.lrc
2013-11-07 00:52 . 2013-11-07 00:52 431104 ----a-w- c:\windows\system32\igfxrkor.lrc
2013-11-07 00:52 . 2013-11-07 00:52 429056 ----a-w- c:\windows\system32\igfxrcht.lrc
2013-11-07 00:52 . 2013-11-07 00:52 428544 ----a-w- c:\windows\system32\igfxrchs.lrc
2013-11-07 00:52 . 2013-11-07 00:52 384512 ----a-w- c:\windows\system32\igfxpph.dll
2013-11-07 00:52 . 2013-11-07 00:52 286208 ----a-w- c:\windows\system32\igfxrenu.lrc
2013-11-07 00:52 . 2012-07-11 01:13 9007616 ----a-w- c:\windows\system32\igfxress.dll
2013-11-07 00:52 . 2013-11-07 00:52 9728 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2013-11-07 00:52 . 2013-11-07 00:52 931840 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2013-11-07 00:52 . 2013-11-07 00:52 575488 ----a-w- c:\windows\system32\igfx11cmrt64.dll
2013-11-07 00:52 . 2013-11-07 00:52 542720 ----a-w- c:\windows\SysWow64\igfx11cmrt32.dll
2013-11-07 00:52 . 2013-11-07 00:52 442880 ----a-w- c:\windows\system32\igfxdev.dll
2013-11-07 00:52 . 2013-11-07 00:52 442328 ----a-w- c:\windows\system32\igfxpers.exe
2013-11-07 00:52 . 2013-11-07 00:52 3511296 ----a-w- c:\windows\system32\igfxcmjit64.dll
2013-11-07 00:52 . 2013-11-07 00:52 330752 ----a-w- c:\windows\SysWow64\igfxdv32.dll
2013-11-07 00:52 . 2013-11-07 00:52 3121152 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll
2013-11-07 00:52 . 2013-11-07 00:52 28672 ----a-w- c:\windows\system32\igfxexps.dll
2013-11-07 00:52 . 2013-11-07 00:52 254936 ----a-w- c:\windows\system32\igfxext.exe
2013-11-07 00:52 . 2013-11-07 00:52 25088 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2013-11-07 00:52 . 2013-11-07 00:52 142336 ----a-w- c:\windows\system32\igfxdo.dll
2013-11-07 00:52 . 2013-11-07 00:52 126976 ----a-w- c:\windows\system32\igfxcpl.cpl
2013-11-07 00:52 . 2013-11-07 00:52 1040384 ----a-w- c:\windows\system32\igfxcmrt64.dll
2013-11-07 00:52 . 2012-07-11 01:13 12617216 ----a-w- c:\windows\system32\igdumd64.dll
2013-11-07 00:52 . 2013-11-07 00:52 11049472 ----a-w- c:\windows\SysWow64\igdumd32.dll
2013-11-07 00:52 . 2013-11-07 00:52 5363200 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2013-11-07 00:52 . 2013-11-07 00:52 98304 ----a-w- c:\windows\system32\igdde64.dll
2013-11-07 00:52 . 2013-11-07 00:52 77312 ----a-w- c:\windows\SysWow64\igdde32.dll
2013-11-07 00:52 . 2013-11-07 00:52 963452 ----a-w- c:\windows\system32\igcodeckrng600.bin
2013-11-07 00:52 . 2012-07-11 01:13 12859392 ----a-w- c:\windows\system32\igd10umd64.dll
2013-11-07 00:52 . 2012-07-11 01:13 11176448 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2013-11-07 00:52 . 2013-11-07 00:52 13031424 ----a-w- c:\windows\system32\ig4icd64.dll
2013-11-07 00:52 . 2013-11-07 00:52 5904856 ----a-w- c:\windows\system32\GfxUI.exe
2013-11-07 00:52 . 2013-11-07 00:52 399832 ----a-w- c:\windows\system32\hkcmd.exe
2013-11-07 00:52 . 2013-11-07 00:52 175104 ----a-w- c:\windows\system32\gfxSrvc.dll
2013-11-07 00:52 . 2013-11-07 00:52 10812928 ----a-w- c:\windows\SysWow64\ig4icd32.dll
2013-11-07 00:52 . 2012-07-11 01:13 110592 ----a-w- c:\windows\system32\hccutils.dll
2013-11-07 00:52 . 2013-11-07 00:52 185816 ----a-w- c:\windows\system32\difx64.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-30 284440]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-21 291648]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2011-12-21 507744]
"331BigDog"="c:\program files (x86)\USB Camera\VM331_STI.EXE" [2011-11-24 548864]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-29 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-29 228448]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 LSCWinService;LSCWinService;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 DamageGuard;DamageGuard;c:\windows\system32\DRIVERS\DamageGuardX64.sys;c:\windows\SYSNATIVE\DRIVERS\DamageGuardX64.sys [x]
R4 DamageGuardSvc;Lenovo Instant Reset Service;c:\program files\Lenovo\Instant Reset\DamageGuardSvc.exe;c:\program files\Lenovo\Instant Reset\DamageGuardSvc.exe [x]
R4 dgFltr;dgFltr;c:\windows\system32\drivers\dgFltrX64.sys;c:\windows\SYSNATIVE\drivers\dgFltrX64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE;c:\windows\SysWOW64\NLSSRV32.EXE [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-12-15 564352]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-08-04 8079408]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-08-04 6202416]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2012-08-04 206176]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-11-07 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-11-07 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-11-07 442328]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=KMOH&bmod=KMOH
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.43.1
FF - ProfilePath - c:\users\Saturas\AppData\Roaming\Mozilla\Firefox\Profiles\l8c3tzhd.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
c:\windows\SysWOW64\RunDll32.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-02-02 02:25:22 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-02-02 01:25
ComboFix2.txt 2014-02-01 16:16
ComboFix3.txt 2014-02-01 10:18
ComboFix4.txt 2014-01-31 22:02
ComboFix5.txt 2014-02-02 01:12
.
Před spuštěním: Volných bajtů: 118 824 042 496
Po spuštění: Volných bajtů: 118 771 347 456
.
- - End Of File - - 8EB7C00C45D3B19CE4EBF2C1B7B67E4D

#12 Příspěvek od **vyosek** » 02 úno 2014 05:07

Jak se chova PC

Saturas · #13 Příspěvek od **Saturas** » 02 úno 2014 12:17

Po viru ani památky, nevidím ho ani ve složce a čárky i háčky se mi píšou normálně

Po restartu PC je vše v pořádku, žádná instalace nenaskočí.

#14 Příspěvek od **vyosek** » 02 úno 2014 15:22

Tak jeste uklidime

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Saturas · #15 Příspěvek od **Saturas** » 02 úno 2014 15:34

Já velice děkuji za rady, které mi zde byly poskytnuty

Velice si vážím vaši pomoci a ještě jednou díky.

Myslím, že můžete LOCK

VIRY.CZ

Nějaké pěkné svinstvo :/

Nějaké pěkné svinstvo :/

Re: Nějaké pěkné svinstvo :/

Re: Nějaké pěkné svinstvo :/

Re: Nějaké pěkné svinstvo :/

Re: Nějaké pěkné svinstvo :/

Re: Nějaké pěkné svinstvo :/

Re: Nějaké pěkné svinstvo :/

Re: Nějaké pěkné svinstvo :/

Re: Nějaké pěkné svinstvo :/

Re: Nějaké pěkné svinstvo :/

Re: Nějaké pěkné svinstvo :/

Re: Nějaké pěkné svinstvo :/

Re: Nějaké pěkné svinstvo :/

Re: Nějaké pěkné svinstvo :/

Re: Nějaké pěkné svinstvo :/