Napadený svchost.exe

Zpráva

xeroxcz · #1 Příspěvek od **xeroxcz** » 03 úno 2014 09:16

Dobrý den, mám napadený soubor svchost.exe Po zapnutí PC se tento proces spustí a začne vytěžovat grafiku na 100% Po vypnutí ve správci úloh přestane vytěžovat grafiku, ale dnes ráno mi přestala fungovat i wifi. Před spuštěním tohoto procesu se ještě spustí chybová hláška viz. přílohy. Kaspersky, ccleaner, advanced system care, spybot terminator nepomohly.
------------------------------------------------------------------------------------------------------------------------------------------------------------------
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2014 04
Ran by Lupi (administrator) on LUPIK on 03-02-2014 09:08:18
Running from C:\Users\Lupi\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RobustIntelligentCompanion\LenovoR.I.C.Tray.exe
() C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suo10_SmartRAM.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Cerulean Studios) D:\Program Files (x86)\Trillian\trillian.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() D:\Program Files (x86)\Trillian\plugins\skypekit.exe
() C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Ghisler Software GmbH) D:\Program Files\totalcmd\TOTALCMD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Lupi\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11786344 2011-03-28] (Realtek Semiconductor)
HKLM\...\Run: [IntelPAN] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2841896 2011-10-28] (Synaptics Incorporated)
HKLM\...\Run: [OnekeyStudio] - C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789920 2011-12-20] (Lenovo)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2011-12-20] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2011-12-20] (Lenovo(beijing) Limited)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM-x32\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [311680 2010-03-12] (Kaspersky Lab)
HKLM-x32\...\Run: [VeriFaceManager] - C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2011-12-20] (Lenovo)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-29] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun_KL_notset] 1
HKU\S-1-5-21-2252928422-1377067979-2010445673-1001\...\Run: [DAEMON Tools Lite] - D:\Program Files\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-2252928422-1377067979-2010445673-1001\...\Run: [LenovoR.I.C.Tray] - C:\Program Files (x86)\Lenovo\RobustIntelligentCompanion\LenovoR.I.C.Tray.exe [2569568 2011-12-20] (Lenovo)
HKU\S-1-5-21-2252928422-1377067979-2010445673-1001\...\Run: [OscarX7Mouse5Mode] - C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe [3571712 2013-02-01] ()
HKU\S-1-5-21-2252928422-1377067979-2010445673-1001\...\Run: [Advanced SystemCare 7] - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2285344 2013-12-18] (IObit)
HKU\S-1-5-21-2252928422-1377067979-2010445673-1001\...\Run: [SmartRAM] - C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suo10_SmartRAM.exe [549184 2013-10-22] (IObit)
HKU\S-1-5-21-2252928422-1377067979-2010445673-1001\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20728480 2014-01-14] (Skype Technologies S.A.)
AppInit_DLLs: C:\windows\system32\nvinitx.dll,C:\PROGRA~2\KASPER~1\KASPER~1.0FO\x64\kloehk.dll,C:\PROGRA~2\KASPER~1\KASPER~1.0FO\x64\adialhk.dll => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\x64\adialhk.dll [88784 2013-11-14] (Kaspersky Lab ZAO)
AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll,C:\PROGRA~2\KASPER~1\KASPER~1.0FO\adialhk.dll,C:\PROGRA~2\KASPER~1\KASPER~1.0FO\kloehk.dll => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\kloehk.dll [13056 2013-11-14] (Kaspersky Lab ZAO)
Startup: C:\Users\Lupi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk
ShortcutTarget: Trillian.lnk -> D:\Program Files (x86)\Trillian\trillian.exe (Cerulean Studios)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=LENN
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.1.2

FireFox:
========
FF ProfilePath: C:\Users\Lupi\AppData\Roaming\Mozilla\Firefox\Profiles\g532ato1.default
FF user.js: detected! => C:\Users\Lupi\AppData\Roaming\Mozilla\Firefox\Profiles\g532ato1.default\user.js
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - D:\Program Files\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - D:\Program Files\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Ads Removal - C:\Users\Lupi\AppData\Roaming\Mozilla\Firefox\Profiles\g532ato1.default\Extensions\adsremoval@adsremoval.net [2014-02-01]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Lupi\AppData\Roaming\Mozilla\Firefox\Profiles\g532ato1.default\Extensions\ascsurfingprotection@iobit.com [2014-02-01]

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR Extension: (Angry Birds) - C:\Users\Lupi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-11-14]
CHR Extension: (Dokumenty Google) - C:\Users\Lupi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-14]
CHR Extension: (Disk Google) - C:\Users\Lupi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-14]
CHR Extension: (Turn Off the Lights) - C:\Users\Lupi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2013-11-14]
CHR Extension: (YouTube) - C:\Users\Lupi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-14]
CHR Extension: (Adblock Plus) - C:\Users\Lupi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-11-14]
CHR Extension: (Vyhledávání Google) - C:\Users\Lupi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-14]
CHR Extension: (Daum Equation Editor) - C:\Users\Lupi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dinfmiceliiomokeofbocegmacmagjhe [2013-11-14]
CHR Extension: (Kingdoms Of Camelot) - C:\Users\Lupi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkadejngfdiifodimfhejphllfecigmm [2013-11-14]
CHR Extension: (Motocross Nitro) - C:\Users\Lupi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdikdnjblenkgleaedpepneeafbljagc [2013-11-14]
CHR Extension: (Hodiny) - C:\Users\Lupi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2013-11-14]
CHR Extension: (AdBlock) - C:\Users\Lupi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-14]
CHR Extension: (Ads Removal) - C:\Users\Lupi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod [2014-02-01]
CHR Extension: (Crash Bandicoot Online) - C:\Users\Lupi\AppData\Local\Google\Chrome\User Data\Default\Extensions\goppebjnofdelbhehnoeghgaioapnhgl [2013-11-14]
CHR Extension: (Battlestar Galactica Online) - C:\Users\Lupi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihbmdfdhanakpfoiaomnelodiejioflb [2013-11-14]
CHR Extension: (Pocket) - C:\Users\Lupi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2013-11-14]
CHR Extension: (Hodiny) - C:\Users\Lupi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjocghlclkpgheifflemilcnblodjohg [2013-11-14]
CHR Extension: (Plants vs Zombies) - C:\Users\Lupi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2013-12-30]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Lupi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-02-01]
CHR Extension: (Peněženka Google) - C:\Users\Lupi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-14]
CHR Extension: (Gmail) - C:\Users\Lupi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-14]
CHR Extension: (Space Planet) - C:\Users\Lupi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppcocpoeoiajndepaaimnnglicichmbb [2013-11-14]
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx [2014-02-01]

==================== Services (Whitelisted) =================

R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881440 2013-12-09] (IObit)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [311680 2010-03-12] (Kaspersky Lab)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [970016 2011-05-12] (Broadcom Corporation.)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)

==================== Drivers (Whitelisted) ====================

S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-05-13] (Broadcom Corporation.)
R3 DelayMan; C:\Windows\System32\DRIVERS\delayman.sys [20064 2011-12-20] (Ensurebit Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-11-14] (DT Soft Ltd)
R1 hybridcfile; C:\Windows\System32\DRIVERS\HybridCFileX64.sys [13920 2010-03-02] (Lenovo.)
R0 HybridDisk; C:\Windows\System32\DRIVERS\HybridDiskX64.sys [38496 2010-03-02] (Lenovo.)
R1 kl1; C:\Windows\System32\DRIVERS\kl1.sys [157712 2009-11-11] (Kaspersky Lab)
R3 KLFLTDEV; C:\Windows\System32\DRIVERS\klfltdev.sys [30736 2009-09-03] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [268376 2013-11-14] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [27736 2013-11-14] (Kaspersky Lab ZAO)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8199016 2011-03-23] (Realtek Semiconductor Corp.)
R1 winioex; C:\Windows\System32\drivers\winioex.sys [15456 2011-12-20] (Ensurebit Inc.)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
U3 BcmSqlStartupSvc;
U2 CLKMSVC10_3A60B698;
U2 CLKMSVC10_C3B3B687;
U2 DriverService;
U2 iATAgentService;
U2 idealife Update Service;
U3 IGRS;
U2 IviRegMgr;
U2 Oasis2Service;
U2 PCCarerService;
U2 ReadyComm.DirectRouter;
U2 RichVideo;
U2 RtLedService;
U2 SeaPort;
U2 SoftwareService;
U3 SQLWriter;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-02-03 09:08 - 2014-02-03 09:08 - 00021772 _____ () C:\Users\Lupi\Desktop\FRST.txt
2014-02-03 09:07 - 2014-02-03 09:07 - 00112640 _____ (forum.viry.cz) C:\Users\Lupi\Desktop\FRSTLauncher.exe
2014-02-03 09:07 - 2014-02-03 09:07 - 00029696 _____ () C:\Users\Lupi\AppData\Local\MSGBOX.EXE
2014-02-03 09:07 - 2014-02-03 09:07 - 00015327 _____ () C:\Users\Lupi\Desktop\LM.bat
2014-02-03 09:03 - 2014-02-03 09:08 - 00000000 ____D () C:\FRST
2014-02-03 09:03 - 2014-02-03 09:02 - 02080256 _____ (Farbar) C:\Users\Lupi\Desktop\FRST64.exe
2014-02-02 14:12 - 2014-02-02 14:12 - 00000672 _____ () C:\Users\Public\Desktop\JPG To PDF.lnk
2014-02-02 14:10 - 2014-02-02 14:10 - 00000719 _____ () C:\Users\Lupi\Desktop\Convert Image To PDF.lnk
2014-02-02 14:10 - 2007-03-14 14:25 - 01289162 _____ () C:\windows\SysWOW64\CONVERTITP.HLP
2014-02-02 14:10 - 2007-03-14 14:25 - 00002930 _____ () C:\windows\SysWOW64\CONVERTITP.CNT
2014-02-02 14:10 - 2006-07-28 14:38 - 00053248 _____ () C:\windows\SysWOW64\RegisterExe.exe
2014-02-02 14:10 - 2005-03-18 18:01 - 00626688 _____ (Online Media Technologies Ltd.) C:\windows\SysWOW64\NCTImageFile.dll
2014-02-02 14:10 - 2005-03-12 21:46 - 01418224 _____ () C:\windows\SysWOW64\CONVERTITP-DEUTSCH.HLP
2014-02-02 14:10 - 2005-03-12 21:46 - 00003040 _____ () C:\windows\SysWOW64\CONVERTITP-DEUTSCH.CNT
2014-02-02 14:10 - 2005-01-24 16:23 - 00069632 _____ (Gateway Software Productions) C:\windows\SysWOW64\PDFOCX.ocx
2014-02-02 14:10 - 2004-09-19 01:55 - 00278528 _____ (Wilson Media) C:\windows\SysWOW64\AdvImgLib.dll
2014-02-02 14:10 - 2004-07-29 04:14 - 01313280 _____ (SEDTech (Pty) Ltd.) C:\windows\SysWOW64\ISED.DLL
2014-02-02 14:10 - 2004-07-09 03:45 - 00761856 _____ () C:\windows\SysWOW64\FreeImage3.dll
2014-02-02 14:10 - 2004-07-09 03:45 - 00761856 _____ () C:\windows\SysWOW64\FreeImage.dll
2014-02-02 14:10 - 2003-07-08 18:50 - 00344064 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSVCR70.DLL
2014-02-02 14:10 - 2003-06-11 02:27 - 00106496 _____ (Skogen) C:\windows\SysWOW64\SeeThroughPicture.ocx
2014-02-02 14:10 - 2001-08-23 20:00 - 01700352 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2014-02-02 14:10 - 2000-05-22 04:00 - 00244416 _____ (Microsoft Corporation) C:\windows\SysWOW64\Msflxgrd.ocx
2014-02-02 14:10 - 1999-05-07 04:00 - 00140288 _____ (Microsoft Corporation) C:\windows\SysWOW64\comdlg32.ocx
2014-02-01 20:56 - 2014-02-01 21:03 - 00000000 ____D () C:\Users\Lupi\AppData\Local\PokerStars
2014-02-01 20:56 - 2014-02-01 20:56 - 00000640 _____ () C:\Users\Public\Desktop\PokerStars.lnk
2014-02-01 18:05 - 2014-02-01 18:05 - 00000085 _____ () C:\windows\wininit.ini
2014-02-01 16:02 - 2014-02-03 09:05 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\Skype
2014-02-01 16:02 - 2014-02-01 16:02 - 00002731 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-01 16:02 - 2014-02-01 16:02 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-01 16:02 - 2014-02-01 16:02 - 00000000 ____D () C:\Users\Lupi\AppData\Local\Skype
2014-02-01 16:02 - 2014-02-01 16:02 - 00000000 ____D () C:\ProgramData\Skype
2014-02-01 12:04 - 2014-02-01 12:04 - 00000000 ____H () C:\windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-02-01 00:47 - 2014-02-01 00:47 - 00003158 _____ () C:\windows\System32\Tasks\Game_Booster_AutoUpdate
2014-02-01 00:47 - 2014-02-01 00:47 - 00001186 _____ () C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
2014-02-01 00:47 - 2014-02-01 00:47 - 00001174 _____ () C:\Users\Public\Desktop\Game Booster 3.lnk
2014-02-01 00:44 - 2014-02-01 00:44 - 00001189 _____ () C:\Users\Public\Desktop\ManageMyMobile.lnk
2014-02-01 00:31 - 2014-02-01 00:47 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-02-01 00:31 - 2014-02-01 00:44 - 00000000 ____D () C:\ProgramData\ProductData
2014-02-01 00:31 - 2014-02-01 00:33 - 00002209 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-02-01 00:31 - 2014-02-01 00:31 - 00003092 _____ () C:\windows\System32\Tasks\ASC7_PerformanceMonitor
2014-02-01 00:31 - 2014-02-01 00:31 - 00002848 _____ () C:\windows\System32\Tasks\ASC7_SkipUac_Lupi
2014-02-01 00:31 - 2014-02-01 00:31 - 00001217 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-02-01 00:31 - 2014-02-01 00:31 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\Apple Computer
2014-02-01 00:31 - 2014-02-01 00:31 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-02-01 00:29 - 2014-02-01 20:32 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-02-01 00:29 - 2014-02-01 18:05 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-01 00:29 - 2014-02-01 00:29 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-02-01 00:19 - 2014-02-01 00:47 - 00000000 ____D () C:\ProgramData\IObit
2014-02-01 00:19 - 2014-02-01 00:31 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\IObit
2014-02-01 00:17 - 2014-02-01 00:18 - 00002338 _____ () C:\Users\Lupi\Desktop\Rkill.txt
2014-02-01 00:13 - 2014-02-01 00:13 - 00000000 ____D () C:\Users\Lupi\AppData\Local\LogMeIn
2014-02-01 00:13 - 2014-02-01 00:13 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-01-31 22:38 - 2014-01-31 22:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA
2014-01-31 22:38 - 2014-01-27 19:48 - 07054336 _____ () C:\Users\Lupi\Desktop\XNA Framework 4.0 Full.msi
2014-01-31 22:38 - 2014-01-27 19:48 - 00889416 _____ (Microsoft Corporation) C:\Users\Lupi\Desktop\.Net Framework 4.0 Full.exe
2014-01-31 22:32 - 2014-01-31 22:32 - 00000729 _____ () C:\Users\Public\Desktop\Terraria.lnk
2014-01-31 22:31 - 2014-01-31 22:31 - 00003294 _____ () C:\windows\System32\Tasks\Microsoft System Certificates
2014-01-31 22:08 - 2009-03-18 17:35 - 00033856 ____H (LogMeIn, Inc.) C:\windows\system32\hamachi.sys
2014-01-31 21:58 - 2014-01-31 22:01 - 00000000 ____D () C:\Users\Lupi\Documents\Battlefield 2
2014-01-31 21:58 - 2014-01-31 21:58 - 00000877 _____ () C:\Users\Public\Desktop\Play BF2 Online Now!.lnk
2014-01-31 21:58 - 2014-01-31 21:58 - 00000855 _____ () C:\Users\Public\Desktop\Battlefield 2.lnk
2014-01-29 20:02 - 2014-01-29 20:02 - 00000000 ____D () C:\Users\Lupi\Documents\Youcam
2014-01-29 20:02 - 2014-01-29 20:02 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\CyberLink
2014-01-29 20:02 - 2014-01-29 20:02 - 00000000 ____D () C:\Users\Lupi\AppData\Local\CyberLink
2014-01-29 20:02 - 2014-01-29 20:02 - 00000000 ____D () C:\ProgramData\CyberLink
2014-01-29 18:36 - 2014-01-29 18:36 - 00000000 ____D () C:\Users\Lupi\Documents\4A Games
2014-01-29 18:35 - 2014-01-29 18:35 - 00000000 ____D () C:\Users\Lupi\AppData\Local\4A Games
2014-01-27 10:24 - 2014-01-27 10:24 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-01-26 01:10 - 2014-01-26 01:10 - 00000000 ____D () C:\Users\Lupi\AppData\Local\Blizzard
2014-01-26 01:05 - 2014-01-26 01:05 - 00000865 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-01-25 13:47 - 2014-01-25 13:47 - 00000000 ____D () C:\Users\Lupi\Desktop\Camera
2014-01-25 10:12 - 2014-01-25 10:12 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\mrrescue
2014-01-24 21:38 - 2014-01-24 21:38 - 00049064 _____ () C:\Users\Lupi\Desktop\tv-cesnet-vlc.htm
2014-01-24 21:38 - 2014-01-24 21:38 - 00004982 _____ () C:\Users\Lupi\Desktop\TV_cesnet_0.vlc
2014-01-20 23:30 - 2014-01-20 23:30 - 00000737 _____ () C:\Users\Lupi\Desktop\AC4BFSP – zástupce.lnk
2014-01-17 00:20 - 2014-01-17 00:20 - 00000879 _____ () C:\Users\Public\Desktop\Legend of Grimrock.lnk
2014-01-17 00:20 - 2014-01-17 00:20 - 00000000 ____D () C:\Users\Lupi\Documents\Almost Human
2014-01-16 13:34 - 2014-01-16 13:34 - 00000754 _____ () C:\Users\Public\Desktop\Brány Skeldalu.lnk
2014-01-15 09:44 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-01-15 09:44 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2014-01-15 09:44 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2014-01-15 09:44 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2014-01-15 09:44 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2014-01-15 09:44 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2014-01-15 09:44 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2014-01-15 09:44 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2014-01-15 09:44 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-01-14 22:08 - 2014-01-14 22:08 - 00000000 ____D () C:\windows\45235788142C44BE8A4DDDE9A84492E5.TMP
2014-01-14 22:07 - 2014-01-14 22:07 - 00000784 _____ () C:\Users\Public\Desktop\Unreal Tournament 3.lnk
2014-01-14 22:07 - 2014-01-14 22:07 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\InstallShield Installation Information
2014-01-14 21:36 - 2014-01-14 21:36 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-01-14 21:36 - 2014-01-14 21:36 - 00000000 ____D () C:\Program Files\CCleaner
2014-01-14 20:39 - 2014-01-14 20:40 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\Mozilla
2014-01-14 20:39 - 2014-01-14 20:40 - 00000000 ____D () C:\Users\Lupi\AppData\Local\Mozilla
2014-01-14 20:30 - 2014-01-14 20:30 - 00000000 ____D () C:\ProgramData\Mozilla
2014-01-14 20:30 - 2014-01-14 20:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-14 20:30 - 2014-01-14 20:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-01-14 17:35 - 2014-01-31 21:58 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-14 17:33 - 2014-01-14 17:33 - 00000890 _____ () C:\Users\Lupi\Desktop\Play UT2004.lnk
2014-01-14 16:05 - 2014-01-14 16:05 - 00000000 ____D () C:\Users\Lupi\Documents\Diablo III
2014-01-14 15:47 - 2014-01-14 15:47 - 00000836 _____ () C:\Users\Public\Desktop\Diablo III.lnk
2014-01-14 15:41 - 2014-02-01 00:58 - 00000000 ____D () C:\Users\Lupi\AppData\Local\Battle.net
2014-01-14 15:41 - 2014-01-26 01:05 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-01-14 15:41 - 2014-01-14 15:44 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\Battle.net
2014-01-14 15:41 - 2014-01-14 15:41 - 00000000 ____D () C:\Users\Lupi\AppData\Local\Blizzard Entertainment
2014-01-10 23:48 - 2014-01-10 23:48 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-01-10 23:48 - 2014-01-10 23:48 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-01-10 23:48 - 2014-01-10 23:48 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-01-10 23:48 - 2014-01-10 23:48 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-10 23:48 - 2014-01-10 23:48 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\VitySoft
2014-01-10 23:48 - 2014-01-10 23:48 - 00000000 ____D () C:\Users\Lupi\.objectdb
2014-01-10 23:48 - 2014-01-10 23:48 - 00000000 ____D () C:\ProgramData\Sun
2014-01-10 23:48 - 2014-01-10 23:48 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-10 23:48 - 2014-01-10 23:48 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-10 13:06 - 2014-01-10 13:06 - 00000000 ____D () C:\Users\Lupi\AppData\Local\DayZCommander
2014-01-09 15:48 - 2014-01-14 21:37 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\Winamp
2014-01-09 15:48 - 2014-01-09 15:49 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-01-08 22:07 - 2014-01-08 22:07 - 00000000 ____D () C:\windows\SysWOW64\NV
2014-01-08 22:07 - 2014-01-08 22:07 - 00000000 ____D () C:\windows\system32\NV
2014-01-08 22:04 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2014-01-08 22:04 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\windows\system32\nvcompiler.dll
2014-01-08 22:04 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2014-01-08 22:04 - 2013-12-19 21:33 - 18310112 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2014-01-08 22:04 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2014-01-08 22:04 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcompiler.dll
2014-01-08 22:04 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2014-01-08 22:04 - 2013-12-19 21:33 - 15230352 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll
2014-01-08 22:04 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2014-01-08 22:04 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2014-01-08 22:04 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2014-01-08 22:04 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2014-01-08 22:04 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2014-01-08 22:04 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2014-01-08 22:04 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvenc.dll
2014-01-08 22:04 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2014-01-08 22:04 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvenc.dll
2014-01-08 22:04 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6433221.dll
2014-01-08 22:04 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6433221.dll
2014-01-08 22:04 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
2014-01-08 22:04 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
2014-01-08 22:04 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
2014-01-08 22:04 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
2014-01-08 22:04 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\windows\system32\nvoglshim64.dll
2014-01-08 22:04 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglshim32.dll
2014-01-08 22:04 - 2013-12-19 21:33 - 00032544 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvpciflt.sys
2014-01-08 22:03 - 2014-01-08 22:03 - 00000000 ____D () C:\NVIDIA
2014-01-06 20:54 - 2014-01-06 20:54 - 00001100 _____ () C:\Users\Lupi\Desktop\swkotor2 – zástupce.lnk
2014-01-06 19:57 - 2014-01-06 19:57 - 00000000 ____D () C:\Users\Lupi\AppData\Local\WarThunder
2014-01-06 19:57 - 2014-01-06 19:57 - 00000000 ____D () C:\ProgramData\WarThunder
2014-01-06 19:49 - 2014-01-06 19:49 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-01-05 21:07 - 2014-01-05 21:07 - 00098304 _____ (Sony DADC Austria AG.) C:\windows\SysWOW64\CmdLineExt.dll
2014-01-05 11:25 - 2014-01-06 20:52 - 00000000 ____D () C:\Program Files (x86)\Anti-Vibrate Oscar Editor

==================== One Month Modified Files and Folders =======

2014-02-03 09:08 - 2014-02-03 09:08 - 00021772 _____ () C:\Users\Lupi\Desktop\FRST.txt
2014-02-03 09:08 - 2014-02-03 09:03 - 00000000 ____D () C:\FRST
2014-02-03 09:07 - 2014-02-03 09:07 - 00112640 _____ (forum.viry.cz) C:\Users\Lupi\Desktop\FRSTLauncher.exe
2014-02-03 09:07 - 2014-02-03 09:07 - 00029696 _____ () C:\Users\Lupi\AppData\Local\MSGBOX.EXE
2014-02-03 09:07 - 2014-02-03 09:07 - 00015327 _____ () C:\Users\Lupi\Desktop\LM.bat
2014-02-03 09:05 - 2014-02-01 16:02 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\Skype
2014-02-03 09:03 - 2013-12-03 14:10 - 00000000 ____D () C:\Users\Lupi\AppData\Local\CrashDumps
2014-02-03 09:02 - 2014-02-03 09:03 - 02080256 _____ (Farbar) C:\Users\Lupi\Desktop\FRST64.exe
2014-02-03 08:57 - 2011-12-20 11:38 - 00000966 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-03 08:55 - 2009-07-14 05:45 - 00021280 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-03 08:55 - 2009-07-14 05:45 - 00021280 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-03 08:54 - 2011-12-20 02:46 - 00669736 _____ () C:\windows\system32\perfh005.dat
2014-02-03 08:54 - 2011-12-20 02:46 - 00141336 _____ () C:\windows\system32\perfc005.dat
2014-02-03 08:54 - 2009-07-14 06:13 - 01585238 _____ () C:\windows\system32\PerfStringBackup.INI
2014-02-03 08:53 - 2011-12-20 11:43 - 00423750 _____ () C:\FaceProv.log
2014-02-03 08:51 - 2011-12-20 10:59 - 01749618 ____N () C:\windows\WindowsUpdate.log
2014-02-03 08:48 - 2013-11-14 12:49 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-02-03 08:48 - 2011-12-20 11:43 - 00000000 ____D () C:\ProgramData\VeriFace
2014-02-03 08:48 - 2011-12-20 11:38 - 00000962 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-03 08:48 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-02-02 20:55 - 2013-11-14 21:54 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\Foxit Software
2014-02-02 14:12 - 2014-02-02 14:12 - 00000672 _____ () C:\Users\Public\Desktop\JPG To PDF.lnk
2014-02-02 14:10 - 2014-02-02 14:10 - 00000719 _____ () C:\Users\Lupi\Desktop\Convert Image To PDF.lnk
2014-02-01 21:03 - 2014-02-01 20:56 - 00000000 ____D () C:\Users\Lupi\AppData\Local\PokerStars
2014-02-01 20:56 - 2014-02-01 20:56 - 00000640 _____ () C:\Users\Public\Desktop\PokerStars.lnk
2014-02-01 20:32 - 2014-02-01 00:29 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-02-01 18:05 - 2014-02-01 18:05 - 00000085 _____ () C:\windows\wininit.ini
2014-02-01 18:05 - 2014-02-01 00:29 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-01 16:02 - 2014-02-01 16:02 - 00002731 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-01 16:02 - 2014-02-01 16:02 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-01 16:02 - 2014-02-01 16:02 - 00000000 ____D () C:\Users\Lupi\AppData\Local\Skype
2014-02-01 16:02 - 2014-02-01 16:02 - 00000000 ____D () C:\ProgramData\Skype
2014-02-01 12:50 - 2013-11-14 22:17 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\DAEMON Tools Lite
2014-02-01 12:04 - 2014-02-01 12:04 - 00000000 ____H () C:\windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-02-01 01:06 - 2013-11-14 12:08 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\vlc
2014-02-01 00:58 - 2014-01-14 15:41 - 00000000 ____D () C:\Users\Lupi\AppData\Local\Battle.net
2014-02-01 00:57 - 2011-12-20 11:38 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-01 00:49 - 2013-12-27 15:42 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-02-01 00:49 - 2013-12-24 15:14 - 00000000 ____D () C:\Program Files (x86)\OscarX7Editor5Mode
2014-02-01 00:49 - 2013-11-17 12:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-02-01 00:49 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-02-01 00:49 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-02-01 00:49 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-02-01 00:49 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-02-01 00:47 - 2014-02-01 00:47 - 00003158 _____ () C:\windows\System32\Tasks\Game_Booster_AutoUpdate
2014-02-01 00:47 - 2014-02-01 00:47 - 00001186 _____ () C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
2014-02-01 00:47 - 2014-02-01 00:47 - 00001174 _____ () C:\Users\Public\Desktop\Game Booster 3.lnk
2014-02-01 00:47 - 2014-02-01 00:31 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-02-01 00:47 - 2014-02-01 00:19 - 00000000 ____D () C:\ProgramData\IObit
2014-02-01 00:44 - 2014-02-01 00:44 - 00001189 _____ () C:\Users\Public\Desktop\ManageMyMobile.lnk
2014-02-01 00:44 - 2014-02-01 00:31 - 00000000 ____D () C:\ProgramData\ProductData
2014-02-01 00:40 - 2011-02-22 12:19 - 00000000 ____D () C:\windows\Panther
2014-02-01 00:33 - 2014-02-01 00:31 - 00002209 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-02-01 00:31 - 2014-02-01 00:31 - 00003092 _____ () C:\windows\System32\Tasks\ASC7_PerformanceMonitor
2014-02-01 00:31 - 2014-02-01 00:31 - 00002848 _____ () C:\windows\System32\Tasks\ASC7_SkipUac_Lupi
2014-02-01 00:31 - 2014-02-01 00:31 - 00001217 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-02-01 00:31 - 2014-02-01 00:31 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\Apple Computer
2014-02-01 00:31 - 2014-02-01 00:31 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-02-01 00:31 - 2014-02-01 00:19 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\IObit
2014-02-01 00:29 - 2014-02-01 00:29 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-02-01 00:18 - 2014-02-01 00:17 - 00002338 _____ () C:\Users\Lupi\Desktop\Rkill.txt
2014-02-01 00:13 - 2014-02-01 00:13 - 00000000 ____D () C:\Users\Lupi\AppData\Local\LogMeIn
2014-02-01 00:13 - 2014-02-01 00:13 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-01-31 22:42 - 2013-11-15 00:53 - 00000000 ____D () C:\Users\Lupi\Documents\My Games
2014-01-31 22:38 - 2014-01-31 22:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft XNA
2014-01-31 22:32 - 2014-01-31 22:32 - 00000729 _____ () C:\Users\Public\Desktop\Terraria.lnk
2014-01-31 22:31 - 2014-01-31 22:31 - 00003294 _____ () C:\windows\System32\Tasks\Microsoft System Certificates
2014-01-31 22:01 - 2014-01-31 21:58 - 00000000 ____D () C:\Users\Lupi\Documents\Battlefield 2
2014-01-31 21:58 - 2014-01-31 21:58 - 00000877 _____ () C:\Users\Public\Desktop\Play BF2 Online Now!.lnk
2014-01-31 21:58 - 2014-01-31 21:58 - 00000855 _____ () C:\Users\Public\Desktop\Battlefield 2.lnk
2014-01-31 21:58 - 2014-01-14 17:35 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-31 21:53 - 2011-12-20 11:05 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-01-29 20:02 - 2014-01-29 20:02 - 00000000 ____D () C:\Users\Lupi\Documents\Youcam
2014-01-29 20:02 - 2014-01-29 20:02 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\CyberLink
2014-01-29 20:02 - 2014-01-29 20:02 - 00000000 ____D () C:\Users\Lupi\AppData\Local\CyberLink
2014-01-29 20:02 - 2014-01-29 20:02 - 00000000 ____D () C:\ProgramData\CyberLink
2014-01-29 18:36 - 2014-01-29 18:36 - 00000000 ____D () C:\Users\Lupi\Documents\4A Games
2014-01-29 18:35 - 2014-01-29 18:35 - 00000000 ____D () C:\Users\Lupi\AppData\Local\4A Games
2014-01-29 18:34 - 2013-12-27 15:51 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\NVIDIA
2014-01-27 19:48 - 2014-01-31 22:38 - 07054336 _____ () C:\Users\Lupi\Desktop\XNA Framework 4.0 Full.msi
2014-01-27 19:48 - 2014-01-31 22:38 - 00889416 _____ (Microsoft Corporation) C:\Users\Lupi\Desktop\.Net Framework 4.0 Full.exe
2014-01-27 10:24 - 2014-01-27 10:24 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-01-26 01:10 - 2014-01-26 01:10 - 00000000 ____D () C:\Users\Lupi\AppData\Local\Blizzard
2014-01-26 01:05 - 2014-01-26 01:05 - 00000865 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-01-26 01:05 - 2014-01-14 15:41 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-01-25 13:47 - 2014-01-25 13:47 - 00000000 ____D () C:\Users\Lupi\Desktop\Camera
2014-01-25 10:12 - 2014-01-25 10:12 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\mrrescue
2014-01-24 21:38 - 2014-01-24 21:38 - 00049064 _____ () C:\Users\Lupi\Desktop\tv-cesnet-vlc.htm
2014-01-24 21:38 - 2014-01-24 21:38 - 00004982 _____ () C:\Users\Lupi\Desktop\TV_cesnet_0.vlc
2014-01-20 23:30 - 2014-01-20 23:30 - 00000737 _____ () C:\Users\Lupi\Desktop\AC4BFSP – zástupce.lnk
2014-01-18 13:06 - 2013-12-01 16:58 - 00000000 ____D () C:\Users\Lupi\Desktop\reaktance synchronniho
2014-01-18 12:59 - 2013-11-14 12:00 - 00000000 __SHD () C:\windows\SysWOW64\AI_RecycleBin
2014-01-18 12:43 - 2013-12-25 16:30 - 00000000 ____D () C:\Program Files\MotioninJoy
2014-01-17 00:20 - 2014-01-17 00:20 - 00000879 _____ () C:\Users\Public\Desktop\Legend of Grimrock.lnk
2014-01-17 00:20 - 2014-01-17 00:20 - 00000000 ____D () C:\Users\Lupi\Documents\Almost Human
2014-01-16 13:34 - 2014-01-16 13:34 - 00000754 _____ () C:\Users\Public\Desktop\Brány Skeldalu.lnk
2014-01-16 13:00 - 2009-07-14 05:45 - 04989048 _____ () C:\windows\system32\FNTCACHE.DAT
2014-01-16 08:43 - 2013-11-17 12:56 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-16 08:43 - 2013-11-14 13:26 - 00000000 ____D () C:\windows\system32\MRT
2014-01-16 08:41 - 2013-11-14 13:26 - 86054176 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-01-15 00:18 - 2013-11-14 11:28 - 00000000 ____D () C:\Users\Lupi
2014-01-14 22:08 - 2014-01-14 22:08 - 00000000 ____D () C:\windows\45235788142C44BE8A4DDDE9A84492E5.TMP
2014-01-14 22:07 - 2014-01-14 22:07 - 00000784 _____ () C:\Users\Public\Desktop\Unreal Tournament 3.lnk
2014-01-14 22:07 - 2014-01-14 22:07 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\InstallShield Installation Information
2014-01-14 21:37 - 2014-01-09 15:48 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\Winamp
2014-01-14 21:37 - 2013-12-31 00:30 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\TS3Client
2014-01-14 21:36 - 2014-01-14 21:36 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-01-14 21:36 - 2014-01-14 21:36 - 00000000 ____D () C:\Program Files\CCleaner
2014-01-14 20:40 - 2014-01-14 20:39 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\Mozilla
2014-01-14 20:40 - 2014-01-14 20:39 - 00000000 ____D () C:\Users\Lupi\AppData\Local\Mozilla
2014-01-14 20:30 - 2014-01-14 20:30 - 00000000 ____D () C:\ProgramData\Mozilla
2014-01-14 20:30 - 2014-01-14 20:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-14 20:30 - 2014-01-14 20:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-01-14 17:33 - 2014-01-14 17:33 - 00000890 _____ () C:\Users\Lupi\Desktop\Play UT2004.lnk
2014-01-14 16:05 - 2014-01-14 16:05 - 00000000 ____D () C:\Users\Lupi\Documents\Diablo III
2014-01-14 15:47 - 2014-01-14 15:47 - 00000836 _____ () C:\Users\Public\Desktop\Diablo III.lnk
2014-01-14 15:44 - 2014-01-14 15:41 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\Battle.net
2014-01-14 15:41 - 2014-01-14 15:41 - 00000000 ____D () C:\Users\Lupi\AppData\Local\Blizzard Entertainment
2014-01-13 20:55 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2014-01-10 23:48 - 2014-01-10 23:48 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-01-10 23:48 - 2014-01-10 23:48 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-01-10 23:48 - 2014-01-10 23:48 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-01-10 23:48 - 2014-01-10 23:48 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-10 23:48 - 2014-01-10 23:48 - 00000000 ____D () C:\Users\Lupi\AppData\Roaming\VitySoft
2014-01-10 23:48 - 2014-01-10 23:48 - 00000000 ____D () C:\Users\Lupi\.objectdb
2014-01-10 23:48 - 2014-01-10 23:48 - 00000000 ____D () C:\ProgramData\Sun
2014-01-10 23:48 - 2014-01-10 23:48 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-10 23:48 - 2014-01-10 23:48 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-10 13:06 - 2014-01-10 13:06 - 00000000 ____D () C:\Users\Lupi\AppData\Local\DayZCommander
2014-01-09 15:49 - 2014-01-09 15:48 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-01-08 22:07 - 2014-01-08 22:07 - 00000000 ____D () C:\windows\SysWOW64\NV
2014-01-08 22:07 - 2014-01-08 22:07 - 00000000 ____D () C:\windows\system32\NV
2014-01-08 22:07 - 2011-12-20 11:09 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-01-08 22:03 - 2014-01-08 22:03 - 00000000 ____D () C:\NVIDIA
2014-01-06 20:54 - 2014-01-06 20:54 - 00001100 _____ () C:\Users\Lupi\Desktop\swkotor2 – zástupce.lnk
2014-01-06 20:52 - 2014-01-05 11:25 - 00000000 ____D () C:\Program Files (x86)\Anti-Vibrate Oscar Editor
2014-01-06 19:57 - 2014-01-06 19:57 - 00000000 ____D () C:\Users\Lupi\AppData\Local\WarThunder
2014-01-06 19:57 - 2014-01-06 19:57 - 00000000 ____D () C:\ProgramData\WarThunder
2014-01-06 19:49 - 2014-01-06 19:49 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-01-05 21:07 - 2014-01-05 21:07 - 00098304 _____ (Sony DADC Austria AG.) C:\windows\SysWOW64\CmdLineExt.dll

Some content of TEMP:
====================
C:\Users\Lupi\AppData\Local\Temp\Checkupdate.exe
C:\Users\Lupi\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Lupi\AppData\Local\Temp\gcapi_dll.dll
C:\Users\Lupi\AppData\Local\Temp\gtapi_signed.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-01-29 14:01

==================== End Of Log ============================

xeroxcz · #2 Příspěvek od **xeroxcz** » 03 úno 2014 09:17

Screenshot chybove hlasky:

#3 Příspěvek od **vyosek** » 03 úno 2014 09:29

Zdravim

Odinstalujte Advanced SystemCare 5 a Surfing Protection, LiveUpdateSvc a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

xeroxcz · #4 Příspěvek od **xeroxcz** » 03 úno 2014 09:56

# AdwCleaner v3.018 - Report created 03/02/2014 at 09:52:55
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Lupi - LUPIK
# Running from : C:\Users\Lupi\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Users\Lupi\AppData\Roaming\Mozilla\Firefox\Profiles\g532ato1.default\prefs.js ]

-\\ Google Chrome v32.0.1700.102

[ File : C:\Users\Lupi\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [886 octets] - [03/02/2014 09:52:09]
AdwCleaner[S0].txt - [808 octets] - [03/02/2014 09:52:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [867 octets] ##########

xeroxcz · #5 Příspěvek od **xeroxcz** » 03 úno 2014 09:56

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Lupi on po 03.02.2014 at 9:41:08,24
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\windows\syswow64\ai_recyclebin"

~~~ FireFox

Successfully deleted: [File] C:\Users\Lupi\AppData\Roaming\mozilla\firefox\profiles\g532ato1.default\user.js

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 03.02.2014 at 9:49:03,88
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Po restartu adwcleanerem se zase spustil svchost.exe

#6 Příspěvek od **vyosek** » 03 úno 2014 09:59

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe

Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe

Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe
Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
Na plose vznikne log Rkill.txt ten mi sem vlozte
Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

xeroxcz · #7 Příspěvek od **xeroxcz** » 03 úno 2014 10:22

Rkill 2.6.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/03/2014 10:07:52 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 02/03/2014 10:07:59 AM
Execution time: 0 hours(s), 0 minute(s), and 7 seconds(s)

xeroxcz · #8 Příspěvek od **xeroxcz** » 03 úno 2014 10:22

Vypadá to, že vir byl zlikvidován

. Děkuji za odbornou pomoc

.

#9 Příspěvek od **vyosek** » 03 úno 2014 10:40

Jeste mi dejte prosim log z ComboFixu, ten je vetsinou potreba docistit

xeroxcz · #10 Příspěvek od **xeroxcz** » 03 úno 2014 10:45

ComboFix 14-02-01.01 - Lupi 03.02.2014 10:09:29.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8136.6164 [GMT 1:00]
Spuštěný z: C:\Users\Lupi\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky Anti-Virus *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky Anti-Virus *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))

C:\ProgramData\Roaming
C:\Users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\jusched.exe
C:\Users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\libcurl-4.dll
C:\Users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\libcurl.dll
C:\Users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\libeay32.dll
C:\Users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\libidn-11.dll
C:\Users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\librtmp.dll
C:\Users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\libssh2.dll
C:\Users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\libusb-1.0.dll
C:\Users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\pthreadGC2.dll
C:\Users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\SearchIndexer.exe
C:\Users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\ssl.exe
C:\Users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\ssleay32.dll
C:\Users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\svchost.exe
C:\Users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\updater.exe
C:\Users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\zlib1.dll
C:\windows\pkunzip.pif
C:\windows\pkzip.pif
C:\windows\s.bat
C:\windows\wininit.ini

((((((((((((((((((((((((( Soubory vytvořené od 2014-01-03 do 2014-02-03 )))))))))))))))))))))))))))))))

2014-02-03 08:52:05 . 2014-02-03 08:53:11 -------- d-----w- C:\AdwCleaner
2014-02-03 08:41:07 . 2014-02-03 08:41:07 -------- d-----w- C:\windows\ERUNT
2014-02-03 08:38:03 . 2014-02-03 08:38:03 -------- d-----w- C:\ProgramData\Razer
2014-02-03 08:03:15 . 2014-02-03 08:09:01 -------- d-----w- C:\FRST
2014-02-02 13:10:07 . 2005-03-18 17:01:46 626688 ----a-w- C:\windows\SysWow64\NCTImageFile.dll
2014-02-02 13:10:07 . 2003-07-08 17:50:36 344064 ----a-w- C:\windows\SysWow64\MSVCR70.DLL
2014-02-02 13:10:07 . 2001-08-23 19:00:00 1700352 ----a-w- C:\windows\SysWow64\GdiPlus.dll
2014-02-02 13:10:06 . 2006-07-28 13:38:26 53248 ----a-w- C:\windows\SysWow64\RegisterExe.exe
2014-02-02 13:10:06 . 2005-01-24 15:23:10 69632 ----a-w- C:\windows\SysWow64\PDFOCX.ocx
2014-02-02 13:10:06 . 2004-09-19 00:55:02 278528 ----a-w- C:\windows\SysWow64\AdvImgLib.dll
2014-02-02 13:10:06 . 2004-07-29 03:14:32 1313280 ----a-w- C:\windows\SysWow64\ISED.DLL
2014-02-02 13:10:06 . 2004-07-09 02:45:46 761856 ----a-w- C:\windows\SysWow64\FreeImage3.dll
2014-02-02 13:10:06 . 2004-07-09 02:45:46 761856 ----a-w- C:\windows\SysWow64\FreeImage.dll
2014-02-02 13:10:06 . 2003-06-11 01:27:52 106496 ----a-w- C:\windows\SysWow64\SeeThroughPicture.ocx
2014-02-02 13:10:06 . 2000-05-22 03:00:00 244416 ----a-w- C:\windows\SysWow64\Msflxgrd.ocx
2014-02-02 13:10:06 . 1999-05-07 03:00:00 140288 ----a-w- C:\windows\SysWow64\comdlg32.ocx
2014-02-01 19:56:50 . 2014-02-01 20:03:27 -------- d-----w- C:\Users\Lupi\AppData\Local\PokerStars
2014-02-01 15:02:53 . 2014-02-01 15:02:53 -------- d-----w- C:\Users\Lupi\AppData\Local\Skype
2014-02-01 15:02:52 . 2014-02-03 09:18:51 -------- d-----w- C:\Users\Lupi\AppData\Roaming\Skype
2014-02-01 15:02:47 . 2014-02-01 15:02:47 -------- d-----w- C:\Program Files (x86)\Common Files\Skype
2014-02-01 15:02:47 . 2014-02-01 15:02:47 -------- d-----r- C:\Program Files (x86)\Skype
2014-02-01 15:02:46 . 2014-02-01 15:02:47 -------- d-----w- C:\ProgramData\Skype
2014-01-31 23:31:15 . 2014-01-31 23:31:15 -------- d-----w- C:\Users\Lupi\AppData\Roaming\Apple Computer
2014-01-31 23:31:14 . 2014-01-31 23:44:27 -------- d-----w- C:\ProgramData\ProductData
2014-01-31 23:31:13 . 2014-01-31 23:31:13 -------- d-----w- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-31 23:31:08 . 2014-02-03 08:53:52 -------- d-----w- C:\Program Files (x86)\IObit
2014-01-31 23:29:14 . 2014-02-01 17:05:53 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2014-01-31 23:29:11 . 2014-02-01 19:32:21 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-31 23:19:57 . 2014-01-31 23:47:30 -------- d-----w- C:\ProgramData\IObit
2014-01-31 23:19:51 . 2014-01-31 23:31:14 -------- d-----w- C:\Users\Lupi\AppData\Roaming\IObit
2014-01-31 23:13:33 . 2014-01-31 23:13:33 -------- d-----w- C:\Users\Lupi\AppData\Local\LogMeIn
2014-01-31 23:13:33 . 2014-01-31 23:13:33 -------- d-----w- C:\ProgramData\LogMeIn
2014-01-31 21:38:24 . 2014-01-31 21:38:24 -------- d-----w- C:\Program Files (x86)\Microsoft XNA
2014-01-31 21:08:53 . 2009-03-18 16:35:42 33856 ---ha-w- C:\windows\system32\hamachi.sys
2014-01-31 20:51:27 . 2004-10-22 01:18:12 749568 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2014-01-31 20:51:27 . 2004-10-22 01:17:48 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2014-01-31 20:51:27 . 2004-10-22 01:17:04 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2014-01-31 20:51:27 . 2004-10-22 01:16:28 180224 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2014-01-31 20:51:27 . 2004-10-22 01:16:10 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2014-01-31 20:51:19 . 2014-01-31 20:51:19 323716 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2014-01-31 20:51:19 . 2014-01-31 20:51:19 192644 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2014-01-31 08:35:28 . 2013-12-04 03:28:24 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F5314C82-9E31-4077-861D-53BDF3C2899A}\mpengine.dll
2014-01-29 19:02:45 . 2014-01-29 19:02:48 -------- d-----w- C:\ProgramData\CyberLink
2014-01-29 19:02:40 . 2014-01-29 19:02:40 -------- d-----w- C:\Users\Lupi\AppData\Roaming\CyberLink
2014-01-29 19:02:40 . 2014-01-29 19:02:40 -------- d-----w- C:\Users\Lupi\AppData\Local\CyberLink
2014-01-29 17:35:06 . 2014-01-29 17:35:06 -------- d-----w- C:\Users\Lupi\AppData\Local\4A Games
2014-01-27 09:24:36 . 2014-01-27 09:24:36 -------- d-----w- C:\ProgramData\Blizzard Entertainment
2014-01-26 00:10:31 . 2014-01-26 00:10:31 -------- d-----w- C:\Users\Lupi\AppData\Local\Blizzard
2014-01-25 09:12:25 . 2014-01-25 09:12:25 -------- d-----w- C:\Users\Lupi\AppData\Roaming\mrrescue
2014-01-15 08:44:20 . 2013-11-27 01:41:37 343040 ----a-w- C:\windows\system32\drivers\usbhub.sys
2014-01-15 08:44:20 . 2013-11-27 01:41:15 99840 ----a-w- C:\windows\system32\drivers\usbccgp.sys
2014-01-15 08:44:20 . 2013-11-27 01:41:11 53248 ----a-w- C:\windows\system32\drivers\usbehci.sys
2014-01-15 08:44:20 . 2013-11-27 01:41:11 325120 ----a-w- C:\windows\system32\drivers\usbport.sys
2014-01-15 08:44:20 . 2013-11-27 01:41:09 25600 ----a-w- C:\windows\system32\drivers\usbohci.sys
2014-01-15 08:44:20 . 2013-11-27 01:41:06 30720 ----a-w- C:\windows\system32\drivers\usbuhci.sys
2014-01-15 08:44:20 . 2013-11-27 01:41:03 7808 ----a-w- C:\windows\system32\drivers\usbd.sys
2014-01-15 08:44:19 . 2013-11-26 11:40:00 376768 ----a-w- C:\windows\system32\drivers\netio.sys
2014-01-15 08:44:19 . 2013-11-26 10:32:56 3156480 ----a-w- C:\windows\system32\win32k.sys
2014-01-14 21:08:05 . 2014-01-14 21:08:05 -------- d-----w- C:\windows\45235788142C44BE8A4DDDE9A84492E5.TMP
2014-01-14 21:08:03 . 2014-01-14 21:08:03 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2014-01-14 21:07:12 . 2014-01-14 21:07:12 -------- d-----w- C:\Users\Lupi\AppData\Roaming\InstallShield Installation Information
2014-01-14 20:36:42 . 2014-01-14 20:36:43 -------- d-----w- C:\Program Files\CCleaner
2014-01-14 19:39:57 . 2014-01-14 19:40:02 -------- d-----w- C:\Users\Lupi\AppData\Local\Mozilla
2014-01-14 19:30:18 . 2014-01-14 19:30:18 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-14 14:41:46 . 2014-01-14 14:41:46 -------- d-----w- C:\Users\Lupi\AppData\Local\Blizzard Entertainment
2014-01-14 14:41:44 . 2014-01-31 23:58:59 -------- d-----w- C:\Users\Lupi\AppData\Local\Battle.net
2014-01-14 14:41:44 . 2014-01-14 14:44:21 -------- d-----w- C:\Users\Lupi\AppData\Roaming\Battle.net
2014-01-14 14:41:38 . 2014-01-26 00:05:09 -------- d-----w- C:\Program Files (x86)\Battle.net
2014-01-10 22:48:54 . 2014-01-10 22:48:54 -------- d-----w- C:\Users\Lupi\.objectdb
2014-01-10 22:48:51 . 2014-01-10 22:48:51 -------- d-----w- C:\Users\Lupi\AppData\Roaming\VitySoft
2014-01-10 22:48:35 . 2014-01-10 22:48:36 -------- d-----w- C:\ProgramData\Oracle
2014-01-10 22:48:33 . 2014-01-10 22:48:33 -------- d-----w- C:\Program Files (x86)\Common Files\Java
2014-01-10 22:48:29 . 2014-01-10 22:48:26 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-10 22:48:25 . 2014-01-10 22:48:25 -------- d-----w- C:\Program Files (x86)\Java
2014-01-10 12:06:24 . 2014-01-10 12:06:25 -------- d-----w- C:\Users\Lupi\AppData\Local\DayZCommander
2014-01-09 14:49:00 . 2014-01-09 14:49:00 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
2014-01-09 14:48:58 . 2014-01-14 20:37:57 -------- d-----w- C:\Users\Lupi\AppData\Roaming\Winamp
2014-01-09 14:48:58 . 2014-01-09 14:49:30 -------- d-----w- C:\Program Files (x86)\Winamp
2014-01-08 21:07:31 . 2014-01-08 21:07:31 -------- d-----w- C:\windows\SysWow64\NV
2014-01-08 21:07:31 . 2014-01-08 21:07:31 -------- d-----w- C:\windows\system32\NV
2014-01-08 21:03:06 . 2014-01-08 21:03:06 -------- d-----w- C:\NVIDIA
2014-01-07 09:53:46 . 2013-01-25 12:58:02 1368064 ----a-w- C:\ProgramData\Microsoft\Windows\Templates\A4Tech\OscarX7Editor5Mode\Setup.exe
2014-01-06 18:57:23 . 2014-01-06 18:57:23 -------- d-----w- C:\Users\Lupi\AppData\Local\WarThunder
2014-01-06 18:57:23 . 2014-01-06 18:57:23 -------- d-----w- C:\ProgramData\WarThunder
2014-01-06 18:49:01 . 2014-01-06 18:49:02 -------- d-----w- C:\Program Files (x86)\7-Zip
2014-01-05 20:07:32 . 2014-01-05 20:07:32 98304 ----a-w- C:\windows\SysWow64\CmdLineExt.dll
2014-01-05 19:36:21 . 2004-04-18 22:42:00 733184 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iKernel.dll
2014-01-05 19:36:21 . 2004-04-18 22:40:42 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\ctor.dll
2014-01-05 19:36:21 . 2004-04-18 22:39:58 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iscript.dll
2014-01-05 19:36:21 . 2004-04-18 22:39:28 172032 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iuser.dll
2014-01-05 19:36:21 . 2004-04-18 22:39:14 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\DotNetInstaller.exe
2014-01-05 19:36:20 . 2014-01-05 19:36:20 303236 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\setup.dll
2014-01-05 19:36:20 . 2014-01-05 19:36:20 180356 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iGdi.dll
2014-01-05 10:25:26 . 2014-01-06 19:52:48 -------- d-----w- C:\Program Files (x86)\Anti-Vibrate Oscar Editor
.

(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))

2014-01-16 07:41:15 . 2013-11-14 12:26:04 86054176 ----a-w- C:\windows\system32\MRT.exe
2013-12-25 15:32:07 . 2013-12-25 15:30:47 121416 ----a-w- C:\windows\system32\drivers\MijXfilt.sys
2013-12-19 20:33:31 . 2011-12-20 10:09:15 3071656 ----a-w- C:\windows\system32\nvapi64.dll
2013-12-19 20:33:31 . 2011-12-20 10:09:15 2698272 ----a-w- C:\windows\SysWow64\nvapi.dll
2013-12-19 20:33:31 . 2011-12-20 10:09:15 168616 ----a-w- C:\windows\system32\nvinitx.dll
2013-12-19 20:33:31 . 2011-12-20 10:09:15 1436528 ----a-w- C:\windows\system32\nvumdshimx.dll
2013-12-19 20:33:31 . 2011-12-20 10:09:15 141336 ----a-w- C:\windows\SysWow64\nvinit.dll
2013-12-19 20:33:31 . 2011-12-20 10:09:15 1242400 ----a-w- C:\windows\SysWow64\nvumdshim.dll
2013-12-19 18:53:46 . 2011-05-02 19:35:52 6671648 ----a-w- C:\windows\system32\nvcpl.dll
2013-12-19 18:53:46 . 2011-05-02 19:35:36 3490080 ----a-w- C:\windows\system32\nvsvc64.dll
2013-12-19 18:53:44 . 2011-05-02 19:36:02 922912 ----a-w- C:\windows\system32\nvvsvc.exe
2013-12-19 18:53:44 . 2011-05-02 19:36:02 63776 ----a-w- C:\windows\system32\nvshext.dll
2013-12-19 18:53:44 . 2011-05-02 19:36:02 598304 ----a-w- C:\windows\SysWow64\oemdspif.dll
2013-12-19 18:53:44 . 2011-05-02 19:36:02 386336 ----a-w- C:\windows\system32\nvmctray.dll
2013-12-19 18:53:44 . 2011-05-02 19:36:00 67072 ----a-w- C:\windows\system32\nv3dappshextr.dll
2013-12-19 18:53:44 . 2011-05-02 19:36:00 2559776 ----a-w- C:\windows\system32\nvsvcr.dll
2013-12-19 18:53:44 . 2011-05-02 19:36:00 1065248 ----a-w- C:\windows\system32\nv3dappshext.dll
2013-12-19 05:01:48 . 2011-05-02 19:36:00 3539040 ----a-w- C:\windows\system32\nvcoproc.bin
2013-12-18 05:13:56 . 2010-11-21 03:27:21 270496 ------w- C:\windows\system32\MpSigStub.exe
2013-12-10 02:13:11 . 2013-11-14 11:03:22 982232 ----a-w- C:\windows\SysWow64\nvspcap.dll
2013-12-10 02:13:01 . 2013-11-14 11:03:22 1100248 ----a-w- C:\windows\system32\nvspcap64.dll
2013-12-05 08:42:30 . 2013-12-18 17:40:53 39200 ----a-w- C:\windows\system32\drivers\nvvad64v.sys
2013-12-05 08:42:26 . 2013-12-18 17:40:53 32544 ----a-w- C:\windows\SysWow64\nvaudcap32v.dll
2013-12-05 08:42:26 . 2013-11-14 11:02:47 35104 ----a-w- C:\windows\system32\nvaudcap64v.dll
2013-11-26 11:54:49 . 2013-12-12 00:48:36 23183360 ----a-w- C:\windows\system32\mshtml.dll
2013-11-26 10:19:07 . 2013-12-12 00:48:38 2724864 ----a-w- C:\windows\system32\mshtml.tlb
2013-11-26 10:18:23 . 2013-12-12 00:48:37 4096 ----a-w- C:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48:07 . 2013-12-12 00:48:37 66048 ----a-w- C:\windows\system32\iesetup.dll
2013-11-26 09:46:25 . 2013-12-12 00:48:36 48640 ----a-w- C:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41:43 . 2013-12-12 00:48:35 2764288 ----a-w- C:\windows\system32\iertutil.dll
2013-11-26 09:29:38 . 2013-12-12 00:48:37 53760 ----a-w- C:\windows\system32\jsproxy.dll
2013-11-26 09:27:54 . 2013-12-12 00:48:37 33792 ----a-w- C:\windows\system32\iernonce.dll
2013-11-26 09:23:02 . 2013-12-12 00:48:38 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21:24 . 2013-12-12 00:48:37 574976 ----a-w- C:\windows\system32\ieui.dll
2013-11-26 09:18:39 . 2013-12-12 00:48:37 139264 ----a-w- C:\windows\system32\ieUnatt.exe
2013-11-26 09:18:09 . 2013-12-12 00:48:36 111616 ----a-w- C:\windows\system32\ieetwcollector.exe
2013-11-26 09:16:57 . 2013-12-12 00:48:36 708608 ----a-w- C:\windows\system32\jscript9diag.dll
2013-11-26 08:57:44 . 2013-12-12 00:48:37 218624 ----a-w- C:\windows\system32\ie4uinit.exe
2013-11-26 08:35:02 . 2013-12-12 00:48:33 5769216 ----a-w- C:\windows\system32\jscript9.dll
2013-11-26 08:28:16 . 2013-12-12 00:48:36 553472 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12 . 2013-12-12 00:48:33 4243968 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-11-26 08:02:16 . 2013-12-12 00:48:35 1995264 ----a-w- C:\windows\system32\inetcpl.cpl
2013-11-26 07:48:24 . 2013-12-12 00:48:34 12996608 ----a-w- C:\windows\system32\ieframe.dll
2013-11-26 07:32:06 . 2013-12-12 00:48:35 1928192 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57 . 2013-12-12 00:48:35 2334208 ----a-w- C:\windows\system32\wininet.dll
2013-11-26 06:40:01 . 2013-12-12 00:48:35 1395200 ----a-w- C:\windows\system32\urlmon.dll
2013-11-26 06:34:27 . 2013-12-12 00:48:36 817664 ----a-w- C:\windows\system32\ieapfltr.dll
2013-11-26 06:33:33 . 2013-12-12 00:48:35 1820160 ----a-w- C:\windows\SysWow64\wininet.dll
2013-11-23 18:26:20 . 2013-12-11 12:29:00 417792 ----a-w- C:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34 . 2013-12-11 12:29:00 465920 ----a-w- C:\windows\system32\WMPhoto.dll
2013-11-19 10:04:40 . 2013-11-19 10:04:40 940032 ----a-w- C:\windows\system32\MsSpellCheckingFacility.exe
2013-11-19 10:04:40 . 2013-11-19 10:04:40 194048 ----a-w- C:\windows\SysWow64\elshyph.dll
2013-11-19 10:04:38 . 2013-11-19 10:04:38 71680 ----a-w- C:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-19 10:04:38 . 2013-11-19 10:04:38 645120 ----a-w- C:\windows\SysWow64\jsIntl.dll
2013-11-19 10:04:38 . 2013-11-19 10:04:38 235008 ----a-w- C:\windows\system32\elshyph.dll
2013-11-19 10:04:38 . 2013-11-19 10:04:38 182272 ----a-w- C:\windows\SysWow64\msls31.dll
2013-11-19 10:04:37 . 2013-11-19 10:04:37 942592 ----a-w- C:\windows\system32\jsIntl.dll
2013-11-19 10:04:37 . 2013-11-19 10:04:37 86016 ----a-w- C:\windows\SysWow64\iesysprep.dll
2013-11-19 10:04:37 . 2013-11-19 10:04:37 86016 ----a-w- C:\windows\system32\RegisterIEPKEYs.exe
2013-11-19 10:04:37 . 2013-11-19 10:04:37 74240 ----a-w- C:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-19 10:04:37 . 2013-11-19 10:04:37 62464 ----a-w- C:\windows\SysWow64\tdc.ocx
2013-11-19 10:04:37 . 2013-11-19 10:04:37 61952 ----a-w- C:\windows\SysWow64\MshtmlDac.dll
2013-11-19 10:04:37 . 2013-11-19 10:04:37 61952 ----a-w- C:\windows\SysWow64\iesetup.dll
2013-11-19 10:04:37 . 2013-11-19 10:04:37 51200 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2013-11-19 10:04:37 . 2013-11-19 10:04:37 48640 ----a-w- C:\windows\SysWow64\mshtmler.dll
2013-11-19 10:04:37 . 2013-11-19 10:04:37 454656 ----a-w- C:\windows\SysWow64\vbscript.dll
2013-11-19 10:04:37 . 2013-11-19 10:04:37 36352 ----a-w- C:\windows\SysWow64\imgutil.dll
2013-11-19 10:04:37 . 2013-11-19 10:04:37 34816 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-19 10:04:37 . 2013-11-19 10:04:37 337408 ----a-w- C:\windows\SysWow64\html.iec
2013-11-19 10:04:37 . 2013-11-19 10:04:37 247808 ----a-w- C:\windows\system32\msls31.dll
2013-11-19 10:04:37 . 2013-11-19 10:04:37 24576 ----a-w- C:\windows\SysWow64\licmgr10.dll
2013-11-19 10:04:37 . 2013-11-19 10:04:37 151552 ----a-w- C:\windows\SysWow64\iexpress.exe
2013-11-19 10:04:37 . 2013-11-19 10:04:37 139264 ----a-w- C:\windows\SysWow64\wextract.exe
2013-11-19 10:04:37 . 2013-11-19 10:04:37 13312 ----a-w- C:\windows\SysWow64\mshta.exe
2013-11-19 10:04:37 . 2013-11-19 10:04:37 112128 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2013-11-19 10:04:37 . 2013-11-19 10:04:37 111616 ----a-w- C:\windows\SysWow64\IEAdvpack.dll
2013-11-19 10:04:37 . 2013-11-19 10:04:37 1051136 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2013-11-19 10:04:36 . 2013-11-19 10:04:36 90112 ----a-w- C:\windows\system32\SetIEInstalledDate.exe
2013-11-19 10:04:36 . 2013-11-19 10:04:36 84992 ----a-w- C:\windows\system32\mshtmled.dll
2013-11-19 10:04:36 . 2013-11-19 10:04:36 83968 ----a-w- C:\windows\system32\MshtmlDac.dll
2013-11-19 10:04:36 . 2013-11-19 10:04:36 81408 ----a-w- C:\windows\system32\icardie.dll
2013-11-19 10:04:36 . 2013-11-19 10:04:36 774144 ----a-w- C:\windows\system32\jscript.dll
2013-11-19 10:04:36 . 2013-11-19 10:04:36 77312 ----a-w- C:\windows\system32\tdc.ocx
2013-11-19 10:04:36 . 2013-11-19 10:04:36 626176 ----a-w- C:\windows\system32\msfeeds.dll
2013-11-19 10:04:36 . 2013-11-19 10:04:36 62464 ----a-w- C:\windows\system32\pngfilt.dll
2013-11-19 10:04:36 . 2013-11-19 10:04:36 616104 ----a-w- C:\windows\system32\ieapfltr.dat
2013-11-19 10:04:36 . 2013-11-19 10:04:36 548352 ----a-w- C:\windows\system32\vbscript.dll
2013-11-19 10:04:36 . 2013-11-19 10:04:36 52224 ----a-w- C:\windows\system32\msfeedsbs.dll
2013-11-19 10:04:36 . 2013-11-19 10:04:36 48640 ----a-w- C:\windows\system32\mshtmler.dll
2013-11-19 10:04:36 . 2013-11-19 10:04:36 48128 ----a-w- C:\windows\system32\imgutil.dll
2013-11-19 10:04:36 . 2013-11-19 10:04:36 453120 ----a-w- C:\windows\system32\dxtmsft.dll
2013-11-19 10:04:36 . 2013-11-19 10:04:36 413696 ----a-w- C:\windows\system32\html.iec
2013-11-19 10:04:36 . 2013-11-19 10:04:36 40448 ----a-w- C:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-19 10:04:36 . 2013-11-19 10:04:36 30208 ----a-w- C:\windows\system32\licmgr10.dll
2013-11-19 10:04:36 . 2013-11-19 10:04:36 296960 ----a-w- C:\windows\system32\dxtrans.dll
2013-11-19 10:04:36 . 2013-11-19 10:04:36 263376 ----a-w- C:\windows\system32\iedkcs32.dll
2013-11-19 10:04:36 . 2013-11-19 10:04:36 243200 ----a-w- C:\windows\system32\webcheck.dll
2013-11-19 10:04:36 . 2013-11-19 10:04:36 235520 ----a-w- C:\windows\system32\url.dll
2013-11-19 10:04:36 . 2013-11-19 10:04:36 195584 ----a-w- C:\windows\system32\msrating.dll
2013-11-19 10:04:36 . 2013-11-19 10:04:36 167424 ----a-w- C:\windows\system32\iexpress.exe

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))

*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="D:\Program Files\DAEMON Tools Lite\DTLite.exe" [2013-03-14 08:23:30 3672640]
"LenovoR.I.C.Tray"="C:\Program Files (x86)\Lenovo\RobustIntelligentCompanion\LenovoR.I.C.Tray.exe" [2011-12-20 10:41:16 2569568]
"OscarX7Mouse5Mode"="C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe" [2013-02-01 13:58:20 3571712]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe" [2014-01-14 17:47:54 20728480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-12 18:00:38 283160]
"UpdatePRCShortCut"="C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 16:38:24 222504]
"AVP"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe" [2010-03-12 19:29:22 311680]
"VeriFaceManager"="C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe" [2011-12-20 10:43:11 329056]
"NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 01:53:16 113288]
"YouCam Tray"="C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-28 23:29:36 228448]
"YouCam Mirage"="C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-28 23:29:36 136488]
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 17:36:46 30040]
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 12:37:14 517096]
"AdobeCS5ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 03:57:06 406992]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 08:16:26 254336]

C:\Users\Lupi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Trillian.lnk - D:\Program Files (x86)\Trillian\trillian.exe [2013-10-21 2622832]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe [2011-5-12 1211168]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=C:\Windows\SysWOW64\nvinit.dll C:\PROGRA~2\KASPER~1\KASPER~1.0FO\adialhk.dll C:\PROGRA~2\KASPER~1\KASPER~1.0FO\kloehk.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe;C:\Program Files (x86)\Skype\Updater\Updater.exe [x]
R3 BTWAMPFL;BTWAMPFL;C:\windows\system32\DRIVERS\btwampfl.sys;C:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
R3 BTWDPAN;Bluetooth Personal Area Network;C:\windows\system32\DRIVERS\btwdpan.sys;C:\windows\SYSNATIVE\DRIVERS\btwdpan.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;C:\windows\system32\DRIVERS\btwl2cap.sys;C:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\system32\IEEtwCollector.exe;C:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\windows\system32\DRIVERS\MijXfilt.sys;C:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys;C:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys;C:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys;C:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;C:\windows\system32\Wat\WatAdminSvc.exe;C:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R3 wsvd;wsvd;C:\windows\system32\DRIVERS\wsvd.sys;C:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 HybridDisk;HybridDisk;C:\windows\System32\DRIVERS\HybridDiskX64.sys;C:\windows\SYSNATIVE\DRIVERS\HybridDiskX64.sys [x]
S0 LHDmgr;LHDmgr;C:\windows\System32\DRIVERS\LhdX64.sys;C:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;C:\windows\system32\DRIVERS\nvpciflt.sys;C:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\system32\DRIVERS\dtsoftbus01.sys;C:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 hybridcfile;hybridcfile;C:\windows\system32\DRIVERS\HybridCFileX64.sys;C:\windows\SYSNATIVE\DRIVERS\HybridCFileX64.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\windows\system32\DRIVERS\klim6.sys;C:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 winioex;winioex;C:\windows\system32\drivers\winioex.sys;C:\windows\SYSNATIVE\drivers\winioex.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
S2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\system32\DRIVERS\AcpiVpc.sys;C:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\system32\DRIVERS\clwvd.sys;C:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 DelayMan;ACPI DelayMan Filter Service;C:\windows\system32\DRIVERS\delayman.sys;C:\windows\SYSNATIVE\DRIVERS\delayman.sys [x]
S3 IntcDAud;Intel(R) Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys;C:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 JMCR;JMCR;C:\windows\system32\DRIVERS\jmcr.sys;C:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\windows\system32\DRIVERS\k57nd60a.sys;C:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\windows\system32\DRIVERS\klfltdev.sys;C:\windows\SYSNATIVE\DRIVERS\klfltdev.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\system32\DRIVERS\nusb3hub.sys;C:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\system32\DRIVERS\nusb3xhc.sys;C:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\windows\system32\drivers\nvvad64v.sys;C:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 rtsuvc;Lenovo EasyCamera;C:\windows\system32\DRIVERS\rtsuvc.sys;C:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
S3 wdkmd;Intel WiDi KMD;C:\windows\system32\DRIVERS\WDKMD.sys;C:\windows\SYSNATIVE\DRIVERS\WDKMD.sys [x]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - WS2IFSL

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-28 17:58:28 1211672 ----a-w- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\Installer\chrmstp.exe

Obsah adresáře 'Naplánované úlohy'

2014-02-03 C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-20 10:38:51 . 2011-12-20 10:38:50]

2014-02-03 C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-20 10:38:51 . 2011-12-20 10:38:50]

--------- X64 Entries -----------

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2011-12-20 10:43:13 1508192 ----a-w- C:\Windows\System32\IcnOvrly.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-28 08:29:28 11786344]
"IntelPAN"="C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 14:16:58 1935120]
"OnekeyStudio"="C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2011-12-20 10:42:51 789920]
"Energy Management"="C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe" [2011-12-20 10:48:20 9753024]
"EnergyUtility"="C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe" [2011-12-20 10:48:20 5908928]
"Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-08 20:49:00 1028384]
"ShadowPlay"="C:\windows\system32\nvspcap64.dll" [2013-12-10 02:13:01 1100248]
"IgfxTray"="C:\windows\system32\igfxtray.exe" [2012-12-14 01:42:14 172144]
"HotKeysCmds"="C:\windows\system32\hkcmd.exe" [2012-12-14 01:42:10 399984]
"Persistence"="C:\windows\system32\igfxpers.exe" [2012-12-14 01:42:14 441968]
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 02:15:27 2279712]
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 02:44:40 500208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=C:\Windows\System32\nvinitx.dll C:\PROGRA~2\KASPER~1\KASPER~1.0FO\x64\kloehk.dll C:\PROGRA~2\KASPER~1\KASPER~1.0FO\x64\adialhk.dll

------- Doplňkový sken -------

uStart Page = hxxp://lenovo.msn.com
uLocal Page = C:\windows\system32\blank.htm
mLocal Page = C:\Windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: Přidat do Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\ie_banner_deny.htm
IE: WikiKomentáře Google... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 10.0.1.2
FF - ProfilePath - C:\Users\Lupi\AppData\Roaming\Mozilla\Firefox\Profiles\g532ato1.default\

- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-SmartRAM - C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suo10_SmartRAM.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

#11 Příspěvek od **vyosek** » 03 úno 2014 21:46

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

DDS::
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"=-
"NvBackend"=-
"AdobeAAMUpdater-1.0"=-
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000000
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
"Skype"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdatePRCShortCut"=-
"GrooveMonitor"=-
"SwitchBoard"=-
"AdobeCS5ServiceManager"=-
"SunJavaUpdateSched"=-

File::
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Driver::
LiveUpdateSvc

Folder::
C:\Program Files (x86)\IObit
C:\Users\Lupi\AppData\Roaming\IObit
C:\ProgramData\Spybot - Search & Destroy
C:\ProgramData\IObit
C:\Program Files (x86)\Spybot - Search & Destroy 2

ClearJavaCache::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

xeroxcz · #12 Příspěvek od **xeroxcz** » 03 úno 2014 22:52

ComboFix 14-02-03.01 - Lupi 03.02.2014 22:43:51.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8136.5450 [GMT 1:00]
Spuštěný z: c:\users\Lupi\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Lupi\Desktop\CFScript.txt
AV: Kaspersky Anti-Virus *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky Anti-Virus *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky Anti-Virus *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\IObit
c:\program files (x86)\IObit\Game Booster 3\Boost.log
c:\program files (x86)\IObit\Game Booster 3\gamebooster.log
c:\program files (x86)\IObit\Game Booster 3\gbtray.log
c:\program files (x86)\IObit\Game Booster 3\GBV3ContextMenu.dll
c:\program files (x86)\IObit\Game Booster 3\LatestGames\LatestGames.ini
c:\program files (x86)\IObit\Game Booster 3\LatestNews\LatestNews.ini
c:\program files (x86)\IObit\Game Booster 3\NewUpdater.exe
c:\program files (x86)\IObit\Game Booster 3\Update\Update.Ini
c:\program files (x86)\IObit\LiveUpdate\Language\Arabic.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Belarusian.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Czech.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Danish.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Dinka.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Dutch.lng
c:\program files (x86)\IObit\LiveUpdate\Language\English.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Finnish.lng
c:\program files (x86)\IObit\LiveUpdate\Language\French.lng
c:\program files (x86)\IObit\LiveUpdate\Language\German.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Hungarian.lng
c:\program files (x86)\IObit\LiveUpdate\Language\ChineseSimp.lng
c:\program files (x86)\IObit\LiveUpdate\Language\ChineseTrad.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Indonesia.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Italian.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Japanese.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Korean.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Latvian.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Malayalam.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Polish.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Portuguese(PT-BR).lng
c:\program files (x86)\IObit\LiveUpdate\Language\Portuguese(PT-PT).lng
c:\program files (x86)\IObit\LiveUpdate\Language\Romanian.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Russian.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Serbian (cyrillic).lng
c:\program files (x86)\IObit\LiveUpdate\Language\Serbian (latin).lng
c:\program files (x86)\IObit\LiveUpdate\Language\Slovak.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Slovenian.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Spanish.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Swedish.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Turkish.lng
c:\program files (x86)\IObit\LiveUpdate\Language\Vietnamese.lng
c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe
c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.log
c:\program files (x86)\IObit\LiveUpdate\LiveUpdateSrvUpt.log
c:\program files (x86)\IObit\LiveUpdate\ProductStatistics.dll
c:\program files (x86)\IObit\LiveUpdate\ProductUpt.log
c:\program files (x86)\IObit\LiveUpdate\system.ini
c:\program files (x86)\IObit\LiveUpdate\update\update.spt
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\ASCUrlScanner.dll
c:\program files (x86)\IObit\Surfing Protection\BrowerProtect\np_Asc_plugin.dll
c:\program files (x86)\IObit\Surfing Protection\Database\base_safe_browse_0106
c:\program files (x86)\IObit\Surfing Protection\Database\base_upt_add
c:\program files (x86)\IObit\Surfing Protection\Extensions.plist
c:\program files (x86)\IObit\Surfing Protection\Update\Update.ini
c:\program files (x86)\Spybot - Search & Destroy 2
c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe.log
c:\programdata\IObit
c:\programdata\IObit\Advanced SystemCare V7\App.bk
c:\programdata\IObit\Advanced SystemCare V7\AscService.ini
c:\programdata\IObit\Advanced SystemCare V7\EApp.bk
c:\programdata\IObit\Advanced SystemCare V7\Ext.dat
c:\programdata\IObit\Advanced SystemCare V7\HealthLevel.ini
c:\programdata\IObit\Advanced SystemCare V7\Homepage Protection\ASCService.log
c:\programdata\IObit\Advanced SystemCare V7\Homepage Protection\homepage.log
c:\programdata\IObit\Advanced SystemCare V7\License.dat
c:\programdata\IObit\ASCDownloader\Advanced SystemCare.exe
c:\programdata\IObit\ASCDownloader\Advanced SystemCare.exe.dat
c:\programdata\IObit\ASCDownloader\Downloader.log
c:\programdata\IObit\Game Booster 3\Defrags.ini
c:\programdata\IObit\Game Booster 3\GameBooster.ini
c:\programdata\IObit\Game Booster 3\Process.ini
c:\programdata\IObit\Game Booster 3\TweaksBackup.reg
c:\programdata\IObit\Install.ini
c:\programdata\IObit\Public.ini
c:\programdata\Spybot - Search & Destroy
c:\programdata\Spybot - Search & Destroy\ClientCount.bin
c:\programdata\Spybot - Search & Destroy\Immunization.ini
c:\programdata\Spybot - Search & Destroy\Logs\Firewall.log
c:\programdata\Spybot - Search & Destroy\Logs\Scanner.log
c:\users\Lupi\AppData\Roaming\IObit
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\ASCTray.log
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\Backup\ASCBackup32-2014-02-01(00-40-57).reg
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\Backup\ASCBackup32-2014-02-01(12-50-00).reg
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\Backup\ASCBackup32-2014-02-02(02-20-29).reg
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\Backup\ASCBackup32-2014-02-02(14-30-29).reg
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\Backup\ASCBackup32-2014-02-03(09-34-20).reg
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\Boottime\AscTray_Delay.Log
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\Boottime\Boottime.ini
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\Boottime\LastAutoRunList.ini
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\DiskCleaner\Config.ini
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\EmptyFolder\Restore.ini
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\Homepage Protection\google.xml
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\Homepage Protection\Preferences.2014-02-01(00-31-29-950).new
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\Homepage Protection\Preferences.2014-02-01(00-31-29-950).old
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\Homepage Protection\prefs.js.2014-02-01(00-31-29-840).old
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\Homepage Protection\prefs.js.2014-02-01(00-31-29-850).new
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\Ignore.ini
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\Internet Booster\ASCChromeBak.dat
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\Internet Booster\ASCInternetBak.dat
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\Internet Booster\Local State.bk
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\Internet Booster\Preferences.bk
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\JFilterkey.dbd
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\License.log
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\Log\ASCLog-2014-02-01(00-33-38).txt
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\Log\ASCLog-2014-02-01(00-40-57).txt
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\Log\ASCLog-2014-02-01(12-50-00).txt
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\Log\ASCLog-2014-02-02(02-20-29).txt
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\Log\ASCLog-2014-02-02(14-30-29).txt
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\Log\ASCLog-2014-02-03(09-34-20).txt
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\Main.ini
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\MalwareIgnore.ini
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\PFilterkey.dbd
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\ProgramDeactivator\myAutoDisable.ini
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\ProgramDeactivator\myIdleDisable.ini
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\ProgramDeactivator\myIFEO.ini
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\ProgramDeactivator\myinifile.ini
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\ProgramDeactivator\myThreadControl.ini
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\RealTimeProtector.ini
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\SmartRAM\SmartRAM.ini
c:\users\Lupi\AppData\Roaming\IObit\Advanced SystemCare V7\Toolbox.ini
c:\users\Lupi\AppData\Roaming\IObit\IObit Malware Fighter\config.ini
c:\users\Lupi\AppData\Roaming\IObit\IObit Malware Fighter\ignore.ini
c:\users\Lupi\AppData\Roaming\IObit\IObit Malware Fighter\remember.ini
c:\users\Lupi\AppData\Roaming\IObit\IObit Uninstaller\BCleanerdb
c:\users\Lupi\AppData\Roaming\IObit\IObit Uninstaller\Install_PintoStartMenutemp.exe
c:\users\Lupi\AppData\Roaming\IObit\IObit Uninstaller\Main.ini
c:\users\Lupi\AppData\Roaming\IObit\IObit Uninstaller\MenuRight.dat
c:\users\Lupi\AppData\Roaming\IObit\IObit Uninstaller\UninstallDisplaytemp.exe
c:\users\Lupi\AppData\Roaming\IObit\IObit Uninstaller\UninstallPromotetemp.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
---- Předchozí spuštění -------
.
c:\users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\jusched.exe
c:\users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\libcurl-4.dll
c:\users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\libcurl.dll
c:\users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\libeay32.dll
c:\users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\libidn-11.dll
c:\users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\librtmp.dll
c:\users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\libssh2.dll
c:\users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\libusb-1.0.dll
c:\users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\pthreadGC2.dll
c:\users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\SearchIndexer.exe
c:\users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\ssl.exe
c:\users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\ssleay32.dll
c:\users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\svchost.exe
c:\users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\updater.exe
c:\users\Lupi\AppData\Roaming\Microsoft\SystemCertificates\My\Updater\zlib1.dll
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\s.bat
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_LiveUpdateSvc
-------\Legacy_WinRing0_1_2_0
-------\Service_WinRing0_1_2_0
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-01-03 do 2014-02-03 )))))))))))))))))))))))))))))))
.
.
2014-02-03 08:52 . 2014-02-03 08:53 -------- d-----w- C:\AdwCleaner
2014-02-03 08:41 . 2014-02-03 08:41 -------- d-----w- c:\windows\ERUNT
2014-02-03 08:38 . 2014-02-03 08:38 -------- d-----w- c:\programdata\Razer
2014-02-03 08:03 . 2014-02-03 08:09 -------- d-----w- C:\FRST
2014-02-02 13:10 . 2005-03-18 17:01 626688 ----a-w- c:\windows\SysWow64\NCTImageFile.dll
2014-02-02 13:10 . 2003-07-08 17:50 344064 ----a-w- c:\windows\SysWow64\MSVCR70.DLL
2014-02-02 13:10 . 2001-08-23 19:00 1700352 ----a-w- c:\windows\SysWow64\GdiPlus.dll
2014-02-02 13:10 . 2006-07-28 13:38 53248 ----a-w- c:\windows\SysWow64\RegisterExe.exe
2014-02-02 13:10 . 2005-01-24 15:23 69632 ----a-w- c:\windows\SysWow64\PDFOCX.ocx
2014-02-02 13:10 . 2004-09-19 00:55 278528 ----a-w- c:\windows\SysWow64\AdvImgLib.dll
2014-02-02 13:10 . 2004-07-29 03:14 1313280 ----a-w- c:\windows\SysWow64\ISED.DLL
2014-02-02 13:10 . 2004-07-09 02:45 761856 ----a-w- c:\windows\SysWow64\FreeImage3.dll
2014-02-02 13:10 . 2004-07-09 02:45 761856 ----a-w- c:\windows\SysWow64\FreeImage.dll
2014-02-02 13:10 . 2003-06-11 01:27 106496 ----a-w- c:\windows\SysWow64\SeeThroughPicture.ocx
2014-02-02 13:10 . 2000-05-22 03:00 244416 ----a-w- c:\windows\SysWow64\Msflxgrd.ocx
2014-02-02 13:10 . 1999-05-07 03:00 140288 ----a-w- c:\windows\SysWow64\comdlg32.ocx
2014-02-01 19:56 . 2014-02-01 20:03 -------- d-----w- c:\users\Lupi\AppData\Local\PokerStars
2014-02-01 15:02 . 2014-02-01 15:02 -------- d-----w- c:\users\Lupi\AppData\Local\Skype
2014-02-01 15:02 . 2014-02-03 21:19 -------- d-----w- c:\users\Lupi\AppData\Roaming\Skype
2014-02-01 15:02 . 2014-02-01 15:02 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-02-01 15:02 . 2014-02-01 15:02 -------- d-----r- c:\program files (x86)\Skype
2014-02-01 15:02 . 2014-02-01 15:02 -------- d-----w- c:\programdata\Skype
2014-01-31 23:31 . 2014-01-31 23:31 -------- d-----w- c:\users\Lupi\AppData\Roaming\Apple Computer
2014-01-31 23:31 . 2014-01-31 23:44 -------- d-----w- c:\programdata\ProductData
2014-01-31 23:31 . 2014-01-31 23:31 -------- d-----w- c:\programdata\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-31 23:13 . 2014-01-31 23:13 -------- d-----w- c:\users\Lupi\AppData\Local\LogMeIn
2014-01-31 23:13 . 2014-01-31 23:13 -------- d-----w- c:\programdata\LogMeIn
2014-01-31 21:38 . 2014-01-31 21:38 -------- d-----w- c:\program files (x86)\Microsoft XNA
2014-01-31 21:08 . 2009-03-18 16:35 33856 ---ha-w- c:\windows\system32\hamachi.sys
2014-01-31 20:51 . 2004-10-22 01:18 749568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2014-01-31 20:51 . 2004-10-22 01:17 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2014-01-31 20:51 . 2004-10-22 01:17 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2014-01-31 20:51 . 2004-10-22 01:16 180224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2014-01-31 20:51 . 2004-10-22 01:16 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2014-01-31 20:51 . 2014-01-31 20:51 323716 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2014-01-31 20:51 . 2014-01-31 20:51 192644 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2014-01-31 08:35 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F5314C82-9E31-4077-861D-53BDF3C2899A}\mpengine.dll
2014-01-29 19:02 . 2014-01-29 19:02 -------- d-----w- c:\programdata\CyberLink
2014-01-29 19:02 . 2014-01-29 19:02 -------- d-----w- c:\users\Lupi\AppData\Roaming\CyberLink
2014-01-29 19:02 . 2014-01-29 19:02 -------- d-----w- c:\users\Lupi\AppData\Local\CyberLink
2014-01-29 17:35 . 2014-01-29 17:35 -------- d-----w- c:\users\Lupi\AppData\Local\4A Games
2014-01-27 09:24 . 2014-01-27 09:24 -------- d-----w- c:\programdata\Blizzard Entertainment
2014-01-26 00:10 . 2014-01-26 00:10 -------- d-----w- c:\users\Lupi\AppData\Local\Blizzard
2014-01-25 09:12 . 2014-01-25 09:12 -------- d-----w- c:\users\Lupi\AppData\Roaming\mrrescue
2014-01-15 08:44 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-15 08:44 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-15 08:44 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-15 08:44 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-15 08:44 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-15 08:44 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-15 08:44 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-15 08:44 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
2014-01-15 08:44 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-01-14 21:08 . 2014-01-14 21:08 -------- d-----w- c:\windows\45235788142C44BE8A4DDDE9A84492E5.TMP
2014-01-14 21:08 . 2014-01-14 21:08 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2014-01-14 21:07 . 2014-01-14 21:07 -------- d-----w- c:\users\Lupi\AppData\Roaming\InstallShield Installation Information
2014-01-14 20:36 . 2014-01-14 20:36 -------- d-----w- c:\program files\CCleaner
2014-01-14 19:39 . 2014-01-14 19:40 -------- d-----w- c:\users\Lupi\AppData\Local\Mozilla
2014-01-14 19:30 . 2014-01-14 19:30 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2014-01-14 14:41 . 2014-01-14 14:41 -------- d-----w- c:\users\Lupi\AppData\Local\Blizzard Entertainment
2014-01-14 14:41 . 2014-01-31 23:58 -------- d-----w- c:\users\Lupi\AppData\Local\Battle.net
2014-01-14 14:41 . 2014-01-14 14:44 -------- d-----w- c:\users\Lupi\AppData\Roaming\Battle.net
2014-01-14 14:41 . 2014-01-26 00:05 -------- d-----w- c:\program files (x86)\Battle.net
2014-01-10 22:48 . 2014-01-10 22:48 -------- d-----w- c:\users\Lupi\.objectdb
2014-01-10 22:48 . 2014-01-10 22:48 -------- d-----w- c:\users\Lupi\AppData\Roaming\VitySoft
2014-01-10 22:48 . 2014-01-10 22:48 -------- d-----w- c:\programdata\Oracle
2014-01-10 22:48 . 2014-01-10 22:48 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-01-10 22:48 . 2014-01-10 22:48 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-10 22:48 . 2014-01-10 22:48 -------- d-----w- c:\program files (x86)\Java
2014-01-10 12:06 . 2014-01-10 12:06 -------- d-----w- c:\users\Lupi\AppData\Local\DayZCommander
2014-01-09 14:49 . 2014-01-09 14:49 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2014-01-09 14:48 . 2014-01-14 20:37 -------- d-----w- c:\users\Lupi\AppData\Roaming\Winamp
2014-01-09 14:48 . 2014-01-09 14:49 -------- d-----w- c:\program files (x86)\Winamp
2014-01-08 21:07 . 2014-01-08 21:07 -------- d-----w- c:\windows\SysWow64\NV
2014-01-08 21:07 . 2014-01-08 21:07 -------- d-----w- c:\windows\system32\NV
2014-01-08 21:03 . 2014-01-08 21:03 -------- d-----w- C:\NVIDIA
2014-01-07 09:53 . 2013-01-25 12:58 1368064 ----a-w- c:\programdata\Microsoft\Windows\Templates\A4Tech\OscarX7Editor5Mode\Setup.exe
2014-01-06 18:57 . 2014-01-06 18:57 -------- d-----w- c:\users\Lupi\AppData\Local\WarThunder
2014-01-06 18:57 . 2014-01-06 18:57 -------- d-----w- c:\programdata\WarThunder
2014-01-06 18:49 . 2014-01-06 18:49 -------- d-----w- c:\program files (x86)\7-Zip
2014-01-05 20:07 . 2014-01-05 20:07 98304 ----a-w- c:\windows\SysWow64\CmdLineExt.dll
2014-01-05 19:36 . 2004-04-18 22:42 733184 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iKernel.dll
2014-01-05 19:36 . 2004-04-18 22:40 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\ctor.dll
2014-01-05 19:36 . 2004-04-18 22:39 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iscript.dll
2014-01-05 19:36 . 2004-04-18 22:39 172032 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iuser.dll
2014-01-05 19:36 . 2004-04-18 22:39 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\DotNetInstaller.exe
2014-01-05 19:36 . 2014-01-05 19:36 303236 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\setup.dll
2014-01-05 19:36 . 2014-01-05 19:36 180356 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iGdi.dll
2014-01-05 10:25 . 2014-01-06 19:52 -------- d-----w- c:\program files (x86)\Anti-Vibrate Oscar Editor
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-16 07:41 . 2013-11-14 12:26 86054176 ----a-w- c:\windows\system32\MRT.exe
2013-12-25 15:32 . 2013-12-25 15:30 121416 ----a-w- c:\windows\system32\drivers\MijXfilt.sys
2013-12-19 20:33 . 2011-12-20 10:09 3071656 ----a-w- c:\windows\system32\nvapi64.dll
2013-12-19 20:33 . 2011-12-20 10:09 2698272 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-12-19 20:33 . 2011-12-20 10:09 168616 ----a-w- c:\windows\system32\nvinitx.dll
2013-12-19 20:33 . 2011-12-20 10:09 1436528 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-12-19 20:33 . 2011-12-20 10:09 141336 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-12-19 20:33 . 2011-12-20 10:09 1242400 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2013-12-19 18:53 . 2011-05-02 19:35 6671648 ----a-w- c:\windows\system32\nvcpl.dll
2013-12-19 18:53 . 2011-05-02 19:35 3490080 ----a-w- c:\windows\system32\nvsvc64.dll
2013-12-19 18:53 . 2011-05-02 19:36 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-12-19 18:53 . 2011-05-02 19:36 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-12-19 18:53 . 2011-05-02 19:36 598304 ----a-w- c:\windows\SysWow64\oemdspif.dll
2013-12-19 18:53 . 2011-05-02 19:36 386336 ----a-w- c:\windows\system32\nvmctray.dll
2013-12-19 18:53 . 2011-05-02 19:36 67072 ----a-w- c:\windows\system32\nv3dappshextr.dll
2013-12-19 18:53 . 2011-05-02 19:36 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-12-19 18:53 . 2011-05-02 19:36 1065248 ----a-w- c:\windows\system32\nv3dappshext.dll
2013-12-19 05:01 . 2011-05-02 19:36 3539040 ----a-w- c:\windows\system32\nvcoproc.bin
2013-12-18 05:13 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2013-12-10 02:13 . 2013-11-14 11:03 982232 ----a-w- c:\windows\SysWow64\nvspcap.dll
2013-12-10 02:13 . 2013-11-14 11:03 1100248 ----a-w- c:\windows\system32\nvspcap64.dll
2013-12-05 08:42 . 2013-12-18 17:40 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-12-05 08:42 . 2013-12-18 17:40 32544 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-12-05 08:42 . 2013-11-14 11:02 35104 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-11-26 11:54 . 2013-12-12 00:48 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-12 00:48 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-12 00:48 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-12 00:48 66048 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-12 00:48 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-12 00:48 2764288 ----a-w- c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-12 00:48 53760 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-12 00:48 33792 ----a-w- c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-12 00:48 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-12 00:48 574976 ----a-w- c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-12 00:48 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-12 00:48 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-12 00:48 708608 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-12 00:48 218624 ----a-w- c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-12 00:48 5769216 ----a-w- c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-12 00:48 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-12 00:48 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-12 00:48 1995264 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-12 00:48 12996608 ----a-w- c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-12 00:48 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-12 00:48 2334208 ----a-w- c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-12 00:48 1395200 ----a-w- c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-12 00:48 817664 ----a-w- c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-12 00:48 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-11 12:29 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 12:29 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-19 10:04 . 2013-11-19 10:04 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-19 10:04 . 2013-11-19 10:04 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-19 10:04 . 2013-11-19 10:04 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-19 10:04 . 2013-11-19 10:04 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-19 10:04 . 2013-11-19 10:04 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-19 10:04 . 2013-11-19 10:04 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-19 10:04 . 2013-11-19 10:04 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-19 10:04 . 2013-11-19 10:04 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-19 10:04 . 2013-11-19 10:04 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-19 10:04 . 2013-11-19 10:04 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-19 10:04 . 2013-11-19 10:04 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-19 10:04 . 2013-11-19 10:04 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-19 10:04 . 2013-11-19 10:04 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-19 10:04 . 2013-11-19 10:04 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-19 10:04 . 2013-11-19 10:04 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-19 10:04 . 2013-11-19 10:04 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-19 10:04 . 2013-11-19 10:04 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-19 10:04 . 2013-11-19 10:04 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-19 10:04 . 2013-11-19 10:04 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-19 10:04 . 2013-11-19 10:04 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-19 10:04 . 2013-11-19 10:04 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-19 10:04 . 2013-11-19 10:04 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-19 10:04 . 2013-11-19 10:04 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-19 10:04 . 2013-11-19 10:04 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-19 10:04 . 2013-11-19 10:04 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-19 10:04 . 2013-11-19 10:04 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-19 10:04 . 2013-11-19 10:04 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-19 10:04 . 2013-11-19 10:04 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-19 10:04 . 2013-11-19 10:04 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-19 10:04 . 2013-11-19 10:04 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-19 10:04 . 2013-11-19 10:04 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-19 10:04 . 2013-11-19 10:04 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-19 10:04 . 2013-11-19 10:04 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-19 10:04 . 2013-11-19 10:04 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-19 10:04 . 2013-11-19 10:04 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-19 10:04 . 2013-11-19 10:04 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-19 10:04 . 2013-11-19 10:04 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-19 10:04 . 2013-11-19 10:04 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-19 10:04 . 2013-11-19 10:04 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-19 10:04 . 2013-11-19 10:04 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-19 10:04 . 2013-11-19 10:04 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-19 10:04 . 2013-11-19 10:04 413696 ----a-w- c:\windows\system32\html.iec
2013-11-19 10:04 . 2013-11-19 10:04 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-19 10:04 . 2013-11-19 10:04 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-19 10:04 . 2013-11-19 10:04 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-19 10:04 . 2013-11-19 10:04 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-19 10:04 . 2013-11-19 10:04 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-19 10:04 . 2013-11-19 10:04 235520 ----a-w- c:\windows\system32\url.dll
2013-11-19 10:04 . 2013-11-19 10:04 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-19 10:04 . 2013-11-19 10:04 167424 ----a-w- c:\windows\system32\iexpress.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LenovoR.I.C.Tray"="c:\program files (x86)\Lenovo\RobustIntelligentCompanion\LenovoR.I.C.Tray.exe" [2011-12-20 2569568]
"OscarX7Mouse5Mode"="c:\program files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe" [2013-02-01 3571712]
"SmartRAM"="c:\program files (x86)\IObit\Advanced SystemCare 7\Suo10_SmartRAM.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-12 283160]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe" [2010-03-12 311680]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2011-12-20 329056]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-28 228448]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-28 136488]
.
c:\users\Lupi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Trillian.lnk - d:\program files (x86)\Trillian\trillian.exe [2013-10-21 2622832]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2011-5-12 1211168]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\progra~2\KASPER~1\KASPER~1.0FO\adialhk.dll c:\progra~2\KASPER~1\KASPER~1.0FO\kloehk.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
R3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys;c:\windows\SYSNATIVE\DRIVERS\btwdpan.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 HybridDisk;HybridDisk;c:\windows\System32\DRIVERS\HybridDiskX64.sys;c:\windows\SYSNATIVE\DRIVERS\HybridDiskX64.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 hybridcfile;hybridcfile;c:\windows\system32\DRIVERS\HybridCFileX64.sys;c:\windows\SYSNATIVE\DRIVERS\HybridCFileX64.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 winioex;winioex;c:\windows\system32\drivers\winioex.sys;c:\windows\SYSNATIVE\drivers\winioex.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 DelayMan;ACPI DelayMan Filter Service;c:\windows\system32\DRIVERS\delayman.sys;c:\windows\SYSNATIVE\DRIVERS\delayman.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\DRIVERS\klfltdev.sys;c:\windows\SYSNATIVE\DRIVERS\klfltdev.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 rtsuvc;Lenovo EasyCamera;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys;c:\windows\SYSNATIVE\DRIVERS\WDKMD.sys [x]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-28 17:58 1211672 ----a-w- c:\program files (x86)\Google\Chrome\Application\32.0.1700.102\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2011-12-20 10:43 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-28 11786344]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2011-12-20 789920]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2011-12-20 9753024]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2011-12-20 5908928]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\progra~2\KASPER~1\KASPER~1.0FO\x64\kloehk.dll c:\progra~2\KASPER~1\KASPER~1.0FO\x64\adialhk.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://lenovo.msn.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
TCP: DhcpNameServer = 10.0.1.2
FF - ProfilePath - c:\users\Lupi\AppData\Roaming\Mozilla\Firefox\Profiles\g532ato1.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
c:\windows\SysWOW64\RunDll32.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-02-03 22:51:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-02-03 21:51
.
Před spuštěním: Volných bajtů: 54 649 970 688
Po spuštění: Volných bajtů: 54 373 625 856
.
- - End Of File - - 8AF8389DE69D0DE49D0D6D5622F2635A

#13 Příspěvek od **vyosek** » 04 úno 2014 13:19

Jak se chova PC??

xeroxcz · #14 Příspěvek od **xeroxcz** » 04 úno 2014 21:10

Zdá se v pořádku wifi funguje, ukazatel vytizeni grafiky uz neni zabugovany a nic nevytezuje grafiku ani procesor

#15 Příspěvek od **vyosek** » 05 úno 2014 09:44

Tak jeste uklidime

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

VIRY.CZ

Napadený svchost.exe

Napadený svchost.exe

Re: Napadený svchost.exe

Re: Napadený svchost.exe

Re: Napadený svchost.exe

Re: Napadený svchost.exe

Re: Napadený svchost.exe

Re: Napadený svchost.exe

Re: Napadený svchost.exe

Re: Napadený svchost.exe

Re: Napadený svchost.exe

Re: Napadený svchost.exe

Re: Napadený svchost.exe

Re: Napadený svchost.exe

Re: Napadený svchost.exe

Re: Napadený svchost.exe