Logfile of random's system information tool 1.08 (written by random/random)
Run by Toník at 2014-03-05 16:50:08
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 100 GB (23%) free of 431 GB
Total RAM: 3941 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:50:20, on 5.3.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Toník\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\Lenovo\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Toník.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\Userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [{CDF13D74-E6AA-4006-818A-B360D6A3573C}] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Toník\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Startup: Registrace Need for Speed™ Undercover.lnk = C:\Program Files (x86)\EA Games\Need for Speed Undercover\Support\EAregister.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\NLSSRV32.EXE
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12242 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\WLANExt.exe 25672304
\??\C:\Windows\system32\conhost.exe "13460866192113545041-1607181412-16644549321034388877-707944304-1848875923127061407
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
C:\Windows\SysWOW64\NLSSRV32.EXE
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
taskeng.exe {A3F62C97-D686-4AD2-AFA1-387E74A4AB03}
"C:\Users\Toník\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "186669404-2000331021-2032315934-1049421565194866650941719692814187500801537353735
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe"
"C:\Program Files\Launch Manager\WisLMSvc.exe"
"C:\Program Files\Launch Manager\HotkeyApp.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\Lenovo\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files\Lenovo\Bluetooth Software\Bluetooth Headset Helper.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\msiexec.exe /V
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
WLIDSvcM.exe 5940
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
taskeng.exe {931C225A-8615-4D3E-B613-489CA9EC9740}
taskeng.exe {DF204644-59A3-4629-B0DC-C4E3359C1CA9}
C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "0x10c0_0x10c4_0x54cc4aed"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Toník\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-02-20 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-02-20 170912]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2012-04-27 368728]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-01-10 12445288]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-11-15 1156712]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-04-17 2899216]
"SynLenovoGestureMgr"=C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [2012-04-17 410896]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-08-04 8079408]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-08-04 6202416]
"Lenovo EE Boot Optimizer"=C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [2012-08-04 206176]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-03-07 4081008]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-11-08 1028384]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-03-22 172016]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-03-22 399856]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-03-22 442352]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2013-12-10 1100248]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"=C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2010-08-20 33120]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2013-10-31 449760]
"uTorrent"=C:\Users\Toník\AppData\Roaming\uTorrent\uTorrent.exe [2014-02-08 905296]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2014-02-05 3598680]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-11-30 284440]
"Dolby Advanced Audio v2"=C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2011-12-21 507744]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-01-26 291608]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [2011-01-29 228448]
"VeriFaceManager"=C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [2012-08-04 329056]
"{CDF13D74-E6AA-4006-818A-B360D6A3573C}"=C:\Program Files\Launch Manager\HotkeyApp.exe [2012-03-01 415272]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\Users\Toník\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Registrace Need for Speed™ Undercover.lnk - C:\Program Files (x86)\EA Games\Need for Speed Undercover\Support\EAregister.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll,C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-03-09 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
"NoDriveAutoRun"=3
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HideSCAHealth"=1
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2014-03-05 16:28:04 ----D---- C:\Program Files (x86)\EA Games
2014-03-05 16:18:01 ----SHD---- C:\Config.Msi
2014-03-05 00:36:49 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-03-05 00:36:49 ----A---- C:\Windows\system32\mstscax.dll
2014-03-04 22:33:44 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-03-04 22:33:36 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-03-04 22:33:36 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-03-04 22:33:34 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2014-03-04 22:33:32 ----A---- C:\Windows\system32\tsgqec.dll
2014-03-04 22:33:31 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2014-03-04 22:33:31 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2014-03-04 22:33:31 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2014-03-04 22:33:31 ----A---- C:\Windows\system32\wksprtPS.dll
2014-03-04 22:33:31 ----A---- C:\Windows\system32\wksprt.exe
2014-03-04 22:33:31 ----A---- C:\Windows\system32\TSWbPrxy.exe
2014-03-04 22:33:31 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2014-03-04 22:33:30 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-03-04 22:33:30 ----A---- C:\Windows\system32\mstsc.exe
2014-03-04 22:33:27 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2014-03-04 22:33:26 ----A---- C:\Windows\system32\rdvidcrl.dll
2014-03-04 22:30:05 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2014-03-04 22:30:05 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-02-26 02:08:28 ----D---- C:\Windows\Migration
2014-02-21 00:35:06 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2014-02-19 00:51:44 ----D---- C:\Program Files (x86)\AGEIA Technologies
2014-02-19 00:50:52 ----D---- C:\Windows\SYSWOW64\NV
2014-02-19 00:50:52 ----D---- C:\Windows\system32\NV
2014-02-19 00:39:07 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-02-19 00:39:07 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-02-19 00:39:07 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-02-19 00:39:07 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-02-19 00:39:07 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-02-19 00:39:07 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-02-19 00:39:07 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-02-19 00:39:07 ----A---- C:\Windows\system32\nvopencl.dll
2014-02-19 00:39:07 ----A---- C:\Windows\system32\nvoglv64.dll
2014-02-19 00:39:07 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-02-19 00:39:07 ----A---- C:\Windows\system32\nvinitx.dll
2014-02-19 00:39:07 ----A---- C:\Windows\system32\NvIFR64.dll
2014-02-19 00:39:07 ----A---- C:\Windows\system32\NvFBC64.dll
2014-02-19 00:39:07 ----A---- C:\Windows\system32\nvdispgenco6433489.dll
2014-02-19 00:39:07 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2014-02-19 00:39:07 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-02-19 00:39:06 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-02-19 00:39:06 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-02-19 00:39:06 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-02-19 00:39:06 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-02-19 00:39:06 ----A---- C:\Windows\system32\nvdispco6433489.dll
2014-02-19 00:39:06 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-02-19 00:39:06 ----A---- C:\Windows\system32\nvcuvid.dll
2014-02-19 00:39:06 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-02-19 00:39:06 ----A---- C:\Windows\system32\nvcuda.dll
2014-02-19 00:39:04 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-02-19 00:39:03 ----A---- C:\Windows\system32\nvcompiler.dll
2014-02-12 01:53:55 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-02-12 01:53:55 ----A---- C:\Windows\system32\vbscript.dll
2014-02-12 01:53:03 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-02-12 01:53:03 ----A---- C:\Windows\system32\msrating.dll
2014-02-12 01:53:02 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-02-12 01:53:02 ----A---- C:\Windows\system32\ieui.dll
2014-02-12 01:53:01 ----A---- C:\Windows\system32\ie4uinit.exe
2014-02-12 01:53:00 ----A---- C:\Windows\system32\iernonce.dll
2014-02-12 01:53:00 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 01:52:59 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-02-12 01:52:59 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-02-12 01:52:59 ----A---- C:\Windows\system32\msfeeds.dll
2014-02-12 01:52:59 ----A---- C:\Windows\system32\jsproxy.dll
2014-02-12 01:52:58 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-02-12 01:52:58 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-02-12 01:52:58 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-02-12 01:52:58 ----A---- C:\Windows\system32\ieUnatt.exe
2014-02-12 01:52:58 ----A---- C:\Windows\system32\iesetup.dll
2014-02-12 01:52:57 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-02-12 01:52:57 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-02-12 01:52:57 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-02-12 01:52:56 ----A---- C:\Windows\system32\mshtml.dll
2014-02-12 01:52:55 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-02-12 01:52:55 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-02-12 01:52:55 ----A---- C:\Windows\system32\jscript9diag.dll
2014-02-12 01:52:55 ----A---- C:\Windows\system32\ieapfltr.dll
2014-02-12 01:52:53 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-02-12 01:52:53 ----A---- C:\Windows\system32\iertutil.dll
2014-02-12 01:52:52 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-02-12 01:52:52 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-02-12 01:52:52 ----A---- C:\Windows\system32\wininet.dll
2014-02-12 01:52:51 ----A---- C:\Windows\system32\urlmon.dll
2014-02-12 01:52:48 ----A---- C:\Windows\system32\ieframe.dll
2014-02-12 01:52:45 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-02-12 01:52:42 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-02-12 01:52:41 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-02-12 01:52:40 ----A---- C:\Windows\system32\jscript9.dll
2014-02-11 22:14:23 ----A---- C:\Windows\system32\msxml3.dll
2014-02-11 22:14:22 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-02-11 22:14:22 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-02-11 22:14:22 ----A---- C:\Windows\system32\msxml3r.dll
2014-02-11 22:13:55 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-02-11 22:13:55 ----A---- C:\Windows\system32\RMActivate.exe
2014-02-11 22:13:54 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-02-11 22:13:54 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-02-11 22:13:54 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-02-11 22:13:53 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-11 22:13:52 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-02-11 22:13:52 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-02-11 22:13:51 ----A---- C:\Windows\system32\secproc_isv.dll
2014-02-11 22:13:50 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-02-11 22:13:49 ----A---- C:\Windows\system32\secproc.dll
2014-02-11 22:13:49 ----A---- C:\Windows\system32\msdrm.dll
2014-02-11 22:13:48 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-02-11 22:13:48 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-02-11 22:13:48 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-02-11 22:13:48 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-02-11 22:13:47 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-02-11 22:13:47 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-02-11 22:13:41 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-02-11 22:13:40 ----A---- C:\Windows\system32\d3d10warp.dll
2014-02-11 22:13:39 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-02-11 22:13:39 ----A---- C:\Windows\system32\d2d1.dll
======List of files/folders modified in the last 1 months======
2014-03-05 16:50:14 ----D---- C:\Program Files\trend micro
2014-03-05 16:50:10 ----D---- C:\Windows\temp
2014-03-05 16:49:03 ----D---- C:\Users\Toník\AppData\Roaming\uTorrent
2014-03-05 16:39:15 ----A---- C:\Windows\SYSWOW64\log.txt
2014-03-05 16:36:58 ----D---- C:\Users\Toník\AppData\Roaming\Skype
2014-03-05 16:36:50 ----D---- C:\Program Files (x86)\Origin
2014-03-05 16:36:38 ----D---- C:\Windows\system32\config
2014-03-05 16:36:00 ----D---- C:\ProgramData\VeriFace
2014-03-05 16:28:04 ----D---- C:\Program Files (x86)
2014-03-05 16:28:03 ----SHD---- C:\Windows\Installer
2014-03-05 16:25:15 ----RSD---- C:\Windows\assembly
2014-03-05 16:17:28 ----SHD---- C:\System Volume Information
2014-03-05 01:06:19 ----D---- C:\ProgramData\Skype
2014-03-05 00:41:24 ----D---- C:\Windows
2014-03-05 00:41:23 ----D---- C:\Windows\winsxs
2014-03-05 00:41:17 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-03-05 00:41:16 ----D---- C:\Windows\SysWOW64
2014-03-05 00:41:15 ----D---- C:\Windows\system32\cs-CZ
2014-03-05 00:41:14 ----AD---- C:\Windows\System32
2014-03-05 00:34:32 ----D---- C:\Windows\system32\catroot2
2014-03-05 00:34:32 ----D---- C:\Windows\system32\catroot
2014-03-05 00:15:36 ----D---- C:\Windows\Prefetch
2014-03-05 00:13:13 ----D---- C:\Games (x86)
2014-03-04 22:47:59 ----D---- C:\Windows\SYSWOW64\wbem
2014-03-04 22:47:59 ----D---- C:\Windows\system32\wbem
2014-03-04 22:47:59 ----D---- C:\Windows\system32\DriverStore
2014-03-04 22:47:59 ----D---- C:\Windows\system32\drivers\en-US
2014-03-04 22:47:59 ----D---- C:\Windows\system32\drivers
2014-03-04 22:40:45 ----D---- C:\Windows\inf
2014-03-04 22:32:38 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-03-04 22:32:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-03-04 00:41:59 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2014-03-03 21:17:32 ----D---- C:\Users\Toník\AppData\Roaming\DAEMON Tools Lite
2014-03-01 00:01:07 ----D---- C:\Windows\Microsoft.NET
2014-02-26 02:09:15 ----D---- C:\Windows\SYSWOW64\en-US
2014-02-26 02:09:15 ----D---- C:\Windows\system32\en-US
2014-02-26 02:08:28 ----SD---- C:\ProgramData\Microsoft
2014-02-21 22:34:56 ----D---- C:\ldiag
2014-02-21 01:19:09 ----D---- C:\Users\Toník\AppData\Roaming\Winamp
2014-02-21 00:35:24 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-02-20 01:29:34 ----D---- C:\Windows\rescache
2014-02-19 00:51:44 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-02-19 00:51:05 ----D---- C:\Temp
2014-02-19 00:50:51 ----D---- C:\ProgramData\NVIDIA
2014-02-17 02:39:54 ----D---- C:\Windows\system32\MRT
2014-02-17 02:36:31 ----D---- C:\Windows\debug
2014-02-17 02:36:21 ----A---- C:\Windows\system32\MRT.exe
2014-02-12 21:21:12 ----D---- C:\Program Files (x86)\Internet Explorer
2014-02-12 21:21:11 ----D---- C:\Program Files\Internet Explorer
2014-02-08 19:34:51 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-02-08 19:34:51 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-02-08 19:34:51 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-02-08 19:34:51 ----A---- C:\Windows\system32\nvumdshimx.dll
2014-02-08 19:34:51 ----A---- C:\Windows\system32\nvapi64.dll
2014-02-08 18:42:36 ----A---- C:\Windows\system32\nvsvc64.dll
2014-02-08 18:42:36 ----A---- C:\Windows\system32\nvcpl.dll
2014-02-08 18:42:33 ----A---- C:\Windows\system32\nvvsvc.exe
2014-02-08 18:42:32 ----A---- C:\Windows\SYSWOW64\oemdspif.dll
2014-02-08 18:42:32 ----A---- C:\Windows\system32\nvsvcr.dll
2014-02-08 18:42:32 ----A---- C:\Windows\system32\nvshext.dll
2014-02-08 18:42:32 ----A---- C:\Windows\system32\nvmctray.dll
2014-02-08 18:42:32 ----A---- C:\Windows\system32\nv3dappshextr.dll
2014-02-08 18:42:32 ----A---- C:\Windows\system32\nv3dappshext.dll
2014-02-08 01:22:58 ----D---- C:\Program Files (x86)\uTorrent
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2012-03-14 62496]
R0 fbfmon;fbfmon; C:\Windows\system32\drivers\fbfmon.sys [2012-08-04 57952]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-11-30 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-01-26 16152]
R0 LHDmgr;LHDmgr; C:\Windows\System32\DRIVERS\LhdX64.sys [2012-08-04 39008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2014-02-08 32544]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-01-10 381440]
R1 BPntDrv;BPntDrv; C:\Windows\system32\drivers\BPntDrv.sys [2012-08-04 13408]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2012-03-14 38288]
R1 MpKsl3f0793e4;MpKsl3f0793e4; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E980D46-EBBC-4FAC-BD4C-722C5542A03A}\MpKsl3f0793e4.sys [2014-03-05 45352]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2012-03-14 187632]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2009-07-14 120320]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2012-08-04 30816]
R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2012-04-20 97880]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2012-03-20 163368]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-07-02 4745280]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-10-10 80384]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2012-03-21 594472]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-03-05 184872]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2012-03-05 210984]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-09-17 39976]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2012-03-05 21544]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-29 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-01-10 4731112]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-03-12 342528]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-01-26 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-01-26 787736]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-11-15 111216]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-05 39200]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SmbDrvIntel;SmbDrvIntel; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-04-17 27408]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2011-10-11 3532160]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-04-17 428304]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-04-19 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-04-19 27760]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 STIrUsb;SigmaTel USB-IrDA Dongle; C:\Windows\system32\DRIVERS\irstusb.sys [2008-01-19 33792]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S4 DamageGuard;DamageGuard; C:\Windows\system32\DRIVERS\DamageGuardX64.sys [2012-02-11 217392]
S4 dgFltr;dgFltr; C:\Windows\system32\drivers\dgFltrX64.sys [2011-12-13 23648]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2012-03-21 957216]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-03-07 913144]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-09 607456]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2011-12-16 128280]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-12-16 277784]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\NLSSRV32.EXE [2012-06-21 69640]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 15129376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-02-08 923936]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-04 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21 257928]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-03-22 279024]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-04 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2013-09-25 1674720]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-10-24 1255736]
S4 DamageGuardSvc;Lenovo Instant Reset Service; C:\Program Files\Lenovo\Instant Reset\DamageGuardSvc.exe [2012-03-26 572976]
S4 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S4 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosim o kontrolu PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: prosim o kontrolu PC
Zdravím, v Naplánovaných úlohách zakaž :
GoogleUpdate
ISM-UpdateService
oboje tam bude několikrát, jinak nic špatného nevidím, je tedy nějaký problém s PC ?
GoogleUpdate
ISM-UpdateService
oboje tam bude několikrát, jinak nic špatného nevidím, je tedy nějaký problém s PC ?
Re: prosim o kontrolu PC
zdravim,obcas je comp zpomaleny a ted se aktualizoval system tak se to trochu zhorsilo.
a kde najdu naplanovane ulohy.diky
a kde najdu naplanovane ulohy.diky
Re: prosim o kontrolu PC
Do vyhledávacího pole v nabídce Start stačí napsat Plánovač úlohantivirak píše:.......... a kde najdu naplanovane ulohy.diky
Tak se na to podíváme.antivirak píše:.......... obcas je comp zpomaleny ...........
Smaž nepotřebné soubory
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Stáhni a ulož na plochu AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po té proběhne sken a po jeho skončení klikni na Report a to co na Tebe vypadne mi sem zkopíruj.
Pak použij Mbam z mého podpisu a dej mi sem z něj také log, předem nic nemazat !
Re: prosim o kontrolu PC
# AdwCleaner v3.020 - Report created 06/03/2014 at 21:35:31
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Toník - TONDA-LENOVO
# Running from : C:\Users\Toník\Desktop\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\Users\Toník\AppData\Roaming\Mozilla\Firefox\Profiles\juiutmls.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Found : C:\Users\Toník\AppData\Roaming\Mozilla\Firefox\Profiles\juiutmls.default\searchplugins\SweetIm.xml
Folder Found : C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Folder Found : C:\Users\Toník\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Found : C:\Users\Toník\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Folder Found C:\ProgramData\Partner
Folder Found C:\ProgramData\Trymedia
Folder Found C:\Users\Toník\AppData\Roaming\Mozilla\Firefox\Profiles\juiutmls.default\SweetPacksToolbarData
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\PIP
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\PIP
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Found : HKLM\Software\PIP
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16518
-\\ Mozilla Firefox v12.0 (cs)
[ File : C:\Users\Toník\AppData\Roaming\Mozilla\Firefox\Profiles\juiutmls.default\prefs.js ]
Line Found : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?barid={480A2F97-292A-11E2-A1F1-08EDB9A6B5C6}&src=2&crg=3.1010000.10005&q=");
Line Found : user_pref("sweetim.toolbar.RevertDialog.enable", "false");
Line Found : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Line Found : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1393968253914");
Line Found : user_pref("sweetim.toolbar.Visibility.enable", "true");
Line Found : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Line Found : user_pref("sweetim.toolbar.cargo", "3.1010000.10005");
Line Found : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Line Found : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Line Found : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Line Found : user_pref("sweetim.toolbar.cda.returnValue", "hide");
Line Found : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Line Found : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
Line Found : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Line Found : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Line Found : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Line Found : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote ... crg=$cargo;");
Line Found : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Line Found : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Line Found : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
Line Found : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Line Found : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Line Found : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Line Found : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
Line Found : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Line Found : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Line Found : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
Line Found : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Line Found : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Line Found : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Line Found : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Line Found : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Line Found : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube.com/.*|.*.yahoo.com/.*|.[...]
Line Found : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Line Found : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
Line Found : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Line Found : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Line Found : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Line Found : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Line Found : user_pref("sweetim.toolbar.mode.debug", "false");
Line Found : user_pref("sweetim.toolbar.newtab.created", "false");
Line Found : user_pref("sweetim.toolbar.newtab.enable", "true");
Line Found : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Found : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolba ... crg=$cargo;");
Line Found : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Line Found : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Line Found : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Line Found : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Line Found : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Line Found : user_pref("sweetim.toolbar.scripts.0.enable", "false");
Line Found : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Line Found : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Line Found : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Line Found : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Line Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Found : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Line Found : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Line Found : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Line Found : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Line Found : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Line Found : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Line Found : user_pref("sweetim.toolbar.scripts.2.callback", "");
Line Found : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
Line Found : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Line Found : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Line Found : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Line Found : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Line Found : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
Line Found : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]
Line Found : user_pref("sweetim.toolbar.search.history.capacity", "10");
Line Found : user_pref("sweetim.toolbar.searchguard.enable", "false");
Line Found : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Line Found : user_pref("sweetim.toolbar.simapp_id", "{480A2F97-292A-11E2-A1F1-08EDB9A6B5C6}");
Line Found : user_pref("sweetim.toolbar.version", "1.9.0.0");
[ File : C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\ximvur7z.default\prefs.js ]
-\\ Google Chrome v33.0.1750.146
[ File : C:\Users\Toník\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [9464 octets] - [06/03/2014 21:35:31]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9524 octets] ##########
log mbamu hodim hned po kontrole pc.
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Toník - TONDA-LENOVO
# Running from : C:\Users\Toník\Desktop\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\Users\Toník\AppData\Roaming\Mozilla\Firefox\Profiles\juiutmls.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Found : C:\Users\Toník\AppData\Roaming\Mozilla\Firefox\Profiles\juiutmls.default\searchplugins\SweetIm.xml
Folder Found : C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Folder Found : C:\Users\Toník\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Found : C:\Users\Toník\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Folder Found C:\ProgramData\Partner
Folder Found C:\ProgramData\Trymedia
Folder Found C:\Users\Toník\AppData\Roaming\Mozilla\Firefox\Profiles\juiutmls.default\SweetPacksToolbarData
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\PIP
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\PIP
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Found : HKLM\Software\PIP
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16518
-\\ Mozilla Firefox v12.0 (cs)
[ File : C:\Users\Toník\AppData\Roaming\Mozilla\Firefox\Profiles\juiutmls.default\prefs.js ]
Line Found : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?barid={480A2F97-292A-11E2-A1F1-08EDB9A6B5C6}&src=2&crg=3.1010000.10005&q=");
Line Found : user_pref("sweetim.toolbar.RevertDialog.enable", "false");
Line Found : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Line Found : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1393968253914");
Line Found : user_pref("sweetim.toolbar.Visibility.enable", "true");
Line Found : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Line Found : user_pref("sweetim.toolbar.cargo", "3.1010000.10005");
Line Found : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Line Found : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Line Found : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Line Found : user_pref("sweetim.toolbar.cda.returnValue", "hide");
Line Found : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Line Found : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
Line Found : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Line Found : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Line Found : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Line Found : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote ... crg=$cargo;");
Line Found : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Line Found : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Line Found : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
Line Found : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Line Found : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Line Found : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Line Found : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
Line Found : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Line Found : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Line Found : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
Line Found : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Line Found : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Line Found : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Line Found : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Line Found : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Line Found : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube.com/.*|.*.yahoo.com/.*|.[...]
Line Found : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Line Found : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
Line Found : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Line Found : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Line Found : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Line Found : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Line Found : user_pref("sweetim.toolbar.mode.debug", "false");
Line Found : user_pref("sweetim.toolbar.newtab.created", "false");
Line Found : user_pref("sweetim.toolbar.newtab.enable", "true");
Line Found : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Found : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolba ... crg=$cargo;");
Line Found : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Line Found : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Line Found : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Line Found : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Line Found : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Line Found : user_pref("sweetim.toolbar.scripts.0.enable", "false");
Line Found : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Line Found : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Line Found : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Line Found : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Line Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Found : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Line Found : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Line Found : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Line Found : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Line Found : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Line Found : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Line Found : user_pref("sweetim.toolbar.scripts.2.callback", "");
Line Found : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
Line Found : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Line Found : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Line Found : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Line Found : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Line Found : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
Line Found : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]
Line Found : user_pref("sweetim.toolbar.search.history.capacity", "10");
Line Found : user_pref("sweetim.toolbar.searchguard.enable", "false");
Line Found : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Line Found : user_pref("sweetim.toolbar.simapp_id", "{480A2F97-292A-11E2-A1F1-08EDB9A6B5C6}");
Line Found : user_pref("sweetim.toolbar.version", "1.9.0.0");
[ File : C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\ximvur7z.default\prefs.js ]
-\\ Google Chrome v33.0.1750.146
[ File : C:\Users\Toník\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [9464 octets] - [06/03/2014 21:35:31]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9524 octets] ##########
log mbamu hodim hned po kontrole pc.
Re: prosim o kontrolu PC
mbam,musel jsem udelat jen rychlou kontrolu protoze pri uplne se mi to vzdy seklo.
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2014.03.06.09
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Toník :: TONDA-LENOVO [administrátor]
6.3.2014 23:39:27
MBAM-log-2014-03-06 (23-50-38).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 273668
Uplynulý čas: 10 minut, 28 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 2
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 2
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {480A2F97-292A-11E2-A1F1-08EDB9A6B5C6} -> Nebyla provedena žádná instrukce.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {480A2F97-292A-11E2-A1F1-08EDB9A6B5C6} -> Nebyla provedena žádná instrukce.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 2
C:\Users\Toník\Downloads\DTLite4454-0316.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Toník\Downloads\sniper-elite-nazi-zombie-army-v1.2-trainer-plus5.zip (PUP.HackTool.Agent) -> Nebyla provedena žádná instrukce.
(konec)
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2014.03.06.09
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Toník :: TONDA-LENOVO [administrátor]
6.3.2014 23:39:27
MBAM-log-2014-03-06 (23-50-38).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 273668
Uplynulý čas: 10 minut, 28 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 2
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 2
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {480A2F97-292A-11E2-A1F1-08EDB9A6B5C6} -> Nebyla provedena žádná instrukce.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {480A2F97-292A-11E2-A1F1-08EDB9A6B5C6} -> Nebyla provedena žádná instrukce.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 2
C:\Users\Toník\Downloads\DTLite4454-0316.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Toník\Downloads\sniper-elite-nazi-zombie-army-v1.2-trainer-plus5.zip (PUP.HackTool.Agent) -> Nebyla provedena žádná instrukce.
(konec)
Re: prosim o kontrolu PC
Znovu spusť AdwCleaner ale tentokrát klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zase zkopíruj Report.
To co Mbam našel nech smazat a pak mi sem dej zase log.
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zase zkopíruj Report.
To co Mbam našel nech smazat a pak mi sem dej zase log.
Re: prosim o kontrolu PC
# AdwCleaner v3.020 - Report created 09/03/2014 at 17:04:44
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Toník - TONDA-LENOVO
# Running from : C:\Users\Toník\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Users\Toník\AppData\Roaming\Mozilla\Firefox\Profiles\juiutmls.default\SweetPacksToolbarData
Folder Deleted : C:\Users\Toník\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Deleted : C:\Users\Toník\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Folder Deleted : C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
File Deleted : C:\Users\Toník\AppData\Roaming\Mozilla\Firefox\Profiles\juiutmls.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Deleted : C:\Users\Toník\AppData\Roaming\Mozilla\Firefox\Profiles\juiutmls.default\searchplugins\SweetIm.xml
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\PIP
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\PIP
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16518
-\\ Mozilla Firefox v12.0 (cs)
[ File : C:\Users\Toník\AppData\Roaming\Mozilla\Firefox\Profiles\juiutmls.default\prefs.js ]
Line Deleted : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?barid={480A2F97-292A-11E2-A1F1-08EDB9A6B5C6}&src=2&crg=3.1010000.10005&q=");
Line Deleted : user_pref("sweetim.toolbar.RevertDialog.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Line Deleted : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1393968253914");
Line Deleted : user_pref("sweetim.toolbar.Visibility.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Line Deleted : user_pref("sweetim.toolbar.cargo", "3.1010000.10005");
Line Deleted : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.cda.returnValue", "hide");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote ... crg=$cargo;");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Line Deleted : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube.com/.*|.*.yahoo.com/.*|.[...]
Line Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Line Deleted : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Line Deleted : user_pref("sweetim.toolbar.mode.debug", "false");
Line Deleted : user_pref("sweetim.toolbar.newtab.created", "false");
Line Deleted : user_pref("sweetim.toolbar.newtab.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Deleted : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolba ... crg=$cargo;");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.callback", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
Line Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]
Line Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10");
Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Line Deleted : user_pref("sweetim.toolbar.simapp_id", "{480A2F97-292A-11E2-A1F1-08EDB9A6B5C6}");
Line Deleted : user_pref("sweetim.toolbar.version", "1.9.0.0");
[ File : C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\ximvur7z.default\prefs.js ]
-\\ Google Chrome v33.0.1750.146
[ File : C:\Users\Toník\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [9616 octets] - [06/03/2014 21:35:31]
AdwCleaner[R1].txt - [9676 octets] - [09/03/2014 17:03:50]
AdwCleaner[S0].txt - [9678 octets] - [09/03/2014 17:04:44]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9738 octets] ##########
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Toník - TONDA-LENOVO
# Running from : C:\Users\Toník\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Users\Toník\AppData\Roaming\Mozilla\Firefox\Profiles\juiutmls.default\SweetPacksToolbarData
Folder Deleted : C:\Users\Toník\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Deleted : C:\Users\Toník\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Folder Deleted : C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
File Deleted : C:\Users\Toník\AppData\Roaming\Mozilla\Firefox\Profiles\juiutmls.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Deleted : C:\Users\Toník\AppData\Roaming\Mozilla\Firefox\Profiles\juiutmls.default\searchplugins\SweetIm.xml
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\PIP
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\PIP
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16518
-\\ Mozilla Firefox v12.0 (cs)
[ File : C:\Users\Toník\AppData\Roaming\Mozilla\Firefox\Profiles\juiutmls.default\prefs.js ]
Line Deleted : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?barid={480A2F97-292A-11E2-A1F1-08EDB9A6B5C6}&src=2&crg=3.1010000.10005&q=");
Line Deleted : user_pref("sweetim.toolbar.RevertDialog.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Line Deleted : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1393968253914");
Line Deleted : user_pref("sweetim.toolbar.Visibility.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Line Deleted : user_pref("sweetim.toolbar.cargo", "3.1010000.10005");
Line Deleted : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.cda.returnValue", "hide");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote ... crg=$cargo;");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Line Deleted : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube.com/.*|.*.yahoo.com/.*|.[...]
Line Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Line Deleted : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Line Deleted : user_pref("sweetim.toolbar.mode.debug", "false");
Line Deleted : user_pref("sweetim.toolbar.newtab.created", "false");
Line Deleted : user_pref("sweetim.toolbar.newtab.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Deleted : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolba ... crg=$cargo;");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.callback", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
Line Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]
Line Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10");
Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Line Deleted : user_pref("sweetim.toolbar.simapp_id", "{480A2F97-292A-11E2-A1F1-08EDB9A6B5C6}");
Line Deleted : user_pref("sweetim.toolbar.version", "1.9.0.0");
[ File : C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\ximvur7z.default\prefs.js ]
-\\ Google Chrome v33.0.1750.146
[ File : C:\Users\Toník\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [9616 octets] - [06/03/2014 21:35:31]
AdwCleaner[R1].txt - [9676 octets] - [09/03/2014 17:03:50]
AdwCleaner[S0].txt - [9678 octets] - [09/03/2014 17:04:44]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9738 octets] ##########
Re: prosim o kontrolu PC
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2014.03.06.09
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Toník :: TONDA-LENOVO [administrátor]
9.3.2014 17:28:30
mbam-log-2014-03-09 (17-28-30).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 274024
Uplynulý čas: 12 minut, 35 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
www.malwarebytes.org
Verze: v2014.03.06.09
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Toník :: TONDA-LENOVO [administrátor]
9.3.2014 17:28:30
mbam-log-2014-03-09 (17-28-30).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 274024
Uplynulý čas: 12 minut, 35 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
Re: prosim o kontrolu PC
Stáhni a ulož na plochu ComboFix,
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
Re: prosim o kontrolu PC
ComboFix 14-03-05.01 - Toník 09.03.2014 20:47:24.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3941.1566 [GMT 1:00]
Spuštěný z: c:\users\Toník\Desktop\ComboFix.exe
AV: ESET Smart Security 5.2 *Enabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.2 *Enabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\tmp5438.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-02-09 do 2014-03-09 )))))))))))))))))))))))))))))))
.
.
2014-03-09 20:10 . 2014-03-09 20:10 -------- d-----w- c:\users\TonÝk\AppData\Local\temp
2014-03-09 20:10 . 2014-03-09 20:10 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-03-09 20:10 . 2014-03-09 20:10 -------- d-----w- c:\users\Monča\AppData\Local\temp
2014-03-09 20:10 . 2014-03-09 20:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-06 20:37 . 2014-03-06 20:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-03-06 20:37 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-03-06 20:35 . 2014-03-09 16:04 -------- d-----w- C:\AdwCleaner
2014-03-05 22:04 . 2014-03-05 22:04 -------- d-----w- c:\windows\SysWow64\NV
2014-03-05 22:04 . 2014-03-05 22:04 -------- d-----w- c:\windows\system32\NV
2014-03-05 21:50 . 2013-12-27 18:42 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-03-05 21:50 . 2013-12-27 18:42 33056 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-03-05 15:28 . 2014-03-05 20:02 -------- d-----w- c:\program files (x86)\EA Games
2014-03-04 23:36 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-03-04 23:36 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll
2014-03-04 21:30 . 2013-09-25 02:23 1030144 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-03-04 21:30 . 2013-09-25 01:57 792576 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-02-26 01:08 . 2014-02-26 01:08 -------- d-----w- c:\windows\Migration
2014-02-20 23:35 . 2014-02-20 23:35 17858952 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-02-18 23:51 . 2014-02-18 23:51 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-02-12 00:53 . 2013-12-21 09:53 548864 ----a-w- c:\windows\system32\vbscript.dll
2014-02-12 00:52 . 2014-02-06 10:57 53760 ----a-w- c:\windows\system32\jsproxy.dll
2014-02-11 21:14 . 2013-12-06 02:30 1882112 ----a-w- c:\windows\system32\msxml3.dll
2014-02-11 21:14 . 2013-12-06 02:30 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-02-11 21:14 . 2013-12-06 02:02 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2014-02-11 21:14 . 2013-12-06 02:02 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-03 23:41 . 2012-11-27 21:16 183112 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-02-20 23:35 . 2012-10-17 11:54 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-20 23:35 . 2012-10-17 11:54 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-17 01:36 . 2012-10-16 19:24 88567024 ----a-w- c:\windows\system32\MRT.exe
2014-02-08 18:34 . 2013-07-19 21:23 832424 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2014-02-08 18:34 . 2013-07-19 21:23 2713728 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-02-08 18:34 . 2012-08-04 00:11 947296 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-02-08 18:34 . 2012-08-04 00:11 3090184 ----a-w- c:\windows\system32\nvapi64.dll
2014-02-08 18:34 . 2012-08-04 00:11 148528 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-02-08 17:42 . 2012-08-04 00:12 6712608 ----a-w- c:\windows\system32\nvcpl.dll
2014-02-08 17:42 . 2012-08-04 00:12 3498272 ----a-w- c:\windows\system32\nvsvc64.dll
2014-02-08 17:42 . 2012-08-04 00:12 923936 ----a-w- c:\windows\system32\nvvsvc.exe
2014-02-08 17:42 . 2012-08-04 00:12 67072 ----a-w- c:\windows\system32\nv3dappshextr.dll
2014-02-08 17:42 . 2012-08-04 00:12 63776 ----a-w- c:\windows\system32\nvshext.dll
2014-02-08 17:42 . 2012-08-04 00:12 607520 ----a-w- c:\windows\SysWow64\oemdspif.dll
2014-02-08 17:42 . 2012-08-04 00:12 386336 ----a-w- c:\windows\system32\nvmctray.dll
2014-02-08 17:42 . 2012-08-04 00:12 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2014-02-08 17:42 . 2012-08-04 00:12 1075488 ----a-w- c:\windows\system32\nv3dappshext.dll
2014-02-05 17:52 . 2012-08-04 00:12 3573739 ----a-w- c:\windows\system32\nvcoproc.bin
2014-02-05 09:31 . 2013-10-29 21:06 1048152 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-02-05 09:30 . 2013-10-29 21:06 1179576 ----a-w- c:\windows\system32\nvspcap64.dll
2014-01-29 22:02 . 2012-07-06 05:07 12617216 ----a-w- c:\windows\system32\igdumd64.dll
2014-01-29 22:02 . 2014-01-29 22:02 5363200 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2014-01-29 22:02 . 2014-01-29 22:02 98304 ----a-w- c:\windows\system32\igdde64.dll
2014-01-29 22:02 . 2014-01-29 22:02 77312 ----a-w- c:\windows\SysWow64\igdde32.dll
2014-01-29 22:02 . 2012-07-06 05:06 12859392 ----a-w- c:\windows\system32\igd10umd64.dll
2014-01-19 07:33 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-01-10 01:18 . 2012-10-16 17:07 381440 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-12-27 18:42 . 2013-09-03 09:42 35104 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-12-19 20:33 . 2014-02-04 20:44 1511712 ----a-w- c:\windows\system32\nvdispgenco6433221.dll
2013-12-19 20:33 . 2014-02-04 20:44 1884448 ----a-w- c:\windows\system32\nvdispco6433221.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2010-08-20 33120]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2013-10-31 449760]
"uTorrent"="c:\users\Toník\AppData\Roaming\uTorrent\uTorrent.exe" [2014-02-08 905296]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2014-02-05 3598680]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-30 284440]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2011-12-21 507744]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-26 291608]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-29 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-29 228448]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2012-08-04 329056]
"{CDF13D74-E6AA-4006-818A-B360D6A3573C}"="c:\program files\Launch Manager\HotkeyApp.exe" [2012-03-01 415272]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-3-21 1390368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0FbDefrag
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LSCWinService;LSCWinService;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 DamageGuard;DamageGuard;c:\windows\system32\DRIVERS\DamageGuardX64.sys;c:\windows\SYSNATIVE\DRIVERS\DamageGuardX64.sys [x]
R4 DamageGuardSvc;Lenovo Instant Reset Service;c:\program files\Lenovo\Instant Reset\DamageGuardSvc.exe;c:\program files\Lenovo\Instant Reset\DamageGuardSvc.exe [x]
R4 dgFltr;dgFltr;c:\windows\system32\drivers\dgFltrX64.sys;c:\windows\SYSNATIVE\drivers\dgFltrX64.sys [x]
R4 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE;c:\windows\SysWOW64\NLSSRV32.EXE [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe;c:\program files\Launch Manager\WisLMSvc.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 SmbDrvIntel;SmbDrvIntel;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-04 10:22 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-03-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-17 23:35]
.
2014-03-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-04 00:36]
.
2014-03-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-04 00:36]
.
2014-03-07 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
.
2014-03-02 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2012-08-04 00:36 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2012-04-27 368728]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-10 12445288]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-08-04 8079408]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-08-04 6202416]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2012-08-04 206176]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-03-07 4081008]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-03-22 172016]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-03-22 399856]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-03-22 442352]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-02-05 1179576]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-02-05 2234144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Toník\AppData\Roaming\Mozilla\Firefox\Profiles\juiutmls.default\
FF - prefs.js: browser.startup.homepage - www.google.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
c:\users\Toník\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Need for Speed™ Undercover Registration.lnk - c:\program files (x86)\EA Games\Need for Speed Undercover\Support\EAregister.exe /remind /language=ENU /PRID="GAME-NFSU09" /WHPR="Need for Speed™ Undercover" /PRNM="Electronic Arts Product"
c:\users\Toník\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registrace Need for Speed™ Undercover.lnk - c:\program files (x86)\EA Games\Need for Speed Undercover\Support\EAregister.exe /remind /language=CS /PRID="GAME-NFSU09" /WHPR="Need for Speed™ Undercover" /PRNM="Electronic Arts Product"
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} - (no file)
ShellIconOverlayIdentifiers-{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} - (no file)
ShellIconOverlayIdentifiers-{A759AFF6-5851-457D-A540-F4ECED148351} - (no file)
ShellIconOverlayIdentifiers-{1574C9EF-7D58-488F-B358-8B78C1538F51} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynLenovoGestureMgr - c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1116153933-4013720544-830532652-1001\Software\SecuROM\License information*]
"datasecu"=hex:42,e0,dc,ba,3f,7b,a5,5e,b0,22,21,f3,cb,31,83,ec,04,5a,78,a5,7d,
b3,a3,aa,43,d6,a2,bd,63,93,4b,11,a1,41,a4,9e,35,50,8c,6a,e3,80,23,0f,2b,3f,\
"rkeysecu"=hex:b4,07,09,42,45,e8,f0,30,d3,72,eb,b0,44,8c,9a,f0
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-03-09 21:16:40
ComboFix-quarantined-files.txt 2014-03-09 20:16
.
Před spuštěním: Volných bajtů: 106 615 119 872
Po spuštění: Volných bajtů: 106 155 167 744
.
- - End Of File - - 44D8F1F26D9CEBBF1CF5DAB8919B6E39
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3941.1566 [GMT 1:00]
Spuštěný z: c:\users\Toník\Desktop\ComboFix.exe
AV: ESET Smart Security 5.2 *Enabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.2 *Enabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\tmp5438.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-02-09 do 2014-03-09 )))))))))))))))))))))))))))))))
.
.
2014-03-09 20:10 . 2014-03-09 20:10 -------- d-----w- c:\users\TonÝk\AppData\Local\temp
2014-03-09 20:10 . 2014-03-09 20:10 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-03-09 20:10 . 2014-03-09 20:10 -------- d-----w- c:\users\Monča\AppData\Local\temp
2014-03-09 20:10 . 2014-03-09 20:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-06 20:37 . 2014-03-06 20:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-03-06 20:37 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-03-06 20:35 . 2014-03-09 16:04 -------- d-----w- C:\AdwCleaner
2014-03-05 22:04 . 2014-03-05 22:04 -------- d-----w- c:\windows\SysWow64\NV
2014-03-05 22:04 . 2014-03-05 22:04 -------- d-----w- c:\windows\system32\NV
2014-03-05 21:50 . 2013-12-27 18:42 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-03-05 21:50 . 2013-12-27 18:42 33056 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-03-05 15:28 . 2014-03-05 20:02 -------- d-----w- c:\program files (x86)\EA Games
2014-03-04 23:36 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-03-04 23:36 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll
2014-03-04 21:30 . 2013-09-25 02:23 1030144 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-03-04 21:30 . 2013-09-25 01:57 792576 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-02-26 01:08 . 2014-02-26 01:08 -------- d-----w- c:\windows\Migration
2014-02-20 23:35 . 2014-02-20 23:35 17858952 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-02-18 23:51 . 2014-02-18 23:51 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-02-12 00:53 . 2013-12-21 09:53 548864 ----a-w- c:\windows\system32\vbscript.dll
2014-02-12 00:52 . 2014-02-06 10:57 53760 ----a-w- c:\windows\system32\jsproxy.dll
2014-02-11 21:14 . 2013-12-06 02:30 1882112 ----a-w- c:\windows\system32\msxml3.dll
2014-02-11 21:14 . 2013-12-06 02:30 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-02-11 21:14 . 2013-12-06 02:02 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2014-02-11 21:14 . 2013-12-06 02:02 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-03 23:41 . 2012-11-27 21:16 183112 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-02-20 23:35 . 2012-10-17 11:54 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-20 23:35 . 2012-10-17 11:54 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-17 01:36 . 2012-10-16 19:24 88567024 ----a-w- c:\windows\system32\MRT.exe
2014-02-08 18:34 . 2013-07-19 21:23 832424 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2014-02-08 18:34 . 2013-07-19 21:23 2713728 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-02-08 18:34 . 2012-08-04 00:11 947296 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-02-08 18:34 . 2012-08-04 00:11 3090184 ----a-w- c:\windows\system32\nvapi64.dll
2014-02-08 18:34 . 2012-08-04 00:11 148528 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-02-08 17:42 . 2012-08-04 00:12 6712608 ----a-w- c:\windows\system32\nvcpl.dll
2014-02-08 17:42 . 2012-08-04 00:12 3498272 ----a-w- c:\windows\system32\nvsvc64.dll
2014-02-08 17:42 . 2012-08-04 00:12 923936 ----a-w- c:\windows\system32\nvvsvc.exe
2014-02-08 17:42 . 2012-08-04 00:12 67072 ----a-w- c:\windows\system32\nv3dappshextr.dll
2014-02-08 17:42 . 2012-08-04 00:12 63776 ----a-w- c:\windows\system32\nvshext.dll
2014-02-08 17:42 . 2012-08-04 00:12 607520 ----a-w- c:\windows\SysWow64\oemdspif.dll
2014-02-08 17:42 . 2012-08-04 00:12 386336 ----a-w- c:\windows\system32\nvmctray.dll
2014-02-08 17:42 . 2012-08-04 00:12 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2014-02-08 17:42 . 2012-08-04 00:12 1075488 ----a-w- c:\windows\system32\nv3dappshext.dll
2014-02-05 17:52 . 2012-08-04 00:12 3573739 ----a-w- c:\windows\system32\nvcoproc.bin
2014-02-05 09:31 . 2013-10-29 21:06 1048152 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-02-05 09:30 . 2013-10-29 21:06 1179576 ----a-w- c:\windows\system32\nvspcap64.dll
2014-01-29 22:02 . 2012-07-06 05:07 12617216 ----a-w- c:\windows\system32\igdumd64.dll
2014-01-29 22:02 . 2014-01-29 22:02 5363200 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2014-01-29 22:02 . 2014-01-29 22:02 98304 ----a-w- c:\windows\system32\igdde64.dll
2014-01-29 22:02 . 2014-01-29 22:02 77312 ----a-w- c:\windows\SysWow64\igdde32.dll
2014-01-29 22:02 . 2012-07-06 05:06 12859392 ----a-w- c:\windows\system32\igd10umd64.dll
2014-01-19 07:33 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-01-10 01:18 . 2012-10-16 17:07 381440 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-12-27 18:42 . 2013-09-03 09:42 35104 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-12-19 20:33 . 2014-02-04 20:44 1511712 ----a-w- c:\windows\system32\nvdispgenco6433221.dll
2013-12-19 20:33 . 2014-02-04 20:44 1884448 ----a-w- c:\windows\system32\nvdispco6433221.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2010-08-20 33120]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2013-10-31 449760]
"uTorrent"="c:\users\Toník\AppData\Roaming\uTorrent\uTorrent.exe" [2014-02-08 905296]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2014-02-05 3598680]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-30 284440]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2011-12-21 507744]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-26 291608]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-29 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-29 228448]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2012-08-04 329056]
"{CDF13D74-E6AA-4006-818A-B360D6A3573C}"="c:\program files\Launch Manager\HotkeyApp.exe" [2012-03-01 415272]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-3-21 1390368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0FbDefrag
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LSCWinService;LSCWinService;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 DamageGuard;DamageGuard;c:\windows\system32\DRIVERS\DamageGuardX64.sys;c:\windows\SYSNATIVE\DRIVERS\DamageGuardX64.sys [x]
R4 DamageGuardSvc;Lenovo Instant Reset Service;c:\program files\Lenovo\Instant Reset\DamageGuardSvc.exe;c:\program files\Lenovo\Instant Reset\DamageGuardSvc.exe [x]
R4 dgFltr;dgFltr;c:\windows\system32\drivers\dgFltrX64.sys;c:\windows\SYSNATIVE\drivers\dgFltrX64.sys [x]
R4 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE;c:\windows\SysWOW64\NLSSRV32.EXE [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe;c:\program files\Launch Manager\WisLMSvc.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 SmbDrvIntel;SmbDrvIntel;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-04 10:22 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-03-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-17 23:35]
.
2014-03-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-04 00:36]
.
2014-03-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-04 00:36]
.
2014-03-07 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
.
2014-03-02 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2012-08-04 00:36 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2012-04-27 368728]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-10 12445288]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-08-04 8079408]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-08-04 6202416]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2012-08-04 206176]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-03-07 4081008]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-03-22 172016]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-03-22 399856]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-03-22 442352]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-02-05 1179576]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-02-05 2234144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Toník\AppData\Roaming\Mozilla\Firefox\Profiles\juiutmls.default\
FF - prefs.js: browser.startup.homepage - www.google.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
c:\users\Toník\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Need for Speed™ Undercover Registration.lnk - c:\program files (x86)\EA Games\Need for Speed Undercover\Support\EAregister.exe /remind /language=ENU /PRID="GAME-NFSU09" /WHPR="Need for Speed™ Undercover" /PRNM="Electronic Arts Product"
c:\users\Toník\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registrace Need for Speed™ Undercover.lnk - c:\program files (x86)\EA Games\Need for Speed Undercover\Support\EAregister.exe /remind /language=CS /PRID="GAME-NFSU09" /WHPR="Need for Speed™ Undercover" /PRNM="Electronic Arts Product"
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} - (no file)
ShellIconOverlayIdentifiers-{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} - (no file)
ShellIconOverlayIdentifiers-{A759AFF6-5851-457D-A540-F4ECED148351} - (no file)
ShellIconOverlayIdentifiers-{1574C9EF-7D58-488F-B358-8B78C1538F51} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynLenovoGestureMgr - c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1116153933-4013720544-830532652-1001\Software\SecuROM\License information*]
"datasecu"=hex:42,e0,dc,ba,3f,7b,a5,5e,b0,22,21,f3,cb,31,83,ec,04,5a,78,a5,7d,
b3,a3,aa,43,d6,a2,bd,63,93,4b,11,a1,41,a4,9e,35,50,8c,6a,e3,80,23,0f,2b,3f,\
"rkeysecu"=hex:b4,07,09,42,45,e8,f0,30,d3,72,eb,b0,44,8c,9a,f0
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-03-09 21:16:40
ComboFix-quarantined-files.txt 2014-03-09 20:16
.
Před spuštěním: Volných bajtů: 106 615 119 872
Po spuštění: Volných bajtů: 106 155 167 744
.
- - End Of File - - 44D8F1F26D9CEBBF1CF5DAB8919B6E39
Re: prosim o kontrolu PC
Přes Odebrat programy odinstaluj PANDORA.TV
Pokud jsi tak ještě neučinil, přesuň Combofix na plochu
otevři si Poznámkový blok
do něj zkopíruj skript z následujícího okna:
ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,
po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:
Po aplikaci na Tebe vypadne další log, zkopíruj ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,
v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci
Pokud jsi tak ještě neučinil, přesuň Combofix na plochu
otevři si Poznámkový blok
do něj zkopíruj skript z následujícího okna:
Kód: Vybrat vše
RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:
Po aplikaci na Tebe vypadne další log, zkopíruj ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,
v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci
Re: prosim o kontrolu PC
ComboFix 14-03-05.01 - Toník 10.03.2014 22:09:45.5.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3941.2205 [GMT 1:00]
Spuštěný z: c:\users\Toník\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Toník\Desktop\CFScript.txt.txt
AV: ESET Smart Security 5.2 *Enabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.2 *Enabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
- REŽIM S OMEZENOU FUNKČNOSTÍ -
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-02-10 do 2014-03-10 )))))))))))))))))))))))))))))))
.
.
2014-03-10 21:13 . 2014-03-10 21:13 -------- d-----w- c:\users\TonÝk\AppData\Local\temp
2014-03-10 21:13 . 2014-03-10 21:13 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-03-10 21:13 . 2014-03-10 21:13 -------- d-----w- c:\users\Monča\AppData\Local\temp
2014-03-10 21:13 . 2014-03-10 21:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-09 20:16 . 2014-03-09 20:16 -------- d-----w- c:\users\UpdatusUser
2014-03-06 20:37 . 2014-03-06 20:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-03-06 20:37 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-03-06 20:35 . 2014-03-09 16:04 -------- d-----w- C:\AdwCleaner
2014-03-05 22:04 . 2014-03-05 22:04 -------- d-----w- c:\windows\SysWow64\NV
2014-03-05 22:04 . 2014-03-05 22:04 -------- d-----w- c:\windows\system32\NV
2014-03-05 21:50 . 2013-12-27 18:42 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-03-05 21:50 . 2013-12-27 18:42 33056 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-03-05 15:28 . 2014-03-05 20:02 -------- d-----w- c:\program files (x86)\EA Games
2014-03-04 23:36 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-03-04 23:36 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll
2014-03-04 21:30 . 2013-09-25 02:23 1030144 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-03-04 21:30 . 2013-09-25 01:57 792576 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-02-26 01:08 . 2014-02-26 01:08 -------- d-----w- c:\windows\Migration
2014-02-20 23:35 . 2014-02-20 23:35 17858952 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-02-18 23:51 . 2014-02-18 23:51 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-02-12 00:53 . 2013-12-21 09:53 548864 ----a-w- c:\windows\system32\vbscript.dll
2014-02-12 00:52 . 2014-02-06 10:57 53760 ----a-w- c:\windows\system32\jsproxy.dll
2014-02-11 21:14 . 2013-12-06 02:30 1882112 ----a-w- c:\windows\system32\msxml3.dll
2014-02-11 21:14 . 2013-12-06 02:30 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-02-11 21:14 . 2013-12-06 02:02 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2014-02-11 21:14 . 2013-12-06 02:02 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-03 23:41 . 2012-11-27 21:16 183112 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-02-20 23:35 . 2012-10-17 11:54 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-20 23:35 . 2012-10-17 11:54 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-17 01:36 . 2012-10-16 19:24 88567024 ----a-w- c:\windows\system32\MRT.exe
2014-02-08 18:34 . 2013-07-19 21:23 832424 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2014-02-08 18:34 . 2013-07-19 21:23 2713728 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-02-08 18:34 . 2012-08-04 00:11 947296 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-02-08 18:34 . 2012-08-04 00:11 3090184 ----a-w- c:\windows\system32\nvapi64.dll
2014-02-08 18:34 . 2012-08-04 00:11 148528 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-02-08 17:42 . 2012-08-04 00:12 6712608 ----a-w- c:\windows\system32\nvcpl.dll
2014-02-08 17:42 . 2012-08-04 00:12 3498272 ----a-w- c:\windows\system32\nvsvc64.dll
2014-02-08 17:42 . 2012-08-04 00:12 923936 ----a-w- c:\windows\system32\nvvsvc.exe
2014-02-08 17:42 . 2012-08-04 00:12 67072 ----a-w- c:\windows\system32\nv3dappshextr.dll
2014-02-08 17:42 . 2012-08-04 00:12 63776 ----a-w- c:\windows\system32\nvshext.dll
2014-02-08 17:42 . 2012-08-04 00:12 607520 ----a-w- c:\windows\SysWow64\oemdspif.dll
2014-02-08 17:42 . 2012-08-04 00:12 386336 ----a-w- c:\windows\system32\nvmctray.dll
2014-02-08 17:42 . 2012-08-04 00:12 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2014-02-08 17:42 . 2012-08-04 00:12 1075488 ----a-w- c:\windows\system32\nv3dappshext.dll
2014-02-05 17:52 . 2012-08-04 00:12 3573739 ----a-w- c:\windows\system32\nvcoproc.bin
2014-02-05 09:31 . 2013-10-29 21:06 1048152 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-02-05 09:30 . 2013-10-29 21:06 1179576 ----a-w- c:\windows\system32\nvspcap64.dll
2014-01-29 22:02 . 2012-07-06 05:07 12617216 ----a-w- c:\windows\system32\igdumd64.dll
2014-01-29 22:02 . 2014-01-29 22:02 5363200 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2014-01-29 22:02 . 2014-01-29 22:02 98304 ----a-w- c:\windows\system32\igdde64.dll
2014-01-29 22:02 . 2014-01-29 22:02 77312 ----a-w- c:\windows\SysWow64\igdde32.dll
2014-01-29 22:02 . 2012-07-06 05:06 12859392 ----a-w- c:\windows\system32\igd10umd64.dll
2014-01-19 07:33 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-01-10 01:18 . 2012-10-16 17:07 381440 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-12-27 18:42 . 2013-09-03 09:42 35104 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-12-19 20:33 . 2014-02-04 20:44 1511712 ----a-w- c:\windows\system32\nvdispgenco6433221.dll
2013-12-19 20:33 . 2014-02-04 20:44 1884448 ----a-w- c:\windows\system32\nvdispco6433221.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2010-08-20 33120]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2013-10-31 449760]
"uTorrent"="c:\users\Toník\AppData\Roaming\uTorrent\uTorrent.exe" [2014-02-08 905296]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2014-02-05 3598680]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-30 284440]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2011-12-21 507744]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-26 291608]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-29 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-29 228448]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2012-08-04 329056]
"{CDF13D74-E6AA-4006-818A-B360D6A3573C}"="c:\program files\Launch Manager\HotkeyApp.exe" [2012-03-01 415272]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-3-21 1390368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0FbDefrag
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LSCWinService;LSCWinService;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 DamageGuard;DamageGuard;c:\windows\system32\DRIVERS\DamageGuardX64.sys;c:\windows\SYSNATIVE\DRIVERS\DamageGuardX64.sys [x]
R4 DamageGuardSvc;Lenovo Instant Reset Service;c:\program files\Lenovo\Instant Reset\DamageGuardSvc.exe;c:\program files\Lenovo\Instant Reset\DamageGuardSvc.exe [x]
R4 dgFltr;dgFltr;c:\windows\system32\drivers\dgFltrX64.sys;c:\windows\SYSNATIVE\drivers\dgFltrX64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE;c:\windows\SysWOW64\NLSSRV32.EXE [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe;c:\program files\Launch Manager\WisLMSvc.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 SmbDrvIntel;SmbDrvIntel;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-04 10:22 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-03-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-17 23:35]
.
2014-03-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-04 00:36]
.
2014-03-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-04 00:36]
.
2014-03-07 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
.
2014-03-02 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2012-08-04 00:36 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2012-04-27 368728]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-10 12445288]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SynLenovoGestureMgr"="c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" [BU]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-08-04 8079408]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-08-04 6202416]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2012-08-04 206176]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-03-07 4081008]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-03-22 172016]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-03-22 399856]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-03-22 442352]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-02-05 1179576]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-02-05 2234144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Toník\AppData\Roaming\Mozilla\Firefox\Profiles\juiutmls.default\
FF - prefs.js: browser.startup.homepage - www.google.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} - (no file)
ShellIconOverlayIdentifiers-{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} - (no file)
ShellIconOverlayIdentifiers-{A759AFF6-5851-457D-A540-F4ECED148351} - (no file)
ShellIconOverlayIdentifiers-{1574C9EF-7D58-488F-B358-8B78C1538F51} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1116153933-4013720544-830532652-1001\Software\SecuROM\License information*]
"datasecu"=hex:42,e0,dc,ba,3f,7b,a5,5e,b0,22,21,f3,cb,31,83,ec,04,5a,78,a5,7d,
b3,a3,aa,43,d6,a2,bd,63,93,4b,11,a1,41,a4,9e,35,50,8c,6a,e3,80,23,0f,2b,3f,\
"rkeysecu"=hex:b4,07,09,42,45,e8,f0,30,d3,72,eb,b0,44,8c,9a,f0
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
Celkový čas: 2014-03-10 22:18:42
ComboFix-quarantined-files.txt 2014-03-10 21:18
ComboFix2.txt 2014-03-09 20:16
.
Před spuštěním: Volných bajtů: 104 671 178 752
Po spuštění: Volných bajtů: 104 602 267 648
.
- - End Of File - - 553E83A8FC8485BDE1E7889B049D5D1B
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3941.2205 [GMT 1:00]
Spuštěný z: c:\users\Toník\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Toník\Desktop\CFScript.txt.txt
AV: ESET Smart Security 5.2 *Enabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.2 *Enabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
- REŽIM S OMEZENOU FUNKČNOSTÍ -
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-02-10 do 2014-03-10 )))))))))))))))))))))))))))))))
.
.
2014-03-10 21:13 . 2014-03-10 21:13 -------- d-----w- c:\users\TonÝk\AppData\Local\temp
2014-03-10 21:13 . 2014-03-10 21:13 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-03-10 21:13 . 2014-03-10 21:13 -------- d-----w- c:\users\Monča\AppData\Local\temp
2014-03-10 21:13 . 2014-03-10 21:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-09 20:16 . 2014-03-09 20:16 -------- d-----w- c:\users\UpdatusUser
2014-03-06 20:37 . 2014-03-06 20:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-03-06 20:37 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-03-06 20:35 . 2014-03-09 16:04 -------- d-----w- C:\AdwCleaner
2014-03-05 22:04 . 2014-03-05 22:04 -------- d-----w- c:\windows\SysWow64\NV
2014-03-05 22:04 . 2014-03-05 22:04 -------- d-----w- c:\windows\system32\NV
2014-03-05 21:50 . 2013-12-27 18:42 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-03-05 21:50 . 2013-12-27 18:42 33056 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-03-05 15:28 . 2014-03-05 20:02 -------- d-----w- c:\program files (x86)\EA Games
2014-03-04 23:36 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-03-04 23:36 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll
2014-03-04 21:30 . 2013-09-25 02:23 1030144 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-03-04 21:30 . 2013-09-25 01:57 792576 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-02-26 01:08 . 2014-02-26 01:08 -------- d-----w- c:\windows\Migration
2014-02-20 23:35 . 2014-02-20 23:35 17858952 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-02-18 23:51 . 2014-02-18 23:51 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-02-12 00:53 . 2013-12-21 09:53 548864 ----a-w- c:\windows\system32\vbscript.dll
2014-02-12 00:52 . 2014-02-06 10:57 53760 ----a-w- c:\windows\system32\jsproxy.dll
2014-02-11 21:14 . 2013-12-06 02:30 1882112 ----a-w- c:\windows\system32\msxml3.dll
2014-02-11 21:14 . 2013-12-06 02:30 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-02-11 21:14 . 2013-12-06 02:02 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2014-02-11 21:14 . 2013-12-06 02:02 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-03 23:41 . 2012-11-27 21:16 183112 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-02-20 23:35 . 2012-10-17 11:54 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-20 23:35 . 2012-10-17 11:54 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-17 01:36 . 2012-10-16 19:24 88567024 ----a-w- c:\windows\system32\MRT.exe
2014-02-08 18:34 . 2013-07-19 21:23 832424 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2014-02-08 18:34 . 2013-07-19 21:23 2713728 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-02-08 18:34 . 2012-08-04 00:11 947296 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-02-08 18:34 . 2012-08-04 00:11 3090184 ----a-w- c:\windows\system32\nvapi64.dll
2014-02-08 18:34 . 2012-08-04 00:11 148528 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-02-08 17:42 . 2012-08-04 00:12 6712608 ----a-w- c:\windows\system32\nvcpl.dll
2014-02-08 17:42 . 2012-08-04 00:12 3498272 ----a-w- c:\windows\system32\nvsvc64.dll
2014-02-08 17:42 . 2012-08-04 00:12 923936 ----a-w- c:\windows\system32\nvvsvc.exe
2014-02-08 17:42 . 2012-08-04 00:12 67072 ----a-w- c:\windows\system32\nv3dappshextr.dll
2014-02-08 17:42 . 2012-08-04 00:12 63776 ----a-w- c:\windows\system32\nvshext.dll
2014-02-08 17:42 . 2012-08-04 00:12 607520 ----a-w- c:\windows\SysWow64\oemdspif.dll
2014-02-08 17:42 . 2012-08-04 00:12 386336 ----a-w- c:\windows\system32\nvmctray.dll
2014-02-08 17:42 . 2012-08-04 00:12 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2014-02-08 17:42 . 2012-08-04 00:12 1075488 ----a-w- c:\windows\system32\nv3dappshext.dll
2014-02-05 17:52 . 2012-08-04 00:12 3573739 ----a-w- c:\windows\system32\nvcoproc.bin
2014-02-05 09:31 . 2013-10-29 21:06 1048152 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-02-05 09:30 . 2013-10-29 21:06 1179576 ----a-w- c:\windows\system32\nvspcap64.dll
2014-01-29 22:02 . 2012-07-06 05:07 12617216 ----a-w- c:\windows\system32\igdumd64.dll
2014-01-29 22:02 . 2014-01-29 22:02 5363200 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2014-01-29 22:02 . 2014-01-29 22:02 98304 ----a-w- c:\windows\system32\igdde64.dll
2014-01-29 22:02 . 2014-01-29 22:02 77312 ----a-w- c:\windows\SysWow64\igdde32.dll
2014-01-29 22:02 . 2012-07-06 05:06 12859392 ----a-w- c:\windows\system32\igd10umd64.dll
2014-01-19 07:33 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-01-10 01:18 . 2012-10-16 17:07 381440 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-12-27 18:42 . 2013-09-03 09:42 35104 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-12-19 20:33 . 2014-02-04 20:44 1511712 ----a-w- c:\windows\system32\nvdispgenco6433221.dll
2013-12-19 20:33 . 2014-02-04 20:44 1884448 ----a-w- c:\windows\system32\nvdispco6433221.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2010-08-20 33120]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2013-10-31 449760]
"uTorrent"="c:\users\Toník\AppData\Roaming\uTorrent\uTorrent.exe" [2014-02-08 905296]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2014-02-05 3598680]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-30 284440]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2011-12-21 507744]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-26 291608]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-29 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-29 228448]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2012-08-04 329056]
"{CDF13D74-E6AA-4006-818A-B360D6A3573C}"="c:\program files\Launch Manager\HotkeyApp.exe" [2012-03-01 415272]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-3-21 1390368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0FbDefrag
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LSCWinService;LSCWinService;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 DamageGuard;DamageGuard;c:\windows\system32\DRIVERS\DamageGuardX64.sys;c:\windows\SYSNATIVE\DRIVERS\DamageGuardX64.sys [x]
R4 DamageGuardSvc;Lenovo Instant Reset Service;c:\program files\Lenovo\Instant Reset\DamageGuardSvc.exe;c:\program files\Lenovo\Instant Reset\DamageGuardSvc.exe [x]
R4 dgFltr;dgFltr;c:\windows\system32\drivers\dgFltrX64.sys;c:\windows\SYSNATIVE\drivers\dgFltrX64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE;c:\windows\SysWOW64\NLSSRV32.EXE [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe;c:\program files\Launch Manager\WisLMSvc.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 SmbDrvIntel;SmbDrvIntel;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-04 10:22 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-03-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-17 23:35]
.
2014-03-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-04 00:36]
.
2014-03-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-04 00:36]
.
2014-03-07 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
.
2014-03-02 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2012-08-04 00:36 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2012-04-27 368728]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-10 12445288]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SynLenovoGestureMgr"="c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" [BU]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-08-04 8079408]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-08-04 6202416]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2012-08-04 206176]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-03-07 4081008]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-03-22 172016]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-03-22 399856]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-03-22 442352]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-02-05 1179576]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-02-05 2234144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Toník\AppData\Roaming\Mozilla\Firefox\Profiles\juiutmls.default\
FF - prefs.js: browser.startup.homepage - www.google.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} - (no file)
ShellIconOverlayIdentifiers-{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} - (no file)
ShellIconOverlayIdentifiers-{A759AFF6-5851-457D-A540-F4ECED148351} - (no file)
ShellIconOverlayIdentifiers-{1574C9EF-7D58-488F-B358-8B78C1538F51} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1116153933-4013720544-830532652-1001\Software\SecuROM\License information*]
"datasecu"=hex:42,e0,dc,ba,3f,7b,a5,5e,b0,22,21,f3,cb,31,83,ec,04,5a,78,a5,7d,
b3,a3,aa,43,d6,a2,bd,63,93,4b,11,a1,41,a4,9e,35,50,8c,6a,e3,80,23,0f,2b,3f,\
"rkeysecu"=hex:b4,07,09,42,45,e8,f0,30,d3,72,eb,b0,44,8c,9a,f0
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
Celkový čas: 2014-03-10 22:18:42
ComboFix-quarantined-files.txt 2014-03-10 21:18
ComboFix2.txt 2014-03-09 20:16
.
Před spuštěním: Volných bajtů: 104 671 178 752
Po spuštění: Volných bajtů: 104 602 267 648
.
- - End Of File - - 553E83A8FC8485BDE1E7889B049D5D1B
Re: prosim o kontrolu PC
Přes Start >> Spustit zkopíruj do okna:
ComboFix /Uninstall
a stiskni Enter
To odinstaluje ComboFix a smaže s ním související soubory a složky.
Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.
Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.
Pak dej vědět jaký je stav PC.
ComboFix /Uninstall
a stiskni Enter
To odinstaluje ComboFix a smaže s ním související soubory a složky.
Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.
Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.
Pak dej vědět jaký je stav PC.
Re: prosim o kontrolu PC
zdravim,je to lepsi,ale mam jiny problem.nejde mi nainstalovat zadna aktualizace.ani hry ktere nainstaluju nejdou spustit.
Přispějete na provoz fóra?