lookinglink Ads

Zpráva

boueskova · #16 Příspěvek od **boueskova** » 23 zář 2014 09:44

po vyhození loga z malwarebytes se tento program vypnul, ale stihla jsem sivšimnout, že vše ukázalo je, že v karanténě, aniž bych k tomu dala pokyn. Zvláštní je, že když jsem poté NB vypnula, tak po dalším spuštění se mi znovu automaticky ukázalo, že byl proveden sken tímto programem a vyhodilo ty stejné chyby - nevím, zda mám nechat proskenovat znovu ? /scenování trvalo asi 3hodiny/ Stále však mám dojem, že se pravděpodobně vrací - viz moje zpráva na Váš email. děkuji

#17 Příspěvek od **Márty84** » 23 zář 2014 09:46

Tak jinak.

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

boueskova · #18 Příspěvek od **boueskova** » 23 zář 2014 10:11

ok, díky zazálohuju a jdu na to, tak snad si NB nezničím uplně

Syn dostane za uši, jak jsem si všimla, pravděpodobně vše natahaly jeho hry ?!

boueskova · #19 Příspěvek od **boueskova** » 23 zář 2014 11:14

Uff, tak snad jsem vše provedla správně ?? Jsem se u toho i zapotila, abych systému ještě více neulížila

Zasílám tedy log, který mi vygeneroval ComboFix

ComboFix 14-09-22.01 - Lenovo 23.09.2014 11:53:33.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3892.2323 [GMT 2:00]
Spuštěný z: c:\users\Lenovo\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-08-23 do 2014-09-23 )))))))))))))))))))))))))))))))
.
.
2014-09-23 10:05 . 2014-09-23 10:05 -------- d-----w- c:\users\Guest\AppData\Local\temp
2014-09-23 10:05 . 2014-09-23 10:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-09-23 09:59 . 2014-09-23 09:59 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{41B94555-F8E6-4D0B-B87D-0BA736F7A38A}\offreg.dll
2014-09-22 17:42 . 2014-09-23 08:01 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-09-22 17:42 . 2014-09-22 17:42 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-09-22 17:42 . 2014-09-22 17:42 -------- d-----w- c:\programdata\Malwarebytes
2014-09-22 17:42 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-09-22 17:42 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-09-22 17:42 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-21 13:59 . 2014-09-23 10:05 -------- d-----w- c:\users\Lenovo\AppData\Local\Temp
2014-09-21 13:59 . 2014-09-21 13:46 24064 ----a-w- c:\windows\zoek-delete.exe
2014-09-20 07:37 . 2014-09-20 12:47 -------- d-----w- C:\zoek_backup
2014-09-20 06:58 . 2014-09-20 06:58 -------- d-----w- c:\windows\ERUNT
2014-09-19 21:03 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-09-19 21:02 . 2014-09-19 22:57 -------- d-----w- C:\AdwCleaner
2014-09-19 19:07 . 2014-09-19 19:07 -------- d-----w- c:\program files\trend micro
2014-09-19 19:07 . 2014-09-19 19:07 -------- d-----w- C:\rsit
2014-09-19 17:21 . 2014-09-15 00:08 11578928 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{41B94555-F8E6-4D0B-B87D-0BA736F7A38A}\mpengine.dll
2014-09-18 13:59 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-18 13:59 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-09-17 23:15 . 2014-08-01 11:53 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-09-17 23:15 . 2014-08-01 11:35 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-09-17 23:15 . 2014-06-24 03:29 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-17 23:15 . 2014-06-24 02:59 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-09-17 23:14 . 2014-07-07 02:06 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-09-17 23:14 . 2014-07-07 02:06 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-17 23:14 . 2014-07-07 01:40 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-09-17 23:14 . 2014-07-07 01:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-09-17 23:14 . 2014-07-07 01:39 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-09-17 23:12 . 2014-09-05 02:10 578048 ----a-w- c:\windows\system32\aepdu.dll
2014-09-17 23:12 . 2014-09-05 02:05 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-09-15 13:02 . 2014-09-15 13:02 -------- d-----w- c:\users\Lenovo\AppData\Roaming\Publish Providers
2014-09-15 13:02 . 2014-09-15 13:02 -------- d-----w- c:\users\Lenovo\AppData\Local\Sony
2014-09-15 12:54 . 2014-09-15 12:56 -------- d-----w- c:\programdata\Pinnacle VideoSpin
2014-09-15 12:54 . 2014-09-15 12:54 -------- d-----w- c:\program files (x86)\Pinnacle
2014-09-15 12:54 . 2014-09-15 12:54 -------- d-----w- c:\program files (x86)\Common Files\Yahoo!
2014-09-15 12:51 . 2014-09-15 12:51 -------- d-----w- c:\programdata\Pinnacle
2014-09-15 12:51 . 2014-09-17 22:49 -------- d-----w- c:\users\Lenovo\AppData\Local\Downloaded Installations
2014-09-15 12:38 . 2014-09-15 12:38 -------- d-----w- c:\users\Lenovo\AppData\Local\Meltytech
2014-09-15 12:35 . 2014-09-17 22:49 -------- d-----w- c:\program files (x86)\Shotcut
2014-09-15 12:19 . 2014-09-15 12:19 -------- d-----w- c:\program files (x86)\Vstplugins
2014-09-15 12:14 . 2014-09-15 12:14 -------- d-----w- c:\program files (x86)\Sony Setup
2014-09-15 11:51 . 2014-09-17 22:49 -------- d-----w- c:\users\Lenovo\AppData\Roaming\Audacity
2014-09-15 11:51 . 2014-09-17 22:49 -------- d-----w- c:\program files (x86)\Audacity
2014-09-13 19:29 . 2014-09-17 22:49 -------- d-----w- C:\Fraps
2014-09-13 06:38 . 2014-09-13 06:38 -------- d-----w- c:\users\Lenovo\AppData\Local\Dxtory Software
2014-09-13 06:38 . 2014-09-13 06:38 -------- d-----w- c:\program files (x86)\Dxtory Software
2014-08-28 05:32 . 2014-08-23 00:59 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-08-28 05:32 . 2014-08-23 02:07 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-28 05:32 . 2014-08-23 01:45 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-27 17:43 . 2014-09-17 22:49 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-08-25 09:15 . 2014-09-17 22:49 -------- d-----w- c:\program files (x86)\Sony Media Go Install
2014-08-25 09:15 . 2014-09-15 13:02 -------- d-----w- c:\users\Lenovo\AppData\Roaming\Sony
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-18 15:12 . 2013-11-21 11:35 101694776 ----a-w- c:\windows\system32\MRT.exe
2014-08-25 04:53 . 2013-11-21 10:42 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-08-07 09:29 . 2013-12-21 00:13 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-08-07 09:28 . 2013-12-21 00:13 92008 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-08-07 09:28 . 2014-08-07 09:28 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-08-07 09:28 . 2014-08-07 09:28 43152 ----a-w- c:\windows\avastSS.scr
2014-08-07 09:28 . 2013-12-21 00:13 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-08-07 09:28 . 2013-12-21 00:13 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-08-07 09:28 . 2013-12-21 00:13 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-08-07 09:28 . 2013-12-21 00:13 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-08-07 09:28 . 2013-12-21 00:13 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-08-07 09:28 . 2013-12-21 00:13 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-08-07 09:28 . 2014-08-07 09:28 44640 ----a-w- c:\windows\system32\drivers\aswTap.sys
2014-07-25 13:25 . 2014-08-15 21:05 2774528 ----a-w- c:\windows\system32\iertutil(141).dll
2014-07-25 12:21 . 2014-08-15 21:05 2184704 ----a-w- c:\windows\SysWow64\iertutil(151).dll
2014-07-25 10:52 . 2014-08-15 21:05 2266624 ----a-w- c:\windows\system32\wininet(150).dll
2014-07-25 10:26 . 2014-08-15 21:05 1431040 ----a-w- c:\windows\system32\urlmon(148).dll
2014-07-25 10:05 . 2014-08-15 21:05 1792512 ----a-w- c:\windows\SysWow64\wininet(156).dll
2014-07-25 10:00 . 2014-08-15 21:05 1169920 ----a-w- c:\windows\SysWow64\urlmon(155).dll
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-07-16 03:23 . 2014-08-15 20:48 2048 ----a-w- c:\windows\system32\tzres.dll
2014-07-16 02:46 . 2014-08-15 20:48 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-07-14 02:02 . 2014-08-15 20:36 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-07-14 01:40 . 2014-08-15 20:36 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-06-30 22:24 . 2014-08-17 02:11 8856 ----a-w- c:\windows\system32\icardres.dll
2014-06-30 22:14 . 2014-08-17 02:11 8856 ----a-w- c:\windows\SysWow64\icardres.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2014-07-30 467680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RotateImage"="c:\program files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe" [2008-10-30 55808]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2013-05-03 111928]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-07 4085896]
"SMART Floating Tools"="c:\program files (x86)\SMART Technologies\Education Software\FloatingTools.exe" [2013-11-20 9024304]
"SMART Tray Tools"="c:\program files (x86)\SMART Technologies\Education Software\SMARTTrayIcon.exe" [2014-02-12 744752]
"SMART Board Service"="c:\program files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe" [2014-02-12 1933616]
"sbsdk-server"="c:\program files (x86)\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe" [2013-08-22 62768]
"SMART Ink"="c:\program files (x86)\SMART Technologies\Education Software\SMARTInk.exe" [2013-10-31 147248]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2011-1-24 1090848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 aswTap;avast! SecureLine TAP Adapter v3;c:\windows\system32\DRIVERS\aswTap.sys;c:\windows\SYSNATIVE\DRIVERS\aswTap.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 SMARTVTabletPCx64;SMART Virtual TabletPC;c:\windows\system32\DRIVERS\SMARTVTabletPCx64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTVTabletPCx64.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys;c:\windows\SYSNATIVE\DRIVERS\ApsHM64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [x]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys;c:\windows\SYSNATIVE\DRIVERS\rimspe64.sys [x]
S2 SMARTHelperService;SMART Helper Service;c:\program files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe;c:\program files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe [x]
S2 smihlp;SMI Helper Driver (smihlp);c:\program files\ThinkVantage Fingerprint Software\smihlp.sys;c:\program files\ThinkVantage Fingerprint Software\smihlp.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 5U877;USB Video Device;c:\windows\system32\DRIVERS\5U877.sys;c:\windows\SYSNATIVE\DRIVERS\5U877.sys [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1k62x64.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
S3 SMARTMouseFilterx64;HID-compliant mouse;c:\windows\system32\DRIVERS\SMARTMouseFilterx64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTMouseFilterx64.sys [x]
S3 SMARTVHidMiniVistaAmd64;SMART HID Device;c:\windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTVHidMiniVistaAmd64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-07 09:28 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-31 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-31 392984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-31 417560]
"TpShocks"="TpShocks.exe" [2013-10-28 384296]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-15 307768]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2013-05-29 60920]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\dys4y9ba.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-SeznamInstall - c:\users\Lenovo\AppData\Roaming\Seznam.cz\szninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-09-23 12:09:19
ComboFix-quarantined-files.txt 2014-09-23 10:09
.
Před spuštěním: Volných bajtů: 257 813 594 112
Po spuštění: Volných bajtů: 257 291 546 624
.
- - End Of File - - E2140D67752AEE56C27A3F204D6BE722
A36C5E4F47E84449FF07ED3517B43A31

#20 Příspěvek od **JaRon** » 23 zář 2014 12:12

boueskova píše: Syn dostane za uši, !

myslim, ze mozes pristupit k tomuto bodu

prevencia je prevencia

boueskova · #21 Příspěvek od **boueskova** » 23 zář 2014 12:28

Dobrý den, můžu tedy chápat tuto vaši zprávu jako info, že se snad podařilo vše vyřešit ?

Případně můžu poprosit o info, o jaké viry se jednalo a co vše mohli způsobit - mám tím na mysli - zda mohlo ojít ke krádeži hesel, informací z počítače, atd ... - předpokládám, že nejlépe bude všechna hesla si změnit ? Velmi často kounikuji s tímto NB přes e-amily, mohlo dojít k tomu, že jsem tímto zavirovala i ostatní emailové schránky, do kterých byly zprávy zasílány? A v neposlední řadě - začala nás zlobit i klávesnice - psalo vedlejší písmena, atd... - toto jsme vyřešili koupí nové klávesnice, kdy jsme měli zato, že chyba je v klávesnici - starou však máme schovanou - myslíte, že i toto mohl způsobit vir? A ano, už ráno jsem syna upozornila, že vše natahal pravděpodobně svými super hrami, bez kterých má dojem, že se neobejde

- teď jen až se vrátí ze školy

Díky moc za Vaši pomoc - jste bezva a pokud bylo vše vyřešeno tak klobouk dolů před Vámi

Jen ještě přemýšlím, zda mám nyní vše správně nastaveno v avastu a ve firewallu - máte nějaký obecný návod pro správné nastavení ?

#22 Příspěvek od **JaRon** » 23 zář 2014 12:32

ahoj,
ja som si len dovolil drobnu srandicku - zaverecne resume samozrejme nechavam na kolegu

- napis, mu ci mas este nejake problemy s PC, ak ano ake

- doporucujem zmazat adresar C:\AdwCleaner
- vypada to dobre

boueskova · #23 Příspěvek od **boueskova** » 23 zář 2014 18:39

Díky

Jen si ještě nejsem opravdu jistá, že už je nyní vše v naprostém pořádku /možná už NB až nějak přepjatě hlídám

/, ale zdá se mi divné, že po přihlášení, aniž bych chtěla něco stahhovat mi stále ukazuje šipka jakoby se něco chtělo stáhnout, i když ve stahování nic nemám - jen ComboFix.exe - selhalo, ale já ho v tuto chvíli stahovat nedávala

taktéž mi stále chodí emaily, které se mi zdají trochu zvláštní ? - s příponou jpg. - samozřejmě jsem ji neotevřela, a na ploše a váš čas, který trávíte nad naší havětí

boueskova · #24 Příspěvek od **boueskova** » 23 zář 2014 19:39

Tak já už jsem opravdu zcela bezradná

Opět se mi po restartu ukázala šipka na stahování - po rozkliknutí stahování opět ComboFix exe - selhalo. Ale stahovat jsem nic nedávala

Po restartu mi dole v liště naskočila ikonka prohlížeč dokumentů SMART Ink - i když jsem nic takového nepoužívala, bohužel to stále vypadá, že si v mém NB někdo pěkně hraje

Prosím moc ještě jednou o pomoc, pokud je to ve vašich silách - mockrát děkuji předem.

#25 Příspěvek od **Márty84** » 24 zář 2014 03:04

Odinstalujte MBAM

Vypnete trvale Windows Defender

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

File::
c:\windows\zoek-delete.exe

Folder::
C:\zoek_backup

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sony PC Companion"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SMART Ink"=-

RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

Driver::
SkypeUpdate

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

boueskova · #26 Příspěvek od **boueskova** » 24 zář 2014 07:34

ComboFix 14-09-22.01 - Lenovo 24.09.2014 8:17.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3892.2388 [GMT 2:00]
Spuštěný z: c:\users\Lenovo\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Lenovo\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\zoek-delete.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\zoek_backup
c:\zoek_backup\C_PROGRA~2_Mozilla Firefox_defaults_preferences_pref.js.vir
c:\zoek_backup\C_PROGRA~3_Package Cache\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}v12.0.21005\packages\vcRuntimeMinimum_x86\cab1.cab
c:\zoek_backup\C_PROGRA~3_Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\state.rsm
c:\zoek_backup\C_PROGRA~3_Package Cache\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\vcRuntimeAdditional_x86\cab1.cab
c:\zoek_backup\C_PROGRA~3_spds90.txt.vir
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\_metadata\verified_contents.json
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\background\background-options.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\background\background.html
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\background\background.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\background\browser-action.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\background\cache-config.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\background\cookies.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\background\feeds.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\background\fixup-jquery-for-ie.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\background\history.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\background\ie-bg-shim.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\background\init-bg-messaging.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\background\lifecycle.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\background\localStorage.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\background\OneTimeCode.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\background\popup.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\background\preference.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\background\rebuttal.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\background\registry.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\background\reporting.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\background\search.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\background\security.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\background\sideByside.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\background\tabs.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\background\utils.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\build.json
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\lang-config.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\bl-new-tab-page.html
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\content-script.xul
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\css\bl-new-tab.css
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\css\containers.css
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\css\hp-new-tab.css
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\css\chrome-options.css
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\css\new-tab.css
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\css\searchbox.css
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\css\themes\avira\avira.css
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\css\themes\imesh\imesh.css
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\css\themes\mindspark\mindspark.css
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\css\themes\mindspark\new-search-button-mid.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\css\themes\mindspark\new-search-button-sides.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\css\themes\plain\plain.css
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\css\themes\taskbar\taskbar.css
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\css\themes\v5parity\v5parity.css
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\css\toolbar.css
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\chrome-options.html
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\IDR_WEBSTORE_ICON.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\logo\ask_flat_20x.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\logo\logo_128x.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\logo\logo_19x.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\logo\logo_19x_grey.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\logo\logo_24x.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\logo\logo_32x.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\logo\toolbar-icons.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\newtab\bl-homepage_logo.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\newtab\btn_x.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\newtab\homepage_logo.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\newtab\manifier.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\newtab\thirdparty_icons.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\search\btn_search_ask_taskbar.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\search\logo_cobrand_18px.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\search\logo_cobrand_24px.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\search\new-search-button-mid.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\search\new-search-button-sides.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\search\search-button-mid.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\search\search-button-sides.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\vanilla\badge_1.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\vanilla\badge_10.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\vanilla\badge_10plus.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\vanilla\badge_2.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\vanilla\badge_3.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\vanilla\badge_4.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\vanilla\badge_5.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\vanilla\badge_6.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\vanilla\badge_7.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\vanilla\badge_8.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\vanilla\badge_9.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\vanilla\badge_exclaim.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\vanilla\badge_numbers.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\vanilla\bdg-gradient.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\vanilla\bg.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\vanilla\curved-divider.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\images\vanilla\left-bg.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\init-tb-stuff.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\new-tab-page.html
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\newtab-overlay.xul
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\newtab-subscript.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\toolbar.html
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\toolbar.xul
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\widget-bundled.xul
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\widget-hosted.xul
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\widgets\ask-homepage\button.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\widgets\searchTheme-images\button.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\widgets\searchTheme-news\button.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\widgets\searchTheme-QA\button.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\widgets\searchTheme-video\button.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\widgets\searchTheme-web\button.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\widgets\SPE-options\css\options.css
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\widgets\SPE-options\images\button-blue-1x20.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\widgets\SPE-options\images\button-grey-1x26.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\widgets\SPE-options\images\button.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\widgets\SPE-options\images\icons.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\widgets\SPE-options\images\lightblue-1x43.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\widgets\SPE-options\js\options.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\widgets\SPE-options\js\translations.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\skin\widgets\SPE-options\options.html
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\tb-config.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\test-widget-config.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\widget-config.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\config\widget-config.jse
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\content_script\content-script.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\content_script\hack\facebook.css
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\content_script\hack\relative.css
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\content_script\hack\static.css
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\content_script\injector.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\content_script\inline-html.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\content_script\notify-presence.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\content_script\positioning.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\content_script\toolbar.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\content_script\widget-hosted.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\content_script\widget.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\icon.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\lib\async-gate.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\lib\browser-shim.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\lib\constant.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\lib\DataStore.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\lib\default-config.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\lib\i18n.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\lib\jquery.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\lib\json.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\lib\logger.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\lib\polyfill.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\lib\protocol.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\lib\shims\console.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\lib\state-machine.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\lib\tb-config-update.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\lib\tb-message.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\lib\widget-config-update.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\lib\widget-messaging.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\lib\window-position.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\manifest.json
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\tb_ux\bl-new-tab-page.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\tb_ux\chrome-options.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\tb_ux\ieCS.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\tb_ux\IFrameButton.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\tb_ux\init-toolbar.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\tb_ux\new-tab-page.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\tb_ux\rebuttal.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\tb_ux\reel.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\tb_ux\searchbox.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\tb_ux\shimIE.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\tb_ux\SimpleButton.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\tb_ux\toolbar.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\widgets\options\images\button-blue-1x20.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\widgets\options\images\button-grey-1x26.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\widgets\options\images\button.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\widgets\options\images\icons.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\widgets\options\images\lightblue-1x43.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\widgets\options\options.css
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\widgets\options\options.html
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\widgets\options\options.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\widgets\rebuttal\images\warning.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\widgets\rebuttal\rebuttal.css
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\widgets\rebuttal\rebuttal.html
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\widgets\rebuttal\rebuttal.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\widgets\search-suggestion\search-suggestion.css
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\widgets\search-suggestion\search-suggestion.html
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\widgets\search-suggestion\search-suggestion.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\widgets\templates\css\images\footer_gradient.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\widgets\templates\css\images\footer_shadow.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\widgets\templates\css\images\image_placeholder.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\widgets\templates\css\images\item-bg.png
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\widgets\templates\css\menu.css
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\widgets\templates\feed.html
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\widgets\templates\js\api.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\widgets\templates\js\feed.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\widgets\templates\js\menu.js
c:\zoek_backup\C_Users_Lenovo_AppData_Local_Google_Chrome_User Data_Default_Extensions_aaaailpifkkekipiachodfkfmgmiapmp\45.16_0\widgets\templates\menu.html
c:\zoek_backup\C_Users_Lenovo_AppData_Roaming_Mozilla_Firefox_Profiles_dys4y9ba.default_prefs_20.09.2014_1445_.backup.vir
c:\zoek_backup\C_Users_Public_Desktop_YTD Video Downloader.lnk.vir
c:\zoek_backup\C_Windows_SysNative_config_systemprofile_Searches\desktop.ini
c:\zoek_backup\C_Windows_SysNative_config_systemprofile_Searches\Everywhere.search-ms
c:\zoek_backup\C_Windows_SysNative_config_systemprofile_Searches\Indexed Locations.search-ms
c:\zoek_backup\restore.txt
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-08-24 do 2014-09-24 )))))))))))))))))))))))))))))))
.
.
2014-09-24 06:24 . 2014-09-24 06:24 -------- d-----w- c:\users\Guest\AppData\Local\temp
2014-09-24 06:24 . 2014-09-24 06:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-09-23 22:17 . 2014-09-15 00:08 11578928 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1B5AD455-14DE-496D-89EB-64B89356E758}\mpengine.dll
2014-09-23 22:16 . 2014-09-09 22:11 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-23 22:16 . 2014-09-09 21:47 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-09-22 17:42 . 2014-09-22 17:42 -------- d-----w- c:\programdata\Malwarebytes
2014-09-21 13:59 . 2014-09-24 06:24 -------- d-----w- c:\users\Lenovo\AppData\Local\Temp
2014-09-21 13:59 . 2014-09-21 13:46 24064 ----a-w- c:\windows\zoek-delete.exe
2014-09-20 06:58 . 2014-09-20 06:58 -------- d-----w- c:\windows\ERUNT
2014-09-19 21:03 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-09-19 21:02 . 2014-09-19 22:57 -------- d-----w- C:\AdwCleaner
2014-09-19 19:07 . 2014-09-19 19:07 -------- d-----w- c:\program files\trend micro
2014-09-19 19:07 . 2014-09-19 19:07 -------- d-----w- C:\rsit
2014-09-18 13:59 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-18 13:59 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-09-17 23:15 . 2014-08-01 11:53 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-09-17 23:15 . 2014-08-01 11:35 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-09-17 23:15 . 2014-06-24 03:29 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-17 23:15 . 2014-06-24 02:59 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-09-17 23:14 . 2014-07-07 02:06 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-09-17 23:14 . 2014-07-07 02:06 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-17 23:14 . 2014-07-07 01:40 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-09-17 23:14 . 2014-07-07 01:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-09-17 23:14 . 2014-07-07 01:39 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-09-17 23:12 . 2014-09-05 02:10 578048 ----a-w- c:\windows\system32\aepdu.dll
2014-09-17 23:12 . 2014-09-05 02:05 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-09-15 13:02 . 2014-09-15 13:02 -------- d-----w- c:\users\Lenovo\AppData\Roaming\Publish Providers
2014-09-15 13:02 . 2014-09-15 13:02 -------- d-----w- c:\users\Lenovo\AppData\Local\Sony
2014-09-15 12:54 . 2014-09-15 12:56 -------- d-----w- c:\programdata\Pinnacle VideoSpin
2014-09-15 12:54 . 2014-09-15 12:54 -------- d-----w- c:\program files (x86)\Pinnacle
2014-09-15 12:54 . 2014-09-15 12:54 -------- d-----w- c:\program files (x86)\Common Files\Yahoo!
2014-09-15 12:51 . 2014-09-15 12:51 -------- d-----w- c:\programdata\Pinnacle
2014-09-15 12:51 . 2014-09-17 22:49 -------- d-----w- c:\users\Lenovo\AppData\Local\Downloaded Installations
2014-09-15 12:38 . 2014-09-15 12:38 -------- d-----w- c:\users\Lenovo\AppData\Local\Meltytech
2014-09-15 12:35 . 2014-09-17 22:49 -------- d-----w- c:\program files (x86)\Shotcut
2014-09-15 12:19 . 2014-09-15 12:19 -------- d-----w- c:\program files (x86)\Vstplugins
2014-09-15 12:14 . 2014-09-15 12:14 -------- d-----w- c:\program files (x86)\Sony Setup
2014-09-15 11:51 . 2014-09-17 22:49 -------- d-----w- c:\users\Lenovo\AppData\Roaming\Audacity
2014-09-15 11:51 . 2014-09-17 22:49 -------- d-----w- c:\program files (x86)\Audacity
2014-09-13 19:29 . 2014-09-17 22:49 -------- d-----w- C:\Fraps
2014-09-13 06:38 . 2014-09-13 06:38 -------- d-----w- c:\users\Lenovo\AppData\Local\Dxtory Software
2014-09-13 06:38 . 2014-09-13 06:38 -------- d-----w- c:\program files (x86)\Dxtory Software
2014-08-28 05:32 . 2014-08-23 00:59 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-08-28 05:32 . 2014-08-23 02:07 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-28 05:32 . 2014-08-23 01:45 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-27 17:43 . 2014-09-17 22:49 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-08-25 09:15 . 2014-09-17 22:49 -------- d-----w- c:\program files (x86)\Sony Media Go Install
2014-08-25 09:15 . 2014-09-15 13:02 -------- d-----w- c:\users\Lenovo\AppData\Roaming\Sony
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-18 15:12 . 2013-11-21 11:35 101694776 ----a-w- c:\windows\system32\MRT.exe
2014-09-15 07:06 . 2013-11-21 10:42 278152 ------w- c:\windows\system32\MpSigStub.exe
2014-08-07 09:29 . 2013-12-21 00:13 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-08-07 09:28 . 2013-12-21 00:13 92008 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-08-07 09:28 . 2014-08-07 09:28 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-08-07 09:28 . 2014-08-07 09:28 43152 ----a-w- c:\windows\avastSS.scr
2014-08-07 09:28 . 2013-12-21 00:13 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-08-07 09:28 . 2013-12-21 00:13 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-08-07 09:28 . 2013-12-21 00:13 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-08-07 09:28 . 2013-12-21 00:13 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-08-07 09:28 . 2013-12-21 00:13 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-08-07 09:28 . 2013-12-21 00:13 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-08-07 09:28 . 2014-08-07 09:28 44640 ----a-w- c:\windows\system32\drivers\aswTap.sys
2014-07-25 13:25 . 2014-08-15 21:05 2774528 ----a-w- c:\windows\system32\iertutil(141).dll
2014-07-25 12:21 . 2014-08-15 21:05 2184704 ----a-w- c:\windows\SysWow64\iertutil(151).dll
2014-07-25 10:52 . 2014-08-15 21:05 2266624 ----a-w- c:\windows\system32\wininet(150).dll
2014-07-25 10:26 . 2014-08-15 21:05 1431040 ----a-w- c:\windows\system32\urlmon(148).dll
2014-07-25 10:05 . 2014-08-15 21:05 1792512 ----a-w- c:\windows\SysWow64\wininet(156).dll
2014-07-25 10:00 . 2014-08-15 21:05 1169920 ----a-w- c:\windows\SysWow64\urlmon(155).dll
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-07-14 02:02 . 2014-08-15 20:36 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-07-14 01:40 . 2014-08-15 20:36 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-06-30 22:24 . 2014-08-17 02:11 8856 ----a-w- c:\windows\system32\icardres.dll
2014-06-30 22:14 . 2014-08-17 02:11 8856 ----a-w- c:\windows\SysWow64\icardres.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RotateImage"="c:\program files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe" [2008-10-30 55808]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2013-05-03 111928]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-07 4085896]
"SMART Floating Tools"="c:\program files (x86)\SMART Technologies\Education Software\FloatingTools.exe" [2013-11-20 9024304]
"SMART Tray Tools"="c:\program files (x86)\SMART Technologies\Education Software\SMARTTrayIcon.exe" [2014-02-12 744752]
"SMART Board Service"="c:\program files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe" [2014-02-12 1933616]
"sbsdk-server"="c:\program files (x86)\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe" [2013-08-22 62768]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2011-1-24 1090848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 aswTap;avast! SecureLine TAP Adapter v3;c:\windows\system32\DRIVERS\aswTap.sys;c:\windows\SYSNATIVE\DRIVERS\aswTap.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 SMARTVTabletPCx64;SMART Virtual TabletPC;c:\windows\system32\DRIVERS\SMARTVTabletPCx64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTVTabletPCx64.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys;c:\windows\SYSNATIVE\DRIVERS\ApsHM64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [x]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [x]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys;c:\windows\SYSNATIVE\DRIVERS\rimspe64.sys [x]
S2 SMARTHelperService;SMART Helper Service;c:\program files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe;c:\program files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe [x]
S2 smihlp;SMI Helper Driver (smihlp);c:\program files\ThinkVantage Fingerprint Software\smihlp.sys;c:\program files\ThinkVantage Fingerprint Software\smihlp.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 5U877;USB Video Device;c:\windows\system32\DRIVERS\5U877.sys;c:\windows\SYSNATIVE\DRIVERS\5U877.sys [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1k62x64.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
S3 SMARTMouseFilterx64;HID-compliant mouse;c:\windows\system32\DRIVERS\SMARTMouseFilterx64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTMouseFilterx64.sys [x]
S3 SMARTVHidMiniVistaAmd64;SMART HID Device;c:\windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTVHidMiniVistaAmd64.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-07 09:28 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-31 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-31 392984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-31 417560]
"TpShocks"="TpShocks.exe" [2013-10-28 384296]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-15 307768]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2013-05-29 60920]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\dys4y9ba.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-09-24 08:29:51 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-09-24 06:29
ComboFix2.txt 2014-09-23 10:09
.
Před spuštěním: Volných bajtů: 264 456 814 592
Po spuštění: Volných bajtů: 264 214 425 600
.
- - End Of File - - 1A7BF5C514161C5C40894FE4610A4EFF
A36C5E4F47E84449FF07ED3517B43A31

#27 Příspěvek od **JaRon** » 24 zář 2014 10:37

myslim, ze si z toho NTB trochu samovystresovana

ziadna pliaga tam uz nie je

#28 Příspěvek od **Márty84** » 24 zář 2014 14:50

Dejte novy log z RSIT

boueskova · #29 Příspěvek od **boueskova** » 24 zář 2014 23:13

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenovo at 2014-09-25 00:08:25
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 251 GB (53%) free of 477 GB
Total RAM: 3892 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:08:28, on 25.9.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal

Running processes:
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe
C:\Program Files (x86)\SMART Technologies\Education Software\SMARTTrayIcon.exe
C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe
C:\Program Files\ThinkPad\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\SBWDKService.exe
C:\Program Files\trend micro\Lenovo.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\NotebookPlugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SMART Floating Tools] "C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe"
O4 - HKLM\..\Run: [SMART Tray Tools] "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTTrayIcon.exe"
O4 - HKLM\..\Run: [SMART Board Service] "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe" -d
O4 - HKLM\..\Run: [sbsdk-server] "C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe"
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SMART Helper Service (SMARTHelperService) - SMART Technologies - C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8979 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe"
"C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe"
"C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6d32a318-d0c4-41b9-a091-04ea36f33215 -SystemEventPortName:HostProcess-15aa2984-70b5-456d-95ac-69c7ccbeb464 -IoCancelEventPortName:HostProcess-ce78f7c1-3801-476f-8ded-1c195c035ff0 -NonStateChangingEventPortName:HostProcess-6d5a034a-6ff0-431f-b4b7-bc6eeb214431 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:41d06d4e-a111-45c5-8d64-42de849b6447 -DeviceGroupId:
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe" -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\SMART Technologies\Education Software\SMARTTrayIcon.exe"
"C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe" -d
"C:\Program Files\ThinkPad\Bluetooth Software\BluetoothHeadsetProxy.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\SBWDKService.exe" "C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\sbsdk-server.js"
\??\C:\Windows\system32\conhost.exe "1145871289-1577048130-79108829011365432231160679528-75233000-961919714-609473854
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"

taskeng.exe {0E24B82E-7B4F-442C-BA57-A495C1C07C04}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Users\Lenovo\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

=========Mozilla firefox=========

ProfilePath - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\dys4y9ba.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.com"
prefs.js - "keyword.URL" - "http://www.google.com/search?btnG=Google+Search&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\dys4y9ba.default\searchplugins\
dsrlte.xml
yahoo.xml
yahoo_ff.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-25 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-07 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-25 211368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67BCF957-85FC-4036-8DC4-D4D80E00A77B}]
SMART Notebook Download Utility - C:\Program Files (x86)\SMART Technologies\Education Software\NotebookPlugin.dll [2013-11-27 375600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-07 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-01-31 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-01-31 392984]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-01-31 417560]
"TpShocks"=C:\Windows\system32\TpShocks.exe [2013-10-28 384296]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-15 307768]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [2013-05-29 60920]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-10-14 2392872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4StoryPrePatch]
C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe [2013-02-19 327680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMARTNotification]
C:\Program Files (x86)\SMART Technologies\Education Software\SMARTNotification.exe [2014-02-12 204592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2014-08-28 1939136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\385C9A~1.150\SSSCHE~1.EXE [2014-04-09 332016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^simplicheck.lnk]
C:\PROGRA~2\SIMPLI~1\SIMPLI~1\SIMPLI~1.EXE []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RotateImage"=C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [2008-10-30 55808]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2013-05-03 111928]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-07 4085896]
""= []
"SMART Floating Tools"=C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe [2013-11-20 9024304]
"SMART Tray Tools"=C:\Program Files (x86)\SMART Technologies\Education Software\SMARTTrayIcon.exe [2014-02-12 744752]
"SMART Board Service"=C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe [2014-02-12 1933616]
"sbsdk-server"=C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe [2013-08-22 62768]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-01-10 390656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2013-03-05 136488]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-09-24 08:29:51 ----A---- C:\ComboFix.txt
2014-09-24 08:26:06 ----D---- C:\$RECYCLE.BIN
2014-09-24 00:16:51 ----A---- C:\Windows\system32\tzres.dll
2014-09-24 00:16:50 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-09-23 11:49:18 ----A---- C:\Windows\zip.exe
2014-09-23 11:49:18 ----A---- C:\Windows\SWSC.exe
2014-09-23 11:49:18 ----A---- C:\Windows\SWREG.exe
2014-09-23 11:49:18 ----A---- C:\Windows\sed.exe
2014-09-23 11:49:18 ----A---- C:\Windows\PEV.exe
2014-09-23 11:49:18 ----A---- C:\Windows\NIRCMD.exe
2014-09-23 11:49:18 ----A---- C:\Windows\MBR.exe
2014-09-23 11:49:18 ----A---- C:\Windows\grep.exe
2014-09-23 11:48:40 ----D---- C:\Qoobox
2014-09-23 11:48:17 ----D---- C:\Windows\erdnt
2014-09-22 19:42:20 ----D---- C:\ProgramData\Malwarebytes
2014-09-21 15:59:31 ----D---- C:\Windows\Temp
2014-09-21 15:59:31 ----A---- C:\Windows\zoek-delete.exe
2014-09-20 10:33:49 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-09-20 08:58:20 ----D---- C:\Windows\ERUNT
2014-09-19 23:03:18 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-09-19 23:02:16 ----D---- C:\AdwCleaner
2014-09-19 21:07:44 ----D---- C:\Program Files\trend micro
2014-09-19 21:07:43 ----D---- C:\rsit
2014-09-18 17:17:34 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-09-18 17:17:34 ----A---- C:\Windows\system32\ieui.dll
2014-09-18 17:17:32 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-09-18 17:17:32 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-09-18 17:17:32 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-09-18 17:17:32 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-09-18 17:17:32 ----A---- C:\Windows\system32\jscript9diag.dll
2014-09-18 17:17:32 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-18 17:17:32 ----A---- C:\Windows\system32\ieUnatt.exe
2014-09-18 17:17:32 ----A---- C:\Windows\system32\iernonce.dll
2014-09-18 17:17:32 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-09-18 17:17:32 ----A---- C:\Windows\system32\dxtrans.dll
2014-09-18 17:17:32 ----A---- C:\Windows\system32\dxtmsft.dll
2014-09-18 17:17:31 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-09-18 17:17:31 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-09-18 17:17:31 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-09-18 17:17:31 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-09-18 17:17:31 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-09-18 17:17:31 ----A---- C:\Windows\system32\vbscript.dll
2014-09-18 17:17:31 ----A---- C:\Windows\system32\msrating.dll
2014-09-18 17:17:31 ----A---- C:\Windows\system32\mshtmled.dll
2014-09-18 17:17:31 ----A---- C:\Windows\system32\jsproxy.dll
2014-09-18 17:17:30 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-09-18 17:17:30 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-09-18 17:17:30 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-09-18 17:17:30 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-09-18 17:17:30 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-09-18 17:17:30 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-09-18 17:17:30 ----A---- C:\Windows\system32\msfeeds.dll
2014-09-18 17:17:30 ----A---- C:\Windows\system32\iesetup.dll
2014-09-18 17:17:30 ----A---- C:\Windows\system32\iedkcs32.dll
2014-09-18 17:17:30 ----A---- C:\Windows\system32\ie4uinit.exe
2014-09-18 17:17:29 ----A---- C:\Windows\system32\mshtml.dll
2014-09-18 17:17:28 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-09-18 17:17:28 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-09-18 17:17:28 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-09-18 17:17:28 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-18 17:17:28 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-09-18 17:17:28 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-09-18 17:17:28 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-09-18 17:17:28 ----A---- C:\Windows\system32\ieapfltr.dll
2014-09-18 17:17:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-09-18 17:17:26 ----A---- C:\Windows\system32\wininet.dll
2014-09-18 17:17:26 ----A---- C:\Windows\system32\iertutil.dll
2014-09-18 17:17:25 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-09-18 17:17:25 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-09-18 17:17:25 ----A---- C:\Windows\system32\jscript9.dll
2014-09-18 17:17:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-09-18 17:17:24 ----A---- C:\Windows\system32\urlmon.dll
2014-09-18 17:17:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-09-18 17:17:22 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-09-18 17:17:22 ----A---- C:\Windows\system32\ieframe.dll
2014-09-18 15:59:13 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2014-09-18 15:59:13 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-09-18 01:15:21 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2014-09-18 01:15:21 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-09-18 01:15:01 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-09-18 01:15:01 ----A---- C:\Windows\system32\d3d10warp.dll
2014-09-18 01:14:32 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-09-18 01:14:32 ----A---- C:\Windows\system32\lsasrv.dll
2014-09-18 01:14:32 ----A---- C:\Windows\system32\kerberos.dll
2014-09-18 01:14:31 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-09-18 01:14:31 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-09-18 01:12:34 ----A---- C:\Windows\system32\aepdu.dll
2014-09-18 01:12:33 ----A---- C:\Windows\system32\aeinv.dll
2014-09-15 15:02:24 ----D---- C:\Users\Lenovo\AppData\Roaming\Publish Providers
2014-09-15 15:02:13 ----AD---- C:\ProgramData\TEMP
2014-09-15 14:54:06 ----D---- C:\ProgramData\Pinnacle VideoSpin
2014-09-15 14:54:06 ----D---- C:\Program Files (x86)\Pinnacle
2014-09-15 14:51:45 ----D---- C:\ProgramData\Pinnacle
2014-09-15 14:35:03 ----D---- C:\Program Files (x86)\Shotcut
2014-09-15 14:19:35 ----D---- C:\Program Files (x86)\Vstplugins
2014-09-15 14:14:07 ----D---- C:\Program Files (x86)\Sony Setup
2014-09-15 13:51:45 ----D---- C:\Users\Lenovo\AppData\Roaming\Audacity
2014-09-15 13:51:31 ----D---- C:\Program Files (x86)\Audacity
2014-09-13 21:29:04 ----D---- C:\Fraps
2014-09-13 08:38:14 ----D---- C:\Program Files (x86)\Dxtory Software
2014-08-28 07:32:21 ----A---- C:\Windows\system32\win32k.sys
2014-08-28 07:32:20 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-28 07:32:20 ----A---- C:\Windows\system32\gdi32.dll

======List of files/folders modified in the last 1 month======

2014-09-25 00:08:28 ----D---- C:\Windows\Prefetch
2014-09-24 23:29:10 ----D---- C:\Windows\system32\config
2014-09-24 23:16:21 ----A---- C:\Windows\SYSWOW64\log.txt
2014-09-24 09:44:45 ----D---- C:\Windows\rescache
2014-09-24 08:29:54 ----D---- C:\Windows\system32\drivers
2014-09-24 08:26:07 ----D---- C:\Windows
2014-09-24 08:26:07 ----A---- C:\Windows\system.ini
2014-09-24 08:25:55 ----D---- C:\Windows\system32\drivers\etc
2014-09-24 08:21:23 ----D---- C:\Windows\SYSWOW64\drivers
2014-09-24 08:21:23 ----D---- C:\Windows\SysWOW64
2014-09-24 08:21:23 ----D---- C:\Windows\AppPatch
2014-09-24 08:21:22 ----D---- C:\Program Files (x86)\Common Files
2014-09-24 07:57:58 ----RD---- C:\Program Files (x86)
2014-09-24 07:53:34 ----D---- C:\ProgramData
2014-09-24 03:02:07 ----D---- C:\Windows\winsxs
2014-09-24 03:01:49 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-09-24 03:01:49 ----D---- C:\Windows\system32\cs-CZ
2014-09-24 03:01:49 ----D---- C:\Windows\System32
2014-09-24 03:01:02 ----SHD---- C:\System Volume Information
2014-09-24 00:15:38 ----D---- C:\Windows\system32\catroot
2014-09-23 21:01:14 ----D---- C:\Windows\system32\catroot2
2014-09-23 12:27:55 ----SD---- C:\ProgramData\Microsoft
2014-09-23 10:59:05 ----D---- C:\Windows\inf
2014-09-23 10:59:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-23 01:06:27 ----D---- C:\Users\Lenovo\AppData\Roaming\Skype
2014-09-22 17:26:43 ----D---- C:\Program Files (x86)\WarThunder
2014-09-22 15:53:01 ----D---- C:\Windows\system32\wdi
2014-09-20 13:11:05 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-20 10:17:09 ----D---- C:\Windows\Microsoft.NET
2014-09-19 23:04:23 ----A---- C:\Windows\win.ini
2014-09-19 21:07:44 ----D---- C:\Program Files
2014-09-19 09:47:14 ----RSD---- C:\Windows\assembly
2014-09-18 20:20:08 ----D---- C:\Windows\system32\DriverStore
2014-09-18 18:33:07 ----D---- C:\Windows\system32\Tasks
2014-09-18 18:33:07 ----D---- C:\Program Files (x86)\Google
2014-09-18 18:33:05 ----SHD---- C:\Windows\Installer
2014-09-18 18:33:05 ----D---- C:\Windows\Tasks
2014-09-18 17:31:13 ----D---- C:\Program Files\Internet Explorer
2014-09-18 17:31:12 ----D---- C:\Windows\SYSWOW64\en-US
2014-09-18 17:31:12 ----D---- C:\Windows\system32\en-US
2014-09-18 17:31:10 ----D---- C:\Program Files (x86)\Internet Explorer
2014-09-18 17:16:11 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-09-18 17:15:00 ----D---- C:\Windows\system32\MRT
2014-09-18 17:12:48 ----D---- C:\Windows\debug
2014-09-18 17:12:46 ----A---- C:\Windows\system32\MRT.exe
2014-09-18 15:59:00 ----SD---- C:\Windows\system32\CompatTel
2014-09-18 01:45:57 ----D---- C:\totalcmd
2014-09-18 01:45:57 ----D---- C:\Program Files (x86)\WinRAR
2014-09-18 01:45:57 ----D---- C:\Program Files (x86)\IrfanView
2014-09-18 00:51:28 ----D---- C:\Windows\system32\wbem
2014-09-18 00:50:31 ----D---- C:\Windows\SYSWOW64\wbem
2014-09-18 00:50:31 ----D---- C:\Windows\system32\wfp
2014-09-18 00:50:31 ----D---- C:\Windows\PolicyDefinitions
2014-09-18 00:50:29 ----D---- C:\Windows\system32\NDF
2014-09-18 00:50:29 ----D---- C:\Windows\schemas
2014-09-18 00:50:00 ----D---- C:\Windows\AppCompat
2014-09-18 00:49:57 ----D---- C:\Users\Lenovo\AppData\Roaming\SMART Technologies
2014-09-18 00:49:56 ----D---- C:\Users\Lenovo\AppData\Roaming\IrfanView
2014-09-18 00:49:56 ----D---- C:\Users\Lenovo\AppData\Roaming\GHISLER
2014-09-18 00:49:53 ----D---- C:\ProgramData\Skype
2014-09-18 00:49:53 ----D---- C:\ProgramData\FLEXnet
2014-09-18 00:49:52 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-09-18 00:49:51 ----RD---- C:\Program Files (x86)\Skype
2014-09-18 00:49:51 ----D---- C:\Program Files (x86)\Steam
2014-09-18 00:49:51 ----D---- C:\Program Files (x86)\Sony Media Go Install
2014-09-18 00:48:21 ----D---- C:\Windows\registration
2014-09-18 00:44:44 ----D---- C:\Users\Lenovo\AppData\Roaming\.minecraft
2014-09-18 00:44:24 ----D---- C:\ProgramData\Sony
2014-09-18 00:44:20 ----D---- C:\ProgramData\Battle.net
2014-09-18 00:43:40 ----D---- C:\Counter-Strike 1.6
2014-09-15 15:02:09 ----D---- C:\Users\Lenovo\AppData\Roaming\Sony
2014-09-15 09:06:02 ----N---- C:\Windows\system32\MpSigStub.exe
2014-08-27 13:50:12 ----D---- C:\ProgramData\Lenovo

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-08-07 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-08-07 224896]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx64.sys [2013-08-06 152832]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM64.sys [2013-08-06 28928]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-08-07 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-08-07 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-08-07 427360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-08-07 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-08-07 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-08-07 92008]
R2 rimspci;rimspci; C:\Windows\system32\DRIVERS\rimspe64.sys [2009-10-26 61952]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2011-05-30 13128]
R3 5U877;USB Video Device; C:\Windows\system32\DRIVERS\5U877.sys [2011-05-23 167040]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2010-04-09 54824]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-01-15 98344]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-01-15 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-01-15 21288]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-08-25 682624]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [2011-07-20 342704]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-02-19 57848]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2013-09-05 54528]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-01-10 12311904]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440]
R3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 SMARTMouseFilterx64;HID-compliant mouse; C:\Windows\system32\DRIVERS\SMARTMouseFilterx64.sys [2014-02-12 10240]
R3 SMARTVHidMiniVistaAmd64;SMART HID Device; C:\Windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [2014-02-12 9216]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-10-14 1395760]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 41984]
S2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys []
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\Windows\system32\DRIVERS\aswTap.sys [2014-08-07 44640]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SMARTVTabletPCx64;SMART Virtual TabletPC; C:\Windows\system32\DRIVERS\SMARTVTabletPCx64.sys [2014-02-12 22184]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-08-07 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2011-01-24 915232]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2013-09-05 66344]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2013-05-29 44024]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2013-05-29 62456]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-05-03 325432]
R2 SMARTHelperService;SMART Helper Service; C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe [2014-02-12 538416]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-05-03 2497848]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-05-24 1840128]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-04-26 2702848]
S3 FlexNet Licensing Service;FlexNet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [2014-03-03 1074480]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-08-19 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-20 114288]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-08-28 833728]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2014-02-21 24120]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG64.exe [2013-08-06 47400]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-11-21 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#30 Příspěvek od **Márty84** » 25 zář 2014 07:15

Jeste jeden sken a budeme mazat.

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

VIRY.CZ

lookinglink Ads

Re: lookinglink Ads

Re: lookinglink Ads

Re: lookinglink Ads

Re: lookinglink Ads

Re: lookinglink Ads

Re: lookinglink Ads

Re: lookinglink Ads

Re: lookinglink Ads

Re: lookinglink Ads

Re: lookinglink Ads

Re: lookinglink Ads

Re: lookinglink Ads

Re: lookinglink Ads

Re: lookinglink Ads

Re: lookinglink Ads