kontrola logu - chybová hláška: Windows průzkumník přestal p Vyřešeno

[Orcus]

OK, poté dodej log a proveď znovu Roguerkilleru dle návodu od memphista jelikož jsi některé položky neoznačil.

[Reklama]

[loleq86]

Zoek.exe v5.0.0.0 Updated 14-September-2014
Tool run by Kvart on źt 18.09.2014 at 18:01:08,11.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Kvart\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

18.9.2014 18:15:23 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Kvart\AppData\Roaming\Mozilla\Firefox\Profiles\zkhlqghf.default\prefs.js:
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\Kvart\AppData\Roaming\Mozilla\Firefox\Profiles\zkhlqghf.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\Users\Kvart\.android deleted
C:\PROGRA~2\Avg_Update_0814tb deleted
C:\PROGRA~2\OberonGameConsole deleted
C:\windows\system32\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted
"C:\Program Files\syncables\syncables desktop\syncables.exe" deleted
"C:\Program Files\syncables\syncables desktop\java\QuickSyncLib.dll" deleted
"C:\Program Files\syncables\syncables desktop\java\SQLiteJNI.dll" deleted
"C:\Program Files\syncables\syncables desktop\java\syncables.jar" deleted
"C:\Program Files\syncables\syncables desktop\jre\bin\hpi.dll" deleted
"C:\Program Files\syncables\syncables desktop\jre\bin\java.dll" deleted
"C:\Program Files\syncables\syncables desktop\jre\bin\javaw.exe" deleted
"C:\Program Files\syncables\syncables desktop\jre\bin\msvcr71.dll" deleted
"C:\Program Files\syncables\syncables desktop\jre\bin\net.dll" deleted
"C:\Program Files\syncables\syncables desktop\jre\bin\verify.dll" deleted
"C:\Program Files\syncables\syncables desktop\jre\bin\zip.dll" deleted
"C:\Program Files\syncables\syncables desktop\jre\lib\jsse.jar" deleted
"C:\Program Files\syncables\syncables desktop\jre\lib\resources.jar" deleted
"C:\Program Files\syncables\syncables desktop\jre\lib\rt.jar" deleted
"C:\Program Files\syncables\syncables desktop\jre\bin\client\jvm.dll" deleted
"C:\Program Files\syncables" deleted
"C:\Program Files\syncables\syncables desktop" deleted
"C:\Program Files\syncables\syncables desktop\java" deleted
"C:\Program Files\syncables\syncables desktop\jre" deleted
"C:\Program Files\syncables\syncables desktop\jre\bin" deleted
"C:\Program Files\syncables\syncables desktop\jre\lib" deleted
"C:\Program Files\syncables\syncables desktop\jre\bin\client" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06.02.2013 19:35]

==== Firefox Extensions ======================

==== Firefox Plugins ======================

Profilepath: C:\Users\Kvart\AppData\Roaming\Mozilla\Firefox\Profiles\zkhlqghf.default
A843FC35574ECFD9E7A41C5505A9921B - D:\Programy\VLC player\VLC\npvlc.dll - VLC Web Plugin
0A1FF0B674E2F268799442A434A63BB3 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
28D2C5CE5944E1B027CF5C8004CF89A1 - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[31.10.2012 00:48]

avast WebRep - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
avast WebRep - Kvart\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda

==== Chromium Startpages ======================

C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com",


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Secondary Start Pages"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Secondary Start Pages"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Kvart\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Kvart\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Users\Kvart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Kvart\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=871 folders=109 1092392171 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Guest\AppData\Local\Temp emptied successfully
C:\Users\Kvart\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\Kvart\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Kvart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted
"C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on p  19.09.2014 at 1:37:32,54 ======================

[loleq86]

RogueKiller V9.2.10.0 [Jul 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Kvart [Práva správce]
Mód : Odebrat -- Datum : 09/19/2014 08:10:27

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 9 ¤¤¤
[PUM.Policies] HKEY_USERS\S-1-5-21-433252344-4095087950-1502536368-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> VYMAZÁNO
[PUM.Policies] HKEY_USERS\S-1-5-21-433252344-4095087950-1502536368-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> VYMAZÁNO
[PUM.Policies] HKEY_USERS\S-1-5-21-433252344-4095087950-1502536368-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> VYMAZÁNO
[PUM.Policies] HKEY_USERS\S-1-5-21-433252344-4095087950-1502536368-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> VYMAZÁNO
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NAHRAZENO (0)
[PUM.HomePage] HKEY_USERS\S-1-5-21-433252344-4095087950-1502536368-1001\Software\Microsoft\Internet Explorer\Main | Start Page : www.google.com -> NAHRAZENO (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] HKEY_USERS\S-1-5-21-433252344-4095087950-1502536368-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Start Page : www.google.com -> NAHRAZENO (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] HKEY_USERS\S-1-5-21-433252344-4095087950-1502536368-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus.msn.com -> NAHRAZENO (http://go.microsoft.com/fwlink/p/?LinkId=255141)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 2 ¤¤¤
[C:\windows\System32\drivers\etc\hosts] 127.0.0.1 localhost -> VYMAZÁNO
[C:\windows\System32\drivers\etc\hosts] ::1 localhost -> VYMAZÁNO

¤¤¤ Antirootkit : 21 (Driver: NAHRÁNO) ¤¤¤
[SSDT:Addr(Hook.SSDT)] NtCreateKey[70] : Unknown @ 0x84b50aa0
[SSDT:Addr(Hook.SSDT)] NtCreateMutant[74] : Unknown @ 0x84b65a00
[SSDT:Addr(Hook.SSDT)] NtCreateProcess[79] : Unknown @ 0x84b4f5a0
[SSDT:Addr(Hook.SSDT)] NtCreateProcessEx[80] : Unknown @ 0x84b4f8a0
[SSDT:Addr(Hook.SSDT)] NtCreateSymbolicLinkObject[86] : Unknown @ 0x84b65dc0
[SSDT:Addr(Hook.SSDT)] NtCreateThread[87] : Unknown @ 0x84b65340
[SSDT:Addr(Hook.SSDT)] NtCreateThreadEx[88] : Unknown @ 0x84b65520
[SSDT:Addr(Hook.SSDT)] NtCreateUserProcess[93] : Unknown @ 0x84b4fba0
[SSDT:Addr(Hook.SSDT)] NtDeleteKey[103] : Unknown @ 0x84b510a0
[SSDT:Addr(Hook.SSDT)] NtDeleteValueKey[106] : Unknown @ 0x84b519a0
[SSDT:Addr(Hook.SSDT)] NtDuplicateObject[111] : Unknown @ 0x84b65fa0
[SSDT:Addr(Hook.SSDT)] NtOpenProcess[190] : Unknown @ 0x84b4fea0
[SSDT:Addr(Hook.SSDT)] NtOpenSection[194] : Unknown @ 0x84b51f80
[SSDT:Addr(Hook.SSDT)] NtOpenThread[198] : Unknown @ 0x84b501a0
[SSDT:Addr(Hook.SSDT)] NtRenameKey[290] : Unknown @ 0x84b513a0
[SSDT:Addr(Hook.SSDT)] NtRestoreKey[302] : Unknown @ 0x84b516a0
[SSDT:Addr(Hook.SSDT)] NtSetSystemInformation[350] : Unknown @ 0x84b65be0
[SSDT:Addr(Hook.SSDT)] NtSetValueKey[358] : Unknown @ 0x84b50da0
[SSDT:Addr(Hook.SSDT)] NtTerminateThread[371] : Unknown @ 0x84b507a0
[IAT:Addr] (explorer.exe) KERNEL32.dll - HeapAlloc : C:\windows\AppPatch\AcXtrnal.DLL @ 0x69d892cd
[IAT:Addr] (explorer.exe) msvcrt.dll - exit : C:\windows\AppPatch\AcXtrnal.DLL @ 0x69d89508

¤¤¤ Webové prohlížeče : 10 ¤¤¤
[IE:Addon] System : avast! WebRep [{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] -> VYMAZÁNO
[CHROME:Addon] Default : Google Slides [aapocclcgogkmnckokdopfmhonfmgoek] -> VYMAZÁNO
[CHROME:Addon] Default : Docs [aohghmighlieiainnegkcijnfilokake] -> ERROR [2]
[CHROME:Addon] Default : Google Drive [apdfllckaahabafndbhieahigkjlhalf] -> ERROR [2]
[CHROME:Addon] Default : YouTube [blpcfgokakmgnkcojhhkbfbldkacnbeo] -> ERROR [2]
[CHROME:Addon] Default : Google Search [coobgpohoikkiipiblmjeljniedjpjpf] -> ERROR [2]
[CHROME:Addon] Default : Google Sheets [felcaaldnbdncclmgdcncolpebgiejap] -> ERROR [2]
[CHROME:Addon] Default : avast! WebRep [icmlaeflemplmjndnaapfdbbnpncnbda] -> ERROR [2]
[CHROME:Addon] Default : Google Wallet [nmmhkkegccagdldgiimedpiccmgmieda] -> ERROR [2]
[CHROME:Addon] Default : Gmail [pjkljhegncpnkpknbcohdijeoejaedia] -> ERROR [2]

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD32 00BPVT-80JJ5T0 SATA Disk Device +++++
--- User ---
[MBR] 33269ebea13f6b7d5ac5100f7f844b69
[BSP] 295ef069f79e9ed5327a1b123417ff35 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 102400 MB
1 - [XXXXXX] FAT32 (0x1b) [HIDDEN!] Offset (sectors): 209717248 | Size: 15360 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 241174528 | Size: 187467 MB
3 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 625106944 | Size: 16 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_DEL_09182014_102314.log - RKreport_SCN_09172014_233900.log - RKreport_SCN_09182014_101923.log - RKreport_SCN_09192014_024856.log
RKreport_DEL_09192014_031015.log - RKreport_SCN_09192014_080137.log

[jaro3]

Co problémy?

[loleq86]

dela to porad

[jaro3]

Stáhni si Memtest:

Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.


Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

[loleq86]

memtest byl bez chyby....



----------------------------------------------------------------------------
CrystalDiskInfo 6.2.1 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Starter SP1 [6.1 Build 7601] (x86)
Date : 2014/09/24 8:08:34

-- Controller Map ----------------------------------------------------------

-- Disk List ---------------------------------------------------------------
(1) WDC WD3200BPVT-80JJ5T0 : 320,0 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD3200BPVT-80JJ5T0
----------------------------------------------------------------------------
Model : WDC WD3200BPVT-80JJ5T0
Firmware : 01.01A01
Serial Number : WD-WXQ1CB100547
Disk Size : 320,0 GB (8,4/137,4/320,0/320,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 3557 hod.
Power On Count : 1771 krát
Temperature : 38 C (100 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 144 141 _21 0000000006F7 Čas na roztočení ploten
04 _98 _98 __0 000000000811 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _96 _96 __0 000000000DE5 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 0000000006EB Počet cyklů zapnutí zařízení
BF __1 __1 __0 000000006D57 Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 000000000040 Počet vypnutí disku
C1 121 121 __0 00000003A0E0 Počet cyklů načítání/vymazání
C2 105 _96 __0 000000000026 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 5131 4342 3130 3035 3437
020: 0000 4000 0032 3031 2E30 3141 3031 5744 4320 5744
030: 3332 3030 4250 5654 2D38 304A 4A35 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1F06 0000 004C 004C
080: 01FE 0000 746B 7D09 6123 7469 BC09 6123 407F 0023
090: 0023 0060 FFFE 0000 0000 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 6003 0000 5001 4EE6
110: 5762 5047 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16FE 0167 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 33A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 90 8D F7 06 00 00 00 00 00 04 32 00 62 62 11
020: 08 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 60 60 E5 0D 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 63 63 EB 06 00 00 00 00 00 BF 32
070: 00 01 01 57 6D 00 00 00 00 00 C0 32 00 C8 C8 40
080: 00 00 00 00 00 00 C1 32 00 79 79 E0 A0 03 00 00
090: 00 00 C2 22 00 69 60 26 00 00 00 00 00 00 C4 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C5 32 00 C8 C8 00
0B0: 00 00 00 00 00 00 C6 30 00 64 FD 00 00 00 00 00
0C0: 00 00 C7 32 00 C8 C8 00 00 00 00 00 00 00 C8 08
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 30 1B 01 7B
170: 03 00 01 00 02 48 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 72

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BF 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 DE

[jaro3]

000000006D57 Počet udalostí zaznamenaných otřesovým senzorem

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[loleq86]

ComboFix 14-09-22.01 - Kvart 25.09.2014 15:04:46.1.2 - x86
Microsoft Windows 7 Starter 6.1.7601.1.1250.420.1029.18.749.214 [GMT 2:00]
Spuštěný z: c:\users\Kvart\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Trend Micro Titanium *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Trend Micro Titanium *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Public\Favorites\update.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-08-25 do 2014-09-25 )))))))))))))))))))))))))))))))
.
.
2014-09-25 14:17 . 2014-09-25 14:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-09-25 14:17 . 2014-09-25 14:17 -------- d-----w- c:\users\Guest\AppData\Local\temp
2014-09-25 12:41 . 2014-09-25 12:41 -------- d-----w- c:\users\Kvart\AppData\Roaming\PDF Architect 2
2014-09-24 15:33 . 2014-09-24 15:33 -------- d-----w- c:\program files\PDF Architect 2
2014-09-24 15:28 . 2014-09-24 15:28 -------- d-----w- c:\programdata\PDF Architect 2
2014-09-24 15:27 . 2014-09-24 15:27 -------- d-----w- c:\users\Kvart\AppData\Roaming\pdfforge
2014-09-24 15:27 . 2014-04-25 15:44 95416 ----a-w- c:\windows\system32\pdfcmon.dll
2014-09-24 15:27 . 2014-04-25 15:44 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2014-09-24 15:27 . 2014-04-25 15:44 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2014-09-24 15:27 . 2014-09-24 15:34 -------- d-----w- c:\program files\PDFCreator
2014-09-24 05:55 . 2014-09-24 06:06 -------- d-----w- c:\program files\CrystalDiskInfo
2014-09-21 15:12 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-19 19:27 . 2012-02-11 05:37 317440 ----a-w- c:\windows\system32\spoolsv.exe
2014-09-19 19:27 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-09-19 08:20 . 2014-09-19 08:20 -------- d-----w- c:\program files\Drakensang Online
2014-09-19 06:23 . 2014-09-24 05:36 -------- d-----w- c:\users\Kvart\AppData\Local\CrashDumps
2014-09-19 00:49 . 2014-08-18 21:30 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-09-19 00:37 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-09-19 00:37 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-09-19 00:37 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-09-19 00:37 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-09-19 00:37 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2014-09-19 00:37 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2014-09-19 00:37 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-09-19 00:29 . 2014-03-09 21:47 99480 ----a-w- c:\windows\system32\infocardapi.dll
2014-09-19 00:29 . 2014-06-30 22:14 8856 ----a-w- c:\windows\system32\icardres.dll
2014-09-19 00:29 . 2014-03-09 21:47 619672 ----a-w- c:\windows\system32\icardagt.exe
2014-09-19 00:29 . 2014-06-06 06:16 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-09-18 22:56 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\system32\DWrite.dll
2014-09-18 22:37 . 2014-09-18 15:59 24064 ----a-w- c:\windows\zoek-delete.exe
2014-09-18 22:36 . 2014-09-25 14:18 -------- d-----w- c:\users\Kvart\AppData\Local\Temp
2014-09-18 22:20 . 2013-11-23 18:26 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2014-09-18 22:20 . 2014-06-24 02:59 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-18 21:26 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\system32\d2d1.dll
2014-09-18 20:30 . 2014-09-18 20:30 -------- d-----w- c:\windows\Migration
2014-09-18 15:59 . 2014-09-18 20:16 -------- d-----w- C:\zoek_backup
2014-09-18 12:46 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2014-09-18 12:46 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll
2014-09-18 12:18 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2014-09-18 11:06 . 2014-09-18 11:06 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-09-18 10:19 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2014-09-18 10:19 . 2013-05-10 03:48 164864 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-09-18 08:27 . 2014-09-18 08:27 359632 ----a-w- c:\program files\Internet Explorer\iediagcmd.exe
2014-09-18 08:19 . 2014-09-18 08:19 69632 ----a-w- c:\windows\system32\smss.exe
2014-09-18 08:19 . 2014-09-18 08:19 640512 ----a-w- c:\windows\system32\advapi32.dll
2014-09-18 08:19 . 2014-09-18 08:19 619520 ----a-w- c:\windows\system32\tdh.dll
2014-09-18 08:19 . 2014-09-18 08:19 38912 ----a-w- c:\windows\system32\csrsrv.dll
2014-09-18 08:19 . 2014-09-18 08:19 1289096 ----a-w- c:\windows\system32\ntdll.dll
2014-09-18 08:18 . 2014-09-18 08:18 231424 ----a-w- c:\windows\system32\mswsock.dll
2014-09-18 08:18 . 2014-09-18 08:18 49152 ----a-w- c:\windows\system32\taskhost.exe
2014-09-18 08:03 . 2014-09-18 08:03 1505280 ----a-w- c:\windows\system32\d3d11.dll
2014-09-17 21:05 . 2014-09-18 23:54 33512 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-09-17 21:05 . 2014-09-17 21:05 -------- d-----w- c:\programdata\RogueKiller
2014-09-17 20:32 . 2014-09-17 20:32 -------- d-----w- c:\windows\ERUNT
2014-09-17 19:06 . 2013-07-04 11:57 205824 ----a-w- c:\windows\system32\WebClnt.dll
2014-09-17 19:06 . 2013-07-04 11:51 81920 ----a-w- c:\windows\system32\davclnt.dll
2014-09-17 19:06 . 2013-07-04 09:48 115712 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2014-09-17 19:06 . 2012-04-26 04:41 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2014-09-17 19:06 . 2012-04-26 04:45 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2014-09-17 19:06 . 2012-04-26 04:45 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2014-09-17 19:06 . 2013-07-04 11:50 530432 ----a-w- c:\windows\system32\comctl32.dll
2014-09-17 19:06 . 2013-07-03 04:02 36352 ----a-w- c:\windows\system32\drivers\usbscan.sys
2014-09-17 19:06 . 2013-07-03 03:36 55808 ----a-w- c:\windows\system32\drivers\hidclass.sys
2014-09-17 19:06 . 2013-07-03 03:36 25728 ----a-w- c:\windows\system32\drivers\hidparse.sys
2014-09-17 19:05 . 2012-08-22 17:16 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2014-09-17 19:05 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2014-09-17 19:04 . 2013-07-09 04:52 175104 ----a-w- c:\windows\system32\wintrust.dll
2014-09-17 19:03 . 2013-10-04 01:58 152576 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2014-09-17 19:03 . 2013-10-04 01:56 168960 ----a-w- c:\windows\system32\credui.dll
2014-09-17 18:28 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2014-09-17 18:26 . 2012-11-02 05:11 376832 ----a-w- c:\windows\system32\dpnet.dll
2014-09-17 18:26 . 2013-10-30 02:19 301568 ----a-w- c:\windows\system32\msieftp.dll
2014-09-17 18:25 . 2014-07-14 01:42 654336 ----a-w- c:\windows\system32\rpcrt4.dll
2014-09-17 18:25 . 2013-01-24 04:47 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
2014-09-17 18:24 . 2011-10-01 04:37 708608 ----a-w- c:\program files\Common Files\System\wab32.dll
2014-09-17 18:21 . 2013-10-12 02:04 121856 ----a-w- c:\windows\system32\wshom.ocx
2014-09-17 18:21 . 2013-10-12 01:15 141824 ----a-w- c:\windows\system32\wscript.exe
2014-09-17 18:21 . 2013-10-12 02:03 163840 ----a-w- c:\windows\system32\scrrun.dll
2014-09-17 18:21 . 2013-10-12 01:15 126976 ----a-w- c:\windows\system32\cscript.exe
2014-09-17 18:21 . 2014-03-26 14:27 1389056 ----a-w- c:\windows\system32\msxml6.dll
2014-09-17 18:21 . 2014-03-26 14:27 1237504 ----a-w- c:\windows\system32\msxml3.dll
2014-09-17 18:21 . 2014-03-26 14:25 2048 ----a-w- c:\windows\system32\msxml6r.dll
2014-09-17 18:21 . 2014-03-26 14:25 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-09-17 18:21 . 2014-07-07 01:40 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-09-17 18:21 . 2014-07-07 01:40 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-17 18:21 . 2014-06-03 09:29 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-09-17 18:21 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2014-09-17 18:20 . 2014-08-23 00:42 2352640 ----a-w- c:\windows\system32\win32k.sys
2014-09-17 18:20 . 2014-08-23 01:46 305152 ----a-w- c:\windows\system32\gdi32.dll
2014-09-17 18:20 . 2011-12-30 05:27 478720 ----a-w- c:\windows\system32\timedate.cpl
2014-09-17 18:19 . 2012-04-28 03:17 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2014-09-17 18:19 . 2013-04-01 05:10 77144 ----a-w- c:\windows\system32\mcupdate_AuthenticAMD.dll
2014-09-17 18:18 . 2013-05-10 03:20 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2014-09-17 18:18 . 2012-07-06 19:23 393728 ----a-w- c:\windows\system32\drivers\bthport.sys
2014-09-17 18:17 . 2013-07-20 10:33 102608 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-09-17 18:17 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\system32\mstscax.dll
2014-09-17 18:17 . 2013-02-15 04:34 131584 ----a-w- c:\windows\system32\aaclient.dll
2014-09-17 18:16 . 2013-02-15 03:25 36864 ----a-w- c:\windows\system32\tsgqec.dll
2014-09-17 18:16 . 2014-01-28 02:07 185344 ----a-w- c:\windows\system32\wwansvc.dll
2014-09-17 18:16 . 2013-03-19 03:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll
2014-09-17 18:16 . 2013-04-26 04:55 492544 ----a-w- c:\windows\system32\win32spl.dll
2014-09-17 18:16 . 2013-06-06 04:50 10240 ----a-w- c:\windows\system32\dciman32.dll
2014-09-17 18:16 . 2013-06-06 03:01 295424 ----a-w- c:\windows\system32\atmfd.dll
2014-09-17 18:16 . 2013-06-06 04:52 26112 ----a-w- c:\windows\system32\lpk.dll
2014-09-17 18:16 . 2013-06-06 04:51 70656 ----a-w- c:\windows\system32\fontsub.dll
2014-09-17 18:16 . 2013-06-06 03:01 34304 ----a-w- c:\windows\system32\atmlib.dll
2014-09-17 18:16 . 2013-08-28 00:57 434688 ----a-w- c:\windows\system32\scavengeui.dll
2014-09-17 18:16 . 2013-05-13 03:08 903168 ----a-w- c:\windows\system32\certutil.exe
2014-09-17 18:16 . 2013-05-13 03:08 43008 ----a-w- c:\windows\system32\certenc.dll
2014-09-17 18:15 . 2014-02-04 02:07 149440 ----a-w- c:\windows\system32\drivers\storport.sys
2014-09-17 18:15 . 2014-02-04 02:07 234432 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2014-09-17 18:15 . 2014-02-04 02:07 27072 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2014-09-17 18:15 . 2014-02-04 02:00 2048 ----a-w- c:\windows\system32\iologmsg.dll
2014-09-17 18:15 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll
2014-09-17 18:15 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll
2014-09-17 18:15 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2014-09-17 18:15 . 2012-10-03 16:42 242176 ----a-w- c:\windows\system32\nlasvc.dll
2014-09-17 18:15 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2014-09-17 18:15 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll
2014-09-17 18:15 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll
2014-09-17 18:14 . 2011-11-19 14:01 67072 ----a-w- c:\windows\system32\packager.dll
2014-09-17 18:13 . 2012-06-06 05:05 1019904 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2014-09-17 18:13 . 2012-06-06 05:03 805376 ----a-w- c:\windows\system32\cdosys.dll
2014-09-17 18:12 . 2012-06-06 05:05 352256 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2014-09-17 18:12 . 2012-06-06 05:05 57344 ----a-w- c:\program files\Common Files\System\ado\msador15.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-24 15:44 . 2012-10-30 22:32 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-09-24 15:44 . 2011-11-16 19:26 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-09-18 08:27 . 2014-09-18 08:27 208384 ----a-w- c:\windows\system32\webcheck.dll
2014-09-08 12:17 . 2011-03-29 02:36 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-08 08:00 . 2014-08-08 08:00 266293 ----a-w- c:\windows\system\MSVCRT.DLL
2014-08-08 08:00 . 2014-08-08 08:00 1527903 ----a-w- c:\windows\system\GDS32.DLL
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-06-29 22:17 . 2014-06-29 22:17 45400 ----a-w- c:\windows\system32\DiscHandler.exe
2014-06-28 15:18 . 2014-06-28 15:18 3916288 ----a-w- c:\windows\system32\ffmpeg.dll
2014-06-28 15:18 . 2014-06-28 15:18 112640 ----a-w- c:\windows\system32\ff_vfw.dll
2014-06-28 15:18 . 2014-06-28 15:18 3502592 ----a-w- c:\windows\system32\ffdshow.ax
2014-06-28 15:17 . 2014-06-28 15:17 271360 ----a-w- c:\windows\system32\TomsMoComp_ff.dll
2014-06-28 15:17 . 2014-06-28 15:17 99840 ----a-w- c:\windows\system32\ff_wmv9.dll
2014-06-28 15:17 . 2014-06-28 15:17 157184 ----a-w- c:\windows\system32\ff_unrar.dll
2014-06-28 15:17 . 2014-06-28 15:17 147456 ----a-w- c:\windows\system32\ff_libmad.dll
2014-06-28 15:17 . 2014-06-28 15:17 211968 ----a-w- c:\windows\system32\ff_libdts.dll
2014-06-28 15:17 . 2014-06-28 15:17 1525760 ----a-w- c:\windows\system32\ff_samplerate.dll
2014-06-28 15:17 . 2014-06-28 15:17 114688 ----a-w- c:\windows\system32\ff_liba52.dll
2014-06-28 15:17 . 2014-06-28 15:17 136704 ----a-w- c:\windows\system32\libmpeg2_ff.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"="d:\programy\Kies\Kies\Kies.exe" [2012-10-11 966072]
"KiesAirMessage"="d:\programy\Kies\Kies\KiesAirMessage.exe" [2012-10-09 580096]
"DAEMON Tools Lite"="d:\programy\daemon tools\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"HotkeyMon"="AsusSender.exe" [2011-03-11 34728]
"HotkeyService"="AsusSender.exe" [2011-03-11 34728]
"SuperHybridEngine"="AsusSender.exe" [2011-03-11 34728]
"LiveUpdate"="AsusSender.exe" [2011-03-11 34728]
"CapsHook"="AsusSender.exe" [2011-03-11 34728]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2011-04-14 419504]
"VizorHtmlDialog.exe"="c:\program files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" [2010-10-08 1123664]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 112632]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\VizorShortCut.exe" [2010-10-20 218448]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-01-18 10025576]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2010-06-10 548744]
"VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2011-07-12 45448]
"ASUSPRP"="c:\program files\ASUS\APRP\APRP.EXE" [2011-11-16 2984688]
"KiesTrayAgent"="d:\programy\Kies\Kies\KiesTrayAgent.exe" [2012-10-11 309688]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" [2014-04-17 748256]
"DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2014-05-28 455512]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2014-01-10 1861968]
"BlueStacks Agent"="c:\program files\BlueStacks\HD-Agent.exe" [2014-08-13 835288]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files\Asus\AsusVibe\AsusVibeLauncher.exe /start [2014-9-17 549040]
CodecPackUpdateChecker.lnk - c:\windows\System32\C2MP\UpdateChecker.exe [2014-6-30 48712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 cfhpghnrmxtoap;cfhpghnrmxtoap;c:\windows\system32\wvfarmcc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [x]
R3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2012-06-27 30312]
R3 BstHdAndroidSvc;BlueStacks Android Service;c:\program files\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R3 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files\BlueStacks\HD-LogRotatorService.exe [2014-08-13 384728]
R3 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files\BlueStacks\HD-UpdaterService.exe [2014-08-13 777944]
R3 cpuz135;cpuz135;c:\users\Kvart\AppData\Local\Temp\cpuz135\cpuz135_x32.sys [x]
R3 cpuz136;cpuz136;c:\users\Kvart\AppData\Local\Temp\cpuz136\cpuz136_x32.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-09-18 108032]
R3 pdfforge CrashHandler;pdfforge CrashHandler;c:\program files\PDF Architect 2\crash-handler-ws.exe [2014-06-26 861736]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2012-06-27 121064]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2012-06-27 12776]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2012-06-27 136808]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2012-06-27 114280]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2013-11-01 114960]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]
S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [2010-11-04 64128]
S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [2010-11-04 32384]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-08-03 11832]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-09-15 242240]
S1 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 64080]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-07-20 176128]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-04-17 276992]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files\Common Files\InstantOn\InsOnSrv.exe [2011-06-02 64128]
S2 AsusService;Asus Launcher Service;c:\windows\system32\AsusService.exe [2011-08-08 224680]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 58680]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files\BlueStacks\HD-Hypervisor-x86.sys [2014-08-13 112344]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
S2 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 161104]
S2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2011-03-25 91464]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2013-12-19 77824]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-07-21 102912]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2010-09-27 68208]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-05-12 23256]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-09-24 110296]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-05-12 51928]
S3 PDF Architect 2;PDF Architect 2;c:\program files\PDF Architect 2\ws.exe [2014-06-26 1771560]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-10 16:50 1096520 ----a-w- c:\program files\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-09-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-30 15:44]
.
2014-09-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-433252344-4095087950-1502536368-1001Core.job
- c:\users\Kvart\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-31 19:18]
.
2014-09-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-433252344-4095087950-1502536368-1001UA.job
- c:\users\Kvart\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-31 19:18]
.
2014-09-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-06 17:36]
.
2014-09-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-06 17:36]
.
.
------- Doplňkový sken -------
.
IE: E&xport to Microsoft Excel - d:\programy\MICROS~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - d:\programy\MICROS~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - d:\programy\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Kvart\AppData\Roaming\Mozilla\Firefox\Profiles\zkhlqghf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
HKCU-Run-Driver Tool - c:\program files\Driver Tool\Driver Tool\DriverTool.exe
HKCU-Run-Syncables - c:\program files\syncables\syncables desktop\Syncables.exe
HKLM-Run-SystemKey - (no file)
AddRemove-Hledik - WePOS - c:\wepos\uninst.exe
AddRemove-{C421738F-4326-4835-9060-34D16F090BAB}_is1 - c:\users\Kvart\AppData\Local\Temp\is-QVIH9.tmp\KA10\unins000.exe
AddRemove-01_Simmental - d:\programy\Kies\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - d:\programy\Kies\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - d:\programy\Kies\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - d:\programy\Kies\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - d:\programy\Kies\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - d:\programy\Kies\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - d:\programy\Kies\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - d:\programy\Kies\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-20_NXP_Driver - d:\programy\Kies\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-24_flashusbdriver - d:\programy\Kies\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - d:\programy\Kies\USB Drivers\25_escape\Uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-09-25 16:32:05
ComboFix-quarantined-files.txt 2014-09-25 14:31
.
Před spuštěním: Volných bajtů: 51 860 320 256
Po spuštění: Volných bajtů: 51 974 787 072
.
- - End Of File - - BD82A015C1C5A13243DB7235782C9F5F
A36C5E4F47E84449FF07ED3517B43A31

[jaro3]

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Trend Micro Titanium *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}

odinstaluj jeden antivir , pak nový Combofix.

[loleq86]

ComboFix 14-09-22.01 - Kvart 25.09.2014 19:23:13.2.2 - x86
Microsoft Windows 7 Starter 6.1.7601.1.1250.420.1029.18.749.176 [GMT 2:00]
Spuštěný z: c:\users\Kvart\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\Thumbs.db
c:\windows\TEMP\CR_4EAF1.tmp\setup.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-08-25 do 2014-09-25 )))))))))))))))))))))))))))))))
.
.
2014-09-25 18:10 . 2014-09-25 18:10 -------- d-----w- c:\users\Guest\AppData\Local\temp
2014-09-25 18:10 . 2014-09-25 18:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-09-25 17:03 . 2010-09-17 08:32 319456 ----a-w- c:\windows\DIFxAPI.dll
2014-09-25 17:03 . 2010-09-17 08:32 203600 ----a-w- c:\windows\TmNSCIns.dll
2014-09-25 12:41 . 2014-09-25 12:41 -------- d-----w- c:\users\Kvart\AppData\Roaming\PDF Architect 2
2014-09-24 15:33 . 2014-09-24 15:33 -------- d-----w- c:\program files\PDF Architect 2
2014-09-24 15:28 . 2014-09-24 15:28 -------- d-----w- c:\programdata\PDF Architect 2
2014-09-24 15:27 . 2014-09-24 15:27 -------- d-----w- c:\users\Kvart\AppData\Roaming\pdfforge
2014-09-24 15:27 . 2014-04-25 15:44 95416 ----a-w- c:\windows\system32\pdfcmon.dll
2014-09-24 15:27 . 2014-04-25 15:44 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2014-09-24 15:27 . 2014-04-25 15:44 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2014-09-24 15:27 . 2014-09-24 15:34 -------- d-----w- c:\program files\PDFCreator
2014-09-24 05:55 . 2014-09-24 06:06 -------- d-----w- c:\program files\CrystalDiskInfo
2014-09-21 15:12 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-19 19:27 . 2012-02-11 05:37 317440 ----a-w- c:\windows\system32\spoolsv.exe
2014-09-19 19:27 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-09-19 08:20 . 2014-09-19 08:20 -------- d-----w- c:\program files\Drakensang Online
2014-09-19 06:23 . 2014-09-24 05:36 -------- d-----w- c:\users\Kvart\AppData\Local\CrashDumps
2014-09-19 00:49 . 2014-08-18 21:30 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-09-19 00:37 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-09-19 00:37 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-09-19 00:37 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-09-19 00:37 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-09-19 00:37 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2014-09-19 00:37 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2014-09-19 00:37 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-09-19 00:29 . 2014-03-09 21:47 99480 ----a-w- c:\windows\system32\infocardapi.dll
2014-09-19 00:29 . 2014-06-30 22:14 8856 ----a-w- c:\windows\system32\icardres.dll
2014-09-19 00:29 . 2014-03-09 21:47 619672 ----a-w- c:\windows\system32\icardagt.exe
2014-09-19 00:29 . 2014-06-06 06:16 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-09-18 22:56 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\system32\DWrite.dll
2014-09-18 22:37 . 2014-09-18 15:59 24064 ----a-w- c:\windows\zoek-delete.exe
2014-09-18 22:36 . 2014-09-25 18:10 -------- d-----w- c:\users\Kvart\AppData\Local\Temp
2014-09-18 22:20 . 2013-11-23 18:26 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2014-09-18 22:20 . 2014-06-24 02:59 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-18 21:26 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\system32\d2d1.dll
2014-09-18 20:30 . 2014-09-18 20:30 -------- d-----w- c:\windows\Migration
2014-09-18 15:59 . 2014-09-18 20:16 -------- d-----w- C:\zoek_backup
2014-09-18 12:46 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2014-09-18 12:46 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll
2014-09-18 12:18 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2014-09-18 11:06 . 2014-09-18 11:06 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-09-18 10:19 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2014-09-18 10:19 . 2013-05-10 03:48 164864 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-09-18 08:27 . 2014-09-18 08:27 359632 ----a-w- c:\program files\Internet Explorer\iediagcmd.exe
2014-09-18 08:19 . 2014-09-18 08:19 69632 ----a-w- c:\windows\system32\smss.exe
2014-09-18 08:19 . 2014-09-18 08:19 640512 ----a-w- c:\windows\system32\advapi32.dll
2014-09-18 08:19 . 2014-09-18 08:19 619520 ----a-w- c:\windows\system32\tdh.dll
2014-09-18 08:19 . 2014-09-18 08:19 38912 ----a-w- c:\windows\system32\csrsrv.dll
2014-09-18 08:19 . 2014-09-18 08:19 1289096 ----a-w- c:\windows\system32\ntdll.dll
2014-09-18 08:18 . 2014-09-18 08:18 231424 ----a-w- c:\windows\system32\mswsock.dll
2014-09-18 08:18 . 2014-09-18 08:18 49152 ----a-w- c:\windows\system32\taskhost.exe
2014-09-18 08:03 . 2014-09-18 08:03 1505280 ----a-w- c:\windows\system32\d3d11.dll
2014-09-17 21:05 . 2014-09-18 23:54 33512 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-09-17 21:05 . 2014-09-17 21:05 -------- d-----w- c:\programdata\RogueKiller
2014-09-17 20:32 . 2014-09-17 20:32 -------- d-----w- c:\windows\ERUNT
2014-09-17 19:06 . 2013-07-04 11:57 205824 ----a-w- c:\windows\system32\WebClnt.dll
2014-09-17 19:06 . 2013-07-04 11:51 81920 ----a-w- c:\windows\system32\davclnt.dll
2014-09-17 19:06 . 2013-07-04 09:48 115712 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2014-09-17 19:06 . 2012-04-26 04:41 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2014-09-17 19:06 . 2012-04-26 04:45 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2014-09-17 19:06 . 2012-04-26 04:45 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2014-09-17 19:06 . 2013-07-04 11:50 530432 ----a-w- c:\windows\system32\comctl32.dll
2014-09-17 19:06 . 2013-07-03 04:02 36352 ----a-w- c:\windows\system32\drivers\usbscan.sys
2014-09-17 19:06 . 2013-07-03 03:36 55808 ----a-w- c:\windows\system32\drivers\hidclass.sys
2014-09-17 19:06 . 2013-07-03 03:36 25728 ----a-w- c:\windows\system32\drivers\hidparse.sys
2014-09-17 19:05 . 2012-08-22 17:16 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2014-09-17 19:05 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2014-09-17 19:04 . 2013-07-09 04:52 175104 ----a-w- c:\windows\system32\wintrust.dll
2014-09-17 19:03 . 2013-10-04 01:58 152576 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2014-09-17 19:03 . 2013-10-04 01:56 168960 ----a-w- c:\windows\system32\credui.dll
2014-09-17 18:28 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2014-09-17 18:26 . 2012-11-02 05:11 376832 ----a-w- c:\windows\system32\dpnet.dll
2014-09-17 18:26 . 2013-10-30 02:19 301568 ----a-w- c:\windows\system32\msieftp.dll
2014-09-17 18:25 . 2014-07-14 01:42 654336 ----a-w- c:\windows\system32\rpcrt4.dll
2014-09-17 18:25 . 2013-01-24 04:47 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
2014-09-17 18:24 . 2011-10-01 04:37 708608 ----a-w- c:\program files\Common Files\System\wab32.dll
2014-09-17 18:21 . 2013-10-12 02:04 121856 ----a-w- c:\windows\system32\wshom.ocx
2014-09-17 18:21 . 2013-10-12 01:15 141824 ----a-w- c:\windows\system32\wscript.exe
2014-09-17 18:21 . 2013-10-12 02:03 163840 ----a-w- c:\windows\system32\scrrun.dll
2014-09-17 18:21 . 2013-10-12 01:15 126976 ----a-w- c:\windows\system32\cscript.exe
2014-09-17 18:21 . 2014-03-26 14:27 1389056 ----a-w- c:\windows\system32\msxml6.dll
2014-09-17 18:21 . 2014-03-26 14:27 1237504 ----a-w- c:\windows\system32\msxml3.dll
2014-09-17 18:21 . 2014-03-26 14:25 2048 ----a-w- c:\windows\system32\msxml6r.dll
2014-09-17 18:21 . 2014-03-26 14:25 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-09-17 18:21 . 2014-07-07 01:40 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-09-17 18:21 . 2014-07-07 01:40 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-17 18:21 . 2014-06-03 09:29 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-09-17 18:21 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2014-09-17 18:20 . 2014-08-23 00:42 2352640 ----a-w- c:\windows\system32\win32k.sys
2014-09-17 18:20 . 2014-08-23 01:46 305152 ----a-w- c:\windows\system32\gdi32.dll
2014-09-17 18:20 . 2011-12-30 05:27 478720 ----a-w- c:\windows\system32\timedate.cpl
2014-09-17 18:19 . 2012-04-28 03:17 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2014-09-17 18:19 . 2013-04-01 05:10 77144 ----a-w- c:\windows\system32\mcupdate_AuthenticAMD.dll
2014-09-17 18:18 . 2013-05-10 03:20 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2014-09-17 18:18 . 2012-07-06 19:23 393728 ----a-w- c:\windows\system32\drivers\bthport.sys
2014-09-17 18:17 . 2013-07-20 10:33 102608 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-09-17 18:17 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\system32\mstscax.dll
2014-09-17 18:17 . 2013-02-15 04:34 131584 ----a-w- c:\windows\system32\aaclient.dll
2014-09-17 18:16 . 2013-02-15 03:25 36864 ----a-w- c:\windows\system32\tsgqec.dll
2014-09-17 18:16 . 2014-01-28 02:07 185344 ----a-w- c:\windows\system32\wwansvc.dll
2014-09-17 18:16 . 2013-03-19 03:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll
2014-09-17 18:16 . 2013-04-26 04:55 492544 ----a-w- c:\windows\system32\win32spl.dll
2014-09-17 18:16 . 2013-06-06 04:50 10240 ----a-w- c:\windows\system32\dciman32.dll
2014-09-17 18:16 . 2013-06-06 03:01 295424 ----a-w- c:\windows\system32\atmfd.dll
2014-09-17 18:16 . 2013-06-06 04:52 26112 ----a-w- c:\windows\system32\lpk.dll
2014-09-17 18:16 . 2013-06-06 04:51 70656 ----a-w- c:\windows\system32\fontsub.dll
2014-09-17 18:16 . 2013-06-06 03:01 34304 ----a-w- c:\windows\system32\atmlib.dll
2014-09-17 18:16 . 2013-08-28 00:57 434688 ----a-w- c:\windows\system32\scavengeui.dll
2014-09-17 18:16 . 2013-05-13 03:08 903168 ----a-w- c:\windows\system32\certutil.exe
2014-09-17 18:16 . 2013-05-13 03:08 43008 ----a-w- c:\windows\system32\certenc.dll
2014-09-17 18:15 . 2014-02-04 02:07 149440 ----a-w- c:\windows\system32\drivers\storport.sys
2014-09-17 18:15 . 2014-02-04 02:07 234432 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2014-09-17 18:15 . 2014-02-04 02:07 27072 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2014-09-17 18:15 . 2014-02-04 02:00 2048 ----a-w- c:\windows\system32\iologmsg.dll
2014-09-17 18:15 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll
2014-09-17 18:15 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll
2014-09-17 18:15 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2014-09-17 18:15 . 2012-10-03 16:42 242176 ----a-w- c:\windows\system32\nlasvc.dll
2014-09-17 18:15 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2014-09-17 18:15 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll
2014-09-17 18:15 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll
2014-09-17 18:14 . 2011-11-19 14:01 67072 ----a-w- c:\windows\system32\packager.dll
2014-09-17 18:13 . 2012-06-06 05:05 1019904 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2014-09-17 18:13 . 2012-06-06 05:03 805376 ----a-w- c:\windows\system32\cdosys.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-24 15:44 . 2012-10-30 22:32 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-09-24 15:44 . 2011-11-16 19:26 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-09-18 08:27 . 2014-09-18 08:27 208384 ----a-w- c:\windows\system32\webcheck.dll
2014-09-08 12:17 . 2011-03-29 02:36 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-08 08:00 . 2014-08-08 08:00 266293 ----a-w- c:\windows\system\MSVCRT.DLL
2014-08-08 08:00 . 2014-08-08 08:00 1527903 ----a-w- c:\windows\system\GDS32.DLL
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-06-29 22:17 . 2014-06-29 22:17 45400 ----a-w- c:\windows\system32\DiscHandler.exe
2014-06-28 15:18 . 2014-06-28 15:18 3916288 ----a-w- c:\windows\system32\ffmpeg.dll
2014-06-28 15:18 . 2014-06-28 15:18 112640 ----a-w- c:\windows\system32\ff_vfw.dll
2014-06-28 15:18 . 2014-06-28 15:18 3502592 ----a-w- c:\windows\system32\ffdshow.ax
2014-06-28 15:17 . 2014-06-28 15:17 271360 ----a-w- c:\windows\system32\TomsMoComp_ff.dll
2014-06-28 15:17 . 2014-06-28 15:17 99840 ----a-w- c:\windows\system32\ff_wmv9.dll
2014-06-28 15:17 . 2014-06-28 15:17 157184 ----a-w- c:\windows\system32\ff_unrar.dll
2014-06-28 15:17 . 2014-06-28 15:17 147456 ----a-w- c:\windows\system32\ff_libmad.dll
2014-06-28 15:17 . 2014-06-28 15:17 211968 ----a-w- c:\windows\system32\ff_libdts.dll
2014-06-28 15:17 . 2014-06-28 15:17 1525760 ----a-w- c:\windows\system32\ff_samplerate.dll
2014-06-28 15:17 . 2014-06-28 15:17 114688 ----a-w- c:\windows\system32\ff_liba52.dll
2014-06-28 15:17 . 2014-06-28 15:17 136704 ----a-w- c:\windows\system32\libmpeg2_ff.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"="d:\programy\Kies\Kies\Kies.exe" [2012-10-11 966072]
"KiesAirMessage"="d:\programy\Kies\Kies\KiesAirMessage.exe" [2012-10-09 580096]
"DAEMON Tools Lite"="d:\programy\daemon tools\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"HotkeyMon"="AsusSender.exe" [2011-03-11 34728]
"HotkeyService"="AsusSender.exe" [2011-03-11 34728]
"SuperHybridEngine"="AsusSender.exe" [2011-03-11 34728]
"LiveUpdate"="AsusSender.exe" [2011-03-11 34728]
"CapsHook"="AsusSender.exe" [2011-03-11 34728]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2011-04-14 419504]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-01-18 10025576]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2010-06-10 548744]
"VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2011-07-12 45448]
"ASUSPRP"="c:\program files\ASUS\APRP\APRP.EXE" [2011-11-16 2984688]
"KiesTrayAgent"="d:\programy\Kies\Kies\KiesTrayAgent.exe" [2012-10-11 309688]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" [2014-04-17 748256]
"DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2014-05-28 455512]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2014-01-10 1861968]
"BlueStacks Agent"="c:\program files\BlueStacks\HD-Agent.exe" [2014-08-13 835288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"000_TmTdiUninstall"="c:\windows\TmNSCIns.dll" [2010-09-17 203600]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files\Asus\AsusVibe\AsusVibeLauncher.exe /start [2014-9-17 549040]
CodecPackUpdateChecker.lnk - c:\windows\System32\C2MP\UpdateChecker.exe [2014-6-30 48712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 cfhpghnrmxtoap;cfhpghnrmxtoap;c:\windows\system32\wvfarmcc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2012-06-27 30312]
R3 BstHdAndroidSvc;BlueStacks Android Service;c:\program files\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R3 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files\BlueStacks\HD-LogRotatorService.exe [2014-08-13 384728]
R3 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files\BlueStacks\HD-UpdaterService.exe [2014-08-13 777944]
R3 cpuz135;cpuz135;c:\users\Kvart\AppData\Local\Temp\cpuz135\cpuz135_x32.sys [x]
R3 cpuz136;cpuz136;c:\users\Kvart\AppData\Local\Temp\cpuz136\cpuz136_x32.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-09-18 108032]
R3 PDF Architect 2;PDF Architect 2;c:\program files\PDF Architect 2\ws.exe [2014-06-26 1771560]
R3 pdfforge CrashHandler;pdfforge CrashHandler;c:\program files\PDF Architect 2\crash-handler-ws.exe [2014-06-26 861736]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2012-06-27 121064]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2012-06-27 12776]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2012-06-27 136808]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2012-06-27 114280]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2013-11-01 114960]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]
S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [2010-11-04 64128]
S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [2010-11-04 32384]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-08-03 11832]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-09-15 242240]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-07-20 176128]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-04-17 276992]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files\Common Files\InstantOn\InsOnSrv.exe [2011-06-02 64128]
S2 AsusService;Asus Launcher Service;c:\windows\system32\AsusService.exe [2011-08-08 224680]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 58680]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files\BlueStacks\HD-Hypervisor-x86.sys [2014-08-13 112344]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
S2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2011-03-25 91464]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2013-12-19 77824]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-07-21 102912]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2010-09-27 68208]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-05-12 23256]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-09-25 110296]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-05-12 51928]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-10 16:50 1096520 ----a-w- c:\program files\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-09-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-30 15:44]
.
2014-09-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-433252344-4095087950-1502536368-1001Core.job
- c:\users\Kvart\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-31 19:18]
.
2014-09-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-433252344-4095087950-1502536368-1001UA.job
- c:\users\Kvart\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-31 19:18]
.
2014-09-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-06 17:36]
.
2014-09-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-06 17:36]
.
.
------- Doplňkový sken -------
.
IE: E&xport to Microsoft Excel - d:\programy\MICROS~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - d:\programy\MICROS~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - d:\programy\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Kvart\AppData\Roaming\Mozilla\Firefox\Profiles\zkhlqghf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-09-25 20:16:38
ComboFix-quarantined-files.txt 2014-09-25 18:16
ComboFix2.txt 2014-09-25 14:32
.
Před spuštěním: Volných bajtů: 53 731 176 448
Po spuštění: Volných bajtů: 53 495 300 096
.
- - End Of File - - 9B3993E714DD4F95617D4B02176D951E
A36C5E4F47E84449FF07ED3517B43A31

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\windows\TmNSCIns.dll
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-433252344-4095087950-1502536368-1001Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-433252344-4095087950-1502536368-1001UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Collect::
c:\windows\system32\wvfarmcc.exe

Folder::
c:\program files\Skype\Updater
c:\users\Kvart\AppData\Local\Facebook\Update
c:\program files\Google\Update

Driver::
cfhpghnrmxtoap
SkypeUpdate

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"000_TmTdiUninstall"=-

RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.