ComboFix 15-10-23.01 - Petronela 24.10.2015 10:39:23.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.1976.1170 [GMT 2:00]
Spuštěný z: c:\users\Petronela\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Petronela\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 9.0.318.22 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET NOD32 Antivirus 9.0.318.22 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0424176523712.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA1d0424176852eb1.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.28.15\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.28.15\GoogleUpdate.exe
c:\program files\Google\Update\1.3.28.15\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.28.15\GoogleUpdateComRegisterShell64.exe
c:\program files\Google\Update\1.3.28.15\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.28.15\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.28.15\GoogleUpdateWebPlugin.exe
c:\program files\Google\Update\1.3.28.15\goopdate.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_am.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_ar.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_bg.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_bn.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_ca.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_cs.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_da.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_de.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_el.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_en.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_es.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_et.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_fa.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_fi.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_fil.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_fr.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_gu.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_hi.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_hr.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_hu.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_id.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_is.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_it.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_iw.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_ja.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_kn.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_ko.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_lt.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_lv.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_ml.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_mr.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_ms.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_nl.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_no.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_pl.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_ro.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_ru.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_sk.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_sl.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_sr.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_sv.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_sw.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_ta.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_te.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_th.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_tr.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_uk.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_ur.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_vi.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.28.15\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.28.15\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.28.15\psmachine.dll
c:\program files\Google\Update\1.3.28.15\psmachine_64.dll
c:\program files\Google\Update\1.3.28.15\psuser.dll
c:\program files\Google\Update\1.3.28.15\psuser_64.dll
c:\program files\Google\Update\Download\{3C122445-AECE-4309-90B7-85A6AEF42AC0}\1.21.9226.6034\gsync.msi
c:\program files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\46.0.2490.71\46.0.2490.71_45.0.2454.101_chrome_updater.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Google\Update\Install\{11CE24F9-0A6F-4EC4-B7DB-ED0E78EAFEC5}\41.0.2272.89_chrome_installer.exe
c:\program files\Google\Update\Install\{13E8AA11-0342-4AF2-810F-90B6AC915929}\42.0.2311.152_42.0.2311.135_chrome_updater.exe
c:\program files\Google\Update\Install\{2038224F-CC9B-416B-9106-CEAC9547A557}\43.0.2357.81_chrome_installer.exe
c:\program files\Google\Update\Install\{20E58D86-95A4-48A6-A3C2-5F6B52462AC9}\45.0.2454.101_45.0.2454.99_chrome_updater.exe
c:\program files\Google\Update\Install\{4073A4D8-F7F3-4332-B512-0B52392C7595}\42.0.2311.135_42.0.2311.90_chrome_updater.exe
c:\program files\Google\Update\Install\{480DE45D-AD4E-410D-A84E-D5A09BEA8BDF}\43.0.2357.65_42.0.2311.152_chrome_updater.exe
c:\program files\Google\Update\Install\{5E3BFEAF-3C7E-400B-8273-A5D6ECE67A65}\41.0.2272.118_41.0.2272.101_chrome_updater.exe
c:\program files\Google\Update\Install\{6A25466A-7AF0-4309-92F1-229D0A2A649A}\46.0.2490.71_45.0.2454.101_chrome_updater.exe
c:\program files\Google\Update\Install\{6A4BB845-924B-473B-A343-7FD084FAB052}\43.0.2357.124_43.0.2357.81_chrome_updater.exe
c:\program files\Google\Update\Install\{6D616123-CC21-46EF-BEA5-8EBF09EDB0D7}\43.0.2357.81_43.0.2357.65_chrome_updater.exe
c:\program files\Google\Update\Install\{7CA0373A-C7C9-4A9C-AF8E-198AB4AF427D}\gsync.msi
c:\program files\Google\Update\Install\{7CA0373A-C7C9-4A9C-AF8E-198AB4AF427D}\gsync.msi.log
c:\program files\Google\Update\Install\{7D02331F-AEFA-46ED-B87C-F4B4383F85EE}\41.0.2272.89_40.0.2214.115_chrome_updater.exe
c:\program files\Google\Update\Install\{90BA1BDA-200A-41B9-BAED-D69015CF81C8}\43.0.2357.124_chrome_installer.exe
c:\program files\Google\Update\Install\{924FE557-C77F-48E4-A7D2-4F3D6064A2E1}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{9FD931B0-B10B-41BE-8B03-BB8EE3DEA042}\gsync.msi
c:\program files\Google\Update\Install\{9FD931B0-B10B-41BE-8B03-BB8EE3DEA042}\gsync.msi.log
c:\program files\Google\Update\Install\{AA4B50A7-FB85-43FC-B6AA-2E86D5E2AC27}\41.0.2272.101_41.0.2272.89_chrome_updater.exe
c:\program files\Google\Update\Install\{AE4C22C2-4A6A-4AE1-B4E0-0FDFA6138B02}\43.0.2357.65_42.0.2311.152_chrome_updater.exe
c:\program files\Google\Update\Install\{B6C4C4D0-235E-49DB-9377-3AF5889AFFD1}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{C3B46DAA-5D56-44C4-A805-6A65050DC575}\45.0.2454.99_43.0.2357.124_chrome_updater.exe
c:\program files\Google\Update\Install\{C43C03A9-B2F7-4986-9501-0CCC024E1C74}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Install\{C5BFE2FB-9965-40C3-A387-085D8B7544CD}\45.0.2454.99_chrome_installer.exe
c:\program files\Google\Update\Install\{EC4DA9B6-26B6-44D6-8792-8FC1459AD458}\40.0.2214.115_40.0.2214.111_chrome_updater.exe
c:\program files\Google\Update\Install\{EFB83AA8-1C1A-413A-AB39-83C8DC2A7E7A}\42.0.2311.90_41.0.2272.118_chrome_updater.exe
c:\program files\Google\Update\Install\{F6EBB62B-0E6B-4336-84AC-19C5E3DD10B7}\43.0.2357.65_chrome_installer.exe
c:\program files\Google\Update\Install\{F770D687-03C8-4639-A2C3-A27F293FDE04}\gsync.msi
c:\program files\Google\Update\Install\{F770D687-03C8-4639-A2C3-A27F293FDE04}\gsync.msi.log
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-09-24 do 2015-10-24 )))))))))))))))))))))))))))))))
.
.
2015-10-24 08:50 . 2015-10-24 08:50 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BF7D798B-794F-440C-82D0-9DEA2B805C87}\offreg.1932.dll
2015-10-24 08:50 . 2015-10-24 08:52 -------- d-----w- c:\users\Petronela\AppData\Local\temp
2015-10-24 08:50 . 2015-10-24 08:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-10-23 16:36 . 2015-10-13 09:30 8985080 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BF7D798B-794F-440C-82D0-9DEA2B805C87}\mpengine.dll
2015-10-16 20:59 . 2015-10-16 20:39 24064 ----a-w- c:\windows\zoek-delete.exe
2015-10-16 20:39 . 2015-10-16 20:56 -------- d-----w- C:\zoek_backup
2015-10-14 04:17 . 2015-09-01 17:52 868864 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2015-10-14 04:16 . 2015-10-01 17:50 50688 ----a-w- c:\windows\system32\appidapi.dll
2015-10-14 04:16 . 2015-10-01 17:50 96768 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-10-14 04:16 . 2015-10-01 17:50 50176 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-10-14 04:16 . 2015-10-01 17:50 28160 ----a-w- c:\windows\system32\appidsvc.dll
2015-10-14 04:16 . 2015-10-01 17:50 16896 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2015-10-14 04:16 . 2015-10-01 16:53 50176 ----a-w- c:\windows\system32\drivers\appid.sys
2015-10-02 08:28 . 2015-07-30 13:13 103120 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-02 07:53 . 2015-07-04 17:48 1414656 ----a-w- c:\windows\system32\ole32.dll
2015-10-02 07:53 . 2015-09-02 02:48 26624 ----a-w- c:\windows\system32\lpk.dll
2015-10-02 07:53 . 2015-09-02 02:48 70656 ----a-w- c:\windows\system32\fontsub.dll
2015-10-02 07:53 . 2015-09-02 02:48 10240 ----a-w- c:\windows\system32\dciman32.dll
2015-10-02 07:53 . 2015-09-02 02:48 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-10-02 07:53 . 2015-09-02 01:36 2384896 ----a-w- c:\windows\system32\win32k.sys
2015-10-02 07:53 . 2015-09-02 01:33 299520 ----a-w- c:\windows\system32\atmfd.dll
2015-10-02 07:52 . 2015-06-17 17:39 305664 ----a-w- c:\windows\system32\gdi32.dll
2015-10-02 07:52 . 2015-07-16 19:12 6131200 ----a-w- c:\windows\system32\mstscax.dll
2015-10-02 07:52 . 2015-07-16 15:14 355840 ----a-w- c:\windows\system32\wksprt.exe
2015-10-02 07:52 . 2015-07-16 19:12 856064 ----a-w- c:\windows\system32\rdvidcrl.dll
2015-10-02 07:52 . 2015-07-16 19:12 53248 ----a-w- c:\windows\system32\tsgqec.dll
2015-10-02 07:52 . 2015-07-30 17:57 909824 ----a-w- c:\windows\system32\FntCache.dll
2015-10-02 07:52 . 2015-07-30 17:57 1251328 ----a-w- c:\windows\system32\DWrite.dll
2015-10-02 07:52 . 2015-07-30 17:57 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2015-10-02 07:52 . 2015-06-09 19:35 2745856 ----a-w- c:\windows\system32\rdpcorets.dll
2015-10-02 07:52 . 2015-06-09 19:35 13824 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2015-10-02 07:52 . 2015-07-15 02:55 44032 ----a-w- c:\windows\system32\basesrv.dll
2015-10-02 07:52 . 2015-06-01 23:47 210432 ----a-w- c:\windows\system32\cewmdm.dll
2015-10-02 07:51 . 2015-07-15 02:55 1390592 ----a-w- c:\windows\system32\msxml6.dll
2015-10-02 07:51 . 2015-07-15 02:55 1241088 ----a-w- c:\windows\system32\msxml3.dll
2015-10-02 07:51 . 2015-07-15 02:51 2048 ----a-w- c:\windows\system32\msxml6r.dll
2015-10-02 07:51 . 2015-07-15 02:51 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-10-02 07:51 . 2015-07-15 02:54 2048 ----a-w- c:\windows\system32\tzres.dll
2015-10-01 20:08 . 2015-10-01 20:08 -------- d-----w- c:\users\Petronela\AppData\Roaming\GlarySoft
2015-10-01 19:40 . 2015-10-01 19:41 98520 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-10-01 19:39 . 2015-10-01 19:39 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2015-10-01 19:39 . 2015-06-18 06:41 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-10-01 19:39 . 2015-06-18 06:41 94936 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-10-01 19:39 . 2015-06-18 06:41 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-10-01 19:35 . 2015-10-03 18:12 -------- d-----w- C:\AdwCleaner
2015-10-01 19:33 . 2015-10-01 19:33 -------- d-----w- c:\users\Petronela\AppData\Local\Adobe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-16 20:26 . 2015-02-25 21:53 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-09-23 11:14 . 2015-01-20 13:15 780488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-09-23 11:14 . 2015-01-20 13:15 142536 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-09-23 07:30 . 2015-07-14 13:29 205800 ----a-w- c:\windows\system32\drivers\eamonm.sys
2015-09-23 07:30 . 2015-07-14 13:29 145512 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2015-09-23 07:30 . 2015-07-14 13:29 131640 ----a-w- c:\windows\system32\drivers\epfwwfpr.sys
2015-09-16 02:58 . 2015-10-14 04:14 230400 ----a-w- c:\windows\system32\webcheck.dll
2015-09-15 17:36 . 2015-10-14 04:19 248832 ----a-w- c:\windows\system32\schannel.dll
2015-08-05 17:41 . 2015-10-02 07:54 751104 ----a-w- c:\windows\system32\schedsvc.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-05-13 16:31 1729752 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-05-13 16:31 1729752 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-05-13 16:31 1729752 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Petronela^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Odeslat do OneNote.lnk]
path=c:\users\Petronela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk
backup=c:\windows\pss\Odeslat do OneNote.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
-scheduler [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2015-09-14 07:25 1045720 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 02:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
2015-05-08 19:49 6369048 ----a-w- c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2010-03-12 09:11 175640 ----a-w- c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2011-03-04 11:45 2741616 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lync]
2015-05-19 15:31 24077480 ----a-w- c:\program files\Microsoft Office\Office15\lync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2010-03-12 09:11 166936 ----a-w- c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QLBController]
2010-01-28 16:20 256056 ----a-w- c:\program files\Hewlett-Packard\HP HotKey Support\QLBController.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2015-08-07 19:34 53736048 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2010-06-04 00:17 1791272 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
2010-01-29 04:15 495708 ----a-w- c:\program files\IDT\WDM\sttray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant]
2009-09-01 17:41 499768 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"IgfxTray"="c:\windows\system32\igfxtray.exe"
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2015-07-09 327296]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-01-07 29472]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2015-02-04 23456]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-09-16 102912]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-07-09 122880]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-06-18 51928]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-11-23 1120752]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2015-09-23 205800]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2015-09-23 145512]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2015-10-09 1971968]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2015-09-23 131640]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-01-28 265272]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-06-18 23256]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2011-09-07 1117800]
S3 rtsuvc;HP Webcam [2 MP Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys [2010-01-30 05:45 73344]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc REG_MULTI_SZ DiagTrack
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 11:29 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-10-15 17:46 997704 ----a-w- c:\program files\Google\Chrome\Application\46.0.2490.71\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
IE: Append the content of the link to existing PDF file - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Append the content of the selected links to existing PDF file - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
IE: Append to existing PDF file - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Create PDF file - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF file from the content of the link - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF files from the selected links - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do Microsoft Excelu - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Od&eslat do OneNotu - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: eset.com\help
TCP: DhcpNameServer = 10.0.0.1 10.0.0.10
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(4076)
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\ESET\ESET NOD32 Antivirus\egui.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\system32\GWX\GWX.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\system32\conhost.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Celkový čas: 2015-10-24 10:56:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-10-24 08:56
.
Před spuštěním: Volných bajtů: 222 684 237 824
Po spuštění: Volných bajtů: 222 462 980 096
.
- - End Of File - - FBCEB85AF9A4656896ED2685D892774B
A36C5E4F47E84449FF07ED3517B43A31
Prosím o kontrolu logu Vyřešeno
Re: Prosím o kontrolu logu
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:03:13, on 24.10.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)
Boot mode: Normal
Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\windows\system32\GWX\GWX.exe
C:\windows\Explorer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Petronela\Desktop\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll
O8 - Extra context menu item: Append the content of the link to existing PDF file - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Append the content of the selected links to existing PDF file - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
O8 - Extra context menu item: Append to existing PDF file - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Create PDF file - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Create PDF file from the content of the link - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Create PDF files from the selected links - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://c:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
--
End of file - 8344 bytes
Scan saved at 11:03:13, on 24.10.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)
Boot mode: Normal
Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\windows\system32\GWX\GWX.exe
C:\windows\Explorer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Petronela\Desktop\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll
O8 - Extra context menu item: Append the content of the link to existing PDF file - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Append the content of the selected links to existing PDF file - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
O8 - Extra context menu item: Append to existing PDF file - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Create PDF file - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Create PDF file from the content of the link - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Create PDF files from the selected links - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://c:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
--
End of file - 8344 bytes
Re: Prosím o kontrolu logu
aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2015-10-24 11:01:05
-----------------------------
11:01:05.701 OS Version: Windows 6.1.7601 Service Pack 1
11:01:05.701 Number of processors: 2 586 0x170A
11:01:05.701 ComputerName: HP_NOTEBOOK UserName: Petronela
11:01:06.668 Initialize success
11:01:06.683 VM: initialized successfully
11:01:06.683 VM: Intel CPU virtualization not supported
11:01:12.322 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:01:12.338 Disk 0 Vendor: Hitachi_ PC3O Size: 305245MB BusType: 3
11:01:12.447 Disk 0 MBR read successfully
11:01:12.463 Disk 0 MBR scan
11:01:12.463 Disk 0 Windows 7 default MBR code
11:01:12.463 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 300 MB offset 2048
11:01:12.478 Disk 0 Boot: NTFS code=1
11:01:12.494 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 287534 MB offset 616448
11:01:12.525 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15360 MB offset 589486080
11:01:12.541 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 2049 MB offset 620943360
11:01:12.541 Disk 0 scanning sectors +625139712
11:01:12.603 Disk 0 scanning C:\windows\system32\drivers
11:01:19.623 Service scanning
11:01:23.929 Service ehdrv C:\windows\system32\DRIVERS\ehdrv.sys **LOCKED** 5
11:01:24.194 Service epfwwfpr C:\windows\system32\DRIVERS\epfwwfpr.sys **LOCKED** 5
11:01:34.911 Modules scanning
11:01:34.911 Disk 0 trace - called modules:
11:01:34.942 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys
11:01:34.958 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x863d3030]
11:01:34.958 3 CLASSPNP.SYS[88e1859e] -> nt!IofCallDriver -> [0x859dc660]
11:01:34.973 5 ACPI.sys[8862c3d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8598c028]
11:01:34.973 Disk 0 statistics 83742/0/0 @ 6,72 MB/s
11:01:34.989 Scan finished successfully
11:01:41.650 Disk 0 MBR has been saved successfully to "C:\Users\Petronela\Desktop\MBR.dat"
11:01:41.650 The log file has been saved successfully to "C:\Users\Petronela\Desktop\aswMBR.txt"
Run date: 2015-10-24 11:01:05
-----------------------------
11:01:05.701 OS Version: Windows 6.1.7601 Service Pack 1
11:01:05.701 Number of processors: 2 586 0x170A
11:01:05.701 ComputerName: HP_NOTEBOOK UserName: Petronela
11:01:06.668 Initialize success
11:01:06.683 VM: initialized successfully
11:01:06.683 VM: Intel CPU virtualization not supported
11:01:12.322 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:01:12.338 Disk 0 Vendor: Hitachi_ PC3O Size: 305245MB BusType: 3
11:01:12.447 Disk 0 MBR read successfully
11:01:12.463 Disk 0 MBR scan
11:01:12.463 Disk 0 Windows 7 default MBR code
11:01:12.463 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 300 MB offset 2048
11:01:12.478 Disk 0 Boot: NTFS code=1
11:01:12.494 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 287534 MB offset 616448
11:01:12.525 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15360 MB offset 589486080
11:01:12.541 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 2049 MB offset 620943360
11:01:12.541 Disk 0 scanning sectors +625139712
11:01:12.603 Disk 0 scanning C:\windows\system32\drivers
11:01:19.623 Service scanning
11:01:23.929 Service ehdrv C:\windows\system32\DRIVERS\ehdrv.sys **LOCKED** 5
11:01:24.194 Service epfwwfpr C:\windows\system32\DRIVERS\epfwwfpr.sys **LOCKED** 5
11:01:34.911 Modules scanning
11:01:34.911 Disk 0 trace - called modules:
11:01:34.942 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys
11:01:34.958 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x863d3030]
11:01:34.958 3 CLASSPNP.SYS[88e1859e] -> nt!IofCallDriver -> [0x859dc660]
11:01:34.973 5 ACPI.sys[8862c3d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8598c028]
11:01:34.973 Disk 0 statistics 83742/0/0 @ 6,72 MB/s
11:01:34.989 Scan finished successfully
11:01:41.650 Disk 0 MBR has been saved successfully to "C:\Users\Petronela\Desktop\MBR.dat"
11:01:41.650 The log file has been saved successfully to "C:\Users\Petronela\Desktop\aswMBR.txt"
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Jak to vypadá s problémy?
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Prosím o kontrolu logu
Tak procesor už jede normálně a RAMky taky takže problém je asi vyřešen 
Procesor z 80% jede na 3% a RAMky z 1,8GB využitého jen 800MB
Procesor z 80% jede na 3% a RAMky z 1,8GB využitého jen 800MB-
jerabina
- člen Security týmu
-
Level 6
- Příspěvky: 3647
- Registrován: březen 13
- Bydliště: Litoměřice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/
ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.
Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt
Pokud nejsou problémy, je to vše a můžeš dát vyřešeno - zelenou "fajfku"
https://toolslib.net/downloads/viewdownload/2-delfix/
ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.
Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt
Pokud nejsou problémy, je to vše a můžeš dát vyřešeno - zelenou "fajfku"
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Re: Prosím o kontrolu logu Vyřešeno
Děkuju moc
# DelFix v1.011 - Logfile created 28/10/2015 at 08:32:34
# Updated 18/08/2015 by Xplode
# Username : Petronela - HP_NOTEBOOK
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
~ Removing disinfection tools ...
Deleted : C:\Qoobox
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\ComboFix.txt
Deleted : C:\zoek-results.log
Deleted : C:\Users\Petronela\Desktop\AdwCleaner.exe
Deleted : C:\Users\Petronela\Desktop\aswmbr.exe
Deleted : C:\Users\Petronela\Desktop\aswMBR.txt
Deleted : C:\Users\Petronela\Desktop\ComboFix.exe
Deleted : C:\Users\Petronela\Desktop\ComboFix.txt
Deleted : C:\Users\Petronela\Desktop\JRT.exe
Deleted : C:\Users\Petronela\Desktop\hijackthis.exe
Deleted : C:\Users\Petronela\Desktop\hijackthis.log
Deleted : C:\Users\Petronela\Desktop\MBR.dat
Deleted : C:\Users\Petronela\Desktop\RogueKiller.exe
Deleted : C:\Users\Petronela\Desktop\TFC.exe
Deleted : C:\Users\Petronela\Desktop\zoek-results.txt
Deleted : C:\Users\Petronela\Desktop\zoek.exe
Deleted : C:\Users\Petronela\Desktop\zoek.txt
Deleted : C:\windows\grep.exe
Deleted : C:\windows\PEV.exe
Deleted : C:\windows\NIRCMD.exe
Deleted : C:\windows\MBR.exe
Deleted : C:\windows\SED.exe
Deleted : C:\windows\SWREG.exe
Deleted : C:\windows\SWSC.exe
Deleted : C:\windows\SWXCACLS.exe
Deleted : C:\windows\Zip.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR
~ Cleaning system restore ...
Deleted : RP #135 [JRT Pre-Junkware Removal | 10/03/2015 18:14:13]
Deleted : RP #136 [Windows Update | 10/07/2015 07:57:22]
Deleted : RP #137 [Windows Update | 10/11/2015 18:45:59]
Deleted : RP #138 [Windows Update | 10/14/2015 21:10:46]
Deleted : RP #139 [zoek.exe restore point | 10/16/2015 20:40:41]
Deleted : RP #140 [ComboFix created restore point | 10/18/2015 16:46:11]
Deleted : RP #141 [Windows Update | 10/20/2015 17:18:57]
Deleted : RP #142 [ComboFix created restore point | 10/24/2015 08:37:21]
Deleted : RP #143 [Windows Update | 10/27/2015 16:03:13]
New restore point created !
########## - EOF - ##########
# DelFix v1.011 - Logfile created 28/10/2015 at 08:32:34
# Updated 18/08/2015 by Xplode
# Username : Petronela - HP_NOTEBOOK
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
~ Removing disinfection tools ...
Deleted : C:\Qoobox
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\ComboFix.txt
Deleted : C:\zoek-results.log
Deleted : C:\Users\Petronela\Desktop\AdwCleaner.exe
Deleted : C:\Users\Petronela\Desktop\aswmbr.exe
Deleted : C:\Users\Petronela\Desktop\aswMBR.txt
Deleted : C:\Users\Petronela\Desktop\ComboFix.exe
Deleted : C:\Users\Petronela\Desktop\ComboFix.txt
Deleted : C:\Users\Petronela\Desktop\JRT.exe
Deleted : C:\Users\Petronela\Desktop\hijackthis.exe
Deleted : C:\Users\Petronela\Desktop\hijackthis.log
Deleted : C:\Users\Petronela\Desktop\MBR.dat
Deleted : C:\Users\Petronela\Desktop\RogueKiller.exe
Deleted : C:\Users\Petronela\Desktop\TFC.exe
Deleted : C:\Users\Petronela\Desktop\zoek-results.txt
Deleted : C:\Users\Petronela\Desktop\zoek.exe
Deleted : C:\Users\Petronela\Desktop\zoek.txt
Deleted : C:\windows\grep.exe
Deleted : C:\windows\PEV.exe
Deleted : C:\windows\NIRCMD.exe
Deleted : C:\windows\MBR.exe
Deleted : C:\windows\SED.exe
Deleted : C:\windows\SWREG.exe
Deleted : C:\windows\SWSC.exe
Deleted : C:\windows\SWXCACLS.exe
Deleted : C:\windows\Zip.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR
~ Cleaning system restore ...
Deleted : RP #135 [JRT Pre-Junkware Removal | 10/03/2015 18:14:13]
Deleted : RP #136 [Windows Update | 10/07/2015 07:57:22]
Deleted : RP #137 [Windows Update | 10/11/2015 18:45:59]
Deleted : RP #138 [Windows Update | 10/14/2015 21:10:46]
Deleted : RP #139 [zoek.exe restore point | 10/16/2015 20:40:41]
Deleted : RP #140 [ComboFix created restore point | 10/18/2015 16:46:11]
Deleted : RP #141 [Windows Update | 10/20/2015 17:18:57]
Deleted : RP #142 [ComboFix created restore point | 10/24/2015 08:37:21]
Deleted : RP #143 [Windows Update | 10/27/2015 16:03:13]
New restore point created !
########## - EOF - ##########
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 36 hostů