Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:20:17, on 22.3.2013
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Cary\TimeMaker\TimeMaker.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hosting.getmore.eu/optimalenergy ... npage=true
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9166 bytes
Prosím o kontrolu logu - vyskakování z aplikací Vyřešeno
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu - vyskakování z aplikací
Odinstaluj Spybot
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: Prosím o kontrolu logu - vyskakování z aplikací
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Verze: v2013.03.26.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Cary :: CARY-PC [administrátor]
26.3.2013 5:38:28
mbam-log-2013-03-26 (05-38-28).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 207635
Uplynulý čas: 1 minut, 14 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
# AdwCleaner v2.115 - Logfile created 03/26/2013 at 05:43:36
# Updated 17/03/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Cary - CARY-PC
# Boot Mode : Normal
# Running from : C:\Users\Cary\Desktop\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\Users\Cary\AppData\Local\Temp\Uninstall.exe
***** [Registry] *****
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16470
[OK] Registry is clean.
-\\ Mozilla Firefox v19.0.2 (cs)
File : C:\Users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\prefs.js
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [719 octets] - [26/03/2013 05:43:36]
########## EOF - C:\AdwCleaner[R1].txt - [778 octets] ##########
www.malwarebytes.org
Verze: v2013.03.26.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Cary :: CARY-PC [administrátor]
26.3.2013 5:38:28
mbam-log-2013-03-26 (05-38-28).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 207635
Uplynulý čas: 1 minut, 14 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
# AdwCleaner v2.115 - Logfile created 03/26/2013 at 05:43:36
# Updated 17/03/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Cary - CARY-PC
# Boot Mode : Normal
# Running from : C:\Users\Cary\Desktop\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\Users\Cary\AppData\Local\Temp\Uninstall.exe
***** [Registry] *****
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16470
[OK] Registry is clean.
-\\ Mozilla Firefox v19.0.2 (cs)
File : C:\Users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\prefs.js
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [719 octets] - [26/03/2013 05:43:36]
########## EOF - C:\AdwCleaner[R1].txt - [778 octets] ##########
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu - vyskakování z aplikací
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Delete“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Klikni na „ Delete“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu - vyskakování z aplikací
# AdwCleaner v2.115 - Logfile created 03/26/2013 at 12:37:23
# Updated 17/03/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Cary - CARY-PC
# Boot Mode : Normal
# Running from : C:\Users\Cary\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Deleted on reboot : C:\Users\Cary\AppData\Local\Temp\Zynga
***** [Registry] *****
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16470
[OK] Registry is clean.
-\\ Mozilla Firefox v19.0.2 (cs)
File : C:\Users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\prefs.js
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [846 octets] - [26/03/2013 05:43:36]
AdwCleaner[S1].txt - [904 octets] - [26/03/2013 12:33:59]
AdwCleaner[S2].txt - [836 octets] - [26/03/2013 12:37:23]
########## EOF - C:\AdwCleaner[S2].txt - [895 octets] ##########
RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Cary [Práva správce]
Mód : Kontrola -- Datum : 03/26/2013 12:48:58
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[RUN][SUSP PATH] [ON_E:]HKLM\Software[...]\Run : ARC ("C:\DOCUME~1\ONDEJM~1\LOCALS~1\Temp\tempalbert\MSASCul.exe") [x] -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
-> E:\windows\system32\config\SOFTWARE
-> E:\windows\system32\config\SYSTEM
-> E:\Documents and Settings\Administrator\NTUSER.DAT
-> E:\Documents and Settings\Default User\NTUSER.DAT
-> E:\Documents and Settings\LocalService\NTUSER.DAT
-> E:\Documents and Settings\NetworkService\NTUSER.DAT
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: KINGSTON SV300S37A120G ATA Device +++++
--- User ---
[MBR] babcb3ddfb6a3c197dbe818ae2faefd5
[BSP] 46600a25202294eab459235cb76f0c40 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 114370 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: WDC WD5000AAKS-40YGA1 ATA Device +++++
--- User ---
[MBR] dad2033e6bcac828cdc844d172fb92b3
[BSP] 692512ce414828e05e97192a61e22e4a : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 99998 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 204796620 | Size: 376931 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive2: Kingston DataTraveler 2.0 USB Device +++++
--- User ---
[MBR] 253a87b91b002c5d3d1863baee4455d6
[BSP] ef3177ea6997481f5647d45aa222b26f : Empty MBR Code
Partition table:
0 - [ACTIVE] FAT16-LBA (0x0e) [VISIBLE] Offset (sectors): 32 | Size: 491 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Dokončeno : << RKreport[1]_S_03262013_02d1248.txt >>
RKreport[1]_S_03262013_02d1248.txt
# Updated 17/03/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Cary - CARY-PC
# Boot Mode : Normal
# Running from : C:\Users\Cary\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Deleted on reboot : C:\Users\Cary\AppData\Local\Temp\Zynga
***** [Registry] *****
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16470
[OK] Registry is clean.
-\\ Mozilla Firefox v19.0.2 (cs)
File : C:\Users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\prefs.js
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [846 octets] - [26/03/2013 05:43:36]
AdwCleaner[S1].txt - [904 octets] - [26/03/2013 12:33:59]
AdwCleaner[S2].txt - [836 octets] - [26/03/2013 12:37:23]
########## EOF - C:\AdwCleaner[S2].txt - [895 octets] ##########
RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Cary [Práva správce]
Mód : Kontrola -- Datum : 03/26/2013 12:48:58
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[RUN][SUSP PATH] [ON_E:]HKLM\Software[...]\Run : ARC ("C:\DOCUME~1\ONDEJM~1\LOCALS~1\Temp\tempalbert\MSASCul.exe") [x] -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
-> E:\windows\system32\config\SOFTWARE
-> E:\windows\system32\config\SYSTEM
-> E:\Documents and Settings\Administrator\NTUSER.DAT
-> E:\Documents and Settings\Default User\NTUSER.DAT
-> E:\Documents and Settings\LocalService\NTUSER.DAT
-> E:\Documents and Settings\NetworkService\NTUSER.DAT
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: KINGSTON SV300S37A120G ATA Device +++++
--- User ---
[MBR] babcb3ddfb6a3c197dbe818ae2faefd5
[BSP] 46600a25202294eab459235cb76f0c40 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 114370 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: WDC WD5000AAKS-40YGA1 ATA Device +++++
--- User ---
[MBR] dad2033e6bcac828cdc844d172fb92b3
[BSP] 692512ce414828e05e97192a61e22e4a : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 99998 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 204796620 | Size: 376931 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive2: Kingston DataTraveler 2.0 USB Device +++++
--- User ---
[MBR] 253a87b91b002c5d3d1863baee4455d6
[BSP] ef3177ea6997481f5647d45aa222b26f : Empty MBR Code
Partition table:
0 - [ACTIVE] FAT16-LBA (0x0e) [VISIBLE] Offset (sectors): 32 | Size: 491 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Dokončeno : << RKreport[1]_S_03262013_02d1248.txt >>
RKreport[1]_S_03262013_02d1248.txt
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu - vyskakování z aplikací
Zavři všechny programy a prohlížeče.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Scan "
- Klikni na "Delete"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [1]. txt na ploše.
- Zavři RogueKiller
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Scan "
- Klikni na "Delete"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [1]. txt na ploše.
- Zavři RogueKiller
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Re: Prosím o kontrolu logu - vyskakování z aplikací
RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Cary [Práva správce]
Mód : Odebrat -- Datum : 03/26/2013 20:17:29
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
-> E:\windows\system32\config\SOFTWARE
-> E:\windows\system32\config\SYSTEM
-> E:\Documents and Settings\Administrator\NTUSER.DAT
-> E:\Documents and Settings\Default User\NTUSER.DAT
-> E:\Documents and Settings\LocalService\NTUSER.DAT
-> E:\Documents and Settings\NetworkService\NTUSER.DAT
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: KINGSTON SV300S37A120G ATA Device +++++
--- User ---
[MBR] babcb3ddfb6a3c197dbe818ae2faefd5
[BSP] 46600a25202294eab459235cb76f0c40 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 114370 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: WDC WD5000AAKS-40YGA1 ATA Device +++++
--- User ---
[MBR] dad2033e6bcac828cdc844d172fb92b3
[BSP] 692512ce414828e05e97192a61e22e4a : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 99998 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 204796620 | Size: 376931 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[3]_D_03262013_02d2017.txt >>
RKreport[1]_S_03262013_02d2015.txt ; RKreport[2]_D_03262013_02d2016.txt ; RKreport[3]_D_03262013_02d2017.txt
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Cary [Práva správce]
Mód : Odebrat -- Datum : 03/26/2013 20:17:29
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
-> E:\windows\system32\config\SOFTWARE
-> E:\windows\system32\config\SYSTEM
-> E:\Documents and Settings\Administrator\NTUSER.DAT
-> E:\Documents and Settings\Default User\NTUSER.DAT
-> E:\Documents and Settings\LocalService\NTUSER.DAT
-> E:\Documents and Settings\NetworkService\NTUSER.DAT
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: KINGSTON SV300S37A120G ATA Device +++++
--- User ---
[MBR] babcb3ddfb6a3c197dbe818ae2faefd5
[BSP] 46600a25202294eab459235cb76f0c40 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 114370 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: WDC WD5000AAKS-40YGA1 ATA Device +++++
--- User ---
[MBR] dad2033e6bcac828cdc844d172fb92b3
[BSP] 692512ce414828e05e97192a61e22e4a : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 99998 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 204796620 | Size: 376931 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[3]_D_03262013_02d2017.txt >>
RKreport[1]_S_03262013_02d2015.txt ; RKreport[2]_D_03262013_02d2016.txt ; RKreport[3]_D_03262013_02d2017.txt
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu - vyskakování z aplikací
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu - vyskakování z aplikací
ComboFix 13-03-27.01 - Cary 28.03.2013 6:31.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.8190.6568 [GMT 1:00]
Spuštěný z: c:\users\Cary\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-28 do 2013-03-28 )))))))))))))))))))))))))))))))
.
.
2013-03-28 05:35 . 2013-03-28 05:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-26 11:34 . 2013-03-26 11:37 208 ----a-w- c:\windows\DeleteOnReboot.bat
2013-03-26 07:39 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{23601452-6469-4456-8964-5A96A77B9A0B}\mpengine.dll
2013-03-26 04:37 . 2013-03-26 04:37 -------- d-----w- c:\users\Cary\AppData\Roaming\Malwarebytes
2013-03-26 04:37 . 2013-03-26 04:37 -------- d-----w- c:\programdata\Malwarebytes
2013-03-26 04:37 . 2013-03-26 04:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-03-26 04:37 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-26 04:23 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-22 15:20 . 2013-03-22 15:20 -------- d-----w- c:\program files (x86)\Trend Micro
2013-03-22 05:36 . 2013-03-06 23:33 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-22 05:36 . 2013-03-06 23:33 178624 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-20 17:46 . 2013-03-20 17:46 -------- d-----w- c:\users\Default\AppData\Local\Google
2013-03-19 08:36 . 2008-10-15 05:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll
2013-03-19 08:36 . 2008-10-15 05:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll
2013-03-19 08:36 . 2008-10-15 05:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2013-03-19 08:36 . 2008-10-15 05:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll
2013-03-19 08:36 . 2008-10-15 05:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll
2013-03-19 08:36 . 2008-10-15 05:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2013-03-19 08:23 . 2013-03-19 08:35 -------- d-----w- c:\users\Cary\AppData\Local\Ubisoft Game Launcher
2013-03-19 08:23 . 2013-03-19 08:23 -------- d-----w- c:\programdata\Ubisoft
2013-03-19 08:22 . 2013-03-19 08:22 -------- d-----w- c:\program files (x86)\Ubisoft
2013-03-19 08:22 . 2013-03-19 08:22 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-03-19 08:22 . 2013-03-19 08:22 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-03-17 16:00 . 2013-03-17 16:00 -------- d-----w- c:\programdata\CanonIJ
2013-03-17 15:29 . 2013-03-17 15:29 -------- d--h--w- c:\programdata\CanonEPP
2013-03-17 15:29 . 2013-03-17 15:33 -------- d-----w- c:\users\Cary\AppData\Roaming\Canon
2013-03-17 15:26 . 2013-03-17 15:26 -------- d-----w- c:\program files\Common Files\CANON
2013-03-17 15:25 . 2013-03-17 15:25 -------- d-----w- c:\program files\Canon
2013-03-17 15:11 . 2013-03-17 15:11 -------- d-----w- c:\programdata\Canon IJ Network Tool
2013-03-17 15:11 . 2013-03-17 15:29 -------- d-----w- c:\program files (x86)\Canon
2013-03-17 15:11 . 2011-03-31 09:07 114688 ----a-w- c:\windows\SysWow64\CNC_ATU.dll
2013-03-17 15:11 . 2011-03-30 11:54 323584 ----a-w- c:\windows\SysWow64\CNC_ATL.dll
2013-03-17 15:11 . 2008-08-25 17:02 15872 ----a-w- c:\windows\SysWow64\CNHMCA.dll
2013-03-17 15:11 . 2013-03-17 15:11 -------- d-----w- c:\windows\system32\STRING
2013-03-17 15:11 . 2012-06-14 16:18 39424 ----a-w- c:\windows\system32\CNMN6UI.DLL
2013-03-17 15:11 . 2012-06-14 16:18 359936 ----a-w- c:\windows\system32\CNMN6PPM.DLL
2013-03-17 15:11 . 2012-06-14 16:18 366592 ----a-w- c:\windows\SysWow64\CNMNPPM.DLL
2013-03-17 15:10 . 2012-03-14 04:00 99840 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPPAT.DLL
2013-03-17 15:10 . 2012-03-14 04:00 30208 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPDAT.DLL
2013-03-17 15:10 . 2013-03-17 15:10 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2013-03-17 15:10 . 2012-03-14 04:00 385024 ----a-w- c:\windows\system32\CNMLMAT.DLL
2013-03-17 15:10 . 2011-02-03 08:20 256000 ----a-w- c:\windows\system32\CNMIUAT.DLL
2013-03-17 15:00 . 2013-03-17 15:01 -------- d-----w- c:\users\Cary\AppData\Roaming\TP-LINK
2013-03-17 14:59 . 2013-03-17 14:59 -------- d-----w- c:\program files (x86)\TP-LINK
2013-03-17 14:58 . 2011-04-20 02:07 1930240 ----a-w- c:\windows\system32\drivers\athurx.sys
2013-03-17 14:58 . 2011-04-20 02:07 1930240 ----a-w- c:\windows\system32\athurx.sys
2013-03-17 14:58 . 2013-03-17 14:59 -------- d-----w- c:\programdata\TP-LINK
2013-03-14 19:50 . 2013-03-26 19:12 -------- d-----w- c:\users\Cary\AppData\Local\GrowJOB_Institute
2013-03-06 06:39 . 2013-03-06 06:39 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2013-03-06 06:39 . 2013-03-06 06:39 -------- d-----w- c:\users\Cary\AppData\Roaming\SystemRequirementsLab
2013-03-05 17:31 . 2013-03-05 17:31 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-05 17:31 . 2013-03-05 17:31 -------- d-----w- c:\program files (x86)\Java
2013-03-05 15:30 . 2013-03-05 15:30 -------- d--h--w- c:\programdata\CanonBJ
2013-03-05 15:30 . 2006-09-12 19:00 80896 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPP78.DLL
2013-03-05 15:30 . 2006-09-12 19:00 27136 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPD78.DLL
2013-03-05 15:30 . 2006-09-12 19:00 234496 ----a-w- c:\windows\system32\CNMLM78.DLL
2013-03-01 07:59 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-02-28 11:57 . 2013-02-28 11:57 -------- d-----w- c:\windows\system32\SPReview
2013-02-28 11:56 . 2013-02-28 11:57 -------- d-----w- c:\windows\system32\EventProviders
2013-02-28 11:50 . 2013-02-28 11:50 7450888 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\c8dac11f1ce15a95f\bingbarsetup.exe
2013-02-28 11:47 . 2013-02-28 11:47 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\697b17c91ce15a94b\MeshBetaRemover.exe
2013-02-28 11:44 . 2013-02-28 11:44 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\596b8bf1ce15a937\DSETUP.dll
2013-02-28 11:44 . 2013-02-28 11:44 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\596b8bf1ce15a937\DXSETUP.exe
2013-02-28 11:44 . 2013-02-28 11:44 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\596b8bf1ce15a937\dsetup32.dll
2013-02-28 11:44 . 2013-02-28 11:44 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\188e0c81ce15a936\DSETUP.dll
2013-02-28 11:44 . 2013-02-28 11:44 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\188e0c81ce15a936\DXSETUP.exe
2013-02-28 11:44 . 2013-02-28 11:44 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\188e0c81ce15a936\dsetup32.dll
2013-02-28 11:40 . 2013-02-28 11:40 6260088 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\5cdc6eb71ce15a815\Silverlight.4.0.exe
2013-02-26 09:40 . 2013-02-26 09:41 -------- d-----w- c:\program files (x86)\Google
2013-02-26 09:40 . 2013-02-26 09:41 -------- d-----w- c:\users\Cary\AppData\Local\Google
2013-02-26 09:26 . 2013-03-26 13:45 -------- d-----w- c:\users\Cary\AppData\Local\Deployment
2013-02-26 09:26 . 2013-02-26 09:26 -------- d-----w- c:\users\Cary\AppData\Local\Apps
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-18 05:17 . 2013-02-24 07:04 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-18 05:17 . 2013-02-24 07:04 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-13 21:46 . 2013-02-23 21:18 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-03-06 23:33 . 2013-02-23 23:02 70992 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-03-06 23:33 . 2013-02-23 23:02 68920 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2013-02-23 23:02 377920 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2013-02-23 23:02 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2013-02-23 23:02 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:33 . 2013-02-23 23:02 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:32 . 2013-02-23 23:02 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2013-02-23 23:02 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-03-05 17:31 . 2013-02-25 07:46 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-05 17:31 . 2013-02-25 07:46 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-02-28 12:03 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-02-28 12:03 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-02-24 06:54 . 2013-02-24 06:54 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2013-02-24 06:54 . 2013-02-24 06:54 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-02-24 06:54 . 2013-02-24 06:54 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2013-02-24 06:54 . 2013-02-24 06:54 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-02-23 20:42 . 2013-02-23 20:42 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-02-23 20:42 . 2013-02-23 20:42 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2013-02-23 20:42 . 2013-02-23 20:42 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-02-23 20:42 . 2013-02-23 20:42 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-02-23 20:42 . 2013-02-23 20:42 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2013-02-23 20:42 . 2013-02-23 20:42 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-02-23 20:42 . 2013-02-23 20:42 85504 ----a-w- c:\windows\system32\iesetup.dll
2013-02-23 20:42 . 2013-02-23 20:42 82432 ----a-w- c:\windows\system32\icardie.dll
2013-02-23 20:42 . 2013-02-23 20:42 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-02-23 20:42 . 2013-02-23 20:42 76800 ----a-w- c:\windows\system32\tdc.ocx
2013-02-23 20:42 . 2013-02-23 20:42 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-02-23 20:42 . 2013-02-23 20:42 65024 ----a-w- c:\windows\system32\pngfilt.dll
2013-02-23 20:42 . 2013-02-23 20:42 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-02-23 20:42 . 2013-02-23 20:42 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-02-23 20:42 . 2013-02-23 20:42 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2013-02-23 20:42 . 2013-02-23 20:42 49664 ----a-w- c:\windows\system32\imgutil.dll
2013-02-23 20:42 . 2013-02-23 20:42 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-02-23 20:42 . 2013-02-23 20:42 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-02-23 20:42 . 2013-02-23 20:42 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2013-02-23 20:42 . 2013-02-23 20:42 448512 ----a-w- c:\windows\system32\html.iec
2013-02-23 20:42 . 2013-02-23 20:42 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2013-02-23 20:42 . 2013-02-23 20:42 39936 ----a-w- c:\windows\system32\iernonce.dll
2013-02-23 20:42 . 2013-02-23 20:42 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-02-23 20:42 . 2013-02-23 20:42 367104 ----a-w- c:\windows\SysWow64\html.iec
2013-02-23 20:42 . 2013-02-23 20:42 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-02-23 20:42 . 2013-02-23 20:42 30720 ----a-w- c:\windows\system32\licmgr10.dll
2013-02-23 20:42 . 2013-02-23 20:42 282112 ----a-w- c:\windows\system32\dxtrans.dll
2013-02-23 20:42 . 2013-02-23 20:42 267776 ----a-w- c:\windows\system32\ieaksie.dll
2013-02-23 20:42 . 2013-02-23 20:42 249344 ----a-w- c:\windows\system32\webcheck.dll
2013-02-23 20:42 . 2013-02-23 20:42 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-02-23 20:42 . 2013-02-23 20:42 222208 ----a-w- c:\windows\system32\msls31.dll
2013-02-23 20:42 . 2013-02-23 20:42 197120 ----a-w- c:\windows\system32\msrating.dll
2013-02-23 20:42 . 2013-02-23 20:42 165888 ----a-w- c:\windows\system32\iexpress.exe
2013-02-23 20:42 . 2013-02-23 20:42 163840 ----a-w- c:\windows\system32\ieakui.dll
2013-02-23 20:42 . 2013-02-23 20:42 160256 ----a-w- c:\windows\system32\wextract.exe
2013-02-23 20:42 . 2013-02-23 20:42 160256 ----a-w- c:\windows\system32\ieakeng.dll
2013-02-23 20:42 . 2013-02-23 20:42 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2013-02-23 20:42 . 2013-02-23 20:42 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-02-23 20:42 . 2013-02-23 20:42 149504 ----a-w- c:\windows\system32\occache.dll
2013-02-23 20:42 . 2013-02-23 20:42 145920 ----a-w- c:\windows\system32\iepeers.dll
2013-02-23 20:42 . 2013-02-23 20:42 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-02-23 20:42 . 2013-02-23 20:42 12288 ----a-w- c:\windows\system32\mshta.exe
2013-02-23 20:42 . 2013-02-23 20:42 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2013-02-23 20:42 . 2013-02-23 20:42 114176 ----a-w- c:\windows\system32\admparse.dll
2013-02-23 20:42 . 2013-02-23 20:42 111616 ----a-w- c:\windows\system32\iesysprep.dll
2013-02-23 20:42 . 2013-02-23 20:42 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-02-23 20:42 . 2013-02-23 20:42 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2013-02-23 20:42 . 2013-02-23 20:42 103936 ----a-w- c:\windows\system32\inseng.dll
2013-02-23 20:42 . 2013-02-23 20:42 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2013-01-17 00:28 . 2013-02-23 20:05 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-05 05:53 . 2013-02-23 20:14 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-05 05:00 . 2013-02-23 20:14 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00 . 2013-02-23 20:14 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-01-04 05:46 . 2013-02-23 20:12 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-01-04 04:51 . 2013-02-23 20:12 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-01-04 04:43 . 2013-02-23 20:12 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-01-04 03:26 . 2013-02-23 20:12 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-01-04 02:47 . 2013-02-23 20:12 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-01-04 02:47 . 2013-02-23 20:12 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-01-04 02:47 . 2013-02-23 20:12 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-01-04 02:47 . 2013-02-23 20:12 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-01-03 06:00 . 2013-02-23 20:12 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-03 06:00 . 2013-02-23 20:12 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-03-07 19357112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-08-04 1612920]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2011-01-15 452016]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TP-LINK Wireless Configuration Utility.lnk - c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe [2013-3-17 788992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 aswVmm;aswVmm; [x]
R3 cpuz130;cpuz130;c:\users\Cary\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 cpuz135;cpuz135;c:\users\Cary\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
R3 cpuz136;cpuz136;c:\users\Cary\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [2011-06-15 58472]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan620.sys [2011-09-16 32360]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [2011-06-15 58472]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;tsusbhub [x]
S0 aswRvrt;aswRvrt; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-12-19 240640]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2011-06-15 27136]
S3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys [2011-04-20 1930240]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-26 09:40]
.
2013-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-26 09:40]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-03-07 15:31 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-03-07 15:31 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-03-07 15:31 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-03-07 15:31 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-14 2779024]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://hosting.getmore.eu/optimalenergy ... npage=true
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\
FF - ExtSQL: 2013-02-24 00:02; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-02-24 00:15; snaplinks@snaplinks.mozdev.org; c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\extensions\snaplinks@snaplinks.mozdev.org.xpi
FF - ExtSQL: 2013-02-24 00:17; {3d7eb24f-2740-49df-8937-200b1cc08f8a}; c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi
FF - ExtSQL: 2013-02-24 00:18; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-02-24 00:18; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-03-28 06:36:42
ComboFix-quarantined-files.txt 2013-03-28 05:36
.
Před spuštěním: Volných bajtů: 47 617 531 904
Po spuštění: Volných bajtů: 47 733 448 704
.
- - End Of File - - 4167D5230B26A2A32A97DC417322CFAA
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.8190.6568 [GMT 1:00]
Spuštěný z: c:\users\Cary\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-28 do 2013-03-28 )))))))))))))))))))))))))))))))
.
.
2013-03-28 05:35 . 2013-03-28 05:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-26 11:34 . 2013-03-26 11:37 208 ----a-w- c:\windows\DeleteOnReboot.bat
2013-03-26 07:39 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{23601452-6469-4456-8964-5A96A77B9A0B}\mpengine.dll
2013-03-26 04:37 . 2013-03-26 04:37 -------- d-----w- c:\users\Cary\AppData\Roaming\Malwarebytes
2013-03-26 04:37 . 2013-03-26 04:37 -------- d-----w- c:\programdata\Malwarebytes
2013-03-26 04:37 . 2013-03-26 04:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-03-26 04:37 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-26 04:23 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-22 15:20 . 2013-03-22 15:20 -------- d-----w- c:\program files (x86)\Trend Micro
2013-03-22 05:36 . 2013-03-06 23:33 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-22 05:36 . 2013-03-06 23:33 178624 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-20 17:46 . 2013-03-20 17:46 -------- d-----w- c:\users\Default\AppData\Local\Google
2013-03-19 08:36 . 2008-10-15 05:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll
2013-03-19 08:36 . 2008-10-15 05:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll
2013-03-19 08:36 . 2008-10-15 05:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2013-03-19 08:36 . 2008-10-15 05:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll
2013-03-19 08:36 . 2008-10-15 05:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll
2013-03-19 08:36 . 2008-10-15 05:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2013-03-19 08:23 . 2013-03-19 08:35 -------- d-----w- c:\users\Cary\AppData\Local\Ubisoft Game Launcher
2013-03-19 08:23 . 2013-03-19 08:23 -------- d-----w- c:\programdata\Ubisoft
2013-03-19 08:22 . 2013-03-19 08:22 -------- d-----w- c:\program files (x86)\Ubisoft
2013-03-19 08:22 . 2013-03-19 08:22 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-03-19 08:22 . 2013-03-19 08:22 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-03-17 16:00 . 2013-03-17 16:00 -------- d-----w- c:\programdata\CanonIJ
2013-03-17 15:29 . 2013-03-17 15:29 -------- d--h--w- c:\programdata\CanonEPP
2013-03-17 15:29 . 2013-03-17 15:33 -------- d-----w- c:\users\Cary\AppData\Roaming\Canon
2013-03-17 15:26 . 2013-03-17 15:26 -------- d-----w- c:\program files\Common Files\CANON
2013-03-17 15:25 . 2013-03-17 15:25 -------- d-----w- c:\program files\Canon
2013-03-17 15:11 . 2013-03-17 15:11 -------- d-----w- c:\programdata\Canon IJ Network Tool
2013-03-17 15:11 . 2013-03-17 15:29 -------- d-----w- c:\program files (x86)\Canon
2013-03-17 15:11 . 2011-03-31 09:07 114688 ----a-w- c:\windows\SysWow64\CNC_ATU.dll
2013-03-17 15:11 . 2011-03-30 11:54 323584 ----a-w- c:\windows\SysWow64\CNC_ATL.dll
2013-03-17 15:11 . 2008-08-25 17:02 15872 ----a-w- c:\windows\SysWow64\CNHMCA.dll
2013-03-17 15:11 . 2013-03-17 15:11 -------- d-----w- c:\windows\system32\STRING
2013-03-17 15:11 . 2012-06-14 16:18 39424 ----a-w- c:\windows\system32\CNMN6UI.DLL
2013-03-17 15:11 . 2012-06-14 16:18 359936 ----a-w- c:\windows\system32\CNMN6PPM.DLL
2013-03-17 15:11 . 2012-06-14 16:18 366592 ----a-w- c:\windows\SysWow64\CNMNPPM.DLL
2013-03-17 15:10 . 2012-03-14 04:00 99840 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPPAT.DLL
2013-03-17 15:10 . 2012-03-14 04:00 30208 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPDAT.DLL
2013-03-17 15:10 . 2013-03-17 15:10 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2013-03-17 15:10 . 2012-03-14 04:00 385024 ----a-w- c:\windows\system32\CNMLMAT.DLL
2013-03-17 15:10 . 2011-02-03 08:20 256000 ----a-w- c:\windows\system32\CNMIUAT.DLL
2013-03-17 15:00 . 2013-03-17 15:01 -------- d-----w- c:\users\Cary\AppData\Roaming\TP-LINK
2013-03-17 14:59 . 2013-03-17 14:59 -------- d-----w- c:\program files (x86)\TP-LINK
2013-03-17 14:58 . 2011-04-20 02:07 1930240 ----a-w- c:\windows\system32\drivers\athurx.sys
2013-03-17 14:58 . 2011-04-20 02:07 1930240 ----a-w- c:\windows\system32\athurx.sys
2013-03-17 14:58 . 2013-03-17 14:59 -------- d-----w- c:\programdata\TP-LINK
2013-03-14 19:50 . 2013-03-26 19:12 -------- d-----w- c:\users\Cary\AppData\Local\GrowJOB_Institute
2013-03-06 06:39 . 2013-03-06 06:39 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2013-03-06 06:39 . 2013-03-06 06:39 -------- d-----w- c:\users\Cary\AppData\Roaming\SystemRequirementsLab
2013-03-05 17:31 . 2013-03-05 17:31 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-05 17:31 . 2013-03-05 17:31 -------- d-----w- c:\program files (x86)\Java
2013-03-05 15:30 . 2013-03-05 15:30 -------- d--h--w- c:\programdata\CanonBJ
2013-03-05 15:30 . 2006-09-12 19:00 80896 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPP78.DLL
2013-03-05 15:30 . 2006-09-12 19:00 27136 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPD78.DLL
2013-03-05 15:30 . 2006-09-12 19:00 234496 ----a-w- c:\windows\system32\CNMLM78.DLL
2013-03-01 07:59 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-02-28 11:57 . 2013-02-28 11:57 -------- d-----w- c:\windows\system32\SPReview
2013-02-28 11:56 . 2013-02-28 11:57 -------- d-----w- c:\windows\system32\EventProviders
2013-02-28 11:50 . 2013-02-28 11:50 7450888 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\c8dac11f1ce15a95f\bingbarsetup.exe
2013-02-28 11:47 . 2013-02-28 11:47 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\697b17c91ce15a94b\MeshBetaRemover.exe
2013-02-28 11:44 . 2013-02-28 11:44 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\596b8bf1ce15a937\DSETUP.dll
2013-02-28 11:44 . 2013-02-28 11:44 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\596b8bf1ce15a937\DXSETUP.exe
2013-02-28 11:44 . 2013-02-28 11:44 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\596b8bf1ce15a937\dsetup32.dll
2013-02-28 11:44 . 2013-02-28 11:44 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\188e0c81ce15a936\DSETUP.dll
2013-02-28 11:44 . 2013-02-28 11:44 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\188e0c81ce15a936\DXSETUP.exe
2013-02-28 11:44 . 2013-02-28 11:44 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\188e0c81ce15a936\dsetup32.dll
2013-02-28 11:40 . 2013-02-28 11:40 6260088 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\5cdc6eb71ce15a815\Silverlight.4.0.exe
2013-02-26 09:40 . 2013-02-26 09:41 -------- d-----w- c:\program files (x86)\Google
2013-02-26 09:40 . 2013-02-26 09:41 -------- d-----w- c:\users\Cary\AppData\Local\Google
2013-02-26 09:26 . 2013-03-26 13:45 -------- d-----w- c:\users\Cary\AppData\Local\Deployment
2013-02-26 09:26 . 2013-02-26 09:26 -------- d-----w- c:\users\Cary\AppData\Local\Apps
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-18 05:17 . 2013-02-24 07:04 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-18 05:17 . 2013-02-24 07:04 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-13 21:46 . 2013-02-23 21:18 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-03-06 23:33 . 2013-02-23 23:02 70992 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-03-06 23:33 . 2013-02-23 23:02 68920 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2013-02-23 23:02 377920 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2013-02-23 23:02 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2013-02-23 23:02 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:33 . 2013-02-23 23:02 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:32 . 2013-02-23 23:02 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2013-02-23 23:02 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-03-05 17:31 . 2013-02-25 07:46 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-05 17:31 . 2013-02-25 07:46 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-02-28 12:03 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-02-28 12:03 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-02-24 06:54 . 2013-02-24 06:54 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2013-02-24 06:54 . 2013-02-24 06:54 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-02-24 06:54 . 2013-02-24 06:54 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2013-02-24 06:54 . 2013-02-24 06:54 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-02-23 20:42 . 2013-02-23 20:42 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-02-23 20:42 . 2013-02-23 20:42 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2013-02-23 20:42 . 2013-02-23 20:42 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-02-23 20:42 . 2013-02-23 20:42 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-02-23 20:42 . 2013-02-23 20:42 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2013-02-23 20:42 . 2013-02-23 20:42 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-02-23 20:42 . 2013-02-23 20:42 85504 ----a-w- c:\windows\system32\iesetup.dll
2013-02-23 20:42 . 2013-02-23 20:42 82432 ----a-w- c:\windows\system32\icardie.dll
2013-02-23 20:42 . 2013-02-23 20:42 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-02-23 20:42 . 2013-02-23 20:42 76800 ----a-w- c:\windows\system32\tdc.ocx
2013-02-23 20:42 . 2013-02-23 20:42 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-02-23 20:42 . 2013-02-23 20:42 65024 ----a-w- c:\windows\system32\pngfilt.dll
2013-02-23 20:42 . 2013-02-23 20:42 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-02-23 20:42 . 2013-02-23 20:42 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-02-23 20:42 . 2013-02-23 20:42 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2013-02-23 20:42 . 2013-02-23 20:42 49664 ----a-w- c:\windows\system32\imgutil.dll
2013-02-23 20:42 . 2013-02-23 20:42 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-02-23 20:42 . 2013-02-23 20:42 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-02-23 20:42 . 2013-02-23 20:42 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2013-02-23 20:42 . 2013-02-23 20:42 448512 ----a-w- c:\windows\system32\html.iec
2013-02-23 20:42 . 2013-02-23 20:42 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2013-02-23 20:42 . 2013-02-23 20:42 39936 ----a-w- c:\windows\system32\iernonce.dll
2013-02-23 20:42 . 2013-02-23 20:42 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-02-23 20:42 . 2013-02-23 20:42 367104 ----a-w- c:\windows\SysWow64\html.iec
2013-02-23 20:42 . 2013-02-23 20:42 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-02-23 20:42 . 2013-02-23 20:42 30720 ----a-w- c:\windows\system32\licmgr10.dll
2013-02-23 20:42 . 2013-02-23 20:42 282112 ----a-w- c:\windows\system32\dxtrans.dll
2013-02-23 20:42 . 2013-02-23 20:42 267776 ----a-w- c:\windows\system32\ieaksie.dll
2013-02-23 20:42 . 2013-02-23 20:42 249344 ----a-w- c:\windows\system32\webcheck.dll
2013-02-23 20:42 . 2013-02-23 20:42 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-02-23 20:42 . 2013-02-23 20:42 222208 ----a-w- c:\windows\system32\msls31.dll
2013-02-23 20:42 . 2013-02-23 20:42 197120 ----a-w- c:\windows\system32\msrating.dll
2013-02-23 20:42 . 2013-02-23 20:42 165888 ----a-w- c:\windows\system32\iexpress.exe
2013-02-23 20:42 . 2013-02-23 20:42 163840 ----a-w- c:\windows\system32\ieakui.dll
2013-02-23 20:42 . 2013-02-23 20:42 160256 ----a-w- c:\windows\system32\wextract.exe
2013-02-23 20:42 . 2013-02-23 20:42 160256 ----a-w- c:\windows\system32\ieakeng.dll
2013-02-23 20:42 . 2013-02-23 20:42 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2013-02-23 20:42 . 2013-02-23 20:42 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-02-23 20:42 . 2013-02-23 20:42 149504 ----a-w- c:\windows\system32\occache.dll
2013-02-23 20:42 . 2013-02-23 20:42 145920 ----a-w- c:\windows\system32\iepeers.dll
2013-02-23 20:42 . 2013-02-23 20:42 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-02-23 20:42 . 2013-02-23 20:42 12288 ----a-w- c:\windows\system32\mshta.exe
2013-02-23 20:42 . 2013-02-23 20:42 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2013-02-23 20:42 . 2013-02-23 20:42 114176 ----a-w- c:\windows\system32\admparse.dll
2013-02-23 20:42 . 2013-02-23 20:42 111616 ----a-w- c:\windows\system32\iesysprep.dll
2013-02-23 20:42 . 2013-02-23 20:42 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-02-23 20:42 . 2013-02-23 20:42 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2013-02-23 20:42 . 2013-02-23 20:42 103936 ----a-w- c:\windows\system32\inseng.dll
2013-02-23 20:42 . 2013-02-23 20:42 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2013-01-17 00:28 . 2013-02-23 20:05 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-05 05:53 . 2013-02-23 20:14 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-05 05:00 . 2013-02-23 20:14 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00 . 2013-02-23 20:14 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-01-04 05:46 . 2013-02-23 20:12 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-01-04 04:51 . 2013-02-23 20:12 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-01-04 04:43 . 2013-02-23 20:12 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-01-04 03:26 . 2013-02-23 20:12 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-01-04 02:47 . 2013-02-23 20:12 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-01-04 02:47 . 2013-02-23 20:12 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-01-04 02:47 . 2013-02-23 20:12 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-01-04 02:47 . 2013-02-23 20:12 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-01-03 06:00 . 2013-02-23 20:12 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-03 06:00 . 2013-02-23 20:12 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-03-07 19357112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-08-04 1612920]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2011-01-15 452016]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TP-LINK Wireless Configuration Utility.lnk - c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe [2013-3-17 788992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 aswVmm;aswVmm; [x]
R3 cpuz130;cpuz130;c:\users\Cary\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 cpuz135;cpuz135;c:\users\Cary\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
R3 cpuz136;cpuz136;c:\users\Cary\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [2011-06-15 58472]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan620.sys [2011-09-16 32360]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [2011-06-15 58472]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;tsusbhub [x]
S0 aswRvrt;aswRvrt; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-12-19 240640]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2011-06-15 27136]
S3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys [2011-04-20 1930240]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-26 09:40]
.
2013-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-26 09:40]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-03-07 15:31 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-03-07 15:31 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-03-07 15:31 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-03-07 15:31 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-14 2779024]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://hosting.getmore.eu/optimalenergy ... npage=true
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\
FF - ExtSQL: 2013-02-24 00:02; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-02-24 00:15; snaplinks@snaplinks.mozdev.org; c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\extensions\snaplinks@snaplinks.mozdev.org.xpi
FF - ExtSQL: 2013-02-24 00:17; {3d7eb24f-2740-49df-8937-200b1cc08f8a}; c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi
FF - ExtSQL: 2013-02-24 00:18; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-02-24 00:18; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-03-28 06:36:42
ComboFix-quarantined-files.txt 2013-03-28 05:36
.
Před spuštěním: Volných bajtů: 47 617 531 904
Po spuštění: Volných bajtů: 47 733 448 704
.
- - End Of File - - 4167D5230B26A2A32A97DC417322CFAA
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu - vyskakování z aplikací
Odinstaluj:
cpuz130
cpuz135
nech jen poslední verzi:
cpuz136
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
cpuz130
cpuz135
nech jen poslední verzi:
cpuz136
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Kód: Vybrat vše
ClearJavaCache::
KillAll::
File::
c:\windows\DeleteOnReboot.bat
Firefox::
FF - ProfilePath - c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\
FF - ExtSQL: 2013-02-24 00:17; {3d7eb24f-2740-49df-8937-200b1cc08f8a}; c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi
FF - ExtSQL: 2013-02-24 00:18; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-02-24 00:18; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu - vyskakování z aplikací
Poznamka: CPUZ na PC nainstolavane nemam - neni ani v prehledu nainstalovanych programu ani jsem ho nenasel nikde v PC
ComboFix 13-03-27.01 - Cary 28.03.2013 11:15:18.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.8190.6585 [GMT 1:00]
Spuštěný z: c:\users\Cary\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Cary\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\DeleteOnReboot.bat"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi
c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
c:\windows\DeleteOnReboot.bat
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-28 do 2013-03-28 )))))))))))))))))))))))))))))))
.
.
2013-03-28 10:19 . 2013-03-28 10:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-28 07:05 . 2013-03-28 07:05 -------- d-----w- c:\program files\7-Zip
2013-03-26 07:39 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{23601452-6469-4456-8964-5A96A77B9A0B}\mpengine.dll
2013-03-26 04:37 . 2013-03-26 04:37 -------- d-----w- c:\users\Cary\AppData\Roaming\Malwarebytes
2013-03-26 04:37 . 2013-03-26 04:37 -------- d-----w- c:\programdata\Malwarebytes
2013-03-26 04:37 . 2013-03-26 04:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-03-26 04:37 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-26 04:23 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-22 15:20 . 2013-03-22 15:20 -------- d-----w- c:\program files (x86)\Trend Micro
2013-03-22 05:36 . 2013-03-06 23:33 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-22 05:36 . 2013-03-06 23:33 178624 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-20 17:46 . 2013-03-20 17:46 -------- d-----w- c:\users\Default\AppData\Local\Google
2013-03-19 08:36 . 2008-10-15 05:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll
2013-03-19 08:36 . 2008-10-15 05:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll
2013-03-19 08:36 . 2008-10-15 05:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2013-03-19 08:36 . 2008-10-15 05:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll
2013-03-19 08:36 . 2008-10-15 05:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll
2013-03-19 08:36 . 2008-10-15 05:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2013-03-19 08:23 . 2013-03-19 08:35 -------- d-----w- c:\users\Cary\AppData\Local\Ubisoft Game Launcher
2013-03-19 08:23 . 2013-03-19 08:23 -------- d-----w- c:\programdata\Ubisoft
2013-03-19 08:22 . 2013-03-19 08:22 -------- d-----w- c:\program files (x86)\Ubisoft
2013-03-19 08:22 . 2013-03-19 08:22 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-03-19 08:22 . 2013-03-19 08:22 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-03-17 16:00 . 2013-03-17 16:00 -------- d-----w- c:\programdata\CanonIJ
2013-03-17 15:29 . 2013-03-17 15:29 -------- d--h--w- c:\programdata\CanonEPP
2013-03-17 15:29 . 2013-03-17 15:33 -------- d-----w- c:\users\Cary\AppData\Roaming\Canon
2013-03-17 15:26 . 2013-03-17 15:26 -------- d-----w- c:\program files\Common Files\CANON
2013-03-17 15:25 . 2013-03-17 15:25 -------- d-----w- c:\program files\Canon
2013-03-17 15:11 . 2013-03-17 15:11 -------- d-----w- c:\programdata\Canon IJ Network Tool
2013-03-17 15:11 . 2013-03-17 15:29 -------- d-----w- c:\program files (x86)\Canon
2013-03-17 15:11 . 2011-03-31 09:07 114688 ----a-w- c:\windows\SysWow64\CNC_ATU.dll
2013-03-17 15:11 . 2011-03-30 11:54 323584 ----a-w- c:\windows\SysWow64\CNC_ATL.dll
2013-03-17 15:11 . 2008-08-25 17:02 15872 ----a-w- c:\windows\SysWow64\CNHMCA.dll
2013-03-17 15:11 . 2013-03-17 15:11 -------- d-----w- c:\windows\system32\STRING
2013-03-17 15:11 . 2012-06-14 16:18 39424 ----a-w- c:\windows\system32\CNMN6UI.DLL
2013-03-17 15:11 . 2012-06-14 16:18 359936 ----a-w- c:\windows\system32\CNMN6PPM.DLL
2013-03-17 15:11 . 2012-06-14 16:18 366592 ----a-w- c:\windows\SysWow64\CNMNPPM.DLL
2013-03-17 15:10 . 2012-03-14 04:00 99840 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPPAT.DLL
2013-03-17 15:10 . 2012-03-14 04:00 30208 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPDAT.DLL
2013-03-17 15:10 . 2013-03-17 15:10 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2013-03-17 15:10 . 2012-03-14 04:00 385024 ----a-w- c:\windows\system32\CNMLMAT.DLL
2013-03-17 15:10 . 2011-02-03 08:20 256000 ----a-w- c:\windows\system32\CNMIUAT.DLL
2013-03-17 15:00 . 2013-03-17 15:01 -------- d-----w- c:\users\Cary\AppData\Roaming\TP-LINK
2013-03-17 14:59 . 2013-03-17 14:59 -------- d-----w- c:\program files (x86)\TP-LINK
2013-03-17 14:58 . 2011-04-20 02:07 1930240 ----a-w- c:\windows\system32\drivers\athurx.sys
2013-03-17 14:58 . 2011-04-20 02:07 1930240 ----a-w- c:\windows\system32\athurx.sys
2013-03-17 14:58 . 2013-03-17 14:59 -------- d-----w- c:\programdata\TP-LINK
2013-03-14 19:50 . 2013-03-26 19:12 -------- d-----w- c:\users\Cary\AppData\Local\GrowJOB_Institute
2013-03-06 06:39 . 2013-03-06 06:39 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2013-03-06 06:39 . 2013-03-06 06:39 -------- d-----w- c:\users\Cary\AppData\Roaming\SystemRequirementsLab
2013-03-05 17:31 . 2013-03-05 17:31 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-05 17:31 . 2013-03-05 17:31 -------- d-----w- c:\program files (x86)\Java
2013-03-05 15:30 . 2013-03-05 15:30 -------- d--h--w- c:\programdata\CanonBJ
2013-03-05 15:30 . 2006-09-12 19:00 80896 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPP78.DLL
2013-03-05 15:30 . 2006-09-12 19:00 27136 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPD78.DLL
2013-03-05 15:30 . 2006-09-12 19:00 234496 ----a-w- c:\windows\system32\CNMLM78.DLL
2013-03-01 07:59 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-02-28 11:57 . 2013-02-28 11:57 -------- d-----w- c:\windows\system32\SPReview
2013-02-28 11:56 . 2013-02-28 11:57 -------- d-----w- c:\windows\system32\EventProviders
2013-02-28 11:50 . 2013-02-28 11:50 7450888 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\c8dac11f1ce15a95f\bingbarsetup.exe
2013-02-28 11:47 . 2013-02-28 11:47 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\697b17c91ce15a94b\MeshBetaRemover.exe
2013-02-28 11:44 . 2013-02-28 11:44 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\596b8bf1ce15a937\DSETUP.dll
2013-02-28 11:44 . 2013-02-28 11:44 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\596b8bf1ce15a937\DXSETUP.exe
2013-02-28 11:44 . 2013-02-28 11:44 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\596b8bf1ce15a937\dsetup32.dll
2013-02-28 11:44 . 2013-02-28 11:44 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\188e0c81ce15a936\DSETUP.dll
2013-02-28 11:44 . 2013-02-28 11:44 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\188e0c81ce15a936\DXSETUP.exe
2013-02-28 11:44 . 2013-02-28 11:44 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\188e0c81ce15a936\dsetup32.dll
2013-02-28 11:40 . 2013-02-28 11:40 6260088 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\5cdc6eb71ce15a815\Silverlight.4.0.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-18 05:17 . 2013-02-24 07:04 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-18 05:17 . 2013-02-24 07:04 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-13 21:46 . 2013-02-23 21:18 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-03-06 23:33 . 2013-02-23 23:02 70992 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-03-06 23:33 . 2013-02-23 23:02 68920 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2013-02-23 23:02 377920 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2013-02-23 23:02 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2013-02-23 23:02 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:33 . 2013-02-23 23:02 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:32 . 2013-02-23 23:02 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2013-02-23 23:02 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-03-05 17:31 . 2013-02-25 07:46 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-05 17:31 . 2013-02-25 07:46 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-02-28 12:03 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-02-28 12:03 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-02-24 06:54 . 2013-02-24 06:54 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2013-02-24 06:54 . 2013-02-24 06:54 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-02-24 06:54 . 2013-02-24 06:54 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2013-02-24 06:54 . 2013-02-24 06:54 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-02-23 20:42 . 2013-02-23 20:42 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-02-23 20:42 . 2013-02-23 20:42 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2013-02-23 20:42 . 2013-02-23 20:42 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-02-23 20:42 . 2013-02-23 20:42 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-02-23 20:42 . 2013-02-23 20:42 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2013-02-23 20:42 . 2013-02-23 20:42 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-02-23 20:42 . 2013-02-23 20:42 85504 ----a-w- c:\windows\system32\iesetup.dll
2013-02-23 20:42 . 2013-02-23 20:42 82432 ----a-w- c:\windows\system32\icardie.dll
2013-02-23 20:42 . 2013-02-23 20:42 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-02-23 20:42 . 2013-02-23 20:42 76800 ----a-w- c:\windows\system32\tdc.ocx
2013-02-23 20:42 . 2013-02-23 20:42 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-02-23 20:42 . 2013-02-23 20:42 65024 ----a-w- c:\windows\system32\pngfilt.dll
2013-02-23 20:42 . 2013-02-23 20:42 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-02-23 20:42 . 2013-02-23 20:42 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-02-23 20:42 . 2013-02-23 20:42 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2013-02-23 20:42 . 2013-02-23 20:42 49664 ----a-w- c:\windows\system32\imgutil.dll
2013-02-23 20:42 . 2013-02-23 20:42 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-02-23 20:42 . 2013-02-23 20:42 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-02-23 20:42 . 2013-02-23 20:42 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2013-02-23 20:42 . 2013-02-23 20:42 448512 ----a-w- c:\windows\system32\html.iec
2013-02-23 20:42 . 2013-02-23 20:42 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2013-02-23 20:42 . 2013-02-23 20:42 39936 ----a-w- c:\windows\system32\iernonce.dll
2013-02-23 20:42 . 2013-02-23 20:42 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-02-23 20:42 . 2013-02-23 20:42 367104 ----a-w- c:\windows\SysWow64\html.iec
2013-02-23 20:42 . 2013-02-23 20:42 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-02-23 20:42 . 2013-02-23 20:42 30720 ----a-w- c:\windows\system32\licmgr10.dll
2013-02-23 20:42 . 2013-02-23 20:42 282112 ----a-w- c:\windows\system32\dxtrans.dll
2013-02-23 20:42 . 2013-02-23 20:42 267776 ----a-w- c:\windows\system32\ieaksie.dll
2013-02-23 20:42 . 2013-02-23 20:42 249344 ----a-w- c:\windows\system32\webcheck.dll
2013-02-23 20:42 . 2013-02-23 20:42 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-02-23 20:42 . 2013-02-23 20:42 222208 ----a-w- c:\windows\system32\msls31.dll
2013-02-23 20:42 . 2013-02-23 20:42 197120 ----a-w- c:\windows\system32\msrating.dll
2013-02-23 20:42 . 2013-02-23 20:42 165888 ----a-w- c:\windows\system32\iexpress.exe
2013-02-23 20:42 . 2013-02-23 20:42 163840 ----a-w- c:\windows\system32\ieakui.dll
2013-02-23 20:42 . 2013-02-23 20:42 160256 ----a-w- c:\windows\system32\wextract.exe
2013-02-23 20:42 . 2013-02-23 20:42 160256 ----a-w- c:\windows\system32\ieakeng.dll
2013-02-23 20:42 . 2013-02-23 20:42 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2013-02-23 20:42 . 2013-02-23 20:42 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-02-23 20:42 . 2013-02-23 20:42 149504 ----a-w- c:\windows\system32\occache.dll
2013-02-23 20:42 . 2013-02-23 20:42 145920 ----a-w- c:\windows\system32\iepeers.dll
2013-02-23 20:42 . 2013-02-23 20:42 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-02-23 20:42 . 2013-02-23 20:42 12288 ----a-w- c:\windows\system32\mshta.exe
2013-02-23 20:42 . 2013-02-23 20:42 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2013-02-23 20:42 . 2013-02-23 20:42 114176 ----a-w- c:\windows\system32\admparse.dll
2013-02-23 20:42 . 2013-02-23 20:42 111616 ----a-w- c:\windows\system32\iesysprep.dll
2013-02-23 20:42 . 2013-02-23 20:42 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-02-23 20:42 . 2013-02-23 20:42 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2013-02-23 20:42 . 2013-02-23 20:42 103936 ----a-w- c:\windows\system32\inseng.dll
2013-02-23 20:42 . 2013-02-23 20:42 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2013-01-17 00:28 . 2013-02-23 20:05 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-05 05:53 . 2013-02-23 20:14 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-05 05:00 . 2013-02-23 20:14 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00 . 2013-02-23 20:14 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-01-04 05:46 . 2013-02-23 20:12 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-01-04 04:51 . 2013-02-23 20:12 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-01-04 04:43 . 2013-02-23 20:12 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-01-04 03:26 . 2013-02-23 20:12 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-01-04 02:47 . 2013-02-23 20:12 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-01-04 02:47 . 2013-02-23 20:12 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-01-04 02:47 . 2013-02-23 20:12 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-01-04 02:47 . 2013-02-23 20:12 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-01-03 06:00 . 2013-02-23 20:12 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-03 06:00 . 2013-02-23 20:12 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-03-07 19357112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-08-04 1612920]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2011-01-15 452016]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TP-LINK Wireless Configuration Utility.lnk - c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe [2013-3-17 788992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 aswVmm;aswVmm; [x]
R3 cpuz130;cpuz130;c:\users\Cary\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 cpuz135;cpuz135;c:\users\Cary\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
R3 cpuz136;cpuz136;c:\users\Cary\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [2011-06-15 58472]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan620.sys [2011-09-16 32360]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [2011-06-15 58472]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;tsusbhub [x]
S0 aswRvrt;aswRvrt; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-12-19 240640]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2011-06-15 27136]
S3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys [2011-04-20 1930240]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-26 09:40]
.
2013-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-26 09:40]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-03-07 15:31 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-03-07 15:31 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-03-07 15:31 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-03-07 15:31 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-14 2779024]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://hosting.getmore.eu/optimalenergy ... npage=true
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\
FF - ExtSQL: 2013-02-24 00:02; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-02-24 00:15; snaplinks@snaplinks.mozdev.org; c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\extensions\snaplinks@snaplinks.mozdev.org.xpi
FF - ExtSQL: 2013-02-24 00:17; {3d7eb24f-2740-49df-8937-200b1cc08f8a}; c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi
FF - ExtSQL: 2013-02-24 00:18; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-02-24 00:18; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2013-03-28 11:21:45 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-03-28 10:21
ComboFix2.txt 2013-03-28 05:36
.
Před spuštěním: Volných bajtů: 47 140 929 536
Po spuštění: Volných bajtů: 46 944 886 784
.
- - End Of File - - 82E11425827ED1065A6C8A5283313C2D
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:20:17, on 22.3.2013
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Cary\TimeMaker\TimeMaker.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hosting.getmore.eu/optimalenergy ... npage=true
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9166 bytes
ComboFix 13-03-27.01 - Cary 28.03.2013 11:15:18.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.8190.6585 [GMT 1:00]
Spuštěný z: c:\users\Cary\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Cary\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\DeleteOnReboot.bat"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi
c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
c:\windows\DeleteOnReboot.bat
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-28 do 2013-03-28 )))))))))))))))))))))))))))))))
.
.
2013-03-28 10:19 . 2013-03-28 10:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-28 07:05 . 2013-03-28 07:05 -------- d-----w- c:\program files\7-Zip
2013-03-26 07:39 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{23601452-6469-4456-8964-5A96A77B9A0B}\mpengine.dll
2013-03-26 04:37 . 2013-03-26 04:37 -------- d-----w- c:\users\Cary\AppData\Roaming\Malwarebytes
2013-03-26 04:37 . 2013-03-26 04:37 -------- d-----w- c:\programdata\Malwarebytes
2013-03-26 04:37 . 2013-03-26 04:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-03-26 04:37 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-26 04:23 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-22 15:20 . 2013-03-22 15:20 -------- d-----w- c:\program files (x86)\Trend Micro
2013-03-22 05:36 . 2013-03-06 23:33 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-22 05:36 . 2013-03-06 23:33 178624 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-20 17:46 . 2013-03-20 17:46 -------- d-----w- c:\users\Default\AppData\Local\Google
2013-03-19 08:36 . 2008-10-15 05:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll
2013-03-19 08:36 . 2008-10-15 05:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll
2013-03-19 08:36 . 2008-10-15 05:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2013-03-19 08:36 . 2008-10-15 05:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll
2013-03-19 08:36 . 2008-10-15 05:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll
2013-03-19 08:36 . 2008-10-15 05:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2013-03-19 08:23 . 2013-03-19 08:35 -------- d-----w- c:\users\Cary\AppData\Local\Ubisoft Game Launcher
2013-03-19 08:23 . 2013-03-19 08:23 -------- d-----w- c:\programdata\Ubisoft
2013-03-19 08:22 . 2013-03-19 08:22 -------- d-----w- c:\program files (x86)\Ubisoft
2013-03-19 08:22 . 2013-03-19 08:22 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-03-19 08:22 . 2013-03-19 08:22 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-03-17 16:00 . 2013-03-17 16:00 -------- d-----w- c:\programdata\CanonIJ
2013-03-17 15:29 . 2013-03-17 15:29 -------- d--h--w- c:\programdata\CanonEPP
2013-03-17 15:29 . 2013-03-17 15:33 -------- d-----w- c:\users\Cary\AppData\Roaming\Canon
2013-03-17 15:26 . 2013-03-17 15:26 -------- d-----w- c:\program files\Common Files\CANON
2013-03-17 15:25 . 2013-03-17 15:25 -------- d-----w- c:\program files\Canon
2013-03-17 15:11 . 2013-03-17 15:11 -------- d-----w- c:\programdata\Canon IJ Network Tool
2013-03-17 15:11 . 2013-03-17 15:29 -------- d-----w- c:\program files (x86)\Canon
2013-03-17 15:11 . 2011-03-31 09:07 114688 ----a-w- c:\windows\SysWow64\CNC_ATU.dll
2013-03-17 15:11 . 2011-03-30 11:54 323584 ----a-w- c:\windows\SysWow64\CNC_ATL.dll
2013-03-17 15:11 . 2008-08-25 17:02 15872 ----a-w- c:\windows\SysWow64\CNHMCA.dll
2013-03-17 15:11 . 2013-03-17 15:11 -------- d-----w- c:\windows\system32\STRING
2013-03-17 15:11 . 2012-06-14 16:18 39424 ----a-w- c:\windows\system32\CNMN6UI.DLL
2013-03-17 15:11 . 2012-06-14 16:18 359936 ----a-w- c:\windows\system32\CNMN6PPM.DLL
2013-03-17 15:11 . 2012-06-14 16:18 366592 ----a-w- c:\windows\SysWow64\CNMNPPM.DLL
2013-03-17 15:10 . 2012-03-14 04:00 99840 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPPAT.DLL
2013-03-17 15:10 . 2012-03-14 04:00 30208 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPDAT.DLL
2013-03-17 15:10 . 2013-03-17 15:10 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2013-03-17 15:10 . 2012-03-14 04:00 385024 ----a-w- c:\windows\system32\CNMLMAT.DLL
2013-03-17 15:10 . 2011-02-03 08:20 256000 ----a-w- c:\windows\system32\CNMIUAT.DLL
2013-03-17 15:00 . 2013-03-17 15:01 -------- d-----w- c:\users\Cary\AppData\Roaming\TP-LINK
2013-03-17 14:59 . 2013-03-17 14:59 -------- d-----w- c:\program files (x86)\TP-LINK
2013-03-17 14:58 . 2011-04-20 02:07 1930240 ----a-w- c:\windows\system32\drivers\athurx.sys
2013-03-17 14:58 . 2011-04-20 02:07 1930240 ----a-w- c:\windows\system32\athurx.sys
2013-03-17 14:58 . 2013-03-17 14:59 -------- d-----w- c:\programdata\TP-LINK
2013-03-14 19:50 . 2013-03-26 19:12 -------- d-----w- c:\users\Cary\AppData\Local\GrowJOB_Institute
2013-03-06 06:39 . 2013-03-06 06:39 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2013-03-06 06:39 . 2013-03-06 06:39 -------- d-----w- c:\users\Cary\AppData\Roaming\SystemRequirementsLab
2013-03-05 17:31 . 2013-03-05 17:31 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-05 17:31 . 2013-03-05 17:31 -------- d-----w- c:\program files (x86)\Java
2013-03-05 15:30 . 2013-03-05 15:30 -------- d--h--w- c:\programdata\CanonBJ
2013-03-05 15:30 . 2006-09-12 19:00 80896 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPP78.DLL
2013-03-05 15:30 . 2006-09-12 19:00 27136 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPD78.DLL
2013-03-05 15:30 . 2006-09-12 19:00 234496 ----a-w- c:\windows\system32\CNMLM78.DLL
2013-03-01 07:59 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-02-28 11:57 . 2013-02-28 11:57 -------- d-----w- c:\windows\system32\SPReview
2013-02-28 11:56 . 2013-02-28 11:57 -------- d-----w- c:\windows\system32\EventProviders
2013-02-28 11:50 . 2013-02-28 11:50 7450888 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\c8dac11f1ce15a95f\bingbarsetup.exe
2013-02-28 11:47 . 2013-02-28 11:47 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\697b17c91ce15a94b\MeshBetaRemover.exe
2013-02-28 11:44 . 2013-02-28 11:44 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\596b8bf1ce15a937\DSETUP.dll
2013-02-28 11:44 . 2013-02-28 11:44 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\596b8bf1ce15a937\DXSETUP.exe
2013-02-28 11:44 . 2013-02-28 11:44 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\596b8bf1ce15a937\dsetup32.dll
2013-02-28 11:44 . 2013-02-28 11:44 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\188e0c81ce15a936\DSETUP.dll
2013-02-28 11:44 . 2013-02-28 11:44 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\188e0c81ce15a936\DXSETUP.exe
2013-02-28 11:44 . 2013-02-28 11:44 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\188e0c81ce15a936\dsetup32.dll
2013-02-28 11:40 . 2013-02-28 11:40 6260088 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\5cdc6eb71ce15a815\Silverlight.4.0.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-18 05:17 . 2013-02-24 07:04 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-18 05:17 . 2013-02-24 07:04 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-13 21:46 . 2013-02-23 21:18 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-03-06 23:33 . 2013-02-23 23:02 70992 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-03-06 23:33 . 2013-02-23 23:02 68920 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2013-02-23 23:02 377920 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2013-02-23 23:02 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2013-02-23 23:02 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:33 . 2013-02-23 23:02 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:32 . 2013-02-23 23:02 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2013-02-23 23:02 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-03-05 17:31 . 2013-02-25 07:46 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-05 17:31 . 2013-02-25 07:46 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-02-28 12:03 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-02-28 12:03 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-02-24 06:54 . 2013-02-24 06:54 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2013-02-24 06:54 . 2013-02-24 06:54 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-02-24 06:54 . 2013-02-24 06:54 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2013-02-24 06:54 . 2013-02-24 06:54 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-02-23 20:42 . 2013-02-23 20:42 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-02-23 20:42 . 2013-02-23 20:42 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2013-02-23 20:42 . 2013-02-23 20:42 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-02-23 20:42 . 2013-02-23 20:42 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-02-23 20:42 . 2013-02-23 20:42 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2013-02-23 20:42 . 2013-02-23 20:42 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-02-23 20:42 . 2013-02-23 20:42 85504 ----a-w- c:\windows\system32\iesetup.dll
2013-02-23 20:42 . 2013-02-23 20:42 82432 ----a-w- c:\windows\system32\icardie.dll
2013-02-23 20:42 . 2013-02-23 20:42 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-02-23 20:42 . 2013-02-23 20:42 76800 ----a-w- c:\windows\system32\tdc.ocx
2013-02-23 20:42 . 2013-02-23 20:42 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-02-23 20:42 . 2013-02-23 20:42 65024 ----a-w- c:\windows\system32\pngfilt.dll
2013-02-23 20:42 . 2013-02-23 20:42 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-02-23 20:42 . 2013-02-23 20:42 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-02-23 20:42 . 2013-02-23 20:42 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2013-02-23 20:42 . 2013-02-23 20:42 49664 ----a-w- c:\windows\system32\imgutil.dll
2013-02-23 20:42 . 2013-02-23 20:42 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-02-23 20:42 . 2013-02-23 20:42 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-02-23 20:42 . 2013-02-23 20:42 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2013-02-23 20:42 . 2013-02-23 20:42 448512 ----a-w- c:\windows\system32\html.iec
2013-02-23 20:42 . 2013-02-23 20:42 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2013-02-23 20:42 . 2013-02-23 20:42 39936 ----a-w- c:\windows\system32\iernonce.dll
2013-02-23 20:42 . 2013-02-23 20:42 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-02-23 20:42 . 2013-02-23 20:42 367104 ----a-w- c:\windows\SysWow64\html.iec
2013-02-23 20:42 . 2013-02-23 20:42 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-02-23 20:42 . 2013-02-23 20:42 30720 ----a-w- c:\windows\system32\licmgr10.dll
2013-02-23 20:42 . 2013-02-23 20:42 282112 ----a-w- c:\windows\system32\dxtrans.dll
2013-02-23 20:42 . 2013-02-23 20:42 267776 ----a-w- c:\windows\system32\ieaksie.dll
2013-02-23 20:42 . 2013-02-23 20:42 249344 ----a-w- c:\windows\system32\webcheck.dll
2013-02-23 20:42 . 2013-02-23 20:42 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-02-23 20:42 . 2013-02-23 20:42 222208 ----a-w- c:\windows\system32\msls31.dll
2013-02-23 20:42 . 2013-02-23 20:42 197120 ----a-w- c:\windows\system32\msrating.dll
2013-02-23 20:42 . 2013-02-23 20:42 165888 ----a-w- c:\windows\system32\iexpress.exe
2013-02-23 20:42 . 2013-02-23 20:42 163840 ----a-w- c:\windows\system32\ieakui.dll
2013-02-23 20:42 . 2013-02-23 20:42 160256 ----a-w- c:\windows\system32\wextract.exe
2013-02-23 20:42 . 2013-02-23 20:42 160256 ----a-w- c:\windows\system32\ieakeng.dll
2013-02-23 20:42 . 2013-02-23 20:42 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2013-02-23 20:42 . 2013-02-23 20:42 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-02-23 20:42 . 2013-02-23 20:42 149504 ----a-w- c:\windows\system32\occache.dll
2013-02-23 20:42 . 2013-02-23 20:42 145920 ----a-w- c:\windows\system32\iepeers.dll
2013-02-23 20:42 . 2013-02-23 20:42 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-02-23 20:42 . 2013-02-23 20:42 12288 ----a-w- c:\windows\system32\mshta.exe
2013-02-23 20:42 . 2013-02-23 20:42 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2013-02-23 20:42 . 2013-02-23 20:42 114176 ----a-w- c:\windows\system32\admparse.dll
2013-02-23 20:42 . 2013-02-23 20:42 111616 ----a-w- c:\windows\system32\iesysprep.dll
2013-02-23 20:42 . 2013-02-23 20:42 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-02-23 20:42 . 2013-02-23 20:42 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2013-02-23 20:42 . 2013-02-23 20:42 103936 ----a-w- c:\windows\system32\inseng.dll
2013-02-23 20:42 . 2013-02-23 20:42 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2013-01-17 00:28 . 2013-02-23 20:05 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-05 05:53 . 2013-02-23 20:14 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-05 05:00 . 2013-02-23 20:14 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00 . 2013-02-23 20:14 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-01-04 05:46 . 2013-02-23 20:12 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-01-04 04:51 . 2013-02-23 20:12 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-01-04 04:43 . 2013-02-23 20:12 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-01-04 03:26 . 2013-02-23 20:12 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-01-04 02:47 . 2013-02-23 20:12 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-01-04 02:47 . 2013-02-23 20:12 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-01-04 02:47 . 2013-02-23 20:12 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-01-04 02:47 . 2013-02-23 20:12 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-01-03 06:00 . 2013-02-23 20:12 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-03 06:00 . 2013-02-23 20:12 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-03-07 19357112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-08-04 1612920]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2011-01-15 452016]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TP-LINK Wireless Configuration Utility.lnk - c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe [2013-3-17 788992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 aswVmm;aswVmm; [x]
R3 cpuz130;cpuz130;c:\users\Cary\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 cpuz135;cpuz135;c:\users\Cary\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
R3 cpuz136;cpuz136;c:\users\Cary\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [2011-06-15 58472]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan620.sys [2011-09-16 32360]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [2011-06-15 58472]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;tsusbhub [x]
S0 aswRvrt;aswRvrt; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-12-19 240640]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2011-06-15 27136]
S3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys [2011-04-20 1930240]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-26 09:40]
.
2013-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-26 09:40]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-03-07 15:31 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-03-07 15:31 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-03-07 15:31 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-03-07 15:31 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-14 2779024]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://hosting.getmore.eu/optimalenergy ... npage=true
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\
FF - ExtSQL: 2013-02-24 00:02; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-02-24 00:15; snaplinks@snaplinks.mozdev.org; c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\extensions\snaplinks@snaplinks.mozdev.org.xpi
FF - ExtSQL: 2013-02-24 00:17; {3d7eb24f-2740-49df-8937-200b1cc08f8a}; c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi
FF - ExtSQL: 2013-02-24 00:18; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-02-24 00:18; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\Cary\AppData\Roaming\Mozilla\Firefox\Profiles\x4v8eyoq.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2013-03-28 11:21:45 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-03-28 10:21
ComboFix2.txt 2013-03-28 05:36
.
Před spuštěním: Volných bajtů: 47 140 929 536
Po spuštění: Volných bajtů: 46 944 886 784
.
- - End Of File - - 82E11425827ED1065A6C8A5283313C2D
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:20:17, on 22.3.2013
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Cary\TimeMaker\TimeMaker.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hosting.getmore.eu/optimalenergy ... npage=true
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9166 bytes
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu - vyskakování z aplikací
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
Stáhni si OTC na plochu, spusť jej a klikni na Clean up!
+ Nový log z HJT, ten tvůj je z 22.3.2013
Jak se chová PC?
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
Stáhni si OTC na plochu, spusť jej a klikni na Clean up!
+ Nový log z HJT, ten tvůj je z 22.3.2013
Jak se chová PC?
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 35 hostů