Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Sekání videí na YouTube Vyřešeno
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43293
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Sekání videí na YouTube
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Sekání videí na YouTube
ComboFix 13-06-13.01 - Martin 13.06.2013 22:50:10.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.3933.2901 [GMT 2:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-05-13 do 2013-06-13 )))))))))))))))))))))))))))))))
.
.
2013-06-13 20:58 . 2013-06-13 20:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-13 08:38 . 2013-06-13 08:38 -------- d-----w- c:\users\Martin\AppData\Roaming\Malwarebytes
2013-06-13 08:38 . 2013-06-13 08:38 -------- d-----w- c:\programdata\Malwarebytes
2013-06-13 08:38 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-13 08:38 . 2013-06-13 08:38 -------- d-----w- c:\users\Martin\AppData\Local\Programs
2013-06-12 21:54 . 2013-06-12 21:54 388096 ----a-r- c:\users\Martin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-06-12 21:16 . 2013-06-12 21:16 -------- d-----w- c:\windows\SysWow64\Lang
2013-06-12 21:16 . 2012-11-14 14:57 953888 ----a-w- c:\windows\SysWow64\igxpun.exe
2013-06-12 19:56 . 2013-06-12 19:56 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2013-06-12 19:56 . 2013-06-12 19:56 -------- d-----w- c:\users\Martin\AppData\Roaming\SystemRequirementsLab
2013-06-12 19:56 . 2013-06-12 19:56 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-06-12 19:55 . 2013-06-12 19:55 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-12 19:55 . 2013-06-12 19:55 -------- d-----w- c:\program files (x86)\Java
2013-06-12 11:29 . 2013-06-13 11:34 -------- d-----w- c:\users\Martin\AppData\Roaming\.minecraft
2013-06-11 17:54 . 2013-06-11 17:54 -------- d-----w- c:\users\Martin\AppData\Local\PassMark
2013-06-11 17:54 . 2013-06-11 17:54 -------- d-----w- c:\programdata\Passmark
2013-06-06 08:33 . 2013-06-06 08:33 971680 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-06 08:33 . 2013-06-06 08:33 1092512 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-06 08:33 . 2013-06-06 08:33 311200 ----a-w- c:\windows\system32\javaws.exe
2013-06-06 08:33 . 2013-06-06 08:33 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-06-06 08:33 . 2013-06-06 08:33 188832 ----a-w- c:\windows\system32\javaw.exe
2013-06-06 08:33 . 2013-06-06 08:33 188320 ----a-w- c:\windows\system32\java.exe
2013-06-06 08:33 . 2013-06-06 08:33 -------- d-----w- c:\program files\Java
2013-06-05 22:44 . 2013-06-05 22:46 -------- d-----w- c:\users\Martin\AppData\Roaming\Apple Computer
2013-06-05 22:44 . 2013-06-13 08:34 -------- dc----w- c:\windows\system32\DRVSTORE
2013-06-05 22:43 . 2013-06-13 08:35 -------- d-----w- c:\programdata\Apple Computer
2013-06-05 22:43 . 2013-06-13 08:35 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-05 22:40 . 2013-06-13 08:35 -------- d-----w- c:\program files (x86)\Common Files\Apple
2013-06-05 22:40 . 2013-06-05 22:41 -------- d-----w- c:\programdata\Apple
2013-05-29 21:15 . 2013-05-09 08:59 270824 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2013-05-29 21:15 . 2013-05-09 08:59 131232 ----a-w- c:\windows\system32\drivers\aswFW.sys
2013-05-29 21:15 . 2013-05-09 08:59 22600 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-05-29 21:15 . 2013-03-13 17:01 12368 ----a-w- c:\windows\system32\drivers\aswNdis.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-12 19:55 . 2013-02-10 20:01 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-12 19:55 . 2013-02-10 20:01 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-05-14 20:51 . 2013-02-01 14:31 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-14 20:51 . 2013-02-01 14:31 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-09 08:59 . 2013-03-18 15:28 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-09 08:59 . 2013-03-18 15:28 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2013-01-27 18:16 378432 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-09 08:59 . 2013-01-27 18:16 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-05-09 08:59 . 2013-01-27 18:16 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2013-01-27 18:15 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-09 08:59 . 2013-01-27 18:16 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:59 . 2013-01-27 18:15 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:58 . 2013-01-27 18:15 41664 ----a-w- c:\windows\avastSS.scr
2013-05-09 08:58 . 2013-01-27 18:15 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-04-02 14:09 . 2013-04-02 14:09 4550656 ----a-w- c:\windows\SysWow64\GPhotos.scr
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="d:\avast\avastUI.exe" [2013-05-09 4858968]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R3 DIRECTIO;DIRECTIO;d:\program files\PerformanceTest\DirectIo64.sys;d:\program files\PerformanceTest\DirectIo64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys;c:\windows\SYSNATIVE\Drivers\mvusbews.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdis.sys [x]
S0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys;c:\windows\SYSNATIVE\drivers\aswNdis2.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;d:\avast\afwServ.exe;d:\avast\afwServ.exe [x]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe;c:\windows\SYSNATIVE\HPSIsvc.exe [x]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys;c:\windows\SYSNATIVE\drivers\IntcHdmi.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192se.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-13 06:40 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-06-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-01 20:51]
.
2013-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-27 17:42]
.
2013-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-27 17:42]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- d:\avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-11-14 163360]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-11-14 387616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-11-14 418336]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.cz/?rlz=1W4CHBA_csCZ520
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - d:\micros~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 93.93.32.32 93.93.33.33
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-06-13 23:03:25
ComboFix-quarantined-files.txt 2013-06-13 21:03
.
Před spuštěním: 14 873 518 080 bytes free
Po spuštění: 14 739 210 240 bytes free
.
- - End Of File - - E4BF5422045829254A8B60C87EC12138
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.3933.2901 [GMT 2:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-05-13 do 2013-06-13 )))))))))))))))))))))))))))))))
.
.
2013-06-13 20:58 . 2013-06-13 20:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-13 08:38 . 2013-06-13 08:38 -------- d-----w- c:\users\Martin\AppData\Roaming\Malwarebytes
2013-06-13 08:38 . 2013-06-13 08:38 -------- d-----w- c:\programdata\Malwarebytes
2013-06-13 08:38 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-13 08:38 . 2013-06-13 08:38 -------- d-----w- c:\users\Martin\AppData\Local\Programs
2013-06-12 21:54 . 2013-06-12 21:54 388096 ----a-r- c:\users\Martin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-06-12 21:16 . 2013-06-12 21:16 -------- d-----w- c:\windows\SysWow64\Lang
2013-06-12 21:16 . 2012-11-14 14:57 953888 ----a-w- c:\windows\SysWow64\igxpun.exe
2013-06-12 19:56 . 2013-06-12 19:56 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2013-06-12 19:56 . 2013-06-12 19:56 -------- d-----w- c:\users\Martin\AppData\Roaming\SystemRequirementsLab
2013-06-12 19:56 . 2013-06-12 19:56 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-06-12 19:55 . 2013-06-12 19:55 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-12 19:55 . 2013-06-12 19:55 -------- d-----w- c:\program files (x86)\Java
2013-06-12 11:29 . 2013-06-13 11:34 -------- d-----w- c:\users\Martin\AppData\Roaming\.minecraft
2013-06-11 17:54 . 2013-06-11 17:54 -------- d-----w- c:\users\Martin\AppData\Local\PassMark
2013-06-11 17:54 . 2013-06-11 17:54 -------- d-----w- c:\programdata\Passmark
2013-06-06 08:33 . 2013-06-06 08:33 971680 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-06 08:33 . 2013-06-06 08:33 1092512 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-06 08:33 . 2013-06-06 08:33 311200 ----a-w- c:\windows\system32\javaws.exe
2013-06-06 08:33 . 2013-06-06 08:33 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-06-06 08:33 . 2013-06-06 08:33 188832 ----a-w- c:\windows\system32\javaw.exe
2013-06-06 08:33 . 2013-06-06 08:33 188320 ----a-w- c:\windows\system32\java.exe
2013-06-06 08:33 . 2013-06-06 08:33 -------- d-----w- c:\program files\Java
2013-06-05 22:44 . 2013-06-05 22:46 -------- d-----w- c:\users\Martin\AppData\Roaming\Apple Computer
2013-06-05 22:44 . 2013-06-13 08:34 -------- dc----w- c:\windows\system32\DRVSTORE
2013-06-05 22:43 . 2013-06-13 08:35 -------- d-----w- c:\programdata\Apple Computer
2013-06-05 22:43 . 2013-06-13 08:35 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-05 22:40 . 2013-06-13 08:35 -------- d-----w- c:\program files (x86)\Common Files\Apple
2013-06-05 22:40 . 2013-06-05 22:41 -------- d-----w- c:\programdata\Apple
2013-05-29 21:15 . 2013-05-09 08:59 270824 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2013-05-29 21:15 . 2013-05-09 08:59 131232 ----a-w- c:\windows\system32\drivers\aswFW.sys
2013-05-29 21:15 . 2013-05-09 08:59 22600 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-05-29 21:15 . 2013-03-13 17:01 12368 ----a-w- c:\windows\system32\drivers\aswNdis.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-12 19:55 . 2013-02-10 20:01 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-12 19:55 . 2013-02-10 20:01 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-05-14 20:51 . 2013-02-01 14:31 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-14 20:51 . 2013-02-01 14:31 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-09 08:59 . 2013-03-18 15:28 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-09 08:59 . 2013-03-18 15:28 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2013-01-27 18:16 378432 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-09 08:59 . 2013-01-27 18:16 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-05-09 08:59 . 2013-01-27 18:16 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2013-01-27 18:15 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-09 08:59 . 2013-01-27 18:16 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:59 . 2013-01-27 18:15 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:58 . 2013-01-27 18:15 41664 ----a-w- c:\windows\avastSS.scr
2013-05-09 08:58 . 2013-01-27 18:15 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-04-02 14:09 . 2013-04-02 14:09 4550656 ----a-w- c:\windows\SysWow64\GPhotos.scr
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="d:\avast\avastUI.exe" [2013-05-09 4858968]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R3 DIRECTIO;DIRECTIO;d:\program files\PerformanceTest\DirectIo64.sys;d:\program files\PerformanceTest\DirectIo64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys;c:\windows\SYSNATIVE\Drivers\mvusbews.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdis.sys [x]
S0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys;c:\windows\SYSNATIVE\drivers\aswNdis2.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;d:\avast\afwServ.exe;d:\avast\afwServ.exe [x]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe;c:\windows\SYSNATIVE\HPSIsvc.exe [x]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys;c:\windows\SYSNATIVE\drivers\IntcHdmi.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192se.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-13 06:40 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-06-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-01 20:51]
.
2013-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-27 17:42]
.
2013-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-27 17:42]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- d:\avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-11-14 163360]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-11-14 387616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-11-14 418336]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.cz/?rlz=1W4CHBA_csCZ520
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - d:\micros~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 93.93.32.32 93.93.33.33
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-06-13 23:03:25
ComboFix-quarantined-files.txt 2013-06-13 21:03
.
Před spuštěním: 14 873 518 080 bytes free
Po spuštění: 14 739 210 240 bytes free
.
- - End Of File - - E4BF5422045829254A8B60C87EC12138
A36C5E4F47E84449FF07ED3517B43A31
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43293
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Sekání videí na YouTube
TCP: DhcpNameServer = 93.93.32.32 93.93.33.33
Tu IP znáš?
City / Region / Company: Moscow
Country: Russian Federation
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Tu IP znáš?
City / Region / Company: Moscow
Country: Russian Federation
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Sekání videí na YouTube
Tu IP neznám...
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-06-14 10:31:22
-----------------------------
10:31:22.124 OS Version: Windows x64 6.1.7601 Service Pack 1
10:31:22.124 Number of processors: 2 586 0xF0D
10:31:22.127 ComputerName: MARTINPC UserName: Martin
10:31:24.132 Initialize success
10:31:24.522 AVAST engine defs: 13061301
10:31:29.343 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
10:31:29.358 Disk 0 Vendor: TOSHIBA_MK3263GSX FG020M Size: 305245MB BusType: 11
10:31:29.546 Disk 0 MBR read successfully
10:31:29.561 Disk 0 MBR scan
10:31:29.577 Disk 0 Windows 7 default MBR code
10:31:29.592 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
10:31:29.608 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 35840 MB offset 206848
10:31:29.624 Disk 0 Partition - 00 0F Extended LBA 266240 MB offset 73607168
10:31:29.655 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 3063 MB offset 618866688
10:31:29.733 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 51200 MB offset 73609216
10:31:29.748 Disk 0 Partition - 00 05 Extended 215039 MB offset 178466816
10:31:29.811 Disk 0 Partition 5 00 07 HPFS/NTFS NTFS 215038 MB offset 178468864
10:31:30.045 Disk 0 scanning C:\Windows\system32\drivers
10:31:49.061 Service scanning
10:32:36.017 Modules scanning
10:32:36.048 Disk 0 trace - called modules:
10:32:36.095 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
10:32:36.111 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c342d0]
10:32:36.111 3 CLASSPNP.SYS[fffff880019a643f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0xfffffa8004abf060]
10:32:36.548 AVAST engine scan C:\Windows
10:32:39.246 AVAST engine scan C:\Windows\system32
10:35:50.955 AVAST engine scan C:\Windows\system32\drivers
10:36:03.342 AVAST engine scan C:\Users\Martin
10:37:37.566 AVAST engine scan C:\ProgramData
10:37:54.757 Scan finished successfully
10:38:04.881 Disk 0 MBR has been saved successfully to "C:\Users\Martin\Desktop\MBR.dat"
10:38:04.913 The log file has been saved successfully to "C:\Users\Martin\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-06-14 10:31:22
-----------------------------
10:31:22.124 OS Version: Windows x64 6.1.7601 Service Pack 1
10:31:22.124 Number of processors: 2 586 0xF0D
10:31:22.127 ComputerName: MARTINPC UserName: Martin
10:31:24.132 Initialize success
10:31:24.522 AVAST engine defs: 13061301
10:31:29.343 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
10:31:29.358 Disk 0 Vendor: TOSHIBA_MK3263GSX FG020M Size: 305245MB BusType: 11
10:31:29.546 Disk 0 MBR read successfully
10:31:29.561 Disk 0 MBR scan
10:31:29.577 Disk 0 Windows 7 default MBR code
10:31:29.592 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
10:31:29.608 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 35840 MB offset 206848
10:31:29.624 Disk 0 Partition - 00 0F Extended LBA 266240 MB offset 73607168
10:31:29.655 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 3063 MB offset 618866688
10:31:29.733 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 51200 MB offset 73609216
10:31:29.748 Disk 0 Partition - 00 05 Extended 215039 MB offset 178466816
10:31:29.811 Disk 0 Partition 5 00 07 HPFS/NTFS NTFS 215038 MB offset 178468864
10:31:30.045 Disk 0 scanning C:\Windows\system32\drivers
10:31:49.061 Service scanning
10:32:36.017 Modules scanning
10:32:36.048 Disk 0 trace - called modules:
10:32:36.095 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
10:32:36.111 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c342d0]
10:32:36.111 3 CLASSPNP.SYS[fffff880019a643f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0xfffffa8004abf060]
10:32:36.548 AVAST engine scan C:\Windows
10:32:39.246 AVAST engine scan C:\Windows\system32
10:35:50.955 AVAST engine scan C:\Windows\system32\drivers
10:36:03.342 AVAST engine scan C:\Users\Martin
10:37:37.566 AVAST engine scan C:\ProgramData
10:37:54.757 Scan finished successfully
10:38:04.881 Disk 0 MBR has been saved successfully to "C:\Users\Martin\Desktop\MBR.dat"
10:38:04.913 The log file has been saved successfully to "C:\Users\Martin\Desktop\aswMBR.txt"
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Sekání videí na YouTube
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Kód: Vybrat vše
KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
DDS::
uLocal Page = c:\windows\system32\blank.htm
TCP: DhcpNameServer = 93.93.32.32 93.93.33.33
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: Sekání videí na YouTube
Jak mi Combofix restartoval počítač, tak jsem zkoušel zkopírovat log sem, ale nešel mi otevřít prohlížeč. Nešel otevřít jedinej nainstalovanej program. Vždycky mi to vyhodilo hlášku, že registr byl označen ke smazání, nebo něco takovýho. Tak jsem to restartoval, a zapomněl jsem uložit ten log 
je někde uloženej, nebo to musím spustit znovu? Jinak všechny ty programy zase jdou.
je někde uloženej, nebo to musím spustit znovu? Jinak všechny ty programy zase jdou.
Re: Sekání videí na YouTube
Log by měl být tu C:\ComboFix.txt
Intel > nvidia > WD > Kingston > Seasonic > LG > XP <<< takhle nějak :) a zde např.: https://1url.cz/iriwZ (ta dívka tam to je dcera )
Re: Sekání videí na YouTube
ComboFix 13-06-13.01 - Martin 14.06.2013 11:53:43.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.3933.2875 [GMT 2:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Martin\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-05-14 do 2013-06-14 )))))))))))))))))))))))))))))))
.
.
2013-06-14 10:02 . 2013-06-14 10:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-13 23:36 . 2010-02-04 08:01 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_4.dll
2013-06-13 23:36 . 2010-02-04 08:01 528216 ----a-w- c:\windows\SysWow64\XAudio2_6.dll
2013-06-13 23:36 . 2010-02-04 08:01 238936 ----a-w- c:\windows\SysWow64\xactengine3_6.dll
2013-06-13 23:36 . 2010-02-04 08:01 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_7.dll
2013-06-13 23:36 . 2009-03-09 13:27 4178264 ----a-w- c:\windows\SysWow64\D3DX9_41.dll
2013-06-13 23:36 . 2007-04-04 16:53 81768 ----a-w- c:\windows\SysWow64\xinput1_3.dll
2013-06-13 23:36 . 2007-03-12 14:42 3495784 ----a-w- c:\windows\SysWow64\d3dx9_33.dll
2013-06-13 23:35 . 2013-06-13 23:35 -------- d-----w- c:\program files (x86)\Microsoft XNA
2013-06-13 23:34 . 2013-06-13 23:34 -------- d-----w- c:\program files (x86)\Terraria
2013-06-13 22:51 . 2013-05-09 08:59 378432 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-06-13 22:51 . 2013-05-09 08:59 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-06-13 22:51 . 2013-05-09 08:59 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-06-13 22:51 . 2013-05-09 08:59 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-06-13 22:51 . 2013-05-09 08:59 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-13 22:51 . 2013-05-09 08:59 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-13 22:51 . 2013-05-09 08:59 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-06-13 22:51 . 2013-05-09 08:59 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-06-13 22:49 . 2013-05-09 08:58 41664 ----a-w- c:\windows\avastSS.scr
2013-06-13 22:49 . 2013-06-13 22:49 -------- d-----w- c:\program files\AVAST Software
2013-06-13 22:14 . 2013-06-13 22:14 -------- d-s---w- c:\windows\SysWow64\Microsoft
2013-06-13 08:38 . 2013-06-13 08:38 -------- d-----w- c:\users\Martin\AppData\Roaming\Malwarebytes
2013-06-13 08:38 . 2013-06-13 08:38 -------- d-----w- c:\programdata\Malwarebytes
2013-06-13 08:38 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-13 08:38 . 2013-06-13 08:38 -------- d-----w- c:\users\Martin\AppData\Local\Programs
2013-06-12 21:54 . 2013-06-12 21:54 388096 ----a-r- c:\users\Martin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-06-12 21:16 . 2013-06-12 21:16 -------- d-----w- c:\windows\SysWow64\Lang
2013-06-12 21:16 . 2012-11-14 14:57 953888 ----a-w- c:\windows\SysWow64\igxpun.exe
2013-06-12 19:56 . 2013-06-12 19:56 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2013-06-12 19:56 . 2013-06-12 19:56 -------- d-----w- c:\users\Martin\AppData\Roaming\SystemRequirementsLab
2013-06-12 19:56 . 2013-06-12 19:56 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-06-12 19:55 . 2013-06-12 19:55 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-12 19:55 . 2013-06-12 19:55 -------- d-----w- c:\program files (x86)\Java
2013-06-12 11:29 . 2013-06-13 11:34 -------- d-----w- c:\users\Martin\AppData\Roaming\.minecraft
2013-06-11 17:54 . 2013-06-11 17:54 -------- d-----w- c:\users\Martin\AppData\Local\PassMark
2013-06-11 17:54 . 2013-06-11 17:54 -------- d-----w- c:\programdata\Passmark
2013-06-06 08:33 . 2013-06-06 08:33 971680 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-06 08:33 . 2013-06-06 08:33 1092512 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-06 08:33 . 2013-06-06 08:33 311200 ----a-w- c:\windows\system32\javaws.exe
2013-06-06 08:33 . 2013-06-06 08:33 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-06-06 08:33 . 2013-06-06 08:33 188832 ----a-w- c:\windows\system32\javaw.exe
2013-06-06 08:33 . 2013-06-06 08:33 188320 ----a-w- c:\windows\system32\java.exe
2013-06-06 08:33 . 2013-06-06 08:33 -------- d-----w- c:\program files\Java
2013-06-05 22:44 . 2013-06-05 22:46 -------- d-----w- c:\users\Martin\AppData\Roaming\Apple Computer
2013-06-05 22:44 . 2013-06-13 08:34 -------- dc----w- c:\windows\system32\DRVSTORE
2013-06-05 22:43 . 2013-06-13 08:35 -------- d-----w- c:\programdata\Apple Computer
2013-06-05 22:43 . 2013-06-13 08:35 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-05 22:40 . 2013-06-13 08:35 -------- d-----w- c:\program files (x86)\Common Files\Apple
2013-06-05 22:40 . 2013-06-05 22:41 -------- d-----w- c:\programdata\Apple
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-12 19:55 . 2013-02-10 20:01 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-12 19:55 . 2013-02-10 20:01 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-05-14 20:51 . 2013-02-01 14:31 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-14 20:51 . 2013-02-01 14:31 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-09 08:58 . 2013-01-27 18:15 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-04-02 14:09 . 2013-04-02 14:09 4550656 ----a-w- c:\windows\SysWow64\GPhotos.scr
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R3 DIRECTIO;DIRECTIO;d:\program files\PerformanceTest\DirectIo64.sys;d:\program files\PerformanceTest\DirectIo64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys;c:\windows\SYSNATIVE\Drivers\mvusbews.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe;c:\windows\SYSNATIVE\HPSIsvc.exe [x]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys;c:\windows\SYSNATIVE\drivers\IntcHdmi.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192se.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-13 06:40 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-06-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-01 20:51]
.
2013-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-27 17:42]
.
2013-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-27 17:42]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-11-14 163360]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-11-14 387616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-11-14 418336]
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
uStart Page = hxxp://www.google.cz/?rlz=1W4CHBA_csCZ520
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - d:\micros~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 93.93.32.32 93.93.33.33
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Terraria 1.1.2 - c:\program files (x86)\Terraria\Uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
.
**************************************************************************
.
Celkový čas: 2013-06-14 12:11:03 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-06-14 10:11
ComboFix2.txt 2013-06-13 21:03
.
Před spuštěním: 13 823 926 272 bytes free
Po spuštění: 13 703 426 048 bytes free
.
- - End Of File - - 5216FF8BE8A3DC2694730F148CE79615
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.3933.2875 [GMT 2:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Martin\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-05-14 do 2013-06-14 )))))))))))))))))))))))))))))))
.
.
2013-06-14 10:02 . 2013-06-14 10:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-13 23:36 . 2010-02-04 08:01 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_4.dll
2013-06-13 23:36 . 2010-02-04 08:01 528216 ----a-w- c:\windows\SysWow64\XAudio2_6.dll
2013-06-13 23:36 . 2010-02-04 08:01 238936 ----a-w- c:\windows\SysWow64\xactengine3_6.dll
2013-06-13 23:36 . 2010-02-04 08:01 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_7.dll
2013-06-13 23:36 . 2009-03-09 13:27 4178264 ----a-w- c:\windows\SysWow64\D3DX9_41.dll
2013-06-13 23:36 . 2007-04-04 16:53 81768 ----a-w- c:\windows\SysWow64\xinput1_3.dll
2013-06-13 23:36 . 2007-03-12 14:42 3495784 ----a-w- c:\windows\SysWow64\d3dx9_33.dll
2013-06-13 23:35 . 2013-06-13 23:35 -------- d-----w- c:\program files (x86)\Microsoft XNA
2013-06-13 23:34 . 2013-06-13 23:34 -------- d-----w- c:\program files (x86)\Terraria
2013-06-13 22:51 . 2013-05-09 08:59 378432 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-06-13 22:51 . 2013-05-09 08:59 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-06-13 22:51 . 2013-05-09 08:59 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-06-13 22:51 . 2013-05-09 08:59 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-06-13 22:51 . 2013-05-09 08:59 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-13 22:51 . 2013-05-09 08:59 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-13 22:51 . 2013-05-09 08:59 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-06-13 22:51 . 2013-05-09 08:59 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-06-13 22:49 . 2013-05-09 08:58 41664 ----a-w- c:\windows\avastSS.scr
2013-06-13 22:49 . 2013-06-13 22:49 -------- d-----w- c:\program files\AVAST Software
2013-06-13 22:14 . 2013-06-13 22:14 -------- d-s---w- c:\windows\SysWow64\Microsoft
2013-06-13 08:38 . 2013-06-13 08:38 -------- d-----w- c:\users\Martin\AppData\Roaming\Malwarebytes
2013-06-13 08:38 . 2013-06-13 08:38 -------- d-----w- c:\programdata\Malwarebytes
2013-06-13 08:38 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-13 08:38 . 2013-06-13 08:38 -------- d-----w- c:\users\Martin\AppData\Local\Programs
2013-06-12 21:54 . 2013-06-12 21:54 388096 ----a-r- c:\users\Martin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-06-12 21:16 . 2013-06-12 21:16 -------- d-----w- c:\windows\SysWow64\Lang
2013-06-12 21:16 . 2012-11-14 14:57 953888 ----a-w- c:\windows\SysWow64\igxpun.exe
2013-06-12 19:56 . 2013-06-12 19:56 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2013-06-12 19:56 . 2013-06-12 19:56 -------- d-----w- c:\users\Martin\AppData\Roaming\SystemRequirementsLab
2013-06-12 19:56 . 2013-06-12 19:56 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-06-12 19:55 . 2013-06-12 19:55 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-12 19:55 . 2013-06-12 19:55 -------- d-----w- c:\program files (x86)\Java
2013-06-12 11:29 . 2013-06-13 11:34 -------- d-----w- c:\users\Martin\AppData\Roaming\.minecraft
2013-06-11 17:54 . 2013-06-11 17:54 -------- d-----w- c:\users\Martin\AppData\Local\PassMark
2013-06-11 17:54 . 2013-06-11 17:54 -------- d-----w- c:\programdata\Passmark
2013-06-06 08:33 . 2013-06-06 08:33 971680 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-06 08:33 . 2013-06-06 08:33 1092512 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-06 08:33 . 2013-06-06 08:33 311200 ----a-w- c:\windows\system32\javaws.exe
2013-06-06 08:33 . 2013-06-06 08:33 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-06-06 08:33 . 2013-06-06 08:33 188832 ----a-w- c:\windows\system32\javaw.exe
2013-06-06 08:33 . 2013-06-06 08:33 188320 ----a-w- c:\windows\system32\java.exe
2013-06-06 08:33 . 2013-06-06 08:33 -------- d-----w- c:\program files\Java
2013-06-05 22:44 . 2013-06-05 22:46 -------- d-----w- c:\users\Martin\AppData\Roaming\Apple Computer
2013-06-05 22:44 . 2013-06-13 08:34 -------- dc----w- c:\windows\system32\DRVSTORE
2013-06-05 22:43 . 2013-06-13 08:35 -------- d-----w- c:\programdata\Apple Computer
2013-06-05 22:43 . 2013-06-13 08:35 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-05 22:40 . 2013-06-13 08:35 -------- d-----w- c:\program files (x86)\Common Files\Apple
2013-06-05 22:40 . 2013-06-05 22:41 -------- d-----w- c:\programdata\Apple
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-12 19:55 . 2013-02-10 20:01 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-12 19:55 . 2013-02-10 20:01 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-05-14 20:51 . 2013-02-01 14:31 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-14 20:51 . 2013-02-01 14:31 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-09 08:58 . 2013-01-27 18:15 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-04-02 14:09 . 2013-04-02 14:09 4550656 ----a-w- c:\windows\SysWow64\GPhotos.scr
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R3 DIRECTIO;DIRECTIO;d:\program files\PerformanceTest\DirectIo64.sys;d:\program files\PerformanceTest\DirectIo64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys;c:\windows\SYSNATIVE\Drivers\mvusbews.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe;c:\windows\SYSNATIVE\HPSIsvc.exe [x]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys;c:\windows\SYSNATIVE\drivers\IntcHdmi.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192se.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-13 06:40 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-06-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-01 20:51]
.
2013-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-27 17:42]
.
2013-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-27 17:42]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-11-14 163360]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-11-14 387616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-11-14 418336]
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
uStart Page = hxxp://www.google.cz/?rlz=1W4CHBA_csCZ520
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - d:\micros~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 93.93.32.32 93.93.33.33
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Terraria 1.1.2 - c:\program files (x86)\Terraria\Uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
.
**************************************************************************
.
Celkový čas: 2013-06-14 12:11:03 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-06-14 10:11
ComboFix2.txt 2013-06-13 21:03
.
Před spuštěním: 13 823 926 272 bytes free
Po spuštění: 13 703 426 048 bytes free
.
- - End Of File - - 5216FF8BE8A3DC2694730F148CE79615
A36C5E4F47E84449FF07ED3517B43A31
-
richchie
- Master Level 9.5
- Příspěvky: 8738
- Registrován: listopad 06
- Bydliště: ano
- Pohlaví:
- Stav:
Offline
Re: Sekání videí na YouTube
Jen vstoupím-zkoušel jsi vypnout-http://www.macromedia.com/support/documentation/cz/flashplayer/help/help01.html
Re: Sekání videí na YouTube
Teď jsem to zkusil a zdá se mi, že se to seká ještě víc...
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Sekání videí na YouTube
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
+ Nový log z HJT
Jak se chová PC?
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
+ Nový log z HJT
Jak se chová PC?
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: Sekání videí na YouTube
Notebook se pořád hrozně seká. Myslím, že se nic nezměnilo.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:23:30, on 15.6.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/?rlz=1W4CHBA_csCZ520
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\MICROS~1\Office12\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 5707 bytes
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:23:30, on 15.6.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/?rlz=1W4CHBA_csCZ520
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\MICROS~1\Office12\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 5707 bytes
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 108 hostů