Prosím o kontrolu logu podezření na havěť Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Zamčeno
PARKR
Level 3
Level 3
Příspěvky: 542
Registrován: červenec 12
Bydliště: Severní Morava
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu podezření na havěď

Příspěvekod PARKR » 03 zář 2013 20:12

I po restartu PC se tabulka stale zobrazuje , ikdyž bez detekce AVASTU :-(
OS Windows 11 Professional (x64) (24H2) / MB ASUS TUF GAMING B650M-PLUS / CPU AMD Ryzen 5 7600/ RAM G.SKILL 32GB KIT DDR5 6000MT/s CL36 AMD EXPO / GPU ASUS DUAL RTX 4060 GAMING OC /
SSD SSD WD Black SN770 NVMe 1TB / PSU Seasonic Core GX-650 ATX 3
Nahoru
Reklama
Top
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu podezření na havěď

Příspěvekod memphisto » 03 zář 2013 22:20

Bude se zobrazovat, protože je to položka po spuštění, ale to opravíme...

Toto otestuj na Virustotal
C:\Windows\inf\msrhvrsl.vbe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.


plus udělej Combofix znovu, ale přesuň jej na plochu! Ne do složky na ploše!
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Nahoru
PARKR
Level 3
Level 3
Příspěvky: 542
Registrován: červenec 12
Bydliště: Severní Morava
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu podezření na havěď

Příspěvekod PARKR » 04 zář 2013 17:32

Virustotal

https://www.virustotal.com/cs/file/ae14 ... 378308609/


Combofix za chvíli ...
OS Windows 11 Professional (x64) (24H2) / MB ASUS TUF GAMING B650M-PLUS / CPU AMD Ryzen 5 7600/ RAM G.SKILL 32GB KIT DDR5 6000MT/s CL36 AMD EXPO / GPU ASUS DUAL RTX 4060 GAMING OC /
SSD SSD WD Black SN770 NVMe 1TB / PSU Seasonic Core GX-650 ATX 3
Nahoru
PARKR
Level 3
Level 3
Příspěvky: 542
Registrován: červenec 12
Bydliště: Severní Morava
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu podezření na havěď

Příspěvekod PARKR » 04 zář 2013 17:46

ComboFix 13-09-02.02 - Roman . 09. 2013 17:39:01.2.4 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.4043.2618 [GMT 2:00]
Spuštěný z: c:\users\Roman\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-04 do 2013-09-04 )))))))))))))))))))))))))))))))
.
.
2013-09-04 15:44 . 2013-09-04 15:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-04 15:44 . 2013-09-04 15:44 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-09-03 17:20 . 2013-09-03 17:20 -------- d-----w- c:\program files\CheckPoint
2013-09-03 17:20 . 2013-09-03 17:20 -------- d-----w- c:\program files (x86)\DoNotTrackPlus
2013-09-03 17:20 . 2013-09-03 17:20 -------- d-----w- c:\program files (x86)\Check Point Software Technologies LTD
2013-09-03 17:20 . 2013-09-03 17:20 -------- d-----w- c:\program files (x86)\CheckPoint
2013-09-03 17:19 . 2013-09-03 17:19 -------- d-----w- c:\programdata\CheckPoint
2013-09-03 16:06 . 2013-09-03 16:06 -------- d-----w- c:\windows\ERUNT
2013-09-03 15:01 . 2013-09-03 15:01 -------- d-----w- c:\program files (x86)\Trend Micro
2013-09-03 03:57 . 2013-09-03 03:57 -------- d-----w- c:\programdata\Logs
2013-09-03 03:57 . 2013-04-11 14:12 19392 ----a-w- c:\windows\system32\roboot64.exe
2013-09-01 09:54 . 2013-09-01 09:59 -------- d-----w- c:\programdata\PC Suite
2013-09-01 09:52 . 2013-09-01 09:53 -------- d-----w- c:\programdata\Nokia
2013-09-01 09:52 . 2013-09-01 09:52 -------- d-----w- c:\program files (x86)\Common Files\Nokia
2013-09-01 09:51 . 2013-09-01 09:51 -------- d-----w- c:\program files\DIFX
2013-09-01 09:51 . 2012-10-17 12:53 26112 ----a-w- c:\windows\system32\drivers\pccsmcfdx64.sys
2013-09-01 09:51 . 2013-09-01 09:51 -------- d-----w- c:\program files (x86)\PC Connectivity Solution
2013-09-01 09:51 . 2013-01-23 08:31 57856 ----a-w- c:\windows\system32\nmwcdclsX64.dll
2013-09-01 09:50 . 2013-09-01 09:52 -------- d-----w- c:\program files (x86)\Nokia
2013-09-01 09:46 . 2013-09-01 09:46 -------- d--h--w- c:\programdata\Common Files
2013-09-01 09:46 . 2013-09-01 09:46 -------- d-----w- c:\programdata\Installations
2013-09-01 08:26 . 2013-09-01 08:26 -------- d-----w- c:\windows\LastGood.Tmp
2013-08-29 19:49 . 2013-08-29 19:49 -------- d-----w- c:\windows\cs
2013-08-29 19:48 . 2013-08-29 19:48 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2013-08-29 19:48 . 2013-08-29 19:48 -------- d-----w- c:\program files\Windows Live
2013-08-29 19:48 . 2013-08-29 19:48 -------- d-----w- c:\windows\PCHEALTH
2013-08-29 19:48 . 2013-08-29 19:48 -------- d-----w- c:\program files (x86)\Windows Live
2013-08-29 19:45 . 2013-08-29 19:45 -------- d-----w- c:\program files (x86)\Microsoft SkyDrive
2013-08-29 19:45 . 2013-08-29 19:45 -------- d-----w- c:\programdata\Microsoft SkyDrive
2013-08-29 19:44 . 2013-08-29 19:44 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2013-08-29 15:27 . 2013-08-29 15:27 -------- d-----w- c:\program files (x86)\Convert MOV to AVI
2013-08-22 16:38 . 2013-08-22 16:38 -------- d-----w- c:\programdata\Malwarebytes
2013-08-22 16:38 . 2013-08-22 16:38 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-08-22 16:38 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-08-21 17:12 . 2009-09-04 15:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll
2013-08-20 08:52 . 2013-08-20 08:52 240304 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10214.bin
2013-08-16 14:34 . 2013-08-16 14:34 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-08-16 14:34 . 2013-08-16 14:34 -------- d-----r- c:\program files (x86)\Skype
2013-08-16 14:34 . 2013-08-16 14:34 -------- d-----w- c:\programdata\Skype
2013-08-14 09:26 . 2013-08-14 09:30 -------- d-----w- c:\windows\system32\MRT
2013-08-14 08:56 . 2013-05-23 23:02 1314816 ----a-w- c:\windows\system32\rpcrt4.dll
2013-08-14 08:56 . 2013-05-23 22:25 694272 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-08-14 08:56 . 2013-07-09 06:07 2233168 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-14 08:54 . 2013-07-26 03:13 44032 ----a-w- c:\windows\SysWow64\UXInit.dll
2013-08-11 15:11 . 2008-10-27 08:04 518480 ----a-w- c:\windows\system32\XAudio2_3.dll
2013-08-11 15:10 . 2008-03-05 13:56 4910088 ----a-w- c:\windows\system32\D3DX9_37.dll
2013-08-11 15:10 . 2008-03-05 13:56 3786760 ----a-w- c:\windows\SysWow64\D3DX9_37.dll
2013-08-11 15:10 . 2007-10-22 01:40 411656 ----a-w- c:\windows\system32\xactengine2_10.dll
2013-08-11 15:10 . 2007-10-22 01:39 267272 ----a-w- c:\windows\SysWow64\xactengine2_10.dll
2013-08-11 15:10 . 2007-10-12 13:14 2006552 ----a-w- c:\windows\system32\D3DCompiler_36.dll
2013-08-11 15:10 . 2007-10-12 13:14 1374232 ----a-w- c:\windows\SysWow64\D3DCompiler_36.dll
2013-08-11 15:10 . 2007-10-02 07:56 444776 ----a-w- c:\windows\SysWow64\d3dx10_36.dll
2013-08-11 15:10 . 2007-10-02 07:56 508264 ----a-w- c:\windows\system32\d3dx10_36.dll
2013-08-11 15:10 . 2007-10-12 13:14 5081608 ----a-w- c:\windows\system32\d3dx9_36.dll
2013-08-11 15:10 . 2007-10-12 13:14 3734536 ----a-w- c:\windows\SysWow64\d3dx9_36.dll
2013-08-11 15:10 . 2007-10-22 01:37 17928 ----a-w- c:\windows\SysWow64\X3DAudio1_2.dll
2013-08-11 15:10 . 2007-10-22 01:37 21000 ----a-w- c:\windows\system32\X3DAudio1_2.dll
2013-08-11 15:09 . 2013-08-11 15:09 424624 ----a-w- c:\windows\system32\wrap_oal.dll
2013-08-11 15:09 . 2013-08-11 15:09 138472 ----a-w- c:\windows\system32\OpenAL32.dll
2013-08-11 15:09 . 2013-08-11 15:09 -------- d-----w- c:\program files (x86)\OpenAL
2013-08-11 15:09 . 2013-08-11 15:09 418480 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-08-11 15:09 . 2013-08-11 15:09 115432 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-08-11 07:29 . 2013-08-11 07:29 -------- d-----w- c:\program files (x86)\VideoLAN
2013-08-09 04:26 . 2013-06-21 04:46 18523648 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-08-09 04:26 . 2013-06-21 05:04 19187712 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-08-08 19:20 . 2012-09-27 07:15 301568 ----a-w- c:\windows\system32\newdev.dll
2013-08-08 19:20 . 2012-09-27 06:34 275968 ----a-w- c:\windows\SysWow64\newdev.dll
2013-08-08 19:20 . 2012-09-27 07:17 76288 ----a-w- c:\windows\system32\newdev.exe
2013-08-08 19:20 . 2012-09-27 07:17 75264 ----a-w- c:\windows\system32\ndadmin.exe
2013-08-08 19:20 . 2012-09-27 06:35 74240 ----a-w- c:\windows\SysWow64\newdev.exe
2013-08-08 19:20 . 2012-09-27 06:35 73728 ----a-w- c:\windows\SysWow64\ndadmin.exe
2013-08-08 19:20 . 2012-10-02 07:34 68608 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-08-08 19:18 . 2012-11-20 05:24 1164800 ----a-w- c:\windows\SysWow64\Display.dll
2013-08-08 19:18 . 2012-11-20 05:17 1184256 ----a-w- c:\windows\system32\Display.dll
2013-08-08 19:18 . 2012-11-20 05:02 6656 ----a-w- c:\windows\SysWow64\KBDKURD.DLL
2013-08-08 19:18 . 2012-11-20 04:59 7168 ----a-w- c:\windows\system32\KBDKURD.DLL
2013-08-08 19:18 . 2012-11-08 04:25 523776 ----a-w- c:\windows\SysWow64\WSShared.dll
2013-08-08 19:18 . 2012-11-08 04:22 641536 ----a-w- c:\windows\system32\WSShared.dll
2013-08-08 19:18 . 2012-11-08 04:22 198656 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.dll
2013-08-08 19:18 . 2012-11-08 04:25 143872 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.dll
2013-08-08 19:18 . 2012-11-08 04:25 124928 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-08 19:18 . 2012-11-08 04:22 163840 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-08 19:13 . 2012-11-06 04:18 172032 ----a-w- c:\windows\system32\MFCaptureEngine.dll
2013-08-08 19:06 . 2012-10-12 06:13 109568 ----a-w- c:\windows\system32\dskquota.dll
2013-08-08 19:06 . 2012-10-12 05:39 82944 ----a-w- c:\windows\SysWow64\dskquota.dll
2013-08-08 19:05 . 2012-10-24 04:54 396008 ----a-w- c:\windows\system32\hal.dll
2013-08-08 19:05 . 2012-10-17 04:32 1172992 ----a-w- c:\windows\system32\mfnetsrc.dll
2013-08-08 19:05 . 2012-10-17 04:32 677888 ----a-w- c:\windows\system32\mfnetcore.dll
2013-08-08 19:05 . 2012-10-17 04:32 673280 ----a-w- c:\windows\system32\mfmpeg2srcsnk.dll
2013-08-08 19:05 . 2012-10-17 03:57 929792 ----a-w- c:\windows\SysWow64\mfnetsrc.dll
2013-08-08 19:05 . 2012-10-17 03:57 568832 ----a-w- c:\windows\SysWow64\mfnetcore.dll
2013-08-08 19:05 . 2012-10-17 03:57 513024 ----a-w- c:\windows\SysWow64\mfmpeg2srcsnk.dll
2013-08-08 19:03 . 2012-10-11 05:45 3236864 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2013-08-08 19:03 . 2012-10-11 05:46 1395712 ----a-w- c:\windows\system32\Windows.UI.Immersive.dll
2013-08-08 19:03 . 2012-10-11 05:44 1265152 ----a-w- c:\windows\system32\lsasrv.dll
2013-08-08 19:03 . 2012-10-11 05:45 579584 ----a-w- c:\windows\system32\StructuredQuery.dll
2013-08-08 19:03 . 2012-10-11 05:45 590848 ----a-w- c:\windows\system32\SHCore.dll
2013-08-08 19:03 . 2012-10-11 05:07 1226752 ----a-w- c:\windows\SysWow64\Windows.UI.Immersive.dll
2013-08-08 19:03 . 2012-10-11 07:47 793200 ----a-w- c:\windows\system32\mfplat.dll
2013-08-08 19:03 . 2012-10-11 05:44 904192 ----a-w- c:\windows\system32\MPSSVC.dll
2013-08-08 19:03 . 2012-10-11 05:07 414720 ----a-w- c:\windows\SysWow64\StructuredQuery.dll
2013-08-08 18:59 . 2012-11-27 04:19 3245568 ----a-w- c:\windows\system32\rdpcorets.dll
2013-08-08 18:59 . 2012-11-27 04:18 1071104 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-08-08 18:59 . 2012-11-27 06:39 1122768 ----a-w- c:\windows\system32\Taskmgr.exe
2013-08-08 18:59 . 2012-11-27 04:49 1027152 ----a-w- c:\windows\SysWow64\Taskmgr.exe
2013-08-08 18:59 . 2012-11-27 04:19 1536512 ----a-w- c:\windows\system32\storagewmi.dll
2013-08-08 18:59 . 2012-11-27 04:19 955904 ----a-w- c:\windows\system32\WebcamUi.dll
2013-08-08 18:59 . 2012-11-27 04:19 631808 ----a-w- c:\windows\system32\UserLanguagesCpl.dll
2013-08-08 18:59 . 2012-11-27 04:20 798208 ----a-w- c:\windows\SysWow64\WebcamUi.dll
2013-08-08 18:57 . 2013-06-01 09:20 2219520 ----a-w- c:\windows\system32\dwmcore.dll
2013-08-08 18:53 . 2012-09-20 09:10 2367528 ----a-w- c:\windows\system32\WSService.dll
2013-08-08 18:53 . 2012-09-20 07:55 3265256 ----a-w- c:\windows\system32\drivers\evbda.sys
2013-08-08 18:53 . 2012-09-20 06:33 2397184 ----a-w- c:\windows\system32\WpcMon.exe
2013-08-08 18:51 . 2012-09-20 06:33 420352 ----a-w- c:\windows\system32\WWAHost.exe
2013-08-08 18:50 . 2012-09-20 05:55 263168 ----a-w- c:\windows\SysWow64\wlidcredprov.dll
2013-08-08 18:49 . 2012-09-20 06:07 210304 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2013-08-08 14:21 . 2013-06-27 22:04 78200 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-08 14:21 . 2013-06-27 22:04 693112 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-08 11:20 . 2013-08-08 14:35 -------- d-----r- c:\windows\BrowserChoice
2013-08-08 09:40 . 2013-08-08 09:40 -------- d-----w- c:\windows\SysWow64\AGEIA
2013-08-08 09:40 . 2013-08-11 15:12 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-08-08 09:40 . 2013-08-11 15:12 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2013-08-08 09:37 . 2005-05-26 13:34 3767504 ----a-w- c:\windows\system32\d3dx9_26.dll
2013-08-08 09:37 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\SysWow64\d3dx9_26.dll
2013-08-08 09:37 . 2005-03-18 15:19 3823312 ----a-w- c:\windows\system32\d3dx9_25.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-06 18:53 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-06-07 11:45 . 2013-08-29 16:19 84992 --s-a-w- c:\windows\inf\mskpvcr\zlib1.dll
2013-06-07 11:45 . 2013-08-29 16:19 612352 --s-a-w- c:\windows\inf\mskpvcr\libcurl.dll
2013-06-07 11:45 . 2013-08-29 16:19 364544 --s-a-w- c:\windows\inf\mskpvcr\ssleay32.dll
2013-06-07 11:45 . 2013-08-29 16:19 279955 --s-a-w- c:\windows\inf\mskpvcr\libidn-11.dll
2013-06-07 11:45 . 2013-08-29 16:19 183382 --s-a-w- c:\windows\inf\mskpvcr\librtmp.dll
2013-06-07 11:45 . 2013-08-29 16:19 171008 --s-a-w- c:\windows\inf\mskpvcr\libssh2.dll
2013-06-07 11:45 . 2013-08-29 16:19 1704448 --s-a-w- c:\windows\inf\mskpvcr\libeay32.dll
2013-06-07 11:45 . 2013-08-29 16:19 110094 --s-a-w- c:\windows\inf\mskpvcr\libusb-1.0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}]
2013-07-03 11:51 155928 ----a-w- c:\users\Roman\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{FEB703F7-E7B2-4AB0-9566-87658AC70095}]
2013-03-12 08:27 120600 ----a-w- c:\users\Roman\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-08-29 19:45 220632 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-08-29 19:45 220632 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-08-29 19:45 220632 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\users\Roman\Documents\stahování\DTLite-setup\instalace DTl\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2013-04-18 1090912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2012-08-17 68776]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2012-07-27 724576]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
"Intel AppUp(SM) center"="c:\program files (x86)\Intel\IntelAppStore\bin\ismagent.exe" [2012-06-25 152896]
"mcpltui_exe"="c:\program files\Common Files\McAfee\Platform\mcuicnt.exe" [2012-07-24 299648]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"msrhvrslSrv"="c:\windows\inf\msrhvrsl.vbe" [2013-08-27 1558]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2013-01-23 73832]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R2 McOobeSv2;McAfee OOBE Service2;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 e1yexpress;Ovladač gigabitových síťových připojení Intel(R);c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 NetworkSupport;NetworkSupport;c:\program files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe;c:\program files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [x]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
R3 SOHDms;VAIO Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [x]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [x]
S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [x]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW86.sys;c:\windows\SYSNATIVE\drivers\AtihdW86.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BTATH_VDP;Bluetooth VDP Driver;c:\windows\system32\drivers\btath_vdp.sys;c:\windows\SYSNATIVE\drivers\btath_vdp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 SOWS;Sony Wireless State Device;c:\windows\System32\drivers\sows.sys;c:\windows\SYSNATIVE\drivers\sows.sys [x]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe;c:\program files\Sony\VAIO Update\VUAgent.exe [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-06 18:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-08-29 19:45 244696 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-08-29 19:45 244696 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-08-29 19:45 244696 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-08-20 1214608]
"BtPreLoad"="c:\program files (x86)\Bluetooth Suite\BtPreLoad.exe" [2012-08-13 64640]
"ISW"="" [BU]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.zonealarm.com/?src=hp&tbi ... sId=&ver=&
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - c:\users\Roman\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll
IE: {{AAA38851-3CFF-475F-B5E0-720D3645E4A5} - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - c:\program files (x86)\Minibar\Minibar.dll
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-bi_uninstaller - c:\users\Roman\Local Settings\Application Data\Bundled software uninstaller\bi_client.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=10000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 & Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfeeEx]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Celkový čas: 2013-09-04 17:46:43
ComboFix-quarantined-files.txt 2013-09-04 15:46
ComboFix2.txt 2013-09-03 17:58
.
Před spuštěním: 479 907 332 096 bytes free
Po spuštění: 479 606 775 808 bytes free
.
- - End Of File - - 572DC117A3EF717EB3D8115256C2DDFA
OS Windows 11 Professional (x64) (24H2) / MB ASUS TUF GAMING B650M-PLUS / CPU AMD Ryzen 5 7600/ RAM G.SKILL 32GB KIT DDR5 6000MT/s CL36 AMD EXPO / GPU ASUS DUAL RTX 4060 GAMING OC /
SSD SSD WD Black SN770 NVMe 1TB / PSU Seasonic Core GX-650 ATX 3
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu podezření na havěď

Příspěvekod jaro3 » 04 zář 2013 19:23

Odinstaluj:
McAfee
Minibar


Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\program files (x86)\Seznam.cz\distribution\szninstall.exe
c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
c:\windows\system32\drivers\mfewfpk.sys
c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe
c:\windows\system32\mfevtps.exe
c:\windows\system32\drivers\mfefirek.sys

Folder::
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Minibar

Driver::
SkypeUpdate
McOobeSv2
mfewfpk
mcpltsvc
mfefire
mfevtp
mfefirek

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"seznam-listicka-distribuce"=-

DDS::
IE: {{AAA38851-3CFF-475F-B5E0-720D3645E4A5} - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - c:\program files (x86)\Minibar\Minibar.dll

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfeeEx]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

RegLockDel::
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfeeEx]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
PARKR
Level 3
Level 3
Příspěvky: 542
Registrován: červenec 12
Bydliště: Severní Morava
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu podezření na havěď

Příspěvekod PARKR » 04 zář 2013 20:54

po překrytí dokumentu CFScript do Combofix se nic nestane :thumbdown:
OS Windows 11 Professional (x64) (24H2) / MB ASUS TUF GAMING B650M-PLUS / CPU AMD Ryzen 5 7600/ RAM G.SKILL 32GB KIT DDR5 6000MT/s CL36 AMD EXPO / GPU ASUS DUAL RTX 4060 GAMING OC /
SSD SSD WD Black SN770 NVMe 1TB / PSU Seasonic Core GX-650 ATX 3
Nahoru
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu podezření na havěď

Příspěvekod memphisto » 04 zář 2013 21:33

Měl by se spustit Combofix a provést akce ve skriptu. Máš vypnutý antivir? Zkus to v nouzovém režimu
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Nahoru
PARKR
Level 3
Level 3
Příspěvky: 542
Registrován: červenec 12
Bydliště: Severní Morava
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu podezření na havěď

Příspěvekod PARKR » 04 zář 2013 22:07

OK .Nouzový režim pomohl . Tady je LOG Combofix

ComboFix 13-09-04.01 - Roman . 09. 2013 21:53:04.3.4 - x64 MINIMAL
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.4043.3408 [GMT 2:00]
Spuštěný z: c:\users\Roman\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Roman\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\program files (x86)\Seznam.cz\distribution\szninstall.exe"
"c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe"
"c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe"
"c:\windows\system32\drivers\mfefirek.sys"
"c:\windows\system32\drivers\mfewfpk.sys"
"c:\windows\system32\mfevtps.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Seznam.cz\distribution\szninstall.exe
c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
c:\program files\Common Files\McAfee\SystemCore\mfefire.exe
c:\windows\system32\drivers\mfefirek.sys
c:\windows\system32\drivers\mfewfpk.sys
c:\windows\system32\mfevtps.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_McOobeSv2
-------\Service_mcpltsvc
-------\Service_mfefire
-------\Service_mfefirek
-------\Service_mfevtp
-------\Service_mfewfpk
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-04 do 2013-09-04 )))))))))))))))))))))))))))))))
.
.
2013-09-04 19:57 . 2013-09-04 19:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-04 19:57 . 2013-09-04 19:57 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-09-04 17:47 . 2013-09-04 17:47 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-09-03 17:20 . 2013-09-03 17:20 -------- d-----w- c:\program files\CheckPoint
2013-09-03 17:20 . 2013-09-03 17:20 -------- d-----w- c:\program files (x86)\DoNotTrackPlus
2013-09-03 17:20 . 2013-09-03 17:20 -------- d-----w- c:\program files (x86)\Check Point Software Technologies LTD
2013-09-03 17:20 . 2013-09-03 17:20 -------- d-----w- c:\program files (x86)\CheckPoint
2013-09-03 17:19 . 2013-09-03 17:19 -------- d-----w- c:\programdata\CheckPoint
2013-09-03 16:06 . 2013-09-03 16:06 -------- d-----w- c:\windows\ERUNT
2013-09-03 15:01 . 2013-09-03 15:01 -------- d-----w- c:\program files (x86)\Trend Micro
2013-09-03 03:57 . 2013-09-03 03:57 -------- d-----w- c:\programdata\Logs
2013-09-03 03:57 . 2013-04-11 14:12 19392 ----a-w- c:\windows\system32\roboot64.exe
2013-09-01 09:54 . 2013-09-01 09:59 -------- d-----w- c:\programdata\PC Suite
2013-09-01 09:52 . 2013-09-01 09:53 -------- d-----w- c:\programdata\Nokia
2013-09-01 09:52 . 2013-09-01 09:52 -------- d-----w- c:\program files (x86)\Common Files\Nokia
2013-09-01 09:51 . 2013-09-01 09:51 -------- d-----w- c:\program files\DIFX
2013-09-01 09:51 . 2012-10-17 12:53 26112 ----a-w- c:\windows\system32\drivers\pccsmcfdx64.sys
2013-09-01 09:51 . 2013-09-01 09:51 -------- d-----w- c:\program files (x86)\PC Connectivity Solution
2013-09-01 09:51 . 2013-01-23 08:31 57856 ----a-w- c:\windows\system32\nmwcdclsX64.dll
2013-09-01 09:50 . 2013-09-01 09:52 -------- d-----w- c:\program files (x86)\Nokia
2013-09-01 09:46 . 2013-09-01 09:46 -------- d--h--w- c:\programdata\Common Files
2013-09-01 09:46 . 2013-09-01 09:46 -------- d-----w- c:\programdata\Installations
2013-09-01 08:26 . 2013-09-01 08:26 -------- d-----w- c:\windows\LastGood.Tmp
2013-08-29 19:49 . 2013-08-29 19:49 -------- d-----w- c:\windows\cs
2013-08-29 19:48 . 2013-08-29 19:48 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2013-08-29 19:48 . 2013-08-29 19:48 -------- d-----w- c:\program files\Windows Live
2013-08-29 19:48 . 2013-08-29 19:48 -------- d-----w- c:\windows\PCHEALTH
2013-08-29 19:48 . 2013-08-29 19:48 -------- d-----w- c:\program files (x86)\Windows Live
2013-08-29 19:45 . 2013-08-29 19:45 -------- d-----w- c:\program files (x86)\Microsoft SkyDrive
2013-08-29 19:45 . 2013-08-29 19:45 -------- d-----w- c:\programdata\Microsoft SkyDrive
2013-08-29 19:44 . 2013-08-29 19:44 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2013-08-29 15:27 . 2013-08-29 15:27 -------- d-----w- c:\program files (x86)\Convert MOV to AVI
2013-08-22 16:38 . 2013-08-22 16:38 -------- d-----w- c:\programdata\Malwarebytes
2013-08-22 16:38 . 2013-08-22 16:38 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-08-22 16:38 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-08-21 17:12 . 2009-09-04 15:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll
2013-08-20 08:52 . 2013-08-20 08:52 240304 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10214.bin
2013-08-16 14:34 . 2013-08-16 14:34 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-08-16 14:34 . 2013-08-16 14:34 -------- d-----r- c:\program files (x86)\Skype
2013-08-16 14:34 . 2013-08-16 14:34 -------- d-----w- c:\programdata\Skype
2013-08-14 09:26 . 2013-08-14 09:30 -------- d-----w- c:\windows\system32\MRT
2013-08-14 08:56 . 2013-05-23 23:02 1314816 ----a-w- c:\windows\system32\rpcrt4.dll
2013-08-14 08:56 . 2013-05-23 22:25 694272 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-08-14 08:56 . 2013-07-09 06:07 2233168 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-14 08:54 . 2013-07-26 03:13 44032 ----a-w- c:\windows\SysWow64\UXInit.dll
2013-08-11 15:11 . 2008-10-27 08:04 518480 ----a-w- c:\windows\system32\XAudio2_3.dll
2013-08-11 15:10 . 2008-03-05 13:56 4910088 ----a-w- c:\windows\system32\D3DX9_37.dll
2013-08-11 15:10 . 2008-03-05 13:56 3786760 ----a-w- c:\windows\SysWow64\D3DX9_37.dll
2013-08-11 15:10 . 2007-10-22 01:40 411656 ----a-w- c:\windows\system32\xactengine2_10.dll
2013-08-11 15:10 . 2007-10-22 01:39 267272 ----a-w- c:\windows\SysWow64\xactengine2_10.dll
2013-08-11 15:10 . 2007-10-12 13:14 2006552 ----a-w- c:\windows\system32\D3DCompiler_36.dll
2013-08-11 15:10 . 2007-10-12 13:14 1374232 ----a-w- c:\windows\SysWow64\D3DCompiler_36.dll
2013-08-11 15:10 . 2007-10-02 07:56 444776 ----a-w- c:\windows\SysWow64\d3dx10_36.dll
2013-08-11 15:10 . 2007-10-02 07:56 508264 ----a-w- c:\windows\system32\d3dx10_36.dll
2013-08-11 15:10 . 2007-10-12 13:14 5081608 ----a-w- c:\windows\system32\d3dx9_36.dll
2013-08-11 15:10 . 2007-10-12 13:14 3734536 ----a-w- c:\windows\SysWow64\d3dx9_36.dll
2013-08-11 15:10 . 2007-10-22 01:37 17928 ----a-w- c:\windows\SysWow64\X3DAudio1_2.dll
2013-08-11 15:10 . 2007-10-22 01:37 21000 ----a-w- c:\windows\system32\X3DAudio1_2.dll
2013-08-11 15:09 . 2013-08-11 15:09 424624 ----a-w- c:\windows\system32\wrap_oal.dll
2013-08-11 15:09 . 2013-08-11 15:09 138472 ----a-w- c:\windows\system32\OpenAL32.dll
2013-08-11 15:09 . 2013-08-11 15:09 -------- d-----w- c:\program files (x86)\OpenAL
2013-08-11 15:09 . 2013-08-11 15:09 418480 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-08-11 15:09 . 2013-08-11 15:09 115432 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-08-11 07:29 . 2013-08-11 07:29 -------- d-----w- c:\program files (x86)\VideoLAN
2013-08-09 04:26 . 2013-06-21 04:46 18523648 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-08-09 04:26 . 2013-06-21 05:04 19187712 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-08-08 19:20 . 2012-09-27 07:15 301568 ----a-w- c:\windows\system32\newdev.dll
2013-08-08 19:20 . 2012-09-27 06:34 275968 ----a-w- c:\windows\SysWow64\newdev.dll
2013-08-08 19:20 . 2012-09-27 07:17 76288 ----a-w- c:\windows\system32\newdev.exe
2013-08-08 19:20 . 2012-09-27 07:17 75264 ----a-w- c:\windows\system32\ndadmin.exe
2013-08-08 19:20 . 2012-09-27 06:35 74240 ----a-w- c:\windows\SysWow64\newdev.exe
2013-08-08 19:20 . 2012-09-27 06:35 73728 ----a-w- c:\windows\SysWow64\ndadmin.exe
2013-08-08 19:20 . 2012-10-02 07:34 68608 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-08-08 19:18 . 2012-11-20 05:24 1164800 ----a-w- c:\windows\SysWow64\Display.dll
2013-08-08 19:18 . 2012-11-20 05:17 1184256 ----a-w- c:\windows\system32\Display.dll
2013-08-08 19:18 . 2012-11-20 05:02 6656 ----a-w- c:\windows\SysWow64\KBDKURD.DLL
2013-08-08 19:18 . 2012-11-20 04:59 7168 ----a-w- c:\windows\system32\KBDKURD.DLL
2013-08-08 19:18 . 2012-11-08 04:25 523776 ----a-w- c:\windows\SysWow64\WSShared.dll
2013-08-08 19:18 . 2012-11-08 04:22 641536 ----a-w- c:\windows\system32\WSShared.dll
2013-08-08 19:18 . 2012-11-08 04:22 198656 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.dll
2013-08-08 19:18 . 2012-11-08 04:25 143872 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.dll
2013-08-08 19:18 . 2012-11-08 04:25 124928 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-08 19:18 . 2012-11-08 04:22 163840 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-08 19:13 . 2012-11-06 04:18 172032 ----a-w- c:\windows\system32\MFCaptureEngine.dll
2013-08-08 19:06 . 2012-10-12 06:13 109568 ----a-w- c:\windows\system32\dskquota.dll
2013-08-08 19:06 . 2012-10-12 05:39 82944 ----a-w- c:\windows\SysWow64\dskquota.dll
2013-08-08 19:05 . 2012-10-24 04:54 396008 ----a-w- c:\windows\system32\hal.dll
2013-08-08 19:05 . 2012-10-17 04:32 1172992 ----a-w- c:\windows\system32\mfnetsrc.dll
2013-08-08 19:05 . 2012-10-17 04:32 677888 ----a-w- c:\windows\system32\mfnetcore.dll
2013-08-08 19:05 . 2012-10-17 04:32 673280 ----a-w- c:\windows\system32\mfmpeg2srcsnk.dll
2013-08-08 19:05 . 2012-10-17 03:57 929792 ----a-w- c:\windows\SysWow64\mfnetsrc.dll
2013-08-08 19:05 . 2012-10-17 03:57 568832 ----a-w- c:\windows\SysWow64\mfnetcore.dll
2013-08-08 19:05 . 2012-10-17 03:57 513024 ----a-w- c:\windows\SysWow64\mfmpeg2srcsnk.dll
2013-08-08 19:03 . 2012-10-11 05:45 3236864 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2013-08-08 19:03 . 2012-10-11 05:46 1395712 ----a-w- c:\windows\system32\Windows.UI.Immersive.dll
2013-08-08 19:03 . 2012-10-11 05:44 1265152 ----a-w- c:\windows\system32\lsasrv.dll
2013-08-08 19:03 . 2012-10-11 05:45 579584 ----a-w- c:\windows\system32\StructuredQuery.dll
2013-08-08 19:03 . 2012-10-11 05:45 590848 ----a-w- c:\windows\system32\SHCore.dll
2013-08-08 19:03 . 2012-10-11 05:07 1226752 ----a-w- c:\windows\SysWow64\Windows.UI.Immersive.dll
2013-08-08 19:03 . 2012-10-11 07:47 793200 ----a-w- c:\windows\system32\mfplat.dll
2013-08-08 19:03 . 2012-10-11 05:44 904192 ----a-w- c:\windows\system32\MPSSVC.dll
2013-08-08 19:03 . 2012-10-11 05:07 414720 ----a-w- c:\windows\SysWow64\StructuredQuery.dll
2013-08-08 18:59 . 2012-11-27 04:19 3245568 ----a-w- c:\windows\system32\rdpcorets.dll
2013-08-08 18:59 . 2012-11-27 04:18 1071104 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-08-08 18:59 . 2012-11-27 06:39 1122768 ----a-w- c:\windows\system32\Taskmgr.exe
2013-08-08 18:59 . 2012-11-27 04:49 1027152 ----a-w- c:\windows\SysWow64\Taskmgr.exe
2013-08-08 18:59 . 2012-11-27 04:19 1536512 ----a-w- c:\windows\system32\storagewmi.dll
2013-08-08 18:59 . 2012-11-27 04:19 955904 ----a-w- c:\windows\system32\WebcamUi.dll
2013-08-08 18:59 . 2012-11-27 04:19 631808 ----a-w- c:\windows\system32\UserLanguagesCpl.dll
2013-08-08 18:59 . 2012-11-27 04:20 798208 ----a-w- c:\windows\SysWow64\WebcamUi.dll
2013-08-08 18:57 . 2013-06-01 09:20 2219520 ----a-w- c:\windows\system32\dwmcore.dll
2013-08-08 18:53 . 2012-09-20 09:10 2367528 ----a-w- c:\windows\system32\WSService.dll
2013-08-08 18:53 . 2012-09-20 07:55 3265256 ----a-w- c:\windows\system32\drivers\evbda.sys
2013-08-08 18:53 . 2012-09-20 06:33 2397184 ----a-w- c:\windows\system32\WpcMon.exe
2013-08-08 18:51 . 2012-09-20 06:33 420352 ----a-w- c:\windows\system32\WWAHost.exe
2013-08-08 18:50 . 2012-09-20 05:55 263168 ----a-w- c:\windows\SysWow64\wlidcredprov.dll
2013-08-08 18:49 . 2012-09-20 06:07 210304 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2013-08-08 14:21 . 2013-06-27 22:04 78200 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-08 14:21 . 2013-06-27 22:04 693112 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-08 11:20 . 2013-08-08 14:35 -------- d-----r- c:\windows\BrowserChoice
2013-08-08 09:40 . 2013-08-08 09:40 -------- d-----w- c:\windows\SysWow64\AGEIA
2013-08-08 09:40 . 2013-08-11 15:12 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-08-08 09:40 . 2013-08-11 15:12 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2013-08-08 09:37 . 2005-05-26 13:34 3767504 ----a-w- c:\windows\system32\d3dx9_26.dll
2013-08-08 09:37 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\SysWow64\d3dx9_26.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-06 18:53 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-06-07 11:45 . 2013-08-29 16:19 84992 --s-a-w- c:\windows\inf\mskpvcr\zlib1.dll
2013-06-07 11:45 . 2013-08-29 16:19 612352 --s-a-w- c:\windows\inf\mskpvcr\libcurl.dll
2013-06-07 11:45 . 2013-08-29 16:19 364544 --s-a-w- c:\windows\inf\mskpvcr\ssleay32.dll
2013-06-07 11:45 . 2013-08-29 16:19 279955 --s-a-w- c:\windows\inf\mskpvcr\libidn-11.dll
2013-06-07 11:45 . 2013-08-29 16:19 183382 --s-a-w- c:\windows\inf\mskpvcr\librtmp.dll
2013-06-07 11:45 . 2013-08-29 16:19 171008 --s-a-w- c:\windows\inf\mskpvcr\libssh2.dll
2013-06-07 11:45 . 2013-08-29 16:19 1704448 --s-a-w- c:\windows\inf\mskpvcr\libeay32.dll
2013-06-07 11:45 . 2013-08-29 16:19 110094 --s-a-w- c:\windows\inf\mskpvcr\libusb-1.0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}]
2013-07-03 11:51 155928 ----a-w- c:\users\Roman\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{FEB703F7-E7B2-4AB0-9566-87658AC70095}]
2013-03-12 08:27 120600 ----a-w- c:\users\Roman\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-08-29 19:45 220632 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-08-29 19:45 220632 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-08-29 19:45 220632 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\users\Roman\Documents\stahování\DTLite-setup\instalace DTl\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2013-04-18 1090912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2012-08-17 68776]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2012-07-27 724576]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
"Intel AppUp(SM) center"="c:\program files (x86)\Intel\IntelAppStore\bin\ismagent.exe" [2012-06-25 152896]
"mcpltui_exe"="c:\program files\Common Files\McAfee\Platform\mcuicnt.exe" [2012-07-24 299648]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"msrhvrslSrv"="c:\windows\inf\msrhvrsl.vbe" [2013-08-27 1558]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2013-01-23 73832]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R3 e1yexpress;Ovladač gigabitových síťových připojení Intel(R);c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 NetworkSupport;NetworkSupport;c:\program files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe;c:\program files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [x]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
R3 SOHDms;VAIO Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [x]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [x]
S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW86.sys;c:\windows\SYSNATIVE\drivers\AtihdW86.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BTATH_VDP;Bluetooth VDP Driver;c:\windows\system32\drivers\btath_vdp.sys;c:\windows\SYSNATIVE\drivers\btath_vdp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 SOWS;Sony Wireless State Device;c:\windows\System32\drivers\sows.sys;c:\windows\SYSNATIVE\drivers\sows.sys [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe;c:\program files\Sony\VAIO Update\VUAgent.exe [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-06 18:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-08-29 19:45 244696 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-08-29 19:45 244696 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-08-29 19:45 244696 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-08-20 1214608]
"BtPreLoad"="c:\program files (x86)\Bluetooth Suite\BtPreLoad.exe" [2012-08-13 64640]
"ISW"="" [BU]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.zonealarm.com/?src=hp&tbi ... sId=&ver=&
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - c:\users\Roman\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll
IE: {{AAA38851-3CFF-475F-B5E0-720D3645E4A5} - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - c:\program files (x86)\Minibar\Minibar.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.zonealarm.com/search?src= ... &Lan=en&q={searchTerms}&gu=4b9f46cbb44e438cb800bfd119e283f9&tu=10G90009r2B000s&sku=&tstsId=&ver=&
FF - ExtSQL: 2013-08-06 21:18; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-08-08 11:03; {ea614400-e918-4741-9a97-7a972ff7c30b}; c:\users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - ExtSQL: 2013-08-08 11:03; {97A78363-B868-4B48-AC91-A783A31215AF}; c:\users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\extensions\{97A78363-B868-4B48-AC91-A783A31215AF}
FF - ExtSQL: 2013-08-17 06:03; langpack-cs@firefox.mozilla.org; c:\users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\extensions\langpack-cs@firefox.mozilla.org.xpi
FF - ExtSQL: 2013-09-01 11:49; {3DF4B26D-DB19-45DF-962A-6719D071245B}; c:\users\Roman\AppData\Local\Rich Media Player\BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}
FF - ExtSQL: 2013-09-03 19:20; {FFB96CC1-7EB3-449D-B827-DB661701C6BB}; c:\program files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF - ExtSQL: 2013-09-04 18:31; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; c:\users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - user.js: extensions.zonealarm.autoRvrt - false
FF - user.js: extensions.zonealarm_i.hmpg - true
FF - user.js: extensions.zonealarm.hmpgUrl - hxxp://search.zonealarm.com/?src=hp&tbi ... sId=&ver=&
FF - user.js: extensions.zonealarm.dfltSrch - true
FF - user.js: extensions.zonealarm.srchPrvdr - Search By ZoneAlarm
FF - user.js: extensions.zonealarm.keyWordUrl - hxxp://search.zonealarm.com/search?src= ... &Lan=en&q={searchTerms}&gu=4b9f46cbb44e438cb800bfd119e283f9&tu=10G90009r2B000s&sku=&tstsId=&ver=&
FF - user.js: extensions.zonealarm_i.dnsErr - true
FF - user.js: extensions.zonealarm_i.newTab - true
FF - user.js: extensions.zonealarm.newTabUrl - hxxp://search.zonealarm.com/?src=nt&tbi ... sId=&ver=&
FF - user.js: extensions.zonealarm.tlbrSrchUrl - hxxp://search.zonealarm.com/search?src= ... e2013&Lan={dfltLng}&gu=4b9f46cbb44e438cb800bfd119e283f9&tu=10G90009r2B000s&sku=&tstsId=&ver=&&q=
FF - user.js: extensions.zonealarm.id - 30a201b3000000000000083e8ec07e80
FF - user.js: extensions.zonealarm.appId - {C56C48A0-DA4E-46F6-9859-1553DC865F84}
FF - user.js: extensions.zonealarm.instlDay - 15951
FF - user.js: extensions.zonealarm.vrsn - 1.8.3.16
FF - user.js: extensions.zonealarm.vrsni - 1.8.3.16
FF - user.js: extensions.zonealarm_i.vrsnTs - 1.8.3.1619:20
FF - user.js: extensions.zonealarm.prtnrId - checkpoint
FF - user.js: extensions.zonealarm.prdct - zonealarm
FF - user.js: extensions.zonealarm.aflt - 1001
FF - user.js: extensions.zonealarm_i.smplGrp - none
FF - user.js: extensions.zonealarm.tlbrId - base2013
FF - user.js: extensions.zonealarm.instlRef - ZLN119601541189494-1001
FF - user.js: extensions.zonealarm.dfltLng - en
FF - user.js: extensions.zonealarm.excTlbr - false
FF - user.js: extensions.zonealarm.admin - false
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-bi_uninstaller - c:\users\Roman\Local Settings\Application Data\Bundled software uninstaller\bi_client.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=10000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 & Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfeeEx]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Sony\VAIO Control Center\VESMgr.exe
c:\program files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
c:\program files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\Sony\VAIO Care\listener.exe
c:\windows\SysWOW64\WScript.exe
.
**************************************************************************
.
Celkový čas: 2013-09-04 22:05:26 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-04 20:05
ComboFix2.txt 2013-09-04 15:46
ComboFix3.txt 2013-09-03 17:58
.
Před spuštěním: 479 118 225 408 bytes free
Po spuštění: 478 724 550 656 bytes free
.
- - End Of File - - CFEFC7E9A0C8B59A30ED0975869C3F5E
OS Windows 11 Professional (x64) (24H2) / MB ASUS TUF GAMING B650M-PLUS / CPU AMD Ryzen 5 7600/ RAM G.SKILL 32GB KIT DDR5 6000MT/s CL36 AMD EXPO / GPU ASUS DUAL RTX 4060 GAMING OC /
SSD SSD WD Black SN770 NVMe 1TB / PSU Seasonic Core GX-650 ATX 3
Nahoru
PARKR
Level 3
Level 3
Příspěvky: 542
Registrován: červenec 12
Bydliště: Severní Morava
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu podezření na havěď

Příspěvekod PARKR » 04 zář 2013 22:13

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-09-04 22:12:52
-----------------------------
22:12:52.882 OS Version: Windows x64 6.2.9200
22:12:52.882 Number of processors: 4 586 0x3A09
22:12:52.882 ComputerName: NUFANKA UserName: Roman
22:12:52.882 Initialze error 1
22:12:52.944 AVAST engine defs: 13090401
22:13:06.510 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000038
22:13:06.510 Disk 0 Vendor: TOSHIBA_MK6459GSXP GT102H Size: 610480MB BusType: 11
22:13:06.526 Disk 0 MBR read successfully
22:13:06.526 Disk 0 MBR scan
22:13:06.526 Disk 0 unknown MBR code
22:13:06.526 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
22:13:06.526 Disk 0 scanning C:\Windows\system32\drivers
22:13:06.542 Service scanning
22:13:07.074 Modules scanning
22:13:07.074 Disk 0 trace - called modules:
22:13:07.089 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll iaStorA.sys
22:13:07.089 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80064fa060]
22:13:07.105 3 CLASSPNP.SYS[fffff88000b45fea] -> nt!IofCallDriver -> [0xfffffa8004c1d1d0]
22:13:07.105 5 ACPI.sys[fffff88001001a91] -> nt!IofCallDriver -> \Device\00000038[0xfffffa8004c1a060]
22:13:07.121 AVAST engine scan C:\Windows
22:13:07.121 AVAST engine scan C:\Windows\system32
22:13:07.136 AVAST engine scan C:\Windows\system32\drivers
22:13:07.136 AVAST engine scan C:\Users\Roman
22:13:07.152 AVAST engine scan C:\ProgramData
22:13:07.152 Scan finished successfully
22:13:26.145 Disk 0 MBR has been saved successfully to "C:\Users\Roman\Desktop\MBR.dat"
22:13:26.145 The log file has been saved successfully to "C:\Users\Roman\Desktop\aswMBR.txt"
OS Windows 11 Professional (x64) (24H2) / MB ASUS TUF GAMING B650M-PLUS / CPU AMD Ryzen 5 7600/ RAM G.SKILL 32GB KIT DDR5 6000MT/s CL36 AMD EXPO / GPU ASUS DUAL RTX 4060 GAMING OC /
SSD SSD WD Black SN770 NVMe 1TB / PSU Seasonic Core GX-650 ATX 3
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu podezření na havěť

Příspěvekod jaro3 » 05 zář 2013 09:51

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

KillAll::
Folder::
c:\program files (x86)\Minibar
c:\program files\Common Files\McAfee

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"mcpltui_exe"=-

DDS::
IE: {{AAA38851-3CFF-475F-B5E0-720D3645E4A5} - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - c:\program files (x86)\Minibar\Minibar.dll

RegBull::
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfeeEx]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfeeEx]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
PARKR
Level 3
Level 3
Příspěvky: 542
Registrován: červenec 12
Bydliště: Severní Morava
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu podezření na havěť

Příspěvekod PARKR » 05 zář 2013 17:45

ComboFix 13-09-04.01 - Roman . 09. 2013 17:34:09.5.4 - x64 MINIMAL
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.4043.3262 [GMT 2:00]
Spuštěný z: c:\users\Roman\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Roman\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\program files\Common Files\McAfee\Platform\alertmgr.dll
c:\program files\Common Files\McAfee\Platform\Core\mccore.inf
c:\program files\Common Files\McAfee\Platform\Core\mccoreps.dll
c:\program files\Common Files\McAfee\Platform\Core\McEvtBrk.dll
c:\program files\Common Files\McAfee\Platform\Core\mchost.exe
c:\program files\Common Files\McAfee\Platform\LangSel.dll
c:\program files\Common Files\McAfee\Platform\mcbrwsr2.dll
c:\program files\Common Files\McAfee\Platform\McDspWrp.dll
c:\program files\Common Files\McAfee\Platform\McDspWrp64.inf
c:\program files\Common Files\McAfee\Platform\mcpltalt.dll
c:\program files\Common Files\McAfee\Platform\McPltCmd.exe
c:\program files\Common Files\McAfee\Platform\McRTMui.dll
c:\program files\Common Files\McAfee\Platform\McSvcHost\LogCntrl.dll
c:\program files\Common Files\McAfee\Platform\McSvcHost\McSHIns.dll
c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvcHost64.inf
c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHVer.dll
c:\program files\Common Files\McAfee\Platform\mcsystraymgr.dll
c:\program files\Common Files\McAfee\Platform\mcuc64.inf
c:\program files\Common Files\McAfee\Platform\mcuicfg.dll
c:\program files\Common Files\McAfee\Platform\McUICnt.exe
c:\program files\Common Files\McAfee\Platform\mcuifw.dll
c:\program files\Common Files\McAfee\Platform\mcutil.dll
c:\program files\Common Files\McAfee\Platform\mcutil\12,0,354,0\mcutil.dll
c:\program files\Common Files\McAfee\Platform\misplf.dll
c:\program files\Common Files\McAfee\Platform\msccmn.inf
c:\program files\Common Files\McAfee\Platform\OOBEInstaller.inf
c:\program files\Common Files\McAfee\Platform\OOBEInstallerWrapper.inf
c:\program files\Common Files\McAfee\Platform\PlatformAndCoreInstaller.inf
c:\program files\Common Files\McAfee\Platform\platformdfoem64.inf
c:\program files\Common Files\McAfee\Platform\PlatformServiceFW.dll
c:\program files\Common Files\McAfee\Platform\platformserviceFW64.inf
c:\program files\Common Files\McAfee\Platform\PlatformUIFW64.inf
c:\program files\Common Files\McAfee\Platform\PlatJsRes.dll
c:\program files\Common Files\McAfee\Platform\platlres.dll
c:\program files\Common Files\McAfee\Platform\sqlite3.dll
c:\program files\Common Files\McAfee\systemcore\fwinfo.exe
c:\program files\Common Files\McAfee\systemcore\lockdown.dll
c:\program files\Common Files\McAfee\systemcore\mfeapfa.dll
c:\program files\Common Files\McAfee\systemcore\mfeavfa.dll
c:\program files\Common Files\McAfee\systemcore\mfefwctl.dll
c:\program files\Common Files\McAfee\systemcore\mfehida.dll
c:\program files\Common Files\McAfee\systemcore\mfehidk_messages.dll
c:\program files\Common Files\McAfee\systemcore\mfevtpa.dll
c:\program files\Common Files\McAfee\systemcore\vscan.bof
c:\program files\Common Files\McAfee\systemcore\vtp_catcache
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-05 do 2013-09-05 )))))))))))))))))))))))))))))))
.
.
2013-09-05 15:38 . 2013-09-05 15:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-05 15:38 . 2013-09-05 15:38 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-09-04 17:47 . 2013-09-04 17:47 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-09-03 17:20 . 2013-09-03 17:20 -------- d-----w- c:\program files\CheckPoint
2013-09-03 17:20 . 2013-09-03 17:20 -------- d-----w- c:\program files (x86)\DoNotTrackPlus
2013-09-03 17:20 . 2013-09-03 17:20 -------- d-----w- c:\program files (x86)\Check Point Software Technologies LTD
2013-09-03 17:20 . 2013-09-03 17:20 -------- d-----w- c:\program files (x86)\CheckPoint
2013-09-03 17:19 . 2013-09-03 17:19 -------- d-----w- c:\programdata\CheckPoint
2013-09-03 16:06 . 2013-09-03 16:06 -------- d-----w- c:\windows\ERUNT
2013-09-03 15:01 . 2013-09-03 15:01 -------- d-----w- c:\program files (x86)\Trend Micro
2013-09-03 03:57 . 2013-09-03 03:57 -------- d-----w- c:\programdata\Logs
2013-09-03 03:57 . 2013-04-11 14:12 19392 ----a-w- c:\windows\system32\roboot64.exe
2013-09-01 09:54 . 2013-09-01 09:59 -------- d-----w- c:\programdata\PC Suite
2013-09-01 09:52 . 2013-09-01 09:53 -------- d-----w- c:\programdata\Nokia
2013-09-01 09:52 . 2013-09-01 09:52 -------- d-----w- c:\program files (x86)\Common Files\Nokia
2013-09-01 09:51 . 2013-09-01 09:51 -------- d-----w- c:\program files\DIFX
2013-09-01 09:51 . 2012-10-17 12:53 26112 ----a-w- c:\windows\system32\drivers\pccsmcfdx64.sys
2013-09-01 09:51 . 2013-09-01 09:51 -------- d-----w- c:\program files (x86)\PC Connectivity Solution
2013-09-01 09:51 . 2013-01-23 08:31 57856 ----a-w- c:\windows\system32\nmwcdclsX64.dll
2013-09-01 09:50 . 2013-09-01 09:52 -------- d-----w- c:\program files (x86)\Nokia
2013-09-01 09:46 . 2013-09-01 09:46 -------- d--h--w- c:\programdata\Common Files
2013-09-01 09:46 . 2013-09-01 09:46 -------- d-----w- c:\programdata\Installations
2013-09-01 08:26 . 2013-09-01 08:26 -------- d-----w- c:\windows\LastGood.Tmp
2013-08-29 19:49 . 2013-08-29 19:49 -------- d-----w- c:\windows\cs
2013-08-29 19:48 . 2013-08-29 19:48 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2013-08-29 19:48 . 2013-08-29 19:48 -------- d-----w- c:\program files\Windows Live
2013-08-29 19:48 . 2013-08-29 19:48 -------- d-----w- c:\windows\PCHEALTH
2013-08-29 19:48 . 2013-08-29 19:48 -------- d-----w- c:\program files (x86)\Windows Live
2013-08-29 19:45 . 2013-08-29 19:45 -------- d-----w- c:\program files (x86)\Microsoft SkyDrive
2013-08-29 19:45 . 2013-08-29 19:45 -------- d-----w- c:\programdata\Microsoft SkyDrive
2013-08-29 19:44 . 2013-08-29 19:44 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2013-08-29 15:27 . 2013-08-29 15:27 -------- d-----w- c:\program files (x86)\Convert MOV to AVI
2013-08-22 16:38 . 2013-08-22 16:38 -------- d-----w- c:\programdata\Malwarebytes
2013-08-22 16:38 . 2013-08-22 16:38 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-08-22 16:38 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-08-21 17:12 . 2009-09-04 15:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll
2013-08-20 08:52 . 2013-08-20 08:52 240304 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10214.bin
2013-08-16 14:34 . 2013-08-16 14:34 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-08-16 14:34 . 2013-08-16 14:34 -------- d-----r- c:\program files (x86)\Skype
2013-08-16 14:34 . 2013-08-16 14:34 -------- d-----w- c:\programdata\Skype
2013-08-14 09:26 . 2013-08-14 09:30 -------- d-----w- c:\windows\system32\MRT
2013-08-14 08:56 . 2013-05-23 23:02 1314816 ----a-w- c:\windows\system32\rpcrt4.dll
2013-08-14 08:56 . 2013-05-23 22:25 694272 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-08-14 08:56 . 2013-07-09 06:07 2233168 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-14 08:54 . 2013-07-26 03:13 44032 ----a-w- c:\windows\SysWow64\UXInit.dll
2013-08-11 15:11 . 2008-10-27 08:04 518480 ----a-w- c:\windows\system32\XAudio2_3.dll
2013-08-11 15:10 . 2008-03-05 13:56 4910088 ----a-w- c:\windows\system32\D3DX9_37.dll
2013-08-11 15:10 . 2008-03-05 13:56 3786760 ----a-w- c:\windows\SysWow64\D3DX9_37.dll
2013-08-11 15:10 . 2007-10-22 01:40 411656 ----a-w- c:\windows\system32\xactengine2_10.dll
2013-08-11 15:10 . 2007-10-22 01:39 267272 ----a-w- c:\windows\SysWow64\xactengine2_10.dll
2013-08-11 15:10 . 2007-10-12 13:14 2006552 ----a-w- c:\windows\system32\D3DCompiler_36.dll
2013-08-11 15:10 . 2007-10-12 13:14 1374232 ----a-w- c:\windows\SysWow64\D3DCompiler_36.dll
2013-08-11 15:10 . 2007-10-02 07:56 444776 ----a-w- c:\windows\SysWow64\d3dx10_36.dll
2013-08-11 15:10 . 2007-10-02 07:56 508264 ----a-w- c:\windows\system32\d3dx10_36.dll
2013-08-11 15:10 . 2007-10-12 13:14 5081608 ----a-w- c:\windows\system32\d3dx9_36.dll
2013-08-11 15:10 . 2007-10-12 13:14 3734536 ----a-w- c:\windows\SysWow64\d3dx9_36.dll
2013-08-11 15:10 . 2007-10-22 01:37 17928 ----a-w- c:\windows\SysWow64\X3DAudio1_2.dll
2013-08-11 15:10 . 2007-10-22 01:37 21000 ----a-w- c:\windows\system32\X3DAudio1_2.dll
2013-08-11 15:09 . 2013-08-11 15:09 424624 ----a-w- c:\windows\system32\wrap_oal.dll
2013-08-11 15:09 . 2013-08-11 15:09 138472 ----a-w- c:\windows\system32\OpenAL32.dll
2013-08-11 15:09 . 2013-08-11 15:09 -------- d-----w- c:\program files (x86)\OpenAL
2013-08-11 15:09 . 2013-08-11 15:09 418480 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-08-11 15:09 . 2013-08-11 15:09 115432 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-08-11 07:29 . 2013-08-11 07:29 -------- d-----w- c:\program files (x86)\VideoLAN
2013-08-09 04:26 . 2013-06-21 04:46 18523648 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-08-09 04:26 . 2013-06-21 05:04 19187712 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-08-08 19:20 . 2012-09-27 07:15 301568 ----a-w- c:\windows\system32\newdev.dll
2013-08-08 19:20 . 2012-09-27 06:34 275968 ----a-w- c:\windows\SysWow64\newdev.dll
2013-08-08 19:20 . 2012-09-27 07:17 76288 ----a-w- c:\windows\system32\newdev.exe
2013-08-08 19:20 . 2012-09-27 07:17 75264 ----a-w- c:\windows\system32\ndadmin.exe
2013-08-08 19:20 . 2012-09-27 06:35 74240 ----a-w- c:\windows\SysWow64\newdev.exe
2013-08-08 19:20 . 2012-09-27 06:35 73728 ----a-w- c:\windows\SysWow64\ndadmin.exe
2013-08-08 19:20 . 2012-10-02 07:34 68608 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-08-08 19:18 . 2012-11-20 05:24 1164800 ----a-w- c:\windows\SysWow64\Display.dll
2013-08-08 19:18 . 2012-11-20 05:17 1184256 ----a-w- c:\windows\system32\Display.dll
2013-08-08 19:18 . 2012-11-20 05:02 6656 ----a-w- c:\windows\SysWow64\KBDKURD.DLL
2013-08-08 19:18 . 2012-11-20 04:59 7168 ----a-w- c:\windows\system32\KBDKURD.DLL
2013-08-08 19:18 . 2012-11-08 04:25 523776 ----a-w- c:\windows\SysWow64\WSShared.dll
2013-08-08 19:18 . 2012-11-08 04:22 641536 ----a-w- c:\windows\system32\WSShared.dll
2013-08-08 19:18 . 2012-11-08 04:22 198656 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.dll
2013-08-08 19:18 . 2012-11-08 04:25 143872 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.dll
2013-08-08 19:18 . 2012-11-08 04:25 124928 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-08 19:18 . 2012-11-08 04:22 163840 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-08 19:13 . 2012-11-06 04:18 172032 ----a-w- c:\windows\system32\MFCaptureEngine.dll
2013-08-08 19:06 . 2012-10-12 06:13 109568 ----a-w- c:\windows\system32\dskquota.dll
2013-08-08 19:06 . 2012-10-12 05:39 82944 ----a-w- c:\windows\SysWow64\dskquota.dll
2013-08-08 19:05 . 2012-10-24 04:54 396008 ----a-w- c:\windows\system32\hal.dll
2013-08-08 19:05 . 2012-10-17 04:32 1172992 ----a-w- c:\windows\system32\mfnetsrc.dll
2013-08-08 19:05 . 2012-10-17 04:32 677888 ----a-w- c:\windows\system32\mfnetcore.dll
2013-08-08 19:05 . 2012-10-17 04:32 673280 ----a-w- c:\windows\system32\mfmpeg2srcsnk.dll
2013-08-08 19:05 . 2012-10-17 03:57 929792 ----a-w- c:\windows\SysWow64\mfnetsrc.dll
2013-08-08 19:05 . 2012-10-17 03:57 568832 ----a-w- c:\windows\SysWow64\mfnetcore.dll
2013-08-08 19:05 . 2012-10-17 03:57 513024 ----a-w- c:\windows\SysWow64\mfmpeg2srcsnk.dll
2013-08-08 19:03 . 2012-10-11 05:45 3236864 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2013-08-08 19:03 . 2012-10-11 05:46 1395712 ----a-w- c:\windows\system32\Windows.UI.Immersive.dll
2013-08-08 19:03 . 2012-10-11 05:44 1265152 ----a-w- c:\windows\system32\lsasrv.dll
2013-08-08 19:03 . 2012-10-11 05:45 579584 ----a-w- c:\windows\system32\StructuredQuery.dll
2013-08-08 19:03 . 2012-10-11 05:45 590848 ----a-w- c:\windows\system32\SHCore.dll
2013-08-08 19:03 . 2012-10-11 05:07 1226752 ----a-w- c:\windows\SysWow64\Windows.UI.Immersive.dll
2013-08-08 19:03 . 2012-10-11 07:47 793200 ----a-w- c:\windows\system32\mfplat.dll
2013-08-08 19:03 . 2012-10-11 05:44 904192 ----a-w- c:\windows\system32\MPSSVC.dll
2013-08-08 19:03 . 2012-10-11 05:07 414720 ----a-w- c:\windows\SysWow64\StructuredQuery.dll
2013-08-08 18:59 . 2012-11-27 04:19 3245568 ----a-w- c:\windows\system32\rdpcorets.dll
2013-08-08 18:59 . 2012-11-27 04:18 1071104 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-08-08 18:59 . 2012-11-27 06:39 1122768 ----a-w- c:\windows\system32\Taskmgr.exe
2013-08-08 18:59 . 2012-11-27 04:49 1027152 ----a-w- c:\windows\SysWow64\Taskmgr.exe
2013-08-08 18:59 . 2012-11-27 04:19 1536512 ----a-w- c:\windows\system32\storagewmi.dll
2013-08-08 18:59 . 2012-11-27 04:19 955904 ----a-w- c:\windows\system32\WebcamUi.dll
2013-08-08 18:59 . 2012-11-27 04:19 631808 ----a-w- c:\windows\system32\UserLanguagesCpl.dll
2013-08-08 18:59 . 2012-11-27 04:20 798208 ----a-w- c:\windows\SysWow64\WebcamUi.dll
2013-08-08 18:57 . 2013-06-01 09:20 2219520 ----a-w- c:\windows\system32\dwmcore.dll
2013-08-08 18:53 . 2012-09-20 09:10 2367528 ----a-w- c:\windows\system32\WSService.dll
2013-08-08 18:53 . 2012-09-20 07:55 3265256 ----a-w- c:\windows\system32\drivers\evbda.sys
2013-08-08 18:53 . 2012-09-20 06:33 2397184 ----a-w- c:\windows\system32\WpcMon.exe
2013-08-08 18:51 . 2012-09-20 06:33 420352 ----a-w- c:\windows\system32\WWAHost.exe
2013-08-08 18:50 . 2012-09-20 05:55 263168 ----a-w- c:\windows\SysWow64\wlidcredprov.dll
2013-08-08 18:49 . 2012-09-20 06:07 210304 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2013-08-08 14:21 . 2013-06-27 22:04 78200 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-08 14:21 . 2013-06-27 22:04 693112 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-08 11:20 . 2013-08-08 14:35 -------- d-----r- c:\windows\BrowserChoice
2013-08-08 09:40 . 2013-08-08 09:40 -------- d-----w- c:\windows\SysWow64\AGEIA
2013-08-08 09:40 . 2013-08-11 15:12 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-08-08 09:40 . 2013-08-11 15:12 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2013-08-08 09:37 . 2005-05-26 13:34 3767504 ----a-w- c:\windows\system32\d3dx9_26.dll
2013-08-08 09:37 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\SysWow64\d3dx9_26.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-06 18:53 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}]
2013-07-03 11:51 155928 ----a-w- c:\users\Roman\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{FEB703F7-E7B2-4AB0-9566-87658AC70095}]
2013-03-12 08:27 120600 ----a-w- c:\users\Roman\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-08-29 19:45 220632 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-08-29 19:45 220632 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-08-29 19:45 220632 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\users\Roman\Documents\stahování\DTLite-setup\instalace DTl\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2013-04-18 1090912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2012-08-17 68776]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2012-07-27 724576]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
"Intel AppUp(SM) center"="c:\program files (x86)\Intel\IntelAppStore\bin\ismagent.exe" [2012-06-25 152896]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"msrhvrslSrv"="c:\windows\inf\msrhvrsl.vbe" [2013-08-27 1558]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2013-01-23 73832]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R3 e1yexpress;Ovladač gigabitových síťových připojení Intel(R);c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 NetworkSupport;NetworkSupport;c:\program files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe;c:\program files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [x]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
R3 SOHDms;VAIO Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [x]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [x]
S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW86.sys;c:\windows\SYSNATIVE\drivers\AtihdW86.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BTATH_VDP;Bluetooth VDP Driver;c:\windows\system32\drivers\btath_vdp.sys;c:\windows\SYSNATIVE\drivers\btath_vdp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 SOWS;Sony Wireless State Device;c:\windows\System32\drivers\sows.sys;c:\windows\SYSNATIVE\drivers\sows.sys [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe;c:\program files\Sony\VAIO Update\VUAgent.exe [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-06 18:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-08-29 19:45 244696 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-08-29 19:45 244696 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-08-29 19:45 244696 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-08-20 1214608]
"BtPreLoad"="c:\program files (x86)\Bluetooth Suite\BtPreLoad.exe" [2012-08-13 64640]
"ISW"="" [BU]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.zonealarm.com/?src=hp&tbi ... sId=&ver=&
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - c:\users\Roman\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll
IE: {{AAA38851-3CFF-475F-B5E0-720D3645E4A5} - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - c:\program files (x86)\Minibar\Minibar.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.zonealarm.com/search?src= ... &Lan=en&q={searchTerms}&gu=4b9f46cbb44e438cb800bfd119e283f9&tu=10G90009r2B000s&sku=&tstsId=&ver=&
FF - ExtSQL: 2013-08-06 21:18; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-08-08 11:03; {ea614400-e918-4741-9a97-7a972ff7c30b}; c:\users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - ExtSQL: 2013-08-08 11:03; {97A78363-B868-4B48-AC91-A783A31215AF}; c:\users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\extensions\{97A78363-B868-4B48-AC91-A783A31215AF}
FF - ExtSQL: 2013-08-17 06:03; langpack-cs@firefox.mozilla.org; c:\users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\extensions\langpack-cs@firefox.mozilla.org.xpi
FF - ExtSQL: 2013-09-01 11:49; {3DF4B26D-DB19-45DF-962A-6719D071245B}; c:\users\Roman\AppData\Local\Rich Media Player\BrowserExtensions\Firefox\{3DF4B26D-DB19-45DF-962A-6719D071245B}
FF - ExtSQL: 2013-09-03 19:20; {FFB96CC1-7EB3-449D-B827-DB661701C6BB}; c:\program files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF - ExtSQL: 2013-09-04 18:31; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; c:\users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF - ExtSQL: 2013-09-05 06:04; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - user.js: extensions.zonealarm.autoRvrt - false
FF - user.js: extensions.zonealarm_i.hmpg - true
FF - user.js: extensions.zonealarm.hmpgUrl - hxxp://search.zonealarm.com/?src=hp&tbi ... sId=&ver=&
FF - user.js: extensions.zonealarm.dfltSrch - true
FF - user.js: extensions.zonealarm.srchPrvdr - Search By ZoneAlarm
FF - user.js: extensions.zonealarm.keyWordUrl - hxxp://search.zonealarm.com/search?src= ... &Lan=en&q={searchTerms}&gu=4b9f46cbb44e438cb800bfd119e283f9&tu=10G90009r2B000s&sku=&tstsId=&ver=&
FF - user.js: extensions.zonealarm_i.dnsErr - true
FF - user.js: extensions.zonealarm_i.newTab - true
FF - user.js: extensions.zonealarm.newTabUrl - hxxp://search.zonealarm.com/?src=nt&tbi ... sId=&ver=&
FF - user.js: extensions.zonealarm.tlbrSrchUrl - hxxp://search.zonealarm.com/search?src= ... e2013&Lan={dfltLng}&gu=4b9f46cbb44e438cb800bfd119e283f9&tu=10G90009r2B000s&sku=&tstsId=&ver=&&q=
FF - user.js: extensions.zonealarm.id - 30a201b3000000000000083e8ec07e80
FF - user.js: extensions.zonealarm.appId - {C56C48A0-DA4E-46F6-9859-1553DC865F84}
FF - user.js: extensions.zonealarm.instlDay - 15951
FF - user.js: extensions.zonealarm.vrsn - 1.8.3.16
FF - user.js: extensions.zonealarm.vrsni - 1.8.3.16
FF - user.js: extensions.zonealarm_i.vrsnTs - 1.8.3.1619:20
FF - user.js: extensions.zonealarm.prtnrId - checkpoint
FF - user.js: extensions.zonealarm.prdct - zonealarm
FF - user.js: extensions.zonealarm.aflt - 1001
FF - user.js: extensions.zonealarm_i.smplGrp - none
FF - user.js: extensions.zonealarm.tlbrId - base2013
FF - user.js: extensions.zonealarm.instlRef - ZLN119601541189494-1001
FF - user.js: extensions.zonealarm.dfltLng - en
FF - user.js: extensions.zonealarm.excTlbr - false
FF - user.js: extensions.zonealarm.admin - false
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-bi_uninstaller - c:\users\Roman\Local Settings\Application Data\Bundled software uninstaller\bi_client.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=10000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 & Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfeeEx]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Sony\VAIO Control Center\VESMgr.exe
c:\program files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
c:\program files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\Sony\VAIO Care\listener.exe
.
**************************************************************************
.
Celkový čas: 2013-09-05 17:45:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-05 15:45
ComboFix2.txt 2013-09-04 20:05
ComboFix3.txt 2013-09-04 15:46
ComboFix4.txt 2013-09-03 17:58
.
Před spuštěním: 478 575 939 584 bytes free
Po spuštění: 478 500 012 032 bytes free
.
- - End Of File - - A6D368B0858E244EA818CE6D021E459D
OS Windows 11 Professional (x64) (24H2) / MB ASUS TUF GAMING B650M-PLUS / CPU AMD Ryzen 5 7600/ RAM G.SKILL 32GB KIT DDR5 6000MT/s CL36 AMD EXPO / GPU ASUS DUAL RTX 4060 GAMING OC /
SSD SSD WD Black SN770 NVMe 1TB / PSU Seasonic Core GX-650 ATX 3
Nahoru
PARKR
Level 3
Level 3
Příspěvky: 542
Registrován: červenec 12
Bydliště: Severní Morava
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu podezření na havěť

Příspěvekod PARKR » 05 zář 2013 19:50

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:47:49, on 5. 9. 2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16660)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.zonealarm.com/?src=hp&tbi ... sId=&ver=&
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.3.16\bh\zonealarm.dll
O2 - BHO: ZoneAlarm Do Not Track - {6E45F3E8-2683-4824-A6BE-08108022FB36} - C:\Program Files (x86)\DoNotTrackPlus\IE\DNTPAddon.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Roman\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Rich Media Player - {FEB703F7-E7B2-4AB0-9566-87658AC70095} - C:\Users\Roman\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.3.16\zonealarmTlbr.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [msrhvrslSrv] C:\Windows\inf\msrhvrsl.vbe
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Users\Roman\Documents\stahování\DTLite-setup\instalace DTl\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Roman\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll
O9 - Extra button: Visit AppsHat.com - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - C:\Program Files (x86)\Minibar\Minibar.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NetworkSupport - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: VAIO Care Performance Service (SampleCollector) - Unknown owner - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\VUAgent.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 11797 bytes
OS Windows 11 Professional (x64) (24H2) / MB ASUS TUF GAMING B650M-PLUS / CPU AMD Ryzen 5 7600/ RAM G.SKILL 32GB KIT DDR5 6000MT/s CL36 AMD EXPO / GPU ASUS DUAL RTX 4060 GAMING OC /
SSD SSD WD Black SN770 NVMe 1TB / PSU Seasonic Core GX-650 ATX 3
Nahoru
Zamčeno

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 112 hostů