Kontrola logu, neustálé sekání pc

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Odpovědět
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu, neustálé sekání pc

Příspěvekod memphisto » 19 říj 2013 20:07

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Nahoru
Reklama
Top
Uživatelský avatar
roady
Level 2.5
Level 2.5
Příspěvky: 351
Registrován: červen 09
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele roady

Re: Kontrola logu, neustálé sekání pc

Příspěvekod roady » 20 říj 2013 16:19

ComboFix 13-10-19.02 - roady 20.10.2013 14:26:41.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.6142.4591 [GMT 2:00]
Spuštěný z: c:\users\roady\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\roady\AppData\Local\Temp\_MEI26282\_ctypes.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\_elementtree.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\_hashlib.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\_multiprocessing.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\_socket.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\_ssl.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\msvcp100.dll
c:\users\roady\AppData\Local\Temp\_MEI26282\msvcr100.dll
c:\users\roady\AppData\Local\Temp\_MEI26282\pyexpat.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\pysqlite2._sqlite.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\python27.dll
c:\users\roady\AppData\Local\Temp\_MEI26282\pythoncom27.dll
c:\users\roady\AppData\Local\Temp\_MEI26282\PyWinTypes27.dll
c:\users\roady\AppData\Local\Temp\_MEI26282\select.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\unicodedata.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\win32api.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\win32com.shell.shell.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\win32crypt.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\win32event.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\win32file.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\win32inet.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\win32pdh.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\win32process.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\win32profile.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\win32security.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\win32ts.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\windows._cacheinvalidation.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\wx._controls_.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\wx._core_.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\wx._gdi_.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\wx._html2.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\wx._misc_.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\wx._windows_.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\wx._wizard.pyd
c:\users\roady\AppData\Local\Temp\_MEI26282\wxbase294u_net_vc90.dll
c:\users\roady\AppData\Local\Temp\_MEI26282\wxbase294u_vc90.dll
c:\users\roady\AppData\Local\Temp\_MEI26282\wxmsw294u_adv_vc90.dll
c:\users\roady\AppData\Local\Temp\_MEI26282\wxmsw294u_core_vc90.dll
c:\users\roady\AppData\Local\Temp\_MEI26282\wxmsw294u_html_vc90.dll
c:\users\roady\AppData\Local\Temp\_MEI26282\wxmsw294u_webview_vc90.dll
c:\users\roady\Desktop\Setup.exe
c:\windows\SysWow64\frapsvid.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-20 do 2013-10-20 )))))))))))))))))))))))))))))))
.
.
2013-10-20 14:13 . 2013-10-20 14:13 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E4B84323-1E71-4915-9A9B-212F6A6F7A21}\offreg.dll
2013-10-18 05:51 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E4B84323-1E71-4915-9A9B-212F6A6F7A21}\mpengine.dll
2013-10-17 14:13 . 2013-10-17 14:13 -------- d-----w- c:\users\roady\AppData\Local\Apple
2013-10-13 11:23 . 2013-10-13 11:23 -------- d-----w- c:\program files\Microsoft.NET
2013-10-13 00:00 . 2013-10-19 20:25 -------- d-----w- c:\users\roady\AppData\Local\Adobe
2013-10-12 20:28 . 2013-10-12 20:28 -------- d-----w- c:\users\roady\AppData\Local\ElevatedDiagnostics
2013-10-12 18:14 . 2013-10-12 18:14 -------- d-----w- c:\windows\ERUNT
2013-10-12 18:01 . 2013-10-17 17:24 -------- d-----w- C:\AdwCleaner
2013-10-12 17:48 . 2013-10-12 17:48 -------- d-----w- c:\users\roady\AppData\Roaming\Malwarebytes
2013-10-12 17:48 . 2013-10-12 17:48 -------- d-----w- c:\programdata\Malwarebytes
2013-10-12 17:48 . 2013-10-12 17:48 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-10-12 17:48 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-10-12 14:31 . 2013-10-12 14:31 388096 ----a-r- c:\users\roady\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-10-12 14:31 . 2013-10-12 14:31 -------- d-----w- c:\program files (x86)\Trend Micro
2013-10-09 12:49 . 2013-09-22 22:54 19252224 ----a-w- c:\windows\system32\mshtml.dll
2013-10-09 07:18 . 2013-08-01 12:09 983488 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-10-09 07:18 . 2013-07-20 10:33 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 07:18 . 2013-07-20 10:33 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 07:18 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2013-10-09 07:18 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-10-09 07:18 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-10-09 07:18 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-10-09 07:18 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-10-09 07:18 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-10-09 07:18 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-10-09 07:18 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-09-27 06:54 . 2012-06-01 05:36 192000 ----a-w- c:\windows\system32\iisRtl.dll
2013-09-27 06:54 . 2012-06-01 05:34 55296 ----a-w- c:\windows\system32\admwprox.dll
2013-09-27 06:54 . 2012-06-01 04:37 154624 ----a-w- c:\windows\SysWow64\iisRtl.dll
2013-09-27 06:54 . 2012-06-01 04:35 50688 ----a-w- c:\windows\SysWow64\admwprox.dll
2013-09-27 06:54 . 2012-06-01 05:39 14848 ----a-w- c:\windows\system32\wamregps.dll
2013-09-27 06:54 . 2012-06-01 05:36 11264 ----a-w- c:\windows\system32\iisrstap.dll
2013-09-27 06:54 . 2012-06-01 05:35 60928 ----a-w- c:\windows\system32\ahadmin.dll
2013-09-27 06:54 . 2012-06-01 05:33 16896 ----a-w- c:\windows\system32\iisreset.exe
2013-09-27 06:54 . 2012-06-01 04:40 10752 ----a-w- c:\windows\SysWow64\wamregps.dll
2013-09-27 06:54 . 2012-06-01 04:35 26624 ----a-w- c:\windows\SysWow64\ahadmin.dll
2013-09-27 06:54 . 2012-06-01 04:34 15360 ----a-w- c:\windows\SysWow64\iisreset.exe
2013-09-27 06:54 . 2012-06-01 04:37 8192 ----a-w- c:\windows\SysWow64\iisrstap.dll
2013-09-26 19:17 . 2013-09-26 19:17 -------- d-----w- c:\program files\Microsoft Synchronization Services
2013-09-26 19:17 . 2013-09-26 19:17 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-09-26 19:13 . 2013-09-27 10:42 188128 ----a-w- c:\programdata\Microsoft\VCSExpress\10.0\1033\ResourceCache.dll
2013-09-26 19:10 . 2013-09-26 19:19 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 10.0
2013-09-26 19:09 . 2013-09-26 19:09 -------- d-----w- c:\windows\symbols
2013-09-26 19:09 . 2013-09-26 19:09 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0
2013-09-26 19:09 . 2013-09-26 19:09 -------- d-----w- c:\program files\Microsoft Help Viewer
2013-09-26 16:39 . 2013-09-26 16:39 -------- d-----w- c:\windows\SysWow64\BestPractices
2013-09-26 16:39 . 2013-09-26 16:39 -------- d-----w- c:\windows\system32\BestPractices
2013-09-26 16:39 . 2013-09-26 16:39 -------- d-----w- C:\inetpub
2013-09-26 15:04 . 2013-09-26 15:04 -------- d-----w- c:\program files (x86)\PowerPoint Viewer
2013-09-26 14:37 . 2013-10-12 10:27 -------- dc----w- c:\windows\system32\DRVSTORE
2013-09-26 14:36 . 2013-10-12 10:29 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-26 14:35 . 2013-09-26 14:35 -------- d-----w- c:\program files\Bonjour
2013-09-26 14:35 . 2013-09-26 14:35 -------- d-----w- c:\program files (x86)\Bonjour
2013-09-26 14:35 . 2013-09-26 14:35 -------- d-----w- c:\program files\Common Files\Apple
2013-09-25 20:00 . 2013-09-25 20:00 -------- d-----w- c:\program files (x86)\MSECache
2013-09-20 14:59 . 2013-09-20 14:59 -------- d-----w- c:\users\roady\AppData\Local\Overwolf
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-10 07:57 . 2012-08-19 09:19 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-10 07:57 . 2012-08-19 09:19 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-09 12:38 . 2012-08-01 10:18 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-10-04 14:42 . 2012-07-18 12:08 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-10-04 14:42 . 2012-07-13 15:21 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-09-27 18:12 . 2012-07-13 15:21 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-09-11 06:04 . 2012-09-18 16:40 151552 ----a-w- c:\windows\KMSEmulator.exe
2013-09-03 12:35 . 2012-06-21 19:24 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 01:48 . 2013-10-09 07:19 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-05 02:25 . 2013-09-11 06:46 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-08-02 02:14 . 2013-09-11 06:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-08-02 02:13 . 2013-09-11 06:46 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-08-02 02:13 . 2013-09-11 06:46 1161216 ----a-w- c:\windows\system32\kernel32.dll
2013-08-02 02:12 . 2013-09-11 06:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-08-02 02:12 . 2013-09-11 06:46 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 6656 ----a-w- c:\windows\system32\apisetschema.dll
2013-08-02 02:12 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-02 01:50 . 2013-09-11 06:46 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2013-08-02 01:48 . 2013-09-11 06:46 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-08-02 01:48 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2013-08-02 01:09 . 2013-09-11 06:46 338432 ----a-w- c:\windows\system32\conhost.exe
2013-08-02 00:59 . 2013-09-11 06:46 112640 ----a-w- c:\windows\system32\smss.exe
2013-08-02 00:43 . 2013-09-11 06:46 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43 . 2013-09-11 06:46 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-07-26 02:24 . 2013-09-11 06:46 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-07-26 02:24 . 2013-09-11 06:46 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-07-25 09:25 . 2013-08-14 09:21 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-14 09:21 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-09-13 04:05 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-09-13 04:05 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-09-13 04:05 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\roady\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-12-25 138096]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-09-25 20133824]
"DAEMON Tools Lite"="d:\programs (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"avast5"="d:\programs\Alwil Software\Avast5\avastUI.exe" [2013-05-09 4858968]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"QuickTime Task"="d:\programs (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GamePark klient 2.lnk - c:\program files\GamePark2\gpcl.exe [2013-6-28 442880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\NVIDIA~1\NVSTRE~1\rxinput.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys;c:\windows\SYSNATIVE\DRIVERS\s0016bus.sys [x]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mdfl.sys [x]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mdm.sys [x]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mgmt.sys [x]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s0016nd5.sys [x]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys;c:\windows\SYSNATIVE\DRIVERS\s0016obex.sys [x]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys;c:\windows\SYSNATIVE\DRIVERS\s0016unic.sys [x]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys;c:\windows\SYSNATIVE\DRIVERS\s1039bus.sys [x]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mdfl.sys [x]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mdm.sys [x]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mgmt.sys [x]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s1039nd5.sys [x]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys;c:\windows\SYSNATIVE\DRIVERS\s1039obex.sys [x]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys;c:\windows\SYSNATIVE\DRIVERS\s1039unic.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-19 07:57]
.
2013-10-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3707875400-2182799761-1893588060-1001Core.job
- c:\users\roady\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-25 10:03]
.
2013-10-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3707875400-2182799761-1893588060-1001UA.job
- c:\users\roady\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-25 10:03]
.
2013-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-19 21:14]
.
2013-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-19 21:14]
.
2013-10-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3707875400-2182799761-1893588060-1001Core.job
- c:\users\roady\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-21 19:16]
.
2013-10-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3707875400-2182799761-1893588060-1001UA.job
- c:\users\roady\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-21 19:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-09-13 04:02 2328264 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-09-13 04:02 2328264 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-09-13 04:02 2328264 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- d:\programs\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-07-10 11465832]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-27 1028896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~1\NVIDIA~1\NVSTRE~1\rxinput.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.100.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\roady\AppData\Roaming\Mozilla\Firefox\Profiles\m1cel8y8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{5e5ab302-7f65-44cd-8211-c1d4caaccea3} - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_moh.exe
.
.
Binary file temp00 matches
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3707875400-2182799761-1893588060-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:63,a0,61,dc,81,74,9e,7f,fb,75,cc,c5,0a,f4,f4,ca,18,4d,a0,5a,50,19,b5,
3b,9e,67,0e,9c,ea,b0,3e,46,db,0c,2f,24,cb,6f,ab,4d,2b,4e,bb,7e,99,83,13,ed,\
"??"=hex:d6,7b,e3,d4,f3,6b,77,29,00,63,74,c2,cb,86,c3,ee
.
[HKEY_USERS\S-1-5-21-3707875400-2182799761-1893588060-1001\Software\SecuROM\License information*]
"datasecu"=hex:ed,58,8f,35,f9,6b,5f,d7,66,06,e2,d1,24,d0,f7,b3,f9,18,f7,f8,aa,
50,af,5f,80,c2,d5,93,d1,a8,a5,e5,86,56,51,d6,68,29,da,b5,fc,29,d3,1d,11,f0,\
"rkeysecu"=hex:c9,38,05,fd,ec,ca,9e,89,80,a7,7c,cd,5d,56,df,95
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\programs\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\SysWOW64\PnkBstrA.exe
f:\programs (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
.
**************************************************************************
.
Celkový čas: 2013-10-20 16:17:28 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-10-20 14:17
.
Před spuštěním: 8 079 233 024
Po spuštění: Volných bajtů: 10 048 458 752
.
- - End Of File - - 5C2C488ED33DDF4E16A2091F55318ABF
A36C5E4F47E84449FF07ED3517B43A31
KINGSTON 4GB RAM | nVIDIA GeForce GTX 560 | Intel Core2 Quad Q8400 @ 2.67GHz | LCPOWER 600W | Gigabyte GA-EP35-DS4 | SAMSUNG SpinPoint F3 1000Gb, Hitachi 500GB | W7
Nahoru
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu, neustálé sekání pc

Příspěvekod memphisto » 20 říj 2013 16:25

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

Folder::
c:\users\roady\AppData\Local\Facebook
c:\program files (x86)\Skype\Updater

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=-

Driver::
SkypeUpdate

File::
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3707875400-2182799761-1893588060-1001Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3707875400-2182799761-1893588060-1001UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3707875400-2182799761-1893588060-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3707875400-2182799761-1893588060-1001UA.job

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Nahoru
Uživatelský avatar
roady
Level 2.5
Level 2.5
Příspěvky: 351
Registrován: červen 09
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele roady

Re: Kontrola logu, neustálé sekání pc

Příspěvekod roady » 20 říj 2013 17:14

ComboFix 13-10-19.02 - roady 20.10.2013 16:55:40.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.6142.4291 [GMT 2:00]
Spuštěný z: c:\users\roady\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\roady\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3707875400-2182799761-1893588060-1001Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3707875400-2182799761-1893588060-1001UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3707875400-2182799761-1893588060-1001Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3707875400-2182799761-1893588060-1001UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\users\roady\AppData\Local\Facebook
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\FacebookCrashHandler.exe
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdate.exe
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdateHelper.msi
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ar.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bg.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bn.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ca.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_cs.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_da.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_de.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_el.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en-GB.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es-419.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_et.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fa.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fi.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fil.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fr.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_gu.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hi.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hr.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hu.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_id.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_is.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_it.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_iw.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ja.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_kn.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ko.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lt.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lv.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ml.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_mr.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ms.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_nl.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_no.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_or.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pl.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-BR.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-PT.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ro.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ru.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sk.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sl.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sr.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sv.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ta.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_te.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_th.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_tr.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_uk.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ur.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_vi.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-CN.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-TW.dll
c:\users\roady\AppData\Local\Facebook\Update\FacebookUpdate.exe
c:\users\roady\AppData\Local\Facebook\Video\Common\FacebookVideoCalling
c:\users\roady\AppData\Local\Facebook\Video\Common\fb#3aac7ijpevtdyebf8gc2fdeeycy-jfhcl6ev1oandpwly7f4tyam1wqkquce1enbpjq0s\call256.dbb
c:\users\roady\AppData\Local\Facebook\Video\Common\fb#3aac7ijpevtdyebf8gc2fdeeycy-jfhcl6ev1oandpwly7f4tyam1wqkquce1enbpjq0s\callmember512.dbb
c:\users\roady\AppData\Local\Facebook\Video\Common\fb#3aac7ijpevtdyebf8gc2fdeeycy-jfhcl6ev1oandpwly7f4tyam1wqkquce1enbpjq0s\config.lck
c:\users\roady\AppData\Local\Facebook\Video\Common\fb#3aac7ijpevtdyebf8gc2fdeeycy-jfhcl6ev1oandpwly7f4tyam1wqkquce1enbpjq0s\config.xml
c:\users\roady\AppData\Local\Facebook\Video\Common\fb#3aac7ijpevtdyebf8gc2fdeeycy-jfhcl6ev1oandpwly7f4tyam1wqkquce1enbpjq0s\contactgroup256.dbb
c:\users\roady\AppData\Local\Facebook\Video\Common\fb#3aac7ijpevtdyebf8gc2fdeeycy-jfhcl6ev1oandpwly7f4tyam1wqkquce1enbpjq0s\conversation256.dbb
c:\users\roady\AppData\Local\Facebook\Video\Common\fb#3aac7ijpevtdyebf8gc2fdeeycy-jfhcl6ev1oandpwly7f4tyam1wqkquce1enbpjq0s\conversation512.dbb
c:\users\roady\AppData\Local\Facebook\Video\Common\fb#3aac7ijpevtdyebf8gc2fdeeycy-jfhcl6ev1oandpwly7f4tyam1wqkquce1enbpjq0s\chatmsg1024.dbb
c:\users\roady\AppData\Local\Facebook\Video\Common\fb#3aac7ijpevtdyebf8gc2fdeeycy-jfhcl6ev1oandpwly7f4tyam1wqkquce1enbpjq0s\index2.dat
c:\users\roady\AppData\Local\Facebook\Video\Common\fb#3aac7ijpevtdyebf8gc2fdeeycy-jfhcl6ev1oandpwly7f4tyam1wqkquce1enbpjq0s\main.lock
c:\users\roady\AppData\Local\Facebook\Video\Common\fb#3aac7ijpevtdyebf8gc2fdeeycy-jfhcl6ev1oandpwly7f4tyam1wqkquce1enbpjq0s\participant256.dbb
c:\users\roady\AppData\Local\Facebook\Video\Common\fb#3aac7ijpevtdyebf8gc2fdeeycy-jfhcl6ev1oandpwly7f4tyam1wqkquce1enbpjq0s\profile256.dbb
c:\users\roady\AppData\Local\Facebook\Video\Common\shared.lck
c:\users\roady\AppData\Local\Facebook\Video\Common\shared.xml
c:\users\roady\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
c:\users\roady\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
c:\users\roady\AppData\Local\Facebook\Video\Skype\third-party_attributions.txt
c:\users\roady\AppData\Local\Temp\_MEI33442\_ctypes.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\_elementtree.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\_hashlib.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\_multiprocessing.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\_socket.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\_ssl.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\msvcp100.dll
c:\users\roady\AppData\Local\Temp\_MEI33442\msvcr100.dll
c:\users\roady\AppData\Local\Temp\_MEI33442\pyexpat.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\pysqlite2._sqlite.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\python27.dll
c:\users\roady\AppData\Local\Temp\_MEI33442\pythoncom27.dll
c:\users\roady\AppData\Local\Temp\_MEI33442\PyWinTypes27.dll
c:\users\roady\AppData\Local\Temp\_MEI33442\select.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\unicodedata.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\win32api.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\win32com.shell.shell.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\win32crypt.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\win32event.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\win32file.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\win32inet.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\win32pdh.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\win32process.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\win32profile.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\win32security.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\win32ts.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\windows._cacheinvalidation.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\wx._controls_.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\wx._core_.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\wx._gdi_.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\wx._html2.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\wx._misc_.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\wx._windows_.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\wx._wizard.pyd
c:\users\roady\AppData\Local\Temp\_MEI33442\wxbase294u_net_vc90.dll
c:\users\roady\AppData\Local\Temp\_MEI33442\wxbase294u_vc90.dll
c:\users\roady\AppData\Local\Temp\_MEI33442\wxmsw294u_adv_vc90.dll
c:\users\roady\AppData\Local\Temp\_MEI33442\wxmsw294u_core_vc90.dll
c:\users\roady\AppData\Local\Temp\_MEI33442\wxmsw294u_html_vc90.dll
c:\users\roady\AppData\Local\Temp\_MEI33442\wxmsw294u_webview_vc90.dll
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3707875400-2182799761-1893588060-1001Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3707875400-2182799761-1893588060-1001UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3707875400-2182799761-1893588060-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3707875400-2182799761-1893588060-1001UA.job
.
Nakažená kopie c:\windows\SysWow64\userinit.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\erdnt\cache86\userinit.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-20 do 2013-10-20 )))))))))))))))))))))))))))))))
.
.
2013-10-20 15:04 . 2013-10-20 15:04 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-10-20 15:04 . 2013-10-20 15:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-18 05:51 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E4B84323-1E71-4915-9A9B-212F6A6F7A21}\mpengine.dll
2013-10-17 14:13 . 2013-10-17 14:13 -------- d-----w- c:\users\roady\AppData\Local\Apple
2013-10-13 11:23 . 2013-10-13 11:23 -------- d-----w- c:\program files\Microsoft.NET
2013-10-13 00:00 . 2013-10-19 20:25 -------- d-----w- c:\users\roady\AppData\Local\Adobe
2013-10-12 20:28 . 2013-10-12 20:28 -------- d-----w- c:\users\roady\AppData\Local\ElevatedDiagnostics
2013-10-12 18:14 . 2013-10-12 18:14 -------- d-----w- c:\windows\ERUNT
2013-10-12 18:01 . 2013-10-17 17:24 -------- d-----w- C:\AdwCleaner
2013-10-12 17:48 . 2013-10-12 17:48 -------- d-----w- c:\users\roady\AppData\Roaming\Malwarebytes
2013-10-12 17:48 . 2013-10-12 17:48 -------- d-----w- c:\programdata\Malwarebytes
2013-10-12 17:48 . 2013-10-12 17:48 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-10-12 17:48 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-10-12 14:31 . 2013-10-12 14:31 388096 ----a-r- c:\users\roady\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-10-12 14:31 . 2013-10-12 14:31 -------- d-----w- c:\program files (x86)\Trend Micro
2013-10-09 12:49 . 2013-09-22 22:54 19252224 ----a-w- c:\windows\system32\mshtml.dll
2013-10-09 07:18 . 2013-08-01 12:09 983488 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-10-09 07:18 . 2013-07-20 10:33 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 07:18 . 2013-07-20 10:33 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 07:18 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2013-10-09 07:18 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-10-09 07:18 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-10-09 07:18 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-10-09 07:18 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-10-09 07:18 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-10-09 07:18 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-10-09 07:18 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-09-27 06:54 . 2012-06-01 05:36 192000 ----a-w- c:\windows\system32\iisRtl.dll
2013-09-27 06:54 . 2012-06-01 05:34 55296 ----a-w- c:\windows\system32\admwprox.dll
2013-09-27 06:54 . 2012-06-01 04:37 154624 ----a-w- c:\windows\SysWow64\iisRtl.dll
2013-09-27 06:54 . 2012-06-01 04:35 50688 ----a-w- c:\windows\SysWow64\admwprox.dll
2013-09-27 06:54 . 2012-06-01 05:39 14848 ----a-w- c:\windows\system32\wamregps.dll
2013-09-27 06:54 . 2012-06-01 05:36 11264 ----a-w- c:\windows\system32\iisrstap.dll
2013-09-27 06:54 . 2012-06-01 05:35 60928 ----a-w- c:\windows\system32\ahadmin.dll
2013-09-27 06:54 . 2012-06-01 05:33 16896 ----a-w- c:\windows\system32\iisreset.exe
2013-09-27 06:54 . 2012-06-01 04:40 10752 ----a-w- c:\windows\SysWow64\wamregps.dll
2013-09-27 06:54 . 2012-06-01 04:35 26624 ----a-w- c:\windows\SysWow64\ahadmin.dll
2013-09-27 06:54 . 2012-06-01 04:34 15360 ----a-w- c:\windows\SysWow64\iisreset.exe
2013-09-27 06:54 . 2012-06-01 04:37 8192 ----a-w- c:\windows\SysWow64\iisrstap.dll
2013-09-26 19:17 . 2013-09-26 19:17 -------- d-----w- c:\program files\Microsoft Synchronization Services
2013-09-26 19:17 . 2013-09-26 19:17 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-09-26 19:13 . 2013-09-27 10:42 188128 ----a-w- c:\programdata\Microsoft\VCSExpress\10.0\1033\ResourceCache.dll
2013-09-26 19:10 . 2013-09-26 19:19 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 10.0
2013-09-26 19:09 . 2013-09-26 19:09 -------- d-----w- c:\windows\symbols
2013-09-26 19:09 . 2013-09-26 19:09 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0
2013-09-26 19:09 . 2013-09-26 19:09 -------- d-----w- c:\program files\Microsoft Help Viewer
2013-09-26 16:39 . 2013-09-26 16:39 -------- d-----w- c:\windows\SysWow64\BestPractices
2013-09-26 16:39 . 2013-09-26 16:39 -------- d-----w- c:\windows\system32\BestPractices
2013-09-26 16:39 . 2013-09-26 16:39 -------- d-----w- C:\inetpub
2013-09-26 15:04 . 2013-09-26 15:04 -------- d-----w- c:\program files (x86)\PowerPoint Viewer
2013-09-26 14:37 . 2013-10-12 10:27 -------- dc----w- c:\windows\system32\DRVSTORE
2013-09-26 14:36 . 2013-10-12 10:29 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-26 14:35 . 2013-09-26 14:35 -------- d-----w- c:\program files\Bonjour
2013-09-26 14:35 . 2013-09-26 14:35 -------- d-----w- c:\program files (x86)\Bonjour
2013-09-26 14:35 . 2013-09-26 14:35 -------- d-----w- c:\program files\Common Files\Apple
2013-09-25 20:00 . 2013-09-25 20:00 -------- d-----w- c:\program files (x86)\MSECache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-10 07:57 . 2012-08-19 09:19 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-10 07:57 . 2012-08-19 09:19 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-09 12:38 . 2012-08-01 10:18 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-10-04 14:42 . 2012-07-18 12:08 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-10-04 14:42 . 2012-07-13 15:21 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-09-27 18:12 . 2012-07-13 15:21 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-09-11 06:04 . 2012-09-18 16:40 151552 ----a-w- c:\windows\KMSEmulator.exe
2013-09-03 12:35 . 2012-06-21 19:24 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 01:48 . 2013-10-09 07:19 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-05 02:25 . 2013-09-11 06:46 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-08-02 02:14 . 2013-09-11 06:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-08-02 02:13 . 2013-09-11 06:46 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-08-02 02:13 . 2013-09-11 06:46 1161216 ----a-w- c:\windows\system32\kernel32.dll
2013-08-02 02:12 . 2013-09-11 06:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-08-02 02:12 . 2013-09-11 06:46 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 6656 ----a-w- c:\windows\system32\apisetschema.dll
2013-08-02 02:12 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-02 01:50 . 2013-09-11 06:46 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2013-08-02 01:48 . 2013-09-11 06:46 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-08-02 01:48 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2013-08-02 01:09 . 2013-09-11 06:46 338432 ----a-w- c:\windows\system32\conhost.exe
2013-08-02 00:59 . 2013-09-11 06:46 112640 ----a-w- c:\windows\system32\smss.exe
2013-08-02 00:43 . 2013-09-11 06:46 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43 . 2013-09-11 06:46 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-07-26 02:24 . 2013-09-11 06:46 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-07-26 02:24 . 2013-09-11 06:46 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-07-25 09:25 . 2013-08-14 09:21 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-14 09:21 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-09-13 04:05 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-09-13 04:05 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-09-13 04:05 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-09-25 20133824]
"DAEMON Tools Lite"="d:\programs (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"avast5"="d:\programs\Alwil Software\Avast5\avastUI.exe" [2013-05-09 4858968]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"QuickTime Task"="d:\programs (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GamePark klient 2.lnk - c:\program files\GamePark2\gpcl.exe [2013-6-28 442880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\NVIDIA~1\NVSTRE~1\rxinput.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys;c:\windows\SYSNATIVE\DRIVERS\s0016bus.sys [x]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mdfl.sys [x]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mdm.sys [x]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mgmt.sys [x]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s0016nd5.sys [x]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys;c:\windows\SYSNATIVE\DRIVERS\s0016obex.sys [x]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys;c:\windows\SYSNATIVE\DRIVERS\s0016unic.sys [x]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys;c:\windows\SYSNATIVE\DRIVERS\s1039bus.sys [x]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mdfl.sys [x]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mdm.sys [x]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mgmt.sys [x]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s1039nd5.sys [x]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys;c:\windows\SYSNATIVE\DRIVERS\s1039obex.sys [x]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys;c:\windows\SYSNATIVE\DRIVERS\s1039unic.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-19 07:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-09-13 04:02 2328264 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-09-13 04:02 2328264 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-09-13 04:02 2328264 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- d:\programs\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-07-10 11465832]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-27 1028896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~1\NVIDIA~1\NVSTRE~1\rxinput.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.100.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\roady\AppData\Roaming\Mozilla\Firefox\Profiles\m1cel8y8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_moh.exe
.
.
Binary file temp00 matches
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3707875400-2182799761-1893588060-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:63,a0,61,dc,81,74,9e,7f,fb,75,cc,c5,0a,f4,f4,ca,18,4d,a0,5a,50,19,b5,
3b,9e,67,0e,9c,ea,b0,3e,46,db,0c,2f,24,cb,6f,ab,4d,2b,4e,bb,7e,99,83,13,ed,\
"??"=hex:d6,7b,e3,d4,f3,6b,77,29,00,63,74,c2,cb,86,c3,ee
.
[HKEY_USERS\S-1-5-21-3707875400-2182799761-1893588060-1001\Software\SecuROM\License information*]
"datasecu"=hex:ed,58,8f,35,f9,6b,5f,d7,66,06,e2,d1,24,d0,f7,b3,f9,18,f7,f8,aa,
50,af,5f,80,c2,d5,93,d1,a8,a5,e5,86,56,51,d6,68,29,da,b5,fc,29,d3,1d,11,f0,\
"rkeysecu"=hex:c9,38,05,fd,ec,ca,9e,89,80,a7,7c,cd,5d,56,df,95
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\programs\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\SysWOW64\PnkBstrA.exe
f:\programs (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
.
**************************************************************************
.
Celkový čas: 2013-10-20 17:13:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-10-20 15:13
ComboFix2.txt 2013-10-20 14:17
.
Před spuštěním: 9 753 567 232
Po spuštění: 9 307 717 632
.
- - End Of File - - 364AA947B54E7BD4EA1C8A35457B41D3
A36C5E4F47E84449FF07ED3517B43A31
KINGSTON 4GB RAM | nVIDIA GeForce GTX 560 | Intel Core2 Quad Q8400 @ 2.67GHz | LCPOWER 600W | Gigabyte GA-EP35-DS4 | SAMSUNG SpinPoint F3 1000Gb, Hitachi 500GB | W7
Nahoru
Uživatelský avatar
roady
Level 2.5
Level 2.5
Příspěvky: 351
Registrován: červen 09
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele roady

Re: Kontrola logu, neustálé sekání pc

Příspěvekod roady » 20 říj 2013 20:14

Každopádně neustále zamrzají prohlížeče, že nejde pohybovat kurzorem a občas se i PC restartuje...
Teploty jsou normální...dělá to i když jsem třeba před 5 minutama ten pc restartoval.
KINGSTON 4GB RAM | nVIDIA GeForce GTX 560 | Intel Core2 Quad Q8400 @ 2.67GHz | LCPOWER 600W | Gigabyte GA-EP35-DS4 | SAMSUNG SpinPoint F3 1000Gb, Hitachi 500GB | W7
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu, neustálé sekání pc

Příspěvekod jaro3 » 21 říj 2013 19:53

Omylem se smazal:
c:\users\roady\AppData\Local\Facebook

chceš to vrátit?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Uživatelský avatar
roady
Level 2.5
Level 2.5
Příspěvky: 351
Registrován: červen 09
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele roady

Re: Kontrola logu, neustálé sekání pc

Příspěvekod roady » 21 říj 2013 20:33

No asi ne...nebo něco se zásadně změnilo? A ještě takový problém, když odejdu od pc tak když naskočí černá obrazovka (nemám nastavený spořič) tak když pohnu s myší a nebo cokoliv zmáčknu plocha nenaskočí a musím restartovat pc.
KINGSTON 4GB RAM | nVIDIA GeForce GTX 560 | Intel Core2 Quad Q8400 @ 2.67GHz | LCPOWER 600W | Gigabyte GA-EP35-DS4 | SAMSUNG SpinPoint F3 1000Gb, Hitachi 500GB | W7
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu, neustálé sekání pc

Příspěvekod jaro3 » 22 říj 2013 10:09

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
DeQuarantine::
C:\Qoobox\Quarantine\C\users\roady\AppData\Local\Facebook

KillAll::
File::
c:\windows\KMSEmulator.exe

Folder::
c:\users\roady\AppData\Local\Facebook\Update

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

Reboot::


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Stáhni si Memtest:

Do políčka vlož největší velikost Tvé jednotlivé paměti RAM (256,512 nebo 1024,2048) dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.


Je třeba zkontrolovat HDD na chyby , zkusit jeho defragmentaci ..

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Uživatelský avatar
roady
Level 2.5
Level 2.5
Příspěvky: 351
Registrován: červen 09
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele roady

Re: Kontrola logu, neustálé sekání pc

Příspěvekod roady » 23 říj 2013 17:26

ComboFix 13-10-19.02 - roady 23.10.2013 16:34:41.3.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.6142.4468 [GMT 2:00]
Spuštěný z: c:\users\roady\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\roady\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\KMSEmulator.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\roady\AppData\Local\Facebook\Update
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\FacebookCrashHandler.exe
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdate.exe
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdateHelper.msi
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ar.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bg.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bn.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ca.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_cs.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_da.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_de.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_el.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en-GB.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es-419.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_et.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fa.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fi.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fil.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fr.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_gu.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hi.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hr.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hu.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_id.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_is.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_it.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_iw.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ja.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_kn.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ko.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lt.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lv.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ml.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_mr.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ms.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_nl.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_no.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_or.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pl.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-BR.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-PT.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ro.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ru.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sk.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sl.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sr.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sv.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ta.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_te.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_th.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_tr.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_uk.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ur.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_vi.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-CN.dll
c:\users\roady\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-TW.dll
c:\users\roady\AppData\Local\Facebook\Update\FacebookUpdate.exe
c:\users\roady\AppData\Local\Temp\_MEI29362\_ctypes.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\_elementtree.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\_hashlib.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\_multiprocessing.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\_socket.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\_ssl.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\msvcp100.dll
c:\users\roady\AppData\Local\Temp\_MEI29362\msvcr100.dll
c:\users\roady\AppData\Local\Temp\_MEI29362\pyexpat.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\pysqlite2._sqlite.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\python27.dll
c:\users\roady\AppData\Local\Temp\_MEI29362\pythoncom27.dll
c:\users\roady\AppData\Local\Temp\_MEI29362\PyWinTypes27.dll
c:\users\roady\AppData\Local\Temp\_MEI29362\select.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\unicodedata.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\win32api.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\win32com.shell.shell.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\win32crypt.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\win32event.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\win32file.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\win32inet.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\win32pdh.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\win32process.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\win32profile.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\win32security.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\win32ts.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\windows._cacheinvalidation.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\wx._controls_.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\wx._core_.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\wx._gdi_.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\wx._html2.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\wx._misc_.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\wx._windows_.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\wx._wizard.pyd
c:\users\roady\AppData\Local\Temp\_MEI29362\wxbase294u_net_vc90.dll
c:\users\roady\AppData\Local\Temp\_MEI29362\wxbase294u_vc90.dll
c:\users\roady\AppData\Local\Temp\_MEI29362\wxmsw294u_adv_vc90.dll
c:\users\roady\AppData\Local\Temp\_MEI29362\wxmsw294u_core_vc90.dll
c:\users\roady\AppData\Local\Temp\_MEI29362\wxmsw294u_html_vc90.dll
c:\users\roady\AppData\Local\Temp\_MEI29362\wxmsw294u_webview_vc90.dll
c:\windows\KMSEmulator.exe
.
Nakažená kopie c:\windows\system32\Services.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\erdnt\cache64\services.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-23 do 2013-10-23 )))))))))))))))))))))))))))))))
.
.
2013-10-23 14:48 . 2013-10-23 14:48 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{19782B32-53AD-4477-B631-A47F56B65395}\offreg.dll
2013-10-23 14:43 . 2013-10-23 14:43 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-10-23 14:43 . 2013-10-23 14:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-17 14:13 . 2013-10-17 14:13 -------- d-----w- c:\users\roady\AppData\Local\Apple
2013-10-13 11:23 . 2013-10-13 11:23 -------- d-----w- c:\program files\Microsoft.NET
2013-10-13 00:00 . 2013-10-22 15:31 -------- d-----w- c:\users\roady\AppData\Local\Adobe
2013-10-12 20:28 . 2013-10-12 20:28 -------- d-----w- c:\users\roady\AppData\Local\ElevatedDiagnostics
2013-10-12 18:14 . 2013-10-12 18:14 -------- d-----w- c:\windows\ERUNT
2013-10-12 18:01 . 2013-10-17 17:24 -------- d-----w- C:\AdwCleaner
2013-10-12 17:48 . 2013-10-12 17:48 -------- d-----w- c:\users\roady\AppData\Roaming\Malwarebytes
2013-10-12 17:48 . 2013-10-12 17:48 -------- d-----w- c:\programdata\Malwarebytes
2013-10-12 17:48 . 2013-10-12 17:48 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-10-12 17:48 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-10-12 14:31 . 2013-10-12 14:31 388096 ----a-r- c:\users\roady\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-10-12 14:31 . 2013-10-12 14:31 -------- d-----w- c:\program files (x86)\Trend Micro
2013-10-09 12:49 . 2013-09-22 22:54 19252224 ----a-w- c:\windows\system32\mshtml.dll
2013-10-09 07:18 . 2013-08-01 12:09 983488 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-10-09 07:18 . 2013-07-20 10:33 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 07:18 . 2013-07-20 10:33 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 07:18 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2013-10-09 07:18 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-10-09 07:18 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-10-09 07:18 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-10-09 07:18 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-10-09 07:18 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-10-09 07:18 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-10-09 07:18 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-09-27 06:54 . 2012-06-01 05:36 192000 ----a-w- c:\windows\system32\iisRtl.dll
2013-09-27 06:54 . 2012-06-01 05:34 55296 ----a-w- c:\windows\system32\admwprox.dll
2013-09-27 06:54 . 2012-06-01 04:37 154624 ----a-w- c:\windows\SysWow64\iisRtl.dll
2013-09-27 06:54 . 2012-06-01 04:35 50688 ----a-w- c:\windows\SysWow64\admwprox.dll
2013-09-27 06:54 . 2012-06-01 05:39 14848 ----a-w- c:\windows\system32\wamregps.dll
2013-09-27 06:54 . 2012-06-01 05:36 11264 ----a-w- c:\windows\system32\iisrstap.dll
2013-09-27 06:54 . 2012-06-01 05:35 60928 ----a-w- c:\windows\system32\ahadmin.dll
2013-09-27 06:54 . 2012-06-01 05:33 16896 ----a-w- c:\windows\system32\iisreset.exe
2013-09-27 06:54 . 2012-06-01 04:40 10752 ----a-w- c:\windows\SysWow64\wamregps.dll
2013-09-27 06:54 . 2012-06-01 04:35 26624 ----a-w- c:\windows\SysWow64\ahadmin.dll
2013-09-27 06:54 . 2012-06-01 04:34 15360 ----a-w- c:\windows\SysWow64\iisreset.exe
2013-09-27 06:54 . 2012-06-01 04:37 8192 ----a-w- c:\windows\SysWow64\iisrstap.dll
2013-09-26 19:17 . 2013-09-26 19:17 -------- d-----w- c:\program files\Microsoft Synchronization Services
2013-09-26 19:17 . 2013-09-26 19:17 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-09-26 19:13 . 2013-09-27 10:42 188128 ----a-w- c:\programdata\Microsoft\VCSExpress\10.0\1033\ResourceCache.dll
2013-09-26 19:10 . 2013-09-26 19:19 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 10.0
2013-09-26 19:09 . 2013-09-26 19:09 -------- d-----w- c:\windows\symbols
2013-09-26 19:09 . 2013-09-26 19:09 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0
2013-09-26 19:09 . 2013-09-26 19:09 -------- d-----w- c:\program files\Microsoft Help Viewer
2013-09-26 16:39 . 2013-09-26 16:39 -------- d-----w- c:\windows\SysWow64\BestPractices
2013-09-26 16:39 . 2013-09-26 16:39 -------- d-----w- c:\windows\system32\BestPractices
2013-09-26 16:39 . 2013-09-26 16:39 -------- d-----w- C:\inetpub
2013-09-26 15:04 . 2013-09-26 15:04 -------- d-----w- c:\program files (x86)\PowerPoint Viewer
2013-09-26 14:37 . 2013-10-12 10:27 -------- dc----w- c:\windows\system32\DRVSTORE
2013-09-26 14:36 . 2013-10-12 10:29 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-26 14:35 . 2013-09-26 14:35 -------- d-----w- c:\program files\Bonjour
2013-09-26 14:35 . 2013-09-26 14:35 -------- d-----w- c:\program files (x86)\Bonjour
2013-09-26 14:35 . 2013-09-26 14:35 -------- d-----w- c:\program files\Common Files\Apple
2013-09-25 20:00 . 2013-09-25 20:00 -------- d-----w- c:\program files (x86)\MSECache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-10 07:57 . 2012-08-19 09:19 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-10 07:57 . 2012-08-19 09:19 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-09 12:38 . 2012-08-01 10:18 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-10-04 14:42 . 2012-07-18 12:08 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-10-04 14:42 . 2012-07-13 15:21 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-09-27 18:12 . 2012-07-13 15:21 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-09-03 12:35 . 2012-06-21 19:24 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 01:48 . 2013-10-09 07:19 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-05 02:25 . 2013-09-11 06:46 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-08-02 02:14 . 2013-09-11 06:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-08-02 02:13 . 2013-09-11 06:46 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-08-02 02:13 . 2013-09-11 06:46 1161216 ----a-w- c:\windows\system32\kernel32.dll
2013-08-02 02:12 . 2013-09-11 06:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-08-02 02:12 . 2013-09-11 06:46 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 6656 ----a-w- c:\windows\system32\apisetschema.dll
2013-08-02 02:12 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 02:12 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-02 01:50 . 2013-09-11 06:46 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2013-08-02 01:48 . 2013-09-11 06:46 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-08-02 01:48 . 2013-09-11 06:46 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 01:48 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2013-08-02 01:09 . 2013-09-11 06:46 338432 ----a-w- c:\windows\system32\conhost.exe
2013-08-02 00:59 . 2013-09-11 06:46 112640 ----a-w- c:\windows\system32\smss.exe
2013-08-02 00:43 . 2013-09-11 06:46 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43 . 2013-09-11 06:46 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43 . 2013-09-11 06:46 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43 . 2013-09-11 06:46 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-07-26 02:24 . 2013-09-11 06:46 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-07-26 02:24 . 2013-09-11 06:46 197120 ----a-w- c:\windows\system32\shdocvw.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-09-13 04:05 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-09-13 04:05 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-09-13 04:05 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2013-09-25 20133824]
"DAEMON Tools Lite"="d:\programs (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"avast5"="d:\programs\Alwil Software\Avast5\avastUI.exe" [2013-05-09 4858968]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"QuickTime Task"="d:\programs (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GamePark klient 2.lnk - c:\program files\GamePark2\gpcl.exe [2013-6-28 442880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\NVIDIA~1\NVSTRE~1\rxinput.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys;c:\windows\SYSNATIVE\DRIVERS\s0016bus.sys [x]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mdfl.sys [x]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mdm.sys [x]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s0016mgmt.sys [x]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s0016nd5.sys [x]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys;c:\windows\SYSNATIVE\DRIVERS\s0016obex.sys [x]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys;c:\windows\SYSNATIVE\DRIVERS\s0016unic.sys [x]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys;c:\windows\SYSNATIVE\DRIVERS\s1039bus.sys [x]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mdfl.sys [x]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mdm.sys [x]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s1039mgmt.sys [x]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s1039nd5.sys [x]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys;c:\windows\SYSNATIVE\DRIVERS\s1039obex.sys [x]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys;c:\windows\SYSNATIVE\DRIVERS\s1039unic.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-19 07:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-09-13 04:02 2328264 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-09-13 04:02 2328264 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-09-13 04:02 2328264 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- d:\programs\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-09-25 15:37 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-07-10 11465832]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-27 1028896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~1\NVIDIA~1\NVSTRE~1\rxinput.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.100.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\roady\AppData\Roaming\Mozilla\Firefox\Profiles\m1cel8y8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_moh.exe
.
.
Binary file temp00 matches
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3707875400-2182799761-1893588060-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:63,a0,61,dc,81,74,9e,7f,fb,75,cc,c5,0a,f4,f4,ca,18,4d,a0,5a,50,19,b5,
3b,9e,67,0e,9c,ea,b0,3e,46,db,0c,2f,24,cb,6f,ab,4d,2b,4e,bb,7e,99,83,13,ed,\
"??"=hex:d6,7b,e3,d4,f3,6b,77,29,00,63,74,c2,cb,86,c3,ee
.
[HKEY_USERS\S-1-5-21-3707875400-2182799761-1893588060-1001\Software\SecuROM\License information*]
"datasecu"=hex:13,ac,b7,42,7c,95,6f,dd,02,83,4f,10,19,c4,64,3e,59,94,a1,32,26,
5e,11,01,85,49,b9,3e,fe,1f,36,25,7f,b2,00,86,42,02,2e,f6,13,59,4a,43,8c,36,\
"rkeysecu"=hex:b3,35,0e,53,46,98,d5,75,bd,d5,70,e9,ce,9f,59,96
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\programs\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
f:\programs (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
.
**************************************************************************
.
Celkový čas: 2013-10-23 16:52:18 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-10-23 14:52
ComboFix2.txt 2013-10-20 15:13
ComboFix3.txt 2013-10-20 14:17
C:\DeQuarantine.txt
.
Před spuštěním: Volných bajtů: 14 265 495 552
Po spuštění: Volných bajtů: 14 385 893 376
.
- - End Of File - - 8322FAD0FDCDD441C62852CFD45671B1
A36C5E4F47E84449FF07ED3517B43A31
KINGSTON 4GB RAM | nVIDIA GeForce GTX 560 | Intel Core2 Quad Q8400 @ 2.67GHz | LCPOWER 600W | Gigabyte GA-EP35-DS4 | SAMSUNG SpinPoint F3 1000Gb, Hitachi 500GB | W7
Nahoru
Uživatelský avatar
roady
Level 2.5
Level 2.5
Příspěvky: 351
Registrován: červen 09
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele roady

Re: Kontrola logu, neustálé sekání pc

Příspěvekod roady » 23 říj 2013 17:27

----------------------------------------------------------------------------
CrystalDiskInfo 6.0.0 (C) 2008-2013 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Professional SP1 [6.1 Build 7601] (x64)
Date : 2013/10/23 17:26:29

-- Controller Map ----------------------------------------------------------
+ ATA Channel 1 (1) [ATA]
- Hitachi HDP725050GLA360 ATA Device
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ ATA Channel 0 (0)
- HL-DT-ST DVD-RAM GH22LS30 ATA Device
- SAMSUNG HD103SJ ATA Device
- ATA Channel 1 (1)

-- Disk List ---------------------------------------------------------------
(1) Hitachi HDP725050GLA360 : 500,1 GB [0/5/0, pd1]
(2) SAMSUNG HD103SJ : 1000,2 GB [1/2/0, pd1]

----------------------------------------------------------------------------
(1) Hitachi HDP725050GLA360
----------------------------------------------------------------------------
Model : Hitachi HDP725050GLA360
Firmware : GM4OA5CA
Serial Number : GEA534RJ1PX84A
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 15118 KB
Queue Depth : 32
# of Sectors : 976771055
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : ---- | SATA/300
Power On Hours : 12594 hod.
Power On Count : 2383 krát
Temparature : 33 C (91 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _16 000000000000 Počet chyb čtení
02 100 100 _54 000000000000 Průchodnost disku
03 130 130 _24 000601270126 Čas na roztočení ploten
04 100 100 __0 000000000958 Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _20 000000000000 Čas potřebný na vyhledání
09 _99 _99 __0 000000003132 Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 00000000094F Počet cyklů zapnutí zařízení
C0 _99 _99 __0 000000000958 Počet vypnutí disku
C1 _99 _99 __0 000000000958 Počet cyklů načítání/vymazání
C2 181 181 __0 003100060021 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 4745 4135 3334 524A 3150 5838 3441
020: 0003 761C 0038 474D 344F 4135 4341 4869 7461 6368
030: 6920 4844 5037 3235 3035 3047 4C41 3336 3020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1706 0000 005E 0040
080: 01FC 0029 346B 7FE9 4773 3469 BC01 4763 207F 005C
090: 0000 0000 FFFE 0000 80FE 0008 00CA 00F9 2710 0000
100: 57EF 3A38 0000 0000 00CA 0000 0000 5A87 5000 CCA3
110: 57D8 0D64 0000 0000 0000 0000 0000 0000 0000 4014
120: 4014 0000 0000 0000 0000 0000 0000 0000 0009 000B
130: 0000 0000 2980 0DB1 FE20 0001 4000 0404 0241 0000
140: 0000 0603 0801 0603 0801 0404 0404 5CFF 44E5 3137
150: 8000 0000 344E 4335 0000 C814 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 101F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 03E0 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 FEA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 64 64 00 00 00 00 00 00 00 02 05
010: 00 64 64 00 00 00 00 00 00 00 03 07 00 82 82 26
020: 01 27 01 06 00 00 04 12 00 64 64 58 09 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 0B
040: 00 64 64 00 00 00 00 00 00 00 08 05 00 64 64 00
050: 00 00 00 00 00 00 09 12 00 63 63 32 31 00 00 00
060: 00 00 0A 13 00 64 64 00 00 00 00 00 00 00 0C 32
070: 00 64 64 4F 09 00 00 00 00 00 C0 32 00 63 63 58
080: 09 00 00 00 00 00 C1 12 00 63 63 58 09 00 00 00
090: 00 00 C2 02 00 B5 B5 21 00 06 00 31 00 00 C4 32
0A0: 00 64 64 00 00 00 00 00 00 00 C5 22 00 64 64 00
0B0: 00 00 00 00 00 00 C6 08 00 64 64 00 00 00 00 00
0C0: 00 00 C7 0A 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 D2 1E 01 5B
170: 03 00 01 00 01 83 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 10 00 00 00 00 00 00 00 00 00 00 02 36
010: 00 00 00 00 00 00 00 00 00 00 03 18 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 05 00 00 00 00 00 00 00 00 00 00 07 43
040: 00 00 00 00 00 00 00 00 00 00 08 14 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 3C 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 64

----------------------------------------------------------------------------
(2) SAMSUNG HD103SJ
----------------------------------------------------------------------------
Model : SAMSUNG HD103SJ
Firmware : 1AJ10001
Serial Number : S246J9FB313846
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : 32767 KB
Queue Depth : 32
# of Sectors : 1953523055
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : ---- | SATA/300
Power On Hours : 3488 hod.
Power On Count : 1293 krát
Temparature : 31 C (87 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : FE00h [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000000 Počet chyb čtení
02 252 252 __0 000000000000 Průchodnost disku
03 _70 _68 _25 0000000023D7 Čas na roztočení ploten
04 _96 _96 __0 00000000138F Počet spuštění/zastavení
05 252 252 _10 000000000000 Počet přemapovaných sektorů
07 252 252 _51 000000000000 Počet chybných hledání
08 252 252 _15 000000000000 Čas potřebný na vyhledání
09 100 100 __0 000000000DA0 Hodin v činnosti
0A 252 252 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 252 252 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 00000000050D Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000002 Počet udalostí zaznamenaných otřesovým senzorem
C0 252 252 __0 000000000000 Počet vypnutí disku
C2 _64 _57 __0 002C0008001F Teplota
C3 100 100 __0 000000000000 Počet oprav chybného čtení
C4 252 252 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 252 252 __0 000000000000 Počet podezřelých sektorů
C6 252 252 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000000008 Počet chyb při zápisu sektorů
DF 252 252 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E1 100 100 __0 0000000013BA Počet cyklů načítání/vymazání

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 5332 3436 4A39 4642 3331 3338 3436 2020 2020 2020
020: 0000 FFFF 0004 3141 4A31 3030 3031 5341 4D53 554E
030: 4720 4844 3130 3353 4A20 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1706 0000 004C 0040
080: 01FF 0028 746B 7F69 4123 7469 BC41 4123 207F 004A
090: 004A 0000 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 656F 7470 0000 0000 0000 0000 4000 0000 5002 4E92
110: 04D4 2C50 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 55A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 00 00 00 00 00 00 00 02 26
010: 00 FC FC 00 00 00 00 00 00 00 03 23 00 46 44 D7
020: 23 00 00 00 00 00 04 32 00 60 60 8F 13 00 00 00
030: 00 00 05 33 00 FC FC 00 00 00 00 00 00 00 07 2E
040: 00 FC FC 00 00 00 00 00 00 00 08 24 00 FC FC 00
050: 00 00 00 00 00 00 09 32 00 64 64 A0 0D 00 00 00
060: 00 00 0A 32 00 FC FC 00 00 00 00 00 00 00 0B 32
070: 00 FC FC 00 00 00 00 00 00 00 0C 32 00 63 63 0D
080: 05 00 00 00 00 00 BF 22 00 64 64 02 00 00 00 00
090: 00 00 C0 22 00 FC FC 00 00 00 00 00 00 00 C2 02
0A0: 00 40 39 1F 00 08 00 2C 00 00 C3 3A 00 64 64 00
0B0: 00 00 00 00 00 00 C4 32 00 FC FC 00 00 00 00 00
0C0: 00 00 C5 32 00 FC FC 00 00 00 00 00 00 00 C6 30
0D0: 00 FC FC 00 00 00 00 00 00 00 C7 36 00 C8 C8 00
0E0: 00 00 00 00 00 00 C8 2A 00 64 64 08 00 00 00 00
0F0: 00 00 DF 32 00 FC FC 00 00 00 00 00 00 00 E1 32
100: 00 64 64 BA 13 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 18 24 00 5B
170: 03 00 01 00 02 9A 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0A

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 02 00
010: 00 00 00 00 00 00 00 00 00 00 03 19 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 0A 00 00 00 00 00 00 00 00 00 00 07 33
040: 00 00 00 00 00 00 00 00 00 00 08 0F 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 33 00 00 00 00 00 00 00 00 00 00 0B 00
070: 00 00 00 00 00 00 00 00 00 00 0C 00 00 00 00 00
080: 00 00 00 00 00 00 BF 00 00 00 00 00 00 00 00 00
090: 00 00 C0 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C3 00 00 00 00 00
0B0: 00 00 00 00 00 00 C4 00 00 00 00 00 00 00 00 00
0C0: 00 00 C5 00 00 00 00 00 00 00 00 00 00 00 C6 00
0D0: 00 00 00 00 00 00 00 00 00 00 C7 00 00 00 00 00
0E0: 00 00 00 00 00 00 C8 00 00 00 00 00 00 00 00 00
0F0: 00 00 DF 00 00 00 00 00 00 00 00 00 00 00 E1 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3B
KINGSTON 4GB RAM | nVIDIA GeForce GTX 560 | Intel Core2 Quad Q8400 @ 2.67GHz | LCPOWER 600W | Gigabyte GA-EP35-DS4 | SAMSUNG SpinPoint F3 1000Gb, Hitachi 500GB | W7
Nahoru
Uživatelský avatar
roady
Level 2.5
Level 2.5
Příspěvky: 351
Registrován: červen 09
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele roady

Re: Kontrola logu, neustálé sekání pc

Příspěvekod roady » 23 říj 2013 17:51

Memtest 0 errors


aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-10-23 17:24:51
-----------------------------
17:24:51.203 OS Version: Windows x64 6.1.7601 Service Pack 1
17:24:51.203 Number of processors: 4 586 0x170A
17:24:51.204 ComputerName: ROADY-PC UserName: roady
17:24:52.425 Initialize success
17:24:55.611 AVAST engine defs: 13102300
17:29:39.753 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP5T0L0-5
17:29:39.753 Disk 0 Vendor: Hitachi_HDP725050GLA360 GM4OA5CA Size: 476938MB BusType: 3
17:29:39.768 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-2
17:29:39.768 Disk 1 Vendor: SAMSUNG_HD103SJ 1AJ10001 Size: 953868MB BusType: 3
17:29:39.893 Disk 0 MBR read successfully
17:29:39.893 Disk 0 MBR scan
17:29:39.893 Disk 0 Windows 7 default MBR code
17:29:39.909 Disk 0 Partition 1 00 07 HPFS/NTFS NTFS 205315 MB offset 81931500
17:29:39.940 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 131517 MB offset 502622208
17:29:40.034 Disk 0 scanning C:\Windows\system32\drivers
17:29:49.830 Service scanning
17:30:12.014 Modules scanning
17:30:12.014 Disk 0 trace - called modules:
17:30:12.544 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
17:30:12.560 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005faa060]
17:30:12.560 3 CLASSPNP.SYS[fffff880019b743f] -> nt!IofCallDriver -> [0xfffffa8005d27520]
17:30:12.560 5 ACPI.sys[fffff88000f687a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP5T0L0-5[0xfffffa8005d29060]
17:30:13.012 AVAST engine scan C:\Windows
17:30:14.791 AVAST engine scan C:\Windows\system32
17:32:54.615 AVAST engine scan C:\Windows\system32\drivers
17:33:04.724 AVAST engine scan C:\Users\roady
17:44:20.423 AVAST engine scan C:\ProgramData
17:47:03.241 Scan finished successfully
17:50:51.606 Disk 0 MBR has been saved successfully to "C:\Users\roady\Desktop\MBR.dat"
17:50:51.611 The log file has been saved successfully to "C:\Users\roady\Desktop\aswMBR.txt"
KINGSTON 4GB RAM | nVIDIA GeForce GTX 560 | Intel Core2 Quad Q8400 @ 2.67GHz | LCPOWER 600W | Gigabyte GA-EP35-DS4 | SAMSUNG SpinPoint F3 1000Gb, Hitachi 500GB | W7
Nahoru
Uživatelský avatar
roady
Level 2.5
Level 2.5
Příspěvky: 351
Registrován: červen 09
Pohlaví: Muž
Stav:
Offline
Kontakt:
Kontaktovat uživatele roady

Re: Kontrola logu, neustálé sekání pc

Příspěvekod roady » 23 říj 2013 17:52

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:51:54, on 23.10.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
D:\Programs (x86)\firefox.exe
D:\Programs (x86)\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programs\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programs\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast5] "D:\Programs\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programs (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programs (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-21-3707875400-2182799761-1893588060-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3707875400-2182799761-1893588060-1003\..\Run: [Google Update] "C:\Users\roady\AppData\Local\Google\Update\GoogleUpdate.exe" /c (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3707875400-2182799761-1893588060-1003\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3707875400-2182799761-1893588060-1003\..\Run: [DAEMON Tools Lite] "D:\Programs (x86)\DAEMON Tools Lite\DTLite.exe" -autorun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3707875400-2182799761-1893588060-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - D:\Programs\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - F:\Programs (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11531 bytes
KINGSTON 4GB RAM | nVIDIA GeForce GTX 560 | Intel Core2 Quad Q8400 @ 2.67GHz | LCPOWER 600W | Gigabyte GA-EP35-DS4 | SAMSUNG SpinPoint F3 1000Gb, Hitachi 500GB | W7
Nahoru
Odpovědět

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 106 hostů