RogueKiller V10.0.6.0 [Nov 13 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno : Normální režim
Uživatel : xxx [Práva správce]
Mód : Smazat -- Datum : 11/16/2014 22:18:19
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 0 ¤¤¤
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost -> Smazáno
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost -> Smazáno
¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS541680J9SA00 ATA Device +++++
--- User ---
[MBR] b0a11a4691cc8064f3945f2f3d9d1951
[BSP] c8496c40e90cbc7dfd19b1c9015414c6 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 76217 MB
User = LL1 ... OK
User = LL2 ... OK
============================================
RKreport_DEL_11012014_101816.log - RKreport_DEL_11162014_145724.log - RKreport_SCN_10312014_155928.log - RKreport_SCN_11012014_101710.log
RKreport_SCN_11162014_104131.log - RKreport_SCN_11162014_131236.log - RKreport_SCN_11162014_131715.log - RKreport_SCN_11162014_221241.log
RKreport_DEL_11162014_221702.log - RKreport_DEL_11162014_221719.log - RKreport_DEL_11162014_221720.log - RKreport_DEL_11162014_221819.log
Vysoka zatěž ram ,zasekáváni prohlížeču Vyřešeno
Re: Vysoka zatěž ram ,zasekáváni prohlížeču
Zoek.exe v5.0.0.0 Updated 16-November-2014
Tool run by xxx on ne 16.11.2014 at 22:20:16,99.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\xxx\Downloads\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-11-01-114145.log 8835 bytes
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\4ejcuupx.default-1414919215950\prefs.js:
Added to C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\4ejcuupx.default-1414919215950\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\goslfh8k.default-1384852979481\prefs.js:
Added to C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\goslfh8k.default-1384852979481\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
==== Deleting Files \ Folders ======================
"C:\Users\xxx\AppData\Roaming\RHEng" deleted
==== Firefox Extensions ======================
ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\goslfh8k.default-1384852979481
- Techgile - %ProfilePath%\extensions\{3254b624-3dc6-470b-b41f-230aff035acc}.xpi
AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\4ejcuupx.default-1414919215950
63F8C13F269B10BC9363B007DAAACAE6 - C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll - Shockwave Flash
64C4ADE063A9C93D3BAE09922AD90C27 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
446BCAE59E26321802E000FC3E0C390A - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
0CA4180B21C6B728578F3B0433BB740E - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
F0E80E561C3F715DB01ACCC97B72463A - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Photo Gallery
==== Fake Chromium Profiles Check ======================
Fake profile C:\Users\xxx\AppData\Local\Google\Chrome deleted
==== Chromium Look ======================
CENZURA - xxx\AppData\Roaming\Opera Software\Opera Stable\Extensions\kclijeogghhkmenkommbnjobhnndpfba
iydownloader - xxx\AppData\Roaming\Opera Software\Opera Stable\Extensions\njnemcgegcggpnfiamegohgfagecldcg
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6b43620d-50f4-4094-aea5-bd840890f757} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=IEListicka_12"
{7904d8f0-7208-4462-95d8-b4887ed9d3a5} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms}&sourceid=IEListicka_12"
{ea8f2e38-3cb0-42a5-ad58-0c729227f856} Firmy.cz Url="http://www.firmy.cz/phr/{searchTerms}?sourceid=IEListicka_12"
==== Reset Google Chrome ======================
C:\Users\xxx\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\xxx\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\xuvot deleted successfully
==== Empty IE Cache ======================
C:\Users\xxx\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\4ejcuupx.default-1414919215950\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\xxx\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=144 folders=14 8981700 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\xxx\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\xxx\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on ne 16.11.2014 at 22:49:43,77 ======================
Tool run by xxx on ne 16.11.2014 at 22:20:16,99.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\xxx\Downloads\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-11-01-114145.log 8835 bytes
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\4ejcuupx.default-1414919215950\prefs.js:
Added to C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\4ejcuupx.default-1414919215950\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\goslfh8k.default-1384852979481\prefs.js:
Added to C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\goslfh8k.default-1384852979481\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
==== Deleting Files \ Folders ======================
"C:\Users\xxx\AppData\Roaming\RHEng" deleted
==== Firefox Extensions ======================
ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\goslfh8k.default-1384852979481
- Techgile - %ProfilePath%\extensions\{3254b624-3dc6-470b-b41f-230aff035acc}.xpi
AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\4ejcuupx.default-1414919215950
63F8C13F269B10BC9363B007DAAACAE6 - C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll - Shockwave Flash
64C4ADE063A9C93D3BAE09922AD90C27 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
446BCAE59E26321802E000FC3E0C390A - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
0CA4180B21C6B728578F3B0433BB740E - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
F0E80E561C3F715DB01ACCC97B72463A - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Photo Gallery
==== Fake Chromium Profiles Check ======================
Fake profile C:\Users\xxx\AppData\Local\Google\Chrome deleted
==== Chromium Look ======================
CENZURA - xxx\AppData\Roaming\Opera Software\Opera Stable\Extensions\kclijeogghhkmenkommbnjobhnndpfba
iydownloader - xxx\AppData\Roaming\Opera Software\Opera Stable\Extensions\njnemcgegcggpnfiamegohgfagecldcg
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6b43620d-50f4-4094-aea5-bd840890f757} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=IEListicka_12"
{7904d8f0-7208-4462-95d8-b4887ed9d3a5} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms}&sourceid=IEListicka_12"
{ea8f2e38-3cb0-42a5-ad58-0c729227f856} Firmy.cz Url="http://www.firmy.cz/phr/{searchTerms}?sourceid=IEListicka_12"
==== Reset Google Chrome ======================
C:\Users\xxx\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\xxx\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\xuvot deleted successfully
==== Empty IE Cache ======================
C:\Users\xxx\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\4ejcuupx.default-1414919215950\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\xxx\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=144 folders=14 8981700 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\xxx\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\xxx\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on ne 16.11.2014 at 22:49:43,77 ======================
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Vysoka zatěž ram ,zasekáváni prohlížeču
Co problémy?
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Vysoka zatěž ram ,zasekáváni prohlížeču
Ano , ale mám pocit že to děla vykon ram, asi na dnešní poměry slabé 1Gram. prohlížení videa na internetu slabé
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Vysoka zatěž ram ,zasekáváni prohlížeču
Sestavu máš jakou? 1GB je opravdu na moderní systémy málo
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: Vysoka zatěž ram ,zasekáváni prohlížeču
hp intel celeron jednojadrový 1,6GHz 1g ram, ted jsem zjistil ,že pokud nejsem připojený k internetu otevírají se mi programy rychle pokud zapojím vlan kalbel už to je všechno pomalé a otevíráni mozily nebo opery trvá něco přes 2min. pak to jede v poho ale když otevřu video na youtube nebo FB tak prostě sekačka a zamrznutí celeho noteboku
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43294
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Vysoka zatěž ram ,zasekáváni prohlížeču
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Vysoka zatěž ram ,zasekáváni prohlížeču
ComboFix 14-11-18.01 - xxx 20.11.2014 12:43:27.1.1 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.1015.388 [GMT 1:00]
Spuštěný z: c:\users\xxx\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\xxx\AppData\Roaming\Microsoft\Windows\Recent\photo.php-fbid=382709968412734&set=t.100002575615066&type=3.url
c:\users\xxx\AppData\Roaming\Microsoft\Windows\Recent\photo.php-fbid=382710098412721&set=t.100002575615066&type=3.url
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-10-20 do 2014-11-20 )))))))))))))))))))))))))))))))
.
.
2014-11-20 11:52 . 2014-11-20 11:52 -------- dc----w- c:\users\Default\AppData\Local\temp
2014-11-18 08:34 . 2014-11-18 21:06 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FE5D808D-BEDF-4E51-A60E-03F66D49AAF1}\offreg.dll
2014-11-18 06:32 . 2014-11-02 04:17 8941456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FE5D808D-BEDF-4E51-A60E-03F66D49AAF1}\mpengine.dll
2014-11-16 21:42 . 2014-11-16 21:20 24064 -c--a-w- c:\windows\zoek-delete.exe
2014-11-16 21:42 . 2014-11-20 11:52 -------- dc----w- c:\users\xxx\AppData\Local\Temp
2014-11-15 19:16 . 2014-11-16 09:19 114904 -c--a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-11-15 19:15 . 2014-11-15 19:15 -------- dc----w- c:\program files\Malwarebytes Anti-Malware
2014-11-15 19:15 . 2014-10-01 10:11 51928 -c--a-w- c:\windows\system32\drivers\mwac.sys
2014-11-15 19:15 . 2014-10-01 10:11 75480 -c--a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-15 19:15 . 2014-10-01 10:11 23256 -c--a-w- c:\windows\system32\drivers\mbam.sys
2014-11-15 17:07 . 2014-11-15 17:07 -------- dc----w- c:\programdata\Emsisoft
2014-11-15 16:58 . 2014-11-16 21:49 -------- dc----w- c:\program files\Emsisoft Anti-Malware
2014-11-15 16:53 . 2014-11-15 16:53 -------- dc----w- c:\users\xxx\AppData\Local\ElevatedDiagnostics
2014-11-15 16:36 . 2014-11-15 16:47 -------- dc----w- c:\programdata\HitmanPro
2014-11-15 01:33 . 2014-11-15 01:33 -------- dc----w- c:\windows\cs
2014-11-15 01:31 . 2014-11-15 01:31 -------- dc----w- c:\program files\Microsoft SQL Server Compact Edition
2014-11-15 01:30 . 2014-11-15 01:30 -------- dc----w- c:\windows\PCHEALTH
2014-11-15 01:29 . 2014-11-15 01:31 -------- dc----w- c:\program files\Windows Live
2014-11-15 01:26 . 2010-06-02 03:55 74072 -c--a-w- c:\windows\system32\XAPOFX1_5.dll
2014-11-15 01:26 . 2010-06-02 03:55 527192 -c--a-w- c:\windows\system32\XAudio2_7.dll
2014-11-15 01:26 . 2010-05-26 10:41 248672 -c--a-w- c:\windows\system32\d3dx11_43.dll
2014-11-15 01:26 . 2010-05-26 10:41 2106216 -c--a-w- c:\windows\system32\D3DCompiler_43.dll
2014-11-15 01:24 . 2009-09-04 16:29 453456 -c--a-w- c:\windows\system32\d3dx10_42.dll
2014-11-15 01:23 . 2006-11-29 12:06 3426072 -c--a-w- c:\windows\system32\d3dx9_32.dll
2014-11-15 01:21 . 2014-11-15 01:57 -------- dc----w- c:\users\xxx\AppData\Local\Windows Live
2014-11-15 01:21 . 2014-11-15 01:21 -------- dc----w- c:\program files\Common Files\Windows Live
2014-11-15 00:59 . 2014-11-03 09:04 43688 -c--a-w- c:\windows\system32\drivers\iSafeNetFilter.sys
2014-11-14 00:12 . 2014-11-15 09:07 -------- dc----w- c:\users\xxx\AppData\Roaming\dvdcss
2014-11-14 00:04 . 2014-11-14 00:04 243128 -c--a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-11-14 00:04 . 2014-11-15 09:28 -------- dc----w- c:\users\xxx\AppData\Roaming\DAEMON Tools Lite
2014-11-14 00:04 . 2014-11-14 00:04 -------- dc----w- c:\program files\DAEMON Tools Lite
2014-11-14 00:03 . 2014-11-14 00:11 -------- dc----w- c:\programdata\DAEMON Tools Lite
2014-11-10 14:00 . 2014-11-10 14:01 -------- dc----w- C:\ks
2014-11-09 10:06 . 2014-11-09 10:06 -------- dc----w- c:\program files\100dof_kidkeylock
2014-11-07 11:57 . 2014-11-07 12:25 -------- dc----w- C:\FFOutput
2014-11-07 11:50 . 2014-11-07 11:50 -------- dc----w- c:\program files\FreeTime
2014-11-05 08:30 . 2014-11-06 12:37 512 -c--a-w- C:\PhysicalMBR.bin
2014-11-04 23:40 . 2014-11-04 23:40 -------- dc----w- c:\users\xxx\AppData\Roaming\Tonium
2014-11-04 22:50 . 2014-11-04 22:50 -------- dc----w- c:\program files\trend micro
2014-11-04 22:22 . 2014-11-04 22:36 -------- dc----w- c:\program files\Pointstone
2014-11-04 21:31 . 2014-11-04 21:31 -------- dc----w- c:\program files\CONEXANT
2014-11-04 21:20 . 2014-11-04 21:20 -------- dc----w- c:\windows\system32\Lang
2014-11-04 21:20 . 2014-11-04 21:20 -------- dc----w- C:\Intel
2014-11-04 21:20 . 2009-10-02 13:34 8198680 -c--a-w- c:\windows\system32\TVWSetup.exe
2014-11-04 21:20 . 2009-10-02 13:34 141848 -c--a-w- c:\windows\system32\igfxtray.exe
2014-11-04 21:20 . 2009-10-02 13:34 252952 -c--a-w- c:\windows\system32\igfxsrvc.exe
2014-11-04 21:20 . 2009-10-02 13:34 150552 -c--a-w- c:\windows\system32\igfxpers.exe
2014-11-04 21:20 . 2009-10-02 13:34 173080 -c--a-w- c:\windows\system32\igfxext.exe
2014-11-04 21:20 . 2009-10-02 13:34 672792 -c--a-w- c:\windows\system32\igfxcfg.exe
2014-11-04 21:20 . 2009-10-02 13:34 173592 -c--a-w- c:\windows\system32\hkcmd.exe
2014-11-04 21:20 . 2014-11-04 21:20 -------- dc----w- c:\programdata\IntelDLM
2014-11-04 21:16 . 2014-11-04 21:16 -------- dc----w- c:\users\xxx\AppData\Local\Intel
2014-11-04 21:04 . 2014-11-04 21:04 23456 -c--a-w- c:\windows\system32\drivers\DrvAgent32.sys
2014-11-03 12:19 . 2014-11-03 12:19 -------- dc----w- c:\users\xxx\AppData\Local\Adobe
2014-11-01 09:26 . 2014-11-16 12:28 -------- dc----w- c:\users\xxx\AppData\Local\CrashDumps
2014-11-01 09:22 . 2014-11-16 21:37 -------- dc----w- C:\zoek_backup
2014-10-31 12:44 . 2014-11-16 19:27 34808 -c--a-w- c:\windows\system32\drivers\TrueSight.sys
2014-10-31 12:44 . 2014-10-31 12:44 -------- dc----w- c:\programdata\RogueKiller
2014-10-31 12:22 . 2014-10-31 12:22 -------- dc----w- c:\windows\ERUNT
2014-10-30 10:48 . 2014-10-30 10:48 -------- dc----w- c:\programdata\Malwarebytes
2014-10-30 10:48 . 2014-10-30 10:48 -------- dc----w- c:\users\xxx\AppData\Local\Programs
2014-10-30 10:42 . 2010-08-30 07:34 536576 -c--a-w- c:\windows\system32\sqlite3.dll
2014-10-30 10:41 . 2014-11-16 09:13 -------- dc----w- C:\AdwCleaner
2014-10-29 18:16 . 2014-11-19 18:28 -------- dc----w- c:\users\xxx\AppData\Roaming\PhotoScape
2014-10-29 18:15 . 2014-10-29 18:16 -------- dc----w- c:\program files\PhotoScape
2014-10-28 08:16 . 2014-10-30 13:03 -------- dc----w- c:\users\xxx\AppData\Local\Opera Software
2014-10-28 08:16 . 2014-10-30 13:03 -------- dc----w- c:\users\xxx\AppData\Roaming\Opera Software
2014-10-28 01:21 . 2014-10-28 01:21 71344 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-10-28 01:21 . 2014-10-28 01:21 701104 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2014-10-28 00:44 . 2014-11-20 11:29 -------- dc----w- c:\users\xxx\AppData\Roaming\vlc
2014-10-28 00:42 . 2014-10-28 00:42 -------- dc----w- c:\program files\VideoLAN
2014-10-26 18:05 . 2014-10-26 18:06 -------- dc----w- c:\program files\Common Files\Adobe
2014-10-25 19:33 . 2014-10-25 19:33 -------- dc----w- c:\program files\CCleaner
2014-10-25 17:59 . 2014-10-25 17:59 -------- dcsh--w- c:\users\xxx\AppData\Local\EmieUserList
2014-10-25 17:59 . 2014-10-25 17:59 -------- dcsh--w- c:\users\xxx\AppData\Local\EmieSiteList
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-19 09:01 . 2014-10-10 13:59 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2014-11-15 01:29 . 2012-07-17 13:37 23256 -c--a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-11-04 13:30 . 2012-02-12 09:21 229000 -c----w- c:\windows\system32\MpSigStub.exe
2014-10-23 13:41 . 2012-02-14 07:50 48648 -c--a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2014-10-23 13:40 . 2012-02-12 14:26 483952 -c--a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-10-16 09:49 . 2014-10-15 09:27 230912 ----a-w- c:\windows\system32\generaltel.dll
2014-10-16 09:49 . 2014-10-15 09:27 396288 ----a-w- c:\windows\system32\aepdu.dll
2014-10-16 09:49 . 2014-10-15 09:27 302592 ----a-w- c:\windows\system32\aeinv.dll
2014-10-16 09:48 . 2014-10-15 09:20 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-10-16 09:31 . 2014-10-15 09:13 372736 ----a-w- c:\windows\system32\rastls.dll
2014-10-16 09:30 . 2014-10-15 09:31 597504 ----a-w- c:\windows\system32\jscript9diag.dll
2014-10-16 09:30 . 2014-10-15 09:31 4201472 ----a-w- c:\windows\system32\jscript9.dll
2014-10-16 09:30 . 2014-10-15 09:31 1068032 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-10-16 09:30 . 2014-10-15 09:31 2017280 ----a-w- c:\windows\system32\inetcpl.cpl
2014-10-16 09:30 . 2014-10-15 09:31 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-10-16 09:30 . 2014-10-15 09:31 454656 ----a-w- c:\windows\system32\vbscript.dll
2014-10-16 09:30 . 2014-10-15 09:31 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-10-16 09:30 . 2014-10-15 09:31 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-10-16 09:30 . 2014-10-15 09:31 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-10-16 09:29 . 2014-10-15 09:31 1810944 ----a-w- c:\windows\system32\wininet.dll
2014-10-16 09:29 . 2014-10-15 09:31 61952 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-10-16 09:29 . 2014-10-15 09:31 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2014-10-16 09:29 . 2014-10-15 09:31 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-10-16 09:29 . 2014-10-15 09:30 61952 ----a-w- c:\windows\system32\iesetup.dll
2014-10-16 09:29 . 2014-10-15 09:31 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 09:08 . 2014-10-15 09:29 156824 ----a-w- c:\windows\system32\mscorier.dll
2014-10-16 09:08 . 2014-10-15 09:29 1131664 ----a-w- c:\windows\system32\dfshim.dll
2014-10-16 09:08 . 2014-10-15 09:29 81560 ----a-w- c:\windows\system32\mscories.dll
2014-10-16 09:06 . 2014-10-15 09:25 131584 ----a-w- c:\windows\system32\aaclient.dll
2014-10-16 09:06 . 2014-10-15 09:25 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2014-10-16 09:06 . 2014-10-15 09:26 3221504 ----a-w- c:\windows\system32\mstscax.dll
2014-10-16 09:06 . 2014-10-15 09:26 1051136 ----a-w- c:\windows\system32\mstsc.exe
2014-10-16 09:06 . 2014-10-15 09:26 919552 ----a-w- c:\windows\system32\rdpcorets.dll
2014-10-16 09:06 . 2014-10-15 09:26 523264 ----a-w- c:\windows\system32\termsrv.dll
2014-10-16 09:06 . 2014-10-15 09:25 157696 ----a-w- c:\windows\system32\winsta.dll
2014-10-16 09:06 . 2014-10-15 09:25 304128 ----a-w- c:\windows\system32\winlogon.exe
2014-10-16 09:06 . 2014-10-15 09:25 130048 ----a-w- c:\windows\system32\rdpcorekmts.dll
2014-10-16 09:06 . 2014-10-15 09:25 65536 ----a-w- c:\windows\system32\TSpkg.dll
2014-10-16 09:06 . 2014-10-15 09:25 17408 ----a-w- c:\windows\system32\credssp.dll
2014-10-16 09:06 . 2014-10-15 09:25 184320 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2014-10-16 08:45 . 2014-10-15 09:29 2363904 ----a-w- c:\windows\system32\msi.dll
2014-10-16 08:43 . 2014-10-15 09:19 67072 ----a-w- c:\windows\system32\packager.dll
2014-10-16 08:41 . 2014-10-15 09:34 275968 ----a-w- c:\windows\system32\EncDump.dll
2014-10-16 08:41 . 2014-10-15 09:34 143872 ----a-w- c:\windows\system32\cryptsvc.dll
2014-10-16 08:41 . 2014-10-15 09:34 1329664 ----a-w- c:\windows\system32\quartz.dll
2014-10-16 08:41 . 2014-10-15 09:34 442880 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-10-16 08:41 . 2014-10-15 09:34 195584 ----a-w- c:\windows\system32\AudioSes.dll
2014-10-16 08:41 . 2014-10-15 09:34 374784 ----a-w- c:\windows\system32\AudioEng.dll
2014-10-16 08:41 . 2014-10-15 09:34 473600 ----a-w- c:\windows\system32\audiosrv.dll
2014-10-16 08:41 . 2014-10-15 09:34 100864 ----a-w- c:\windows\system32\audiodg.exe
2014-10-16 08:41 . 2014-10-15 09:34 1005056 ----a-w- c:\windows\system32\cryptui.dll
2014-10-16 08:41 . 2014-10-15 09:34 3208704 ----a-w- c:\windows\system32\mf.dll
2014-10-16 08:41 . 2014-10-15 09:34 50176 ----a-w- c:\windows\system32\rrinstaller.exe
2014-10-16 08:41 . 2014-10-15 09:34 103424 ----a-w- c:\windows\system32\mfps.dll
2014-10-16 08:41 . 2014-10-15 09:33 23040 ----a-w- c:\windows\system32\mfpmp.exe
2014-10-16 08:41 . 2014-10-15 09:33 2048 ----a-w- c:\windows\system32\mferror.dll
2014-10-16 08:41 . 2014-10-15 09:34 489984 ----a-w- c:\windows\system32\evr.dll
2014-10-16 08:41 . 2014-10-15 09:33 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2014-10-16 08:41 . 2014-10-15 09:33 8192 ----a-w- c:\windows\system32\spwmp.dll
2014-10-16 08:41 . 2014-10-15 09:34 744960 ----a-w- c:\windows\system32\blackbox.dll
2014-10-16 08:41 . 2014-10-15 09:34 406016 ----a-w- c:\windows\system32\drmmgrtn.dll
2014-10-16 08:41 . 2014-10-15 09:34 81408 ----a-w- c:\windows\system32\cryptsp.dll
2014-10-16 08:41 . 2014-10-15 09:33 4096 ----a-w- c:\windows\system32\msdxm.ocx
2014-10-16 08:41 . 2014-10-15 09:33 4096 ----a-w- c:\windows\system32\dxmasf.dll
2014-10-16 08:41 . 2014-10-15 09:34 988160 ----a-w- c:\windows\system32\drmv2clt.dll
2014-10-16 08:41 . 2014-10-15 09:34 617984 ----a-w- c:\windows\system32\wmdrmsdk.dll
2014-10-16 08:41 . 2014-10-15 09:34 265216 ----a-w- c:\windows\system32\msnetobj.dll
2014-10-16 08:41 . 2014-10-15 09:34 179200 ----a-w- c:\windows\system32\wintrust.dll
2014-10-16 08:41 . 2014-10-15 09:34 1174528 ----a-w- c:\windows\system32\crypt32.dll
2014-10-16 08:41 . 2014-10-15 09:34 354816 ----a-w- c:\windows\system32\mfplat.dll
2014-10-16 08:41 . 2014-10-15 09:34 504320 ----a-w- c:\windows\system32\msscp.dll
2014-10-16 08:41 . 2014-10-15 09:34 27648 ----a-w- c:\windows\system32\appidsvc.dll
2014-10-16 08:41 . 2014-10-15 09:34 96768 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2014-10-16 08:41 . 2014-10-15 09:34 50688 ----a-w- c:\windows\system32\appidapi.dll
2014-10-16 08:41 . 2014-10-15 09:33 50176 ----a-w- c:\windows\system32\drivers\appid.sys
2014-10-16 08:41 . 2014-10-15 09:33 16896 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2014-10-16 08:41 . 2014-10-15 09:34 593920 ----a-w- c:\windows\system32\drivers\PEAuth.sys
2014-10-16 08:41 . 2014-10-15 09:34 157184 ----a-w- c:\windows\system32\pcasvc.dll
2014-10-16 08:41 . 2014-10-15 09:34 521384 ----a-w- c:\windows\system32\winload.exe
2014-10-16 08:41 . 2014-10-15 09:34 455752 ----a-w- c:\windows\system32\winresume.exe
2014-10-16 08:41 . 2014-10-15 09:34 3970488 ----a-w- c:\windows\system32\ntkrnlpa.exe
2014-10-16 08:41 . 2014-10-15 09:34 409272 ----a-w- c:\windows\system32\ci.dll
2014-10-16 08:41 . 2014-10-15 09:34 3914680 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-10-16 08:41 . 2014-10-15 09:33 50176 ----a-w- c:\windows\system32\setbcdlocale.dll
2014-10-15 09:10 . 2012-02-12 14:26 48648 -c--a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2014-10-15 09:10 . 2012-02-19 09:16 483952 -c--a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-10-01 17:27 . 2014-10-01 05:51 519680 ----a-w- c:\windows\system32\qdvd.dll
2014-09-24 18:27 . 2014-09-24 08:35 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-10 18:44 . 2014-09-10 05:45 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-09-10 18:44 . 2014-09-10 05:45 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-10 18:42 . 2014-09-10 18:42 2285056 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-10 18:35 . 2014-09-10 05:44 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-10 18:35 . 2014-09-10 05:43 793600 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-08-28 18:09 . 2014-08-28 05:59 92672 ----a-w- c:\windows\system32\wudriver.dll
2014-08-28 18:09 . 2014-08-28 05:59 36320 ----a-w- c:\windows\system32\wups.dll
2014-08-28 18:09 . 2014-08-28 05:59 581600 ----a-w- c:\windows\system32\wuapi.dll
2014-08-28 18:09 . 2014-08-28 06:20 305152 ----a-w- c:\windows\system32\gdi32.dll
2014-08-28 06:01 . 2014-08-28 05:57 179656 ----a-w- c:\windows\system32\wuwebv.dll
2014-08-28 06:01 . 2014-08-28 05:57 33792 ----a-w- c:\windows\system32\wuapp.exe
2014-08-28 06:00 . 2014-08-28 05:59 54240 ----a-w- c:\windows\system32\wuauclt.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-10-02 173592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
2014-09-26 14:04 4811032 -c--a-w- c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2014-03-04 09:19 3696912 -c--a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2014-07-24 17:55 21653096 -c--a-r- c:\program files\Skype\Phone\Skype.exe
.
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-05-13 30312]
R3 cleanhlp;cleanhlp;c:\program files\Emsisoft Anti-Malware\cleanhlp32.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2014-11-04 23456]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-10-16 108032]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 121064]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 12776]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 136808]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 114280]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-12 1343400]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-11-14 243128]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-11-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-223422653-1716354506-2496423225-1000Core.job
- c:\users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-22 14:37]
.
2014-11-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-223422653-1716354506-2496423225-1000UA.job
- c:\users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-22 14:37]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = <local>
TCP: Interfaces\{AEB3D5D8-CE48-424E-AF3F-D04C86A5B07F}: NameServer = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\4ejcuupx.default-1414919215950\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
SafeBoot-CleanHlp
SafeBoot-CleanHlp.sys
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:0000002e
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-11-20 12:55:54
ComboFix-quarantined-files.txt 2014-11-20 11:55
.
Před spuštěním: Volných bajtů: 48 992 841 728
Po spuštění: Volných bajtů: 49 980 039 168
.
- - End Of File - - 4F09B0DCC4B8747D9226E151C19E0EE6
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.1015.388 [GMT 1:00]
Spuštěný z: c:\users\xxx\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\xxx\AppData\Roaming\Microsoft\Windows\Recent\photo.php-fbid=382709968412734&set=t.100002575615066&type=3.url
c:\users\xxx\AppData\Roaming\Microsoft\Windows\Recent\photo.php-fbid=382710098412721&set=t.100002575615066&type=3.url
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-10-20 do 2014-11-20 )))))))))))))))))))))))))))))))
.
.
2014-11-20 11:52 . 2014-11-20 11:52 -------- dc----w- c:\users\Default\AppData\Local\temp
2014-11-18 08:34 . 2014-11-18 21:06 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FE5D808D-BEDF-4E51-A60E-03F66D49AAF1}\offreg.dll
2014-11-18 06:32 . 2014-11-02 04:17 8941456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FE5D808D-BEDF-4E51-A60E-03F66D49AAF1}\mpengine.dll
2014-11-16 21:42 . 2014-11-16 21:20 24064 -c--a-w- c:\windows\zoek-delete.exe
2014-11-16 21:42 . 2014-11-20 11:52 -------- dc----w- c:\users\xxx\AppData\Local\Temp
2014-11-15 19:16 . 2014-11-16 09:19 114904 -c--a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-11-15 19:15 . 2014-11-15 19:15 -------- dc----w- c:\program files\Malwarebytes Anti-Malware
2014-11-15 19:15 . 2014-10-01 10:11 51928 -c--a-w- c:\windows\system32\drivers\mwac.sys
2014-11-15 19:15 . 2014-10-01 10:11 75480 -c--a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-15 19:15 . 2014-10-01 10:11 23256 -c--a-w- c:\windows\system32\drivers\mbam.sys
2014-11-15 17:07 . 2014-11-15 17:07 -------- dc----w- c:\programdata\Emsisoft
2014-11-15 16:58 . 2014-11-16 21:49 -------- dc----w- c:\program files\Emsisoft Anti-Malware
2014-11-15 16:53 . 2014-11-15 16:53 -------- dc----w- c:\users\xxx\AppData\Local\ElevatedDiagnostics
2014-11-15 16:36 . 2014-11-15 16:47 -------- dc----w- c:\programdata\HitmanPro
2014-11-15 01:33 . 2014-11-15 01:33 -------- dc----w- c:\windows\cs
2014-11-15 01:31 . 2014-11-15 01:31 -------- dc----w- c:\program files\Microsoft SQL Server Compact Edition
2014-11-15 01:30 . 2014-11-15 01:30 -------- dc----w- c:\windows\PCHEALTH
2014-11-15 01:29 . 2014-11-15 01:31 -------- dc----w- c:\program files\Windows Live
2014-11-15 01:26 . 2010-06-02 03:55 74072 -c--a-w- c:\windows\system32\XAPOFX1_5.dll
2014-11-15 01:26 . 2010-06-02 03:55 527192 -c--a-w- c:\windows\system32\XAudio2_7.dll
2014-11-15 01:26 . 2010-05-26 10:41 248672 -c--a-w- c:\windows\system32\d3dx11_43.dll
2014-11-15 01:26 . 2010-05-26 10:41 2106216 -c--a-w- c:\windows\system32\D3DCompiler_43.dll
2014-11-15 01:24 . 2009-09-04 16:29 453456 -c--a-w- c:\windows\system32\d3dx10_42.dll
2014-11-15 01:23 . 2006-11-29 12:06 3426072 -c--a-w- c:\windows\system32\d3dx9_32.dll
2014-11-15 01:21 . 2014-11-15 01:57 -------- dc----w- c:\users\xxx\AppData\Local\Windows Live
2014-11-15 01:21 . 2014-11-15 01:21 -------- dc----w- c:\program files\Common Files\Windows Live
2014-11-15 00:59 . 2014-11-03 09:04 43688 -c--a-w- c:\windows\system32\drivers\iSafeNetFilter.sys
2014-11-14 00:12 . 2014-11-15 09:07 -------- dc----w- c:\users\xxx\AppData\Roaming\dvdcss
2014-11-14 00:04 . 2014-11-14 00:04 243128 -c--a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-11-14 00:04 . 2014-11-15 09:28 -------- dc----w- c:\users\xxx\AppData\Roaming\DAEMON Tools Lite
2014-11-14 00:04 . 2014-11-14 00:04 -------- dc----w- c:\program files\DAEMON Tools Lite
2014-11-14 00:03 . 2014-11-14 00:11 -------- dc----w- c:\programdata\DAEMON Tools Lite
2014-11-10 14:00 . 2014-11-10 14:01 -------- dc----w- C:\ks
2014-11-09 10:06 . 2014-11-09 10:06 -------- dc----w- c:\program files\100dof_kidkeylock
2014-11-07 11:57 . 2014-11-07 12:25 -------- dc----w- C:\FFOutput
2014-11-07 11:50 . 2014-11-07 11:50 -------- dc----w- c:\program files\FreeTime
2014-11-05 08:30 . 2014-11-06 12:37 512 -c--a-w- C:\PhysicalMBR.bin
2014-11-04 23:40 . 2014-11-04 23:40 -------- dc----w- c:\users\xxx\AppData\Roaming\Tonium
2014-11-04 22:50 . 2014-11-04 22:50 -------- dc----w- c:\program files\trend micro
2014-11-04 22:22 . 2014-11-04 22:36 -------- dc----w- c:\program files\Pointstone
2014-11-04 21:31 . 2014-11-04 21:31 -------- dc----w- c:\program files\CONEXANT
2014-11-04 21:20 . 2014-11-04 21:20 -------- dc----w- c:\windows\system32\Lang
2014-11-04 21:20 . 2014-11-04 21:20 -------- dc----w- C:\Intel
2014-11-04 21:20 . 2009-10-02 13:34 8198680 -c--a-w- c:\windows\system32\TVWSetup.exe
2014-11-04 21:20 . 2009-10-02 13:34 141848 -c--a-w- c:\windows\system32\igfxtray.exe
2014-11-04 21:20 . 2009-10-02 13:34 252952 -c--a-w- c:\windows\system32\igfxsrvc.exe
2014-11-04 21:20 . 2009-10-02 13:34 150552 -c--a-w- c:\windows\system32\igfxpers.exe
2014-11-04 21:20 . 2009-10-02 13:34 173080 -c--a-w- c:\windows\system32\igfxext.exe
2014-11-04 21:20 . 2009-10-02 13:34 672792 -c--a-w- c:\windows\system32\igfxcfg.exe
2014-11-04 21:20 . 2009-10-02 13:34 173592 -c--a-w- c:\windows\system32\hkcmd.exe
2014-11-04 21:20 . 2014-11-04 21:20 -------- dc----w- c:\programdata\IntelDLM
2014-11-04 21:16 . 2014-11-04 21:16 -------- dc----w- c:\users\xxx\AppData\Local\Intel
2014-11-04 21:04 . 2014-11-04 21:04 23456 -c--a-w- c:\windows\system32\drivers\DrvAgent32.sys
2014-11-03 12:19 . 2014-11-03 12:19 -------- dc----w- c:\users\xxx\AppData\Local\Adobe
2014-11-01 09:26 . 2014-11-16 12:28 -------- dc----w- c:\users\xxx\AppData\Local\CrashDumps
2014-11-01 09:22 . 2014-11-16 21:37 -------- dc----w- C:\zoek_backup
2014-10-31 12:44 . 2014-11-16 19:27 34808 -c--a-w- c:\windows\system32\drivers\TrueSight.sys
2014-10-31 12:44 . 2014-10-31 12:44 -------- dc----w- c:\programdata\RogueKiller
2014-10-31 12:22 . 2014-10-31 12:22 -------- dc----w- c:\windows\ERUNT
2014-10-30 10:48 . 2014-10-30 10:48 -------- dc----w- c:\programdata\Malwarebytes
2014-10-30 10:48 . 2014-10-30 10:48 -------- dc----w- c:\users\xxx\AppData\Local\Programs
2014-10-30 10:42 . 2010-08-30 07:34 536576 -c--a-w- c:\windows\system32\sqlite3.dll
2014-10-30 10:41 . 2014-11-16 09:13 -------- dc----w- C:\AdwCleaner
2014-10-29 18:16 . 2014-11-19 18:28 -------- dc----w- c:\users\xxx\AppData\Roaming\PhotoScape
2014-10-29 18:15 . 2014-10-29 18:16 -------- dc----w- c:\program files\PhotoScape
2014-10-28 08:16 . 2014-10-30 13:03 -------- dc----w- c:\users\xxx\AppData\Local\Opera Software
2014-10-28 08:16 . 2014-10-30 13:03 -------- dc----w- c:\users\xxx\AppData\Roaming\Opera Software
2014-10-28 01:21 . 2014-10-28 01:21 71344 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-10-28 01:21 . 2014-10-28 01:21 701104 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2014-10-28 00:44 . 2014-11-20 11:29 -------- dc----w- c:\users\xxx\AppData\Roaming\vlc
2014-10-28 00:42 . 2014-10-28 00:42 -------- dc----w- c:\program files\VideoLAN
2014-10-26 18:05 . 2014-10-26 18:06 -------- dc----w- c:\program files\Common Files\Adobe
2014-10-25 19:33 . 2014-10-25 19:33 -------- dc----w- c:\program files\CCleaner
2014-10-25 17:59 . 2014-10-25 17:59 -------- dcsh--w- c:\users\xxx\AppData\Local\EmieUserList
2014-10-25 17:59 . 2014-10-25 17:59 -------- dcsh--w- c:\users\xxx\AppData\Local\EmieSiteList
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-19 09:01 . 2014-10-10 13:59 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2014-11-15 01:29 . 2012-07-17 13:37 23256 -c--a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-11-04 13:30 . 2012-02-12 09:21 229000 -c----w- c:\windows\system32\MpSigStub.exe
2014-10-23 13:41 . 2012-02-14 07:50 48648 -c--a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2014-10-23 13:40 . 2012-02-12 14:26 483952 -c--a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-10-16 09:49 . 2014-10-15 09:27 230912 ----a-w- c:\windows\system32\generaltel.dll
2014-10-16 09:49 . 2014-10-15 09:27 396288 ----a-w- c:\windows\system32\aepdu.dll
2014-10-16 09:49 . 2014-10-15 09:27 302592 ----a-w- c:\windows\system32\aeinv.dll
2014-10-16 09:48 . 2014-10-15 09:20 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-10-16 09:31 . 2014-10-15 09:13 372736 ----a-w- c:\windows\system32\rastls.dll
2014-10-16 09:30 . 2014-10-15 09:31 597504 ----a-w- c:\windows\system32\jscript9diag.dll
2014-10-16 09:30 . 2014-10-15 09:31 4201472 ----a-w- c:\windows\system32\jscript9.dll
2014-10-16 09:30 . 2014-10-15 09:31 1068032 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-10-16 09:30 . 2014-10-15 09:31 2017280 ----a-w- c:\windows\system32\inetcpl.cpl
2014-10-16 09:30 . 2014-10-15 09:31 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-10-16 09:30 . 2014-10-15 09:31 454656 ----a-w- c:\windows\system32\vbscript.dll
2014-10-16 09:30 . 2014-10-15 09:31 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-10-16 09:30 . 2014-10-15 09:31 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-10-16 09:30 . 2014-10-15 09:31 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-10-16 09:29 . 2014-10-15 09:31 1810944 ----a-w- c:\windows\system32\wininet.dll
2014-10-16 09:29 . 2014-10-15 09:31 61952 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-10-16 09:29 . 2014-10-15 09:31 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2014-10-16 09:29 . 2014-10-15 09:31 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-10-16 09:29 . 2014-10-15 09:30 61952 ----a-w- c:\windows\system32\iesetup.dll
2014-10-16 09:29 . 2014-10-15 09:31 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 09:08 . 2014-10-15 09:29 156824 ----a-w- c:\windows\system32\mscorier.dll
2014-10-16 09:08 . 2014-10-15 09:29 1131664 ----a-w- c:\windows\system32\dfshim.dll
2014-10-16 09:08 . 2014-10-15 09:29 81560 ----a-w- c:\windows\system32\mscories.dll
2014-10-16 09:06 . 2014-10-15 09:25 131584 ----a-w- c:\windows\system32\aaclient.dll
2014-10-16 09:06 . 2014-10-15 09:25 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2014-10-16 09:06 . 2014-10-15 09:26 3221504 ----a-w- c:\windows\system32\mstscax.dll
2014-10-16 09:06 . 2014-10-15 09:26 1051136 ----a-w- c:\windows\system32\mstsc.exe
2014-10-16 09:06 . 2014-10-15 09:26 919552 ----a-w- c:\windows\system32\rdpcorets.dll
2014-10-16 09:06 . 2014-10-15 09:26 523264 ----a-w- c:\windows\system32\termsrv.dll
2014-10-16 09:06 . 2014-10-15 09:25 157696 ----a-w- c:\windows\system32\winsta.dll
2014-10-16 09:06 . 2014-10-15 09:25 304128 ----a-w- c:\windows\system32\winlogon.exe
2014-10-16 09:06 . 2014-10-15 09:25 130048 ----a-w- c:\windows\system32\rdpcorekmts.dll
2014-10-16 09:06 . 2014-10-15 09:25 65536 ----a-w- c:\windows\system32\TSpkg.dll
2014-10-16 09:06 . 2014-10-15 09:25 17408 ----a-w- c:\windows\system32\credssp.dll
2014-10-16 09:06 . 2014-10-15 09:25 184320 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2014-10-16 08:45 . 2014-10-15 09:29 2363904 ----a-w- c:\windows\system32\msi.dll
2014-10-16 08:43 . 2014-10-15 09:19 67072 ----a-w- c:\windows\system32\packager.dll
2014-10-16 08:41 . 2014-10-15 09:34 275968 ----a-w- c:\windows\system32\EncDump.dll
2014-10-16 08:41 . 2014-10-15 09:34 143872 ----a-w- c:\windows\system32\cryptsvc.dll
2014-10-16 08:41 . 2014-10-15 09:34 1329664 ----a-w- c:\windows\system32\quartz.dll
2014-10-16 08:41 . 2014-10-15 09:34 442880 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-10-16 08:41 . 2014-10-15 09:34 195584 ----a-w- c:\windows\system32\AudioSes.dll
2014-10-16 08:41 . 2014-10-15 09:34 374784 ----a-w- c:\windows\system32\AudioEng.dll
2014-10-16 08:41 . 2014-10-15 09:34 473600 ----a-w- c:\windows\system32\audiosrv.dll
2014-10-16 08:41 . 2014-10-15 09:34 100864 ----a-w- c:\windows\system32\audiodg.exe
2014-10-16 08:41 . 2014-10-15 09:34 1005056 ----a-w- c:\windows\system32\cryptui.dll
2014-10-16 08:41 . 2014-10-15 09:34 3208704 ----a-w- c:\windows\system32\mf.dll
2014-10-16 08:41 . 2014-10-15 09:34 50176 ----a-w- c:\windows\system32\rrinstaller.exe
2014-10-16 08:41 . 2014-10-15 09:34 103424 ----a-w- c:\windows\system32\mfps.dll
2014-10-16 08:41 . 2014-10-15 09:33 23040 ----a-w- c:\windows\system32\mfpmp.exe
2014-10-16 08:41 . 2014-10-15 09:33 2048 ----a-w- c:\windows\system32\mferror.dll
2014-10-16 08:41 . 2014-10-15 09:34 489984 ----a-w- c:\windows\system32\evr.dll
2014-10-16 08:41 . 2014-10-15 09:33 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2014-10-16 08:41 . 2014-10-15 09:33 8192 ----a-w- c:\windows\system32\spwmp.dll
2014-10-16 08:41 . 2014-10-15 09:34 744960 ----a-w- c:\windows\system32\blackbox.dll
2014-10-16 08:41 . 2014-10-15 09:34 406016 ----a-w- c:\windows\system32\drmmgrtn.dll
2014-10-16 08:41 . 2014-10-15 09:34 81408 ----a-w- c:\windows\system32\cryptsp.dll
2014-10-16 08:41 . 2014-10-15 09:33 4096 ----a-w- c:\windows\system32\msdxm.ocx
2014-10-16 08:41 . 2014-10-15 09:33 4096 ----a-w- c:\windows\system32\dxmasf.dll
2014-10-16 08:41 . 2014-10-15 09:34 988160 ----a-w- c:\windows\system32\drmv2clt.dll
2014-10-16 08:41 . 2014-10-15 09:34 617984 ----a-w- c:\windows\system32\wmdrmsdk.dll
2014-10-16 08:41 . 2014-10-15 09:34 265216 ----a-w- c:\windows\system32\msnetobj.dll
2014-10-16 08:41 . 2014-10-15 09:34 179200 ----a-w- c:\windows\system32\wintrust.dll
2014-10-16 08:41 . 2014-10-15 09:34 1174528 ----a-w- c:\windows\system32\crypt32.dll
2014-10-16 08:41 . 2014-10-15 09:34 354816 ----a-w- c:\windows\system32\mfplat.dll
2014-10-16 08:41 . 2014-10-15 09:34 504320 ----a-w- c:\windows\system32\msscp.dll
2014-10-16 08:41 . 2014-10-15 09:34 27648 ----a-w- c:\windows\system32\appidsvc.dll
2014-10-16 08:41 . 2014-10-15 09:34 96768 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2014-10-16 08:41 . 2014-10-15 09:34 50688 ----a-w- c:\windows\system32\appidapi.dll
2014-10-16 08:41 . 2014-10-15 09:33 50176 ----a-w- c:\windows\system32\drivers\appid.sys
2014-10-16 08:41 . 2014-10-15 09:33 16896 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2014-10-16 08:41 . 2014-10-15 09:34 593920 ----a-w- c:\windows\system32\drivers\PEAuth.sys
2014-10-16 08:41 . 2014-10-15 09:34 157184 ----a-w- c:\windows\system32\pcasvc.dll
2014-10-16 08:41 . 2014-10-15 09:34 521384 ----a-w- c:\windows\system32\winload.exe
2014-10-16 08:41 . 2014-10-15 09:34 455752 ----a-w- c:\windows\system32\winresume.exe
2014-10-16 08:41 . 2014-10-15 09:34 3970488 ----a-w- c:\windows\system32\ntkrnlpa.exe
2014-10-16 08:41 . 2014-10-15 09:34 409272 ----a-w- c:\windows\system32\ci.dll
2014-10-16 08:41 . 2014-10-15 09:34 3914680 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-10-16 08:41 . 2014-10-15 09:33 50176 ----a-w- c:\windows\system32\setbcdlocale.dll
2014-10-15 09:10 . 2012-02-12 14:26 48648 -c--a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2014-10-15 09:10 . 2012-02-19 09:16 483952 -c--a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-10-01 17:27 . 2014-10-01 05:51 519680 ----a-w- c:\windows\system32\qdvd.dll
2014-09-24 18:27 . 2014-09-24 08:35 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-10 18:44 . 2014-09-10 05:45 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-09-10 18:44 . 2014-09-10 05:45 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-10 18:42 . 2014-09-10 18:42 2285056 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-10 18:35 . 2014-09-10 05:44 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-10 18:35 . 2014-09-10 05:43 793600 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-08-28 18:09 . 2014-08-28 05:59 92672 ----a-w- c:\windows\system32\wudriver.dll
2014-08-28 18:09 . 2014-08-28 05:59 36320 ----a-w- c:\windows\system32\wups.dll
2014-08-28 18:09 . 2014-08-28 05:59 581600 ----a-w- c:\windows\system32\wuapi.dll
2014-08-28 18:09 . 2014-08-28 06:20 305152 ----a-w- c:\windows\system32\gdi32.dll
2014-08-28 06:01 . 2014-08-28 05:57 179656 ----a-w- c:\windows\system32\wuwebv.dll
2014-08-28 06:01 . 2014-08-28 05:57 33792 ----a-w- c:\windows\system32\wuapp.exe
2014-08-28 06:00 . 2014-08-28 05:59 54240 ----a-w- c:\windows\system32\wuauclt.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-10-02 173592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
2014-09-26 14:04 4811032 -c--a-w- c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2014-03-04 09:19 3696912 -c--a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2014-07-24 17:55 21653096 -c--a-r- c:\program files\Skype\Phone\Skype.exe
.
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-05-13 30312]
R3 cleanhlp;cleanhlp;c:\program files\Emsisoft Anti-Malware\cleanhlp32.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2014-11-04 23456]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-10-16 108032]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 121064]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 12776]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 136808]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 114280]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-12 1343400]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-11-14 243128]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-11-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-223422653-1716354506-2496423225-1000Core.job
- c:\users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-22 14:37]
.
2014-11-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-223422653-1716354506-2496423225-1000UA.job
- c:\users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-22 14:37]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = <local>
TCP: Interfaces\{AEB3D5D8-CE48-424E-AF3F-D04C86A5B07F}: NameServer = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\4ejcuupx.default-1414919215950\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
SafeBoot-CleanHlp
SafeBoot-CleanHlp.sys
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:0000002e
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-11-20 12:55:54
ComboFix-quarantined-files.txt 2014-11-20 11:55
.
Před spuštěním: Volných bajtů: 48 992 841 728
Po spuštění: Volných bajtů: 49 980 039 168
.
- - End Of File - - 4F09B0DCC4B8747D9226E151C19E0EE6
A36C5E4F47E84449FF07ED3517B43A31
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43294
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Vysoka zatěž ram ,zasekáváni prohlížeču
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Kód: Vybrat vše
ClearJavaCache::
KillAll::
File::
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-223422653-1716354506-2496423225-1000Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-223422653-1716354506-2496423225-1000UA.job
Folder::
c:\users\xxx\AppData\Local\Facebook\Update
RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:0000002e
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43294
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Vysoka zatěž ram ,zasekáváni prohlížeču
+
Odinstaluj:
Emsisoft Anti-Malware
Odinstaluj:
Emsisoft Anti-Malware
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Vysoka zatěž ram ,zasekáváni prohlížeču
Ulohu combofixem jsem provedl nic meně jsem se pak nemohl připojit k internetu byly změněné hodnoty ve vychozi braně a servy dns kdýž jsem je zadal spravně a spustil znovu diagnostiku hodnoty se vymazaly a nešlo to zas ani restartovat zasunout kabel atd, nakonec jsem musel dat obnovu systemu a pak to naskočilo, log z comba byl uložen a zustal tam v C. tak nevim zde je log
ComboFix 14-11-18.01 - xxx 22.11.2014 1:23.1.1 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.1015.518 [GMT 1:00]
Spuštěný z: c:\users\xxx\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\xxx\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-223422653-1716354506-2496423225-1000Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-223422653-1716354506-2496423225-1000UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\xxx\AppData\Local\Facebook\Update
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\FacebookCrashHandler.exe
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdate.exe
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdateHelper.msi
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ar.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bg.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bn.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ca.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_cs.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_da.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_de.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_el.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en-GB.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es-419.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_et.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fa.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fi.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fil.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fr.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_gu.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hi.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hr.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hu.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_id.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_is.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_it.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_iw.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ja.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_kn.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ko.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lt.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lv.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ml.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_mr.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ms.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_nl.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_no.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_or.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pl.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-BR.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-PT.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ro.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ru.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sk.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sl.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sr.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sv.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ta.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_te.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_th.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_tr.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_uk.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ur.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_vi.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-CN.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-TW.dll
c:\users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-10-22 do 2014-11-22 )))))))))))))))))))))))))))))))
.
.
2014-11-22 00:41 . 2012-07-16 00:41 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E5873A52-9A8C-47B0-93DE-D2A609A8FB61}\mpengine.dll
2014-11-22 00:40 . 2014-11-22 00:40 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5415A166-B8EB-4881-BC46-80D03805C433}\offreg.dll
2014-11-22 00:40 . 2014-11-22 00:42 -------- dc----w- c:\users\xxx\AppData\Local\temp
2014-11-22 00:40 . 2014-11-22 00:40 -------- dc----w- c:\users\Default\AppData\Local\temp
2014-11-16 21:42 . 2014-11-16 21:20 24064 -c--a-w- c:\windows\zoek-delete.exe
2014-11-15 19:16 . 2014-11-16 09:19 114904 -c--a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-11-15 19:15 . 2014-11-15 19:15 -------- dc----w- c:\program files\Malwarebytes Anti-Malware
2014-11-15 19:15 . 2014-10-01 10:11 51928 -c--a-w- c:\windows\system32\drivers\mwac.sys
2014-11-15 19:15 . 2014-10-01 10:11 75480 -c--a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-15 19:15 . 2014-10-01 10:11 23256 -c--a-w- c:\windows\system32\drivers\mbam.sys
2014-11-15 17:07 . 2014-11-15 17:07 -------- dc----w- c:\programdata\Emsisoft
2014-11-15 16:58 . 2014-11-16 21:49 -------- dc----w- c:\program files\Emsisoft Anti-Malware
2014-11-15 16:53 . 2014-11-15 16:53 -------- dc----w- c:\users\xxx\AppData\Local\ElevatedDiagnostics
2014-11-15 16:36 . 2014-11-15 16:47 -------- dc----w- c:\programdata\HitmanPro
2014-11-15 01:33 . 2014-11-15 01:33 -------- dc----w- c:\windows\cs
2014-11-15 01:31 . 2014-11-15 01:31 -------- dc----w- c:\program files\Microsoft SQL Server Compact Edition
2014-11-15 01:30 . 2014-11-15 01:30 -------- dc----w- c:\windows\PCHEALTH
2014-11-15 01:29 . 2014-11-15 01:31 -------- dc----w- c:\program files\Windows Live
2014-11-15 01:26 . 2010-06-02 03:55 74072 -c--a-w- c:\windows\system32\XAPOFX1_5.dll
2014-11-15 01:26 . 2010-06-02 03:55 527192 -c--a-w- c:\windows\system32\XAudio2_7.dll
2014-11-15 01:26 . 2010-05-26 10:41 248672 -c--a-w- c:\windows\system32\d3dx11_43.dll
2014-11-15 01:26 . 2010-05-26 10:41 2106216 -c--a-w- c:\windows\system32\D3DCompiler_43.dll
2014-11-15 01:24 . 2009-09-04 16:29 453456 -c--a-w- c:\windows\system32\d3dx10_42.dll
2014-11-15 01:23 . 2006-11-29 12:06 3426072 -c--a-w- c:\windows\system32\d3dx9_32.dll
2014-11-15 01:21 . 2014-11-15 01:57 -------- dc----w- c:\users\xxx\AppData\Local\Windows Live
2014-11-15 01:21 . 2014-11-15 01:21 -------- dc----w- c:\program files\Common Files\Windows Live
2014-11-15 00:59 . 2014-11-03 09:04 43688 -c--a-w- c:\windows\system32\drivers\iSafeNetFilter.sys
2014-11-14 00:12 . 2014-11-15 09:07 -------- dc----w- c:\users\xxx\AppData\Roaming\dvdcss
2014-11-14 00:04 . 2014-11-14 00:04 243128 -c--a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-11-14 00:04 . 2014-11-15 09:28 -------- dc----w- c:\users\xxx\AppData\Roaming\DAEMON Tools Lite
2014-11-14 00:04 . 2014-11-14 00:04 -------- dc----w- c:\program files\DAEMON Tools Lite
2014-11-14 00:03 . 2014-11-14 00:11 -------- dc----w- c:\programdata\DAEMON Tools Lite
2014-11-10 14:00 . 2014-11-10 14:01 -------- dc----w- C:\ks
2014-11-09 10:06 . 2014-11-09 10:06 -------- dc----w- c:\program files\100dof_kidkeylock
2014-11-07 11:57 . 2014-11-07 12:25 -------- dc----w- C:\FFOutput
2014-11-07 11:50 . 2014-11-07 11:50 -------- dc----w- c:\program files\FreeTime
2014-11-05 08:30 . 2014-11-06 12:37 512 -c--a-w- C:\PhysicalMBR.bin
2014-11-04 23:40 . 2014-11-04 23:40 -------- dc----w- c:\users\xxx\AppData\Roaming\Tonium
2014-11-04 22:50 . 2014-11-04 22:50 -------- dc----w- c:\program files\trend micro
2014-11-04 22:22 . 2014-11-04 22:36 -------- dc----w- c:\program files\Pointstone
2014-11-04 21:31 . 2014-11-04 21:31 -------- dc----w- c:\program files\CONEXANT
2014-11-04 21:20 . 2014-11-04 21:20 -------- dc----w- c:\windows\system32\Lang
2014-11-04 21:20 . 2014-11-04 21:20 -------- dc----w- C:\Intel
2014-11-04 21:20 . 2009-10-02 13:34 8198680 -c--a-w- c:\windows\system32\TVWSetup.exe
2014-11-04 21:20 . 2009-10-02 13:34 141848 -c--a-w- c:\windows\system32\igfxtray.exe
2014-11-04 21:20 . 2009-10-02 13:34 252952 -c--a-w- c:\windows\system32\igfxsrvc.exe
2014-11-04 21:20 . 2009-10-02 13:34 150552 -c--a-w- c:\windows\system32\igfxpers.exe
2014-11-04 21:20 . 2009-10-02 13:34 173080 -c--a-w- c:\windows\system32\igfxext.exe
2014-11-04 21:20 . 2009-10-02 13:34 672792 -c--a-w- c:\windows\system32\igfxcfg.exe
2014-11-04 21:20 . 2009-10-02 13:34 173592 -c--a-w- c:\windows\system32\hkcmd.exe
2014-11-04 21:20 . 2014-11-04 21:20 -------- dc----w- c:\programdata\IntelDLM
2014-11-04 21:16 . 2014-11-04 21:16 -------- dc----w- c:\users\xxx\AppData\Local\Intel
2014-11-04 21:04 . 2014-11-04 21:04 23456 -c--a-w- c:\windows\system32\drivers\DrvAgent32.sys
2014-11-03 12:19 . 2014-11-03 12:19 -------- dc----w- c:\users\xxx\AppData\Local\Adobe
2014-11-01 09:26 . 2014-11-21 15:53 -------- dc----w- c:\users\xxx\AppData\Local\CrashDumps
2014-11-01 09:22 . 2014-11-16 21:37 -------- dc----w- C:\zoek_backup
2014-10-31 12:44 . 2014-11-16 19:27 34808 -c--a-w- c:\windows\system32\drivers\TrueSight.sys
2014-10-31 12:44 . 2014-10-31 12:44 -------- dc----w- c:\programdata\RogueKiller
2014-10-31 12:22 . 2014-10-31 12:22 -------- dc----w- c:\windows\ERUNT
2014-10-30 10:48 . 2014-10-30 10:48 -------- dc----w- c:\programdata\Malwarebytes
2014-10-30 10:48 . 2014-10-30 10:48 -------- dc----w- c:\users\xxx\AppData\Local\Programs
2014-10-30 10:42 . 2010-08-30 07:34 536576 -c--a-w- c:\windows\system32\sqlite3.dll
2014-10-30 10:41 . 2014-11-16 09:13 -------- dc----w- C:\AdwCleaner
2014-10-29 18:16 . 2014-11-20 20:55 -------- dc----w- c:\users\xxx\AppData\Roaming\PhotoScape
2014-10-29 18:15 . 2014-10-29 18:16 -------- dc----w- c:\program files\PhotoScape
2014-10-28 08:16 . 2014-10-30 13:03 -------- dc----w- c:\users\xxx\AppData\Local\Opera Software
2014-10-28 08:16 . 2014-10-30 13:03 -------- dc----w- c:\users\xxx\AppData\Roaming\Opera Software
2014-10-28 01:21 . 2014-10-28 01:21 71344 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-10-28 01:21 . 2014-10-28 01:21 701104 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2014-10-28 00:44 . 2014-11-20 22:50 -------- dc----w- c:\users\xxx\AppData\Roaming\vlc
2014-10-28 00:42 . 2014-10-28 00:42 -------- dc----w- c:\program files\VideoLAN
2014-10-26 18:05 . 2014-10-26 18:06 -------- dc----w- c:\program files\Common Files\Adobe
2014-10-25 19:33 . 2014-10-25 19:33 -------- dc----w- c:\program files\CCleaner
2014-10-25 17:59 . 2014-10-25 17:59 -------- dcsh--w- c:\users\xxx\AppData\Local\EmieUserList
2014-10-25 17:59 . 2014-10-25 17:59 -------- dcsh--w- c:\users\xxx\AppData\Local\EmieSiteList
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-21 15:56 . 2014-10-10 13:59 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2014-11-15 01:29 . 2012-07-17 13:37 23256 -c--a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-11-04 13:30 . 2012-02-12 09:21 229000 -c----w- c:\windows\system32\MpSigStub.exe
2014-10-23 13:41 . 2012-02-14 07:50 48648 -c--a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2014-10-23 13:40 . 2012-02-12 14:26 483952 -c--a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-10-16 09:49 . 2014-10-15 09:27 230912 ----a-w- c:\windows\system32\generaltel.dll
2014-10-16 09:49 . 2014-10-15 09:27 396288 ----a-w- c:\windows\system32\aepdu.dll
2014-10-16 09:49 . 2014-10-15 09:27 302592 ----a-w- c:\windows\system32\aeinv.dll
2014-10-16 09:48 . 2014-10-15 09:20 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-10-16 09:31 . 2014-10-15 09:13 372736 ----a-w- c:\windows\system32\rastls.dll
2014-10-16 09:30 . 2014-10-15 09:31 597504 ----a-w- c:\windows\system32\jscript9diag.dll
2014-10-16 09:30 . 2014-10-15 09:31 4201472 ----a-w- c:\windows\system32\jscript9.dll
2014-10-16 09:30 . 2014-10-15 09:31 1068032 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-10-16 09:30 . 2014-10-15 09:31 2017280 ----a-w- c:\windows\system32\inetcpl.cpl
2014-10-16 09:30 . 2014-10-15 09:31 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-10-16 09:30 . 2014-10-15 09:31 454656 ----a-w- c:\windows\system32\vbscript.dll
2014-10-16 09:30 . 2014-10-15 09:31 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-10-16 09:30 . 2014-10-15 09:31 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-10-16 09:30 . 2014-10-15 09:31 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-10-16 09:29 . 2014-10-15 09:31 1810944 ----a-w- c:\windows\system32\wininet.dll
2014-10-16 09:29 . 2014-10-15 09:31 61952 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-10-16 09:29 . 2014-10-15 09:31 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2014-10-16 09:29 . 2014-10-15 09:31 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-10-16 09:29 . 2014-10-15 09:30 61952 ----a-w- c:\windows\system32\iesetup.dll
2014-10-16 09:29 . 2014-10-15 09:31 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 09:08 . 2014-10-15 09:29 156824 ----a-w- c:\windows\system32\mscorier.dll
2014-10-16 09:08 . 2014-10-15 09:29 1131664 ----a-w- c:\windows\system32\dfshim.dll
2014-10-16 09:08 . 2014-10-15 09:29 81560 ----a-w- c:\windows\system32\mscories.dll
2014-10-16 09:06 . 2014-10-15 09:25 131584 ----a-w- c:\windows\system32\aaclient.dll
2014-10-16 09:06 . 2014-10-15 09:25 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2014-10-16 09:06 . 2014-10-15 09:26 3221504 ----a-w- c:\windows\system32\mstscax.dll
2014-10-16 09:06 . 2014-10-15 09:26 1051136 ----a-w- c:\windows\system32\mstsc.exe
2014-10-16 09:06 . 2014-10-15 09:26 919552 ----a-w- c:\windows\system32\rdpcorets.dll
2014-10-16 09:06 . 2014-10-15 09:26 523264 ----a-w- c:\windows\system32\termsrv.dll
2014-10-16 09:06 . 2014-10-15 09:25 157696 ----a-w- c:\windows\system32\winsta.dll
2014-10-16 09:06 . 2014-10-15 09:25 304128 ----a-w- c:\windows\system32\winlogon.exe
2014-10-16 09:06 . 2014-10-15 09:25 130048 ----a-w- c:\windows\system32\rdpcorekmts.dll
2014-10-16 09:06 . 2014-10-15 09:25 65536 ----a-w- c:\windows\system32\TSpkg.dll
2014-10-16 09:06 . 2014-10-15 09:25 17408 ----a-w- c:\windows\system32\credssp.dll
2014-10-16 09:06 . 2014-10-15 09:25 184320 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2014-10-16 08:45 . 2014-10-15 09:29 2363904 ----a-w- c:\windows\system32\msi.dll
2014-10-16 08:43 . 2014-10-15 09:19 67072 ----a-w- c:\windows\system32\packager.dll
2014-10-16 08:41 . 2014-10-15 09:34 275968 ----a-w- c:\windows\system32\EncDump.dll
2014-10-16 08:41 . 2014-10-15 09:34 143872 ----a-w- c:\windows\system32\cryptsvc.dll
2014-10-16 08:41 . 2014-10-15 09:34 1329664 ----a-w- c:\windows\system32\quartz.dll
2014-10-16 08:41 . 2014-10-15 09:34 442880 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-10-16 08:41 . 2014-10-15 09:34 195584 ----a-w- c:\windows\system32\AudioSes.dll
2014-10-16 08:41 . 2014-10-15 09:34 374784 ----a-w- c:\windows\system32\AudioEng.dll
2014-10-16 08:41 . 2014-10-15 09:34 473600 ----a-w- c:\windows\system32\audiosrv.dll
2014-10-16 08:41 . 2014-10-15 09:34 100864 ----a-w- c:\windows\system32\audiodg.exe
2014-10-16 08:41 . 2014-10-15 09:34 1005056 ----a-w- c:\windows\system32\cryptui.dll
2014-10-16 08:41 . 2014-10-15 09:34 3208704 ----a-w- c:\windows\system32\mf.dll
2014-10-16 08:41 . 2014-10-15 09:34 50176 ----a-w- c:\windows\system32\rrinstaller.exe
2014-10-16 08:41 . 2014-10-15 09:34 103424 ----a-w- c:\windows\system32\mfps.dll
2014-10-16 08:41 . 2014-10-15 09:33 23040 ----a-w- c:\windows\system32\mfpmp.exe
2014-10-16 08:41 . 2014-10-15 09:33 2048 ----a-w- c:\windows\system32\mferror.dll
2014-10-16 08:41 . 2014-10-15 09:34 489984 ----a-w- c:\windows\system32\evr.dll
2014-10-16 08:41 . 2014-10-15 09:33 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2014-10-16 08:41 . 2014-10-15 09:33 8192 ----a-w- c:\windows\system32\spwmp.dll
2014-10-16 08:41 . 2014-10-15 09:34 744960 ----a-w- c:\windows\system32\blackbox.dll
2014-10-16 08:41 . 2014-10-15 09:34 406016 ----a-w- c:\windows\system32\drmmgrtn.dll
2014-10-16 08:41 . 2014-10-15 09:34 81408 ----a-w- c:\windows\system32\cryptsp.dll
2014-10-16 08:41 . 2014-10-15 09:33 4096 ----a-w- c:\windows\system32\msdxm.ocx
2014-10-16 08:41 . 2014-10-15 09:33 4096 ----a-w- c:\windows\system32\dxmasf.dll
2014-10-16 08:41 . 2014-10-15 09:34 988160 ----a-w- c:\windows\system32\drmv2clt.dll
2014-10-16 08:41 . 2014-10-15 09:34 617984 ----a-w- c:\windows\system32\wmdrmsdk.dll
2014-10-16 08:41 . 2014-10-15 09:34 265216 ----a-w- c:\windows\system32\msnetobj.dll
2014-10-16 08:41 . 2014-10-15 09:34 179200 ----a-w- c:\windows\system32\wintrust.dll
2014-10-16 08:41 . 2014-10-15 09:34 1174528 ----a-w- c:\windows\system32\crypt32.dll
2014-10-16 08:41 . 2014-10-15 09:34 354816 ----a-w- c:\windows\system32\mfplat.dll
2014-10-16 08:41 . 2014-10-15 09:34 504320 ----a-w- c:\windows\system32\msscp.dll
2014-10-16 08:41 . 2014-10-15 09:34 27648 ----a-w- c:\windows\system32\appidsvc.dll
2014-10-16 08:41 . 2014-10-15 09:34 96768 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2014-10-16 08:41 . 2014-10-15 09:34 50688 ----a-w- c:\windows\system32\appidapi.dll
2014-10-16 08:41 . 2014-10-15 09:33 50176 ----a-w- c:\windows\system32\drivers\appid.sys
2014-10-16 08:41 . 2014-10-15 09:33 16896 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2014-10-16 08:41 . 2014-10-15 09:34 593920 ----a-w- c:\windows\system32\drivers\PEAuth.sys
2014-10-16 08:41 . 2014-10-15 09:34 157184 ----a-w- c:\windows\system32\pcasvc.dll
2014-10-16 08:41 . 2014-10-15 09:34 521384 ----a-w- c:\windows\system32\winload.exe
2014-10-16 08:41 . 2014-10-15 09:34 455752 ----a-w- c:\windows\system32\winresume.exe
2014-10-16 08:41 . 2014-10-15 09:34 3970488 ----a-w- c:\windows\system32\ntkrnlpa.exe
2014-10-16 08:41 . 2014-10-15 09:34 409272 ----a-w- c:\windows\system32\ci.dll
2014-10-16 08:41 . 2014-10-15 09:34 3914680 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-10-16 08:41 . 2014-10-15 09:33 50176 ----a-w- c:\windows\system32\setbcdlocale.dll
2014-10-15 09:10 . 2012-02-12 14:26 48648 -c--a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2014-10-15 09:10 . 2012-02-19 09:16 483952 -c--a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-10-01 17:27 . 2014-10-01 05:51 519680 ----a-w- c:\windows\system32\qdvd.dll
2014-09-24 18:27 . 2014-09-24 08:35 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-10 18:44 . 2014-09-10 05:45 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-09-10 18:44 . 2014-09-10 05:45 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-10 18:42 . 2014-09-10 18:42 2285056 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-10 18:35 . 2014-09-10 05:44 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-10 18:35 . 2014-09-10 05:43 793600 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-08-28 18:09 . 2014-08-28 05:59 92672 ----a-w- c:\windows\system32\wudriver.dll
2014-08-28 18:09 . 2014-08-28 05:59 36320 ----a-w- c:\windows\system32\wups.dll
2014-08-28 18:09 . 2014-08-28 05:59 581600 ----a-w- c:\windows\system32\wuapi.dll
2014-08-28 18:09 . 2014-08-28 06:20 305152 ----a-w- c:\windows\system32\gdi32.dll
2014-08-28 06:01 . 2014-08-28 05:57 179656 ----a-w- c:\windows\system32\wuwebv.dll
2014-08-28 06:01 . 2014-08-28 05:57 33792 ----a-w- c:\windows\system32\wuapp.exe
2014-08-28 06:00 . 2014-08-28 05:59 54240 ----a-w- c:\windows\system32\wuauclt.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-10-02 173592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
2014-09-26 14:04 4811032 -c--a-w- c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2014-03-04 09:19 3696912 -c--a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2014-07-24 17:55 21653096 -c--a-r- c:\program files\Skype\Phone\Skype.exe
.
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-05-13 30312]
R3 cleanhlp;cleanhlp;c:\program files\Emsisoft Anti-Malware\cleanhlp32.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2014-11-04 23456]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-10-16 108032]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 121064]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 12776]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 136808]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 114280]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-12 1343400]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-11-14 243128]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
.
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = <local>
TCP: Interfaces\{AEB3D5D8-CE48-424E-AF3F-D04C86A5B07F}: NameServer = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\4ejcuupx.default-1414919215950\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2014-11-22 01:45:47 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-11-22 00:45
ComboFix2.txt 2014-11-20 11:55
.
Před spuštěním: Volných bajtů: 48 132 214 784
Po spuštění: Volných bajtů: 48 158 904 320
.
- - End Of File - - 8A96AB4E9B47AFA231391503DC13B80A
A36C5E4F47E84449FF07ED3517B43A31
ComboFix 14-11-18.01 - xxx 22.11.2014 1:23.1.1 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.1015.518 [GMT 1:00]
Spuštěný z: c:\users\xxx\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\xxx\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-223422653-1716354506-2496423225-1000Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-223422653-1716354506-2496423225-1000UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\xxx\AppData\Local\Facebook\Update
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\FacebookCrashHandler.exe
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdate.exe
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdateHelper.msi
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ar.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bg.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bn.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ca.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_cs.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_da.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_de.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_el.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en-GB.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es-419.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_et.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fa.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fi.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fil.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fr.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_gu.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hi.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hr.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hu.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_id.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_is.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_it.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_iw.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ja.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_kn.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ko.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lt.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lv.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ml.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_mr.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ms.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_nl.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_no.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_or.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pl.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-BR.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-PT.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ro.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ru.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sk.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sl.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sr.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sv.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ta.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_te.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_th.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_tr.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_uk.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ur.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_vi.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-CN.dll
c:\users\xxx\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-TW.dll
c:\users\xxx\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-10-22 do 2014-11-22 )))))))))))))))))))))))))))))))
.
.
2014-11-22 00:41 . 2012-07-16 00:41 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E5873A52-9A8C-47B0-93DE-D2A609A8FB61}\mpengine.dll
2014-11-22 00:40 . 2014-11-22 00:40 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5415A166-B8EB-4881-BC46-80D03805C433}\offreg.dll
2014-11-22 00:40 . 2014-11-22 00:42 -------- dc----w- c:\users\xxx\AppData\Local\temp
2014-11-22 00:40 . 2014-11-22 00:40 -------- dc----w- c:\users\Default\AppData\Local\temp
2014-11-16 21:42 . 2014-11-16 21:20 24064 -c--a-w- c:\windows\zoek-delete.exe
2014-11-15 19:16 . 2014-11-16 09:19 114904 -c--a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-11-15 19:15 . 2014-11-15 19:15 -------- dc----w- c:\program files\Malwarebytes Anti-Malware
2014-11-15 19:15 . 2014-10-01 10:11 51928 -c--a-w- c:\windows\system32\drivers\mwac.sys
2014-11-15 19:15 . 2014-10-01 10:11 75480 -c--a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-15 19:15 . 2014-10-01 10:11 23256 -c--a-w- c:\windows\system32\drivers\mbam.sys
2014-11-15 17:07 . 2014-11-15 17:07 -------- dc----w- c:\programdata\Emsisoft
2014-11-15 16:58 . 2014-11-16 21:49 -------- dc----w- c:\program files\Emsisoft Anti-Malware
2014-11-15 16:53 . 2014-11-15 16:53 -------- dc----w- c:\users\xxx\AppData\Local\ElevatedDiagnostics
2014-11-15 16:36 . 2014-11-15 16:47 -------- dc----w- c:\programdata\HitmanPro
2014-11-15 01:33 . 2014-11-15 01:33 -------- dc----w- c:\windows\cs
2014-11-15 01:31 . 2014-11-15 01:31 -------- dc----w- c:\program files\Microsoft SQL Server Compact Edition
2014-11-15 01:30 . 2014-11-15 01:30 -------- dc----w- c:\windows\PCHEALTH
2014-11-15 01:29 . 2014-11-15 01:31 -------- dc----w- c:\program files\Windows Live
2014-11-15 01:26 . 2010-06-02 03:55 74072 -c--a-w- c:\windows\system32\XAPOFX1_5.dll
2014-11-15 01:26 . 2010-06-02 03:55 527192 -c--a-w- c:\windows\system32\XAudio2_7.dll
2014-11-15 01:26 . 2010-05-26 10:41 248672 -c--a-w- c:\windows\system32\d3dx11_43.dll
2014-11-15 01:26 . 2010-05-26 10:41 2106216 -c--a-w- c:\windows\system32\D3DCompiler_43.dll
2014-11-15 01:24 . 2009-09-04 16:29 453456 -c--a-w- c:\windows\system32\d3dx10_42.dll
2014-11-15 01:23 . 2006-11-29 12:06 3426072 -c--a-w- c:\windows\system32\d3dx9_32.dll
2014-11-15 01:21 . 2014-11-15 01:57 -------- dc----w- c:\users\xxx\AppData\Local\Windows Live
2014-11-15 01:21 . 2014-11-15 01:21 -------- dc----w- c:\program files\Common Files\Windows Live
2014-11-15 00:59 . 2014-11-03 09:04 43688 -c--a-w- c:\windows\system32\drivers\iSafeNetFilter.sys
2014-11-14 00:12 . 2014-11-15 09:07 -------- dc----w- c:\users\xxx\AppData\Roaming\dvdcss
2014-11-14 00:04 . 2014-11-14 00:04 243128 -c--a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-11-14 00:04 . 2014-11-15 09:28 -------- dc----w- c:\users\xxx\AppData\Roaming\DAEMON Tools Lite
2014-11-14 00:04 . 2014-11-14 00:04 -------- dc----w- c:\program files\DAEMON Tools Lite
2014-11-14 00:03 . 2014-11-14 00:11 -------- dc----w- c:\programdata\DAEMON Tools Lite
2014-11-10 14:00 . 2014-11-10 14:01 -------- dc----w- C:\ks
2014-11-09 10:06 . 2014-11-09 10:06 -------- dc----w- c:\program files\100dof_kidkeylock
2014-11-07 11:57 . 2014-11-07 12:25 -------- dc----w- C:\FFOutput
2014-11-07 11:50 . 2014-11-07 11:50 -------- dc----w- c:\program files\FreeTime
2014-11-05 08:30 . 2014-11-06 12:37 512 -c--a-w- C:\PhysicalMBR.bin
2014-11-04 23:40 . 2014-11-04 23:40 -------- dc----w- c:\users\xxx\AppData\Roaming\Tonium
2014-11-04 22:50 . 2014-11-04 22:50 -------- dc----w- c:\program files\trend micro
2014-11-04 22:22 . 2014-11-04 22:36 -------- dc----w- c:\program files\Pointstone
2014-11-04 21:31 . 2014-11-04 21:31 -------- dc----w- c:\program files\CONEXANT
2014-11-04 21:20 . 2014-11-04 21:20 -------- dc----w- c:\windows\system32\Lang
2014-11-04 21:20 . 2014-11-04 21:20 -------- dc----w- C:\Intel
2014-11-04 21:20 . 2009-10-02 13:34 8198680 -c--a-w- c:\windows\system32\TVWSetup.exe
2014-11-04 21:20 . 2009-10-02 13:34 141848 -c--a-w- c:\windows\system32\igfxtray.exe
2014-11-04 21:20 . 2009-10-02 13:34 252952 -c--a-w- c:\windows\system32\igfxsrvc.exe
2014-11-04 21:20 . 2009-10-02 13:34 150552 -c--a-w- c:\windows\system32\igfxpers.exe
2014-11-04 21:20 . 2009-10-02 13:34 173080 -c--a-w- c:\windows\system32\igfxext.exe
2014-11-04 21:20 . 2009-10-02 13:34 672792 -c--a-w- c:\windows\system32\igfxcfg.exe
2014-11-04 21:20 . 2009-10-02 13:34 173592 -c--a-w- c:\windows\system32\hkcmd.exe
2014-11-04 21:20 . 2014-11-04 21:20 -------- dc----w- c:\programdata\IntelDLM
2014-11-04 21:16 . 2014-11-04 21:16 -------- dc----w- c:\users\xxx\AppData\Local\Intel
2014-11-04 21:04 . 2014-11-04 21:04 23456 -c--a-w- c:\windows\system32\drivers\DrvAgent32.sys
2014-11-03 12:19 . 2014-11-03 12:19 -------- dc----w- c:\users\xxx\AppData\Local\Adobe
2014-11-01 09:26 . 2014-11-21 15:53 -------- dc----w- c:\users\xxx\AppData\Local\CrashDumps
2014-11-01 09:22 . 2014-11-16 21:37 -------- dc----w- C:\zoek_backup
2014-10-31 12:44 . 2014-11-16 19:27 34808 -c--a-w- c:\windows\system32\drivers\TrueSight.sys
2014-10-31 12:44 . 2014-10-31 12:44 -------- dc----w- c:\programdata\RogueKiller
2014-10-31 12:22 . 2014-10-31 12:22 -------- dc----w- c:\windows\ERUNT
2014-10-30 10:48 . 2014-10-30 10:48 -------- dc----w- c:\programdata\Malwarebytes
2014-10-30 10:48 . 2014-10-30 10:48 -------- dc----w- c:\users\xxx\AppData\Local\Programs
2014-10-30 10:42 . 2010-08-30 07:34 536576 -c--a-w- c:\windows\system32\sqlite3.dll
2014-10-30 10:41 . 2014-11-16 09:13 -------- dc----w- C:\AdwCleaner
2014-10-29 18:16 . 2014-11-20 20:55 -------- dc----w- c:\users\xxx\AppData\Roaming\PhotoScape
2014-10-29 18:15 . 2014-10-29 18:16 -------- dc----w- c:\program files\PhotoScape
2014-10-28 08:16 . 2014-10-30 13:03 -------- dc----w- c:\users\xxx\AppData\Local\Opera Software
2014-10-28 08:16 . 2014-10-30 13:03 -------- dc----w- c:\users\xxx\AppData\Roaming\Opera Software
2014-10-28 01:21 . 2014-10-28 01:21 71344 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-10-28 01:21 . 2014-10-28 01:21 701104 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2014-10-28 00:44 . 2014-11-20 22:50 -------- dc----w- c:\users\xxx\AppData\Roaming\vlc
2014-10-28 00:42 . 2014-10-28 00:42 -------- dc----w- c:\program files\VideoLAN
2014-10-26 18:05 . 2014-10-26 18:06 -------- dc----w- c:\program files\Common Files\Adobe
2014-10-25 19:33 . 2014-10-25 19:33 -------- dc----w- c:\program files\CCleaner
2014-10-25 17:59 . 2014-10-25 17:59 -------- dcsh--w- c:\users\xxx\AppData\Local\EmieUserList
2014-10-25 17:59 . 2014-10-25 17:59 -------- dcsh--w- c:\users\xxx\AppData\Local\EmieSiteList
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-21 15:56 . 2014-10-10 13:59 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2014-11-15 01:29 . 2012-07-17 13:37 23256 -c--a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-11-04 13:30 . 2012-02-12 09:21 229000 -c----w- c:\windows\system32\MpSigStub.exe
2014-10-23 13:41 . 2012-02-14 07:50 48648 -c--a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2014-10-23 13:40 . 2012-02-12 14:26 483952 -c--a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-10-16 09:49 . 2014-10-15 09:27 230912 ----a-w- c:\windows\system32\generaltel.dll
2014-10-16 09:49 . 2014-10-15 09:27 396288 ----a-w- c:\windows\system32\aepdu.dll
2014-10-16 09:49 . 2014-10-15 09:27 302592 ----a-w- c:\windows\system32\aeinv.dll
2014-10-16 09:48 . 2014-10-15 09:20 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-10-16 09:31 . 2014-10-15 09:13 372736 ----a-w- c:\windows\system32\rastls.dll
2014-10-16 09:30 . 2014-10-15 09:31 597504 ----a-w- c:\windows\system32\jscript9diag.dll
2014-10-16 09:30 . 2014-10-15 09:31 4201472 ----a-w- c:\windows\system32\jscript9.dll
2014-10-16 09:30 . 2014-10-15 09:31 1068032 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-10-16 09:30 . 2014-10-15 09:31 2017280 ----a-w- c:\windows\system32\inetcpl.cpl
2014-10-16 09:30 . 2014-10-15 09:31 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-10-16 09:30 . 2014-10-15 09:31 454656 ----a-w- c:\windows\system32\vbscript.dll
2014-10-16 09:30 . 2014-10-15 09:31 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-10-16 09:30 . 2014-10-15 09:31 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-10-16 09:30 . 2014-10-15 09:31 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-10-16 09:29 . 2014-10-15 09:31 1810944 ----a-w- c:\windows\system32\wininet.dll
2014-10-16 09:29 . 2014-10-15 09:31 61952 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-10-16 09:29 . 2014-10-15 09:31 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2014-10-16 09:29 . 2014-10-15 09:31 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-10-16 09:29 . 2014-10-15 09:30 61952 ----a-w- c:\windows\system32\iesetup.dll
2014-10-16 09:29 . 2014-10-15 09:31 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 09:08 . 2014-10-15 09:29 156824 ----a-w- c:\windows\system32\mscorier.dll
2014-10-16 09:08 . 2014-10-15 09:29 1131664 ----a-w- c:\windows\system32\dfshim.dll
2014-10-16 09:08 . 2014-10-15 09:29 81560 ----a-w- c:\windows\system32\mscories.dll
2014-10-16 09:06 . 2014-10-15 09:25 131584 ----a-w- c:\windows\system32\aaclient.dll
2014-10-16 09:06 . 2014-10-15 09:25 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2014-10-16 09:06 . 2014-10-15 09:26 3221504 ----a-w- c:\windows\system32\mstscax.dll
2014-10-16 09:06 . 2014-10-15 09:26 1051136 ----a-w- c:\windows\system32\mstsc.exe
2014-10-16 09:06 . 2014-10-15 09:26 919552 ----a-w- c:\windows\system32\rdpcorets.dll
2014-10-16 09:06 . 2014-10-15 09:26 523264 ----a-w- c:\windows\system32\termsrv.dll
2014-10-16 09:06 . 2014-10-15 09:25 157696 ----a-w- c:\windows\system32\winsta.dll
2014-10-16 09:06 . 2014-10-15 09:25 304128 ----a-w- c:\windows\system32\winlogon.exe
2014-10-16 09:06 . 2014-10-15 09:25 130048 ----a-w- c:\windows\system32\rdpcorekmts.dll
2014-10-16 09:06 . 2014-10-15 09:25 65536 ----a-w- c:\windows\system32\TSpkg.dll
2014-10-16 09:06 . 2014-10-15 09:25 17408 ----a-w- c:\windows\system32\credssp.dll
2014-10-16 09:06 . 2014-10-15 09:25 184320 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2014-10-16 08:45 . 2014-10-15 09:29 2363904 ----a-w- c:\windows\system32\msi.dll
2014-10-16 08:43 . 2014-10-15 09:19 67072 ----a-w- c:\windows\system32\packager.dll
2014-10-16 08:41 . 2014-10-15 09:34 275968 ----a-w- c:\windows\system32\EncDump.dll
2014-10-16 08:41 . 2014-10-15 09:34 143872 ----a-w- c:\windows\system32\cryptsvc.dll
2014-10-16 08:41 . 2014-10-15 09:34 1329664 ----a-w- c:\windows\system32\quartz.dll
2014-10-16 08:41 . 2014-10-15 09:34 442880 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-10-16 08:41 . 2014-10-15 09:34 195584 ----a-w- c:\windows\system32\AudioSes.dll
2014-10-16 08:41 . 2014-10-15 09:34 374784 ----a-w- c:\windows\system32\AudioEng.dll
2014-10-16 08:41 . 2014-10-15 09:34 473600 ----a-w- c:\windows\system32\audiosrv.dll
2014-10-16 08:41 . 2014-10-15 09:34 100864 ----a-w- c:\windows\system32\audiodg.exe
2014-10-16 08:41 . 2014-10-15 09:34 1005056 ----a-w- c:\windows\system32\cryptui.dll
2014-10-16 08:41 . 2014-10-15 09:34 3208704 ----a-w- c:\windows\system32\mf.dll
2014-10-16 08:41 . 2014-10-15 09:34 50176 ----a-w- c:\windows\system32\rrinstaller.exe
2014-10-16 08:41 . 2014-10-15 09:34 103424 ----a-w- c:\windows\system32\mfps.dll
2014-10-16 08:41 . 2014-10-15 09:33 23040 ----a-w- c:\windows\system32\mfpmp.exe
2014-10-16 08:41 . 2014-10-15 09:33 2048 ----a-w- c:\windows\system32\mferror.dll
2014-10-16 08:41 . 2014-10-15 09:34 489984 ----a-w- c:\windows\system32\evr.dll
2014-10-16 08:41 . 2014-10-15 09:33 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2014-10-16 08:41 . 2014-10-15 09:33 8192 ----a-w- c:\windows\system32\spwmp.dll
2014-10-16 08:41 . 2014-10-15 09:34 744960 ----a-w- c:\windows\system32\blackbox.dll
2014-10-16 08:41 . 2014-10-15 09:34 406016 ----a-w- c:\windows\system32\drmmgrtn.dll
2014-10-16 08:41 . 2014-10-15 09:34 81408 ----a-w- c:\windows\system32\cryptsp.dll
2014-10-16 08:41 . 2014-10-15 09:33 4096 ----a-w- c:\windows\system32\msdxm.ocx
2014-10-16 08:41 . 2014-10-15 09:33 4096 ----a-w- c:\windows\system32\dxmasf.dll
2014-10-16 08:41 . 2014-10-15 09:34 988160 ----a-w- c:\windows\system32\drmv2clt.dll
2014-10-16 08:41 . 2014-10-15 09:34 617984 ----a-w- c:\windows\system32\wmdrmsdk.dll
2014-10-16 08:41 . 2014-10-15 09:34 265216 ----a-w- c:\windows\system32\msnetobj.dll
2014-10-16 08:41 . 2014-10-15 09:34 179200 ----a-w- c:\windows\system32\wintrust.dll
2014-10-16 08:41 . 2014-10-15 09:34 1174528 ----a-w- c:\windows\system32\crypt32.dll
2014-10-16 08:41 . 2014-10-15 09:34 354816 ----a-w- c:\windows\system32\mfplat.dll
2014-10-16 08:41 . 2014-10-15 09:34 504320 ----a-w- c:\windows\system32\msscp.dll
2014-10-16 08:41 . 2014-10-15 09:34 27648 ----a-w- c:\windows\system32\appidsvc.dll
2014-10-16 08:41 . 2014-10-15 09:34 96768 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2014-10-16 08:41 . 2014-10-15 09:34 50688 ----a-w- c:\windows\system32\appidapi.dll
2014-10-16 08:41 . 2014-10-15 09:33 50176 ----a-w- c:\windows\system32\drivers\appid.sys
2014-10-16 08:41 . 2014-10-15 09:33 16896 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2014-10-16 08:41 . 2014-10-15 09:34 593920 ----a-w- c:\windows\system32\drivers\PEAuth.sys
2014-10-16 08:41 . 2014-10-15 09:34 157184 ----a-w- c:\windows\system32\pcasvc.dll
2014-10-16 08:41 . 2014-10-15 09:34 521384 ----a-w- c:\windows\system32\winload.exe
2014-10-16 08:41 . 2014-10-15 09:34 455752 ----a-w- c:\windows\system32\winresume.exe
2014-10-16 08:41 . 2014-10-15 09:34 3970488 ----a-w- c:\windows\system32\ntkrnlpa.exe
2014-10-16 08:41 . 2014-10-15 09:34 409272 ----a-w- c:\windows\system32\ci.dll
2014-10-16 08:41 . 2014-10-15 09:34 3914680 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-10-16 08:41 . 2014-10-15 09:33 50176 ----a-w- c:\windows\system32\setbcdlocale.dll
2014-10-15 09:10 . 2012-02-12 14:26 48648 -c--a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2014-10-15 09:10 . 2012-02-19 09:16 483952 -c--a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-10-01 17:27 . 2014-10-01 05:51 519680 ----a-w- c:\windows\system32\qdvd.dll
2014-09-24 18:27 . 2014-09-24 08:35 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-10 18:44 . 2014-09-10 05:45 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-09-10 18:44 . 2014-09-10 05:45 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-10 18:42 . 2014-09-10 18:42 2285056 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-10 18:35 . 2014-09-10 05:44 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-10 18:35 . 2014-09-10 05:43 793600 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-08-28 18:09 . 2014-08-28 05:59 92672 ----a-w- c:\windows\system32\wudriver.dll
2014-08-28 18:09 . 2014-08-28 05:59 36320 ----a-w- c:\windows\system32\wups.dll
2014-08-28 18:09 . 2014-08-28 05:59 581600 ----a-w- c:\windows\system32\wuapi.dll
2014-08-28 18:09 . 2014-08-28 06:20 305152 ----a-w- c:\windows\system32\gdi32.dll
2014-08-28 06:01 . 2014-08-28 05:57 179656 ----a-w- c:\windows\system32\wuwebv.dll
2014-08-28 06:01 . 2014-08-28 05:57 33792 ----a-w- c:\windows\system32\wuapp.exe
2014-08-28 06:00 . 2014-08-28 05:59 54240 ----a-w- c:\windows\system32\wuauclt.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-10-02 173592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
2014-09-26 14:04 4811032 -c--a-w- c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2014-03-04 09:19 3696912 -c--a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2014-07-24 17:55 21653096 -c--a-r- c:\program files\Skype\Phone\Skype.exe
.
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-05-13 30312]
R3 cleanhlp;cleanhlp;c:\program files\Emsisoft Anti-Malware\cleanhlp32.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2014-11-04 23456]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-10-16 108032]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 121064]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 12776]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 136808]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 114280]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-12 1343400]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-11-14 243128]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
.
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = <local>
TCP: Interfaces\{AEB3D5D8-CE48-424E-AF3F-D04C86A5B07F}: NameServer = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\4ejcuupx.default-1414919215950\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2014-11-22 01:45:47 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-11-22 00:45
ComboFix2.txt 2014-11-20 11:55
.
Před spuštěním: Volných bajtů: 48 132 214 784
Po spuštění: Volných bajtů: 48 158 904 320
.
- - End Of File - - 8A96AB4E9B47AFA231391503DC13B80A
A36C5E4F47E84449FF07ED3517B43A31
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Vysoka zatěž ram ,zasekáváni prohlížeču
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
====================================================
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Start-Spustit a zadej ComboFix /Uninstall
====================================================
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Láska hřeje, ale uhlí je uhlí.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 33 hostů