prosím o kontrolu logu

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Odpovědět
dantroj
nováček
Příspěvky: 8
Registrován: prosinec 14
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod dantroj » 28 pro 2014 18:58

ComboFix 14-12-25.01 - opopop . 12. 2014 18:48:13.1.3 - x64
Microsoft Windows 8 Enterprise 6.2.9200.0.1250.420.1029.18.4094.2987 [GMT 1:00]
Spuštěný z: c:\users\opopop\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\programdata\ntuser.pol
c:\users\op\AppData\Local\assembly\tmp
c:\users\opopop\AppData\Local\assembly\tmp
c:\users\opopop\AppData\Local\Temp\7zS2462\HPSLPSVC64.DLL
c:\users\opopop\AppData\Roaming\DRPSu
c:\users\opopop\AppData\Roaming\DRPSu\DrvUpdater.exe
c:\windows\security\logs\scecomp.log
c:\windows\system\Pncrt.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_HPSLPSVC
-------\Service_HPSLPSVC
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-28 do 2014-12-28 )))))))))))))))))))))))))))))))
.
.
2014-12-27 17:52 . 2014-12-27 17:52 -------- d-----w- c:\windows\SysWow64\IrfanView
2014-12-27 17:42 . 2014-12-27 17:42 -------- d-----w- c:\windows\SysWow64\%LOCALAPPDATA%
2014-12-27 17:42 . 2014-12-28 12:06 -------- d-----w- c:\windows\system32\%LOCALAPPDATA%
2014-12-27 16:50 . 2014-12-27 16:51 -------- d-----w- c:\users\op
2014-12-27 12:35 . 2014-12-27 12:19 24064 ----a-w- c:\windows\zoek-delete.exe
2014-12-26 18:17 . 2014-12-26 18:30 -------- d-----w- C:\zoek_backup
2014-12-26 16:45 . 2014-12-26 16:45 -------- d-s---w- c:\windows\system32\CompatTel
2014-12-26 16:45 . 2014-12-26 16:45 -------- d-----w- c:\windows\system32\appraiser
2014-12-26 15:57 . 2014-12-26 15:57 -------- d-----w- c:\program files\Classic Shell
2014-12-26 09:47 . 2014-12-26 18:08 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-12-26 09:47 . 2014-12-26 09:47 -------- d-----w- c:\programdata\RogueKiller
2014-12-26 09:34 . 2014-12-26 09:34 -------- d-----w- c:\windows\ERUNT
2014-12-23 17:45 . 2014-12-23 17:45 -------- d-----w- c:\windows\ServiceProfiles\LocalService\winhttp
2014-12-22 11:57 . 2014-12-22 12:47 -------- d-----w- c:\programdata\TrackMania
2014-12-20 12:06 . 2014-12-26 09:24 -------- d-----w- C:\AdwCleaner
2014-12-20 12:01 . 2014-12-20 12:01 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2014-12-18 18:47 . 2014-12-22 11:57 -------- d-----w- c:\program files (x86)\TmUnitedForever
2014-12-14 10:09 . 2014-11-26 21:11 714184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-14 10:09 . 2014-11-26 21:11 106440 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-13 17:54 . 2014-10-09 04:00 1484288 ----a-w- c:\windows\system32\VSSVC.exe
2014-12-13 17:54 . 2014-10-09 04:00 69632 ----a-w- c:\windows\system32\vsstrace.dll
2014-12-13 17:54 . 2014-10-09 04:00 1519104 ----a-w- c:\windows\system32\vssapi.dll
2014-12-13 17:54 . 2014-10-09 03:59 52224 ----a-w- c:\windows\SysWow64\vsstrace.dll
2014-12-13 17:54 . 2014-10-09 03:59 1195520 ----a-w- c:\windows\SysWow64\vssapi.dll
2014-12-13 17:38 . 2014-07-15 22:51 71168 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
2014-12-13 17:30 . 2014-06-10 22:44 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-12-13 17:30 . 2014-06-10 22:43 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-12-13 17:28 . 2014-01-27 03:39 1939288 ----a-w- c:\windows\system32\drivers\ntfs.sys
2014-12-13 17:28 . 2014-01-02 23:32 523264 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2014-12-13 17:28 . 2014-02-03 23:56 332632 ----a-w- c:\windows\system32\drivers\storport.sys
2014-12-13 17:28 . 2014-02-03 23:56 278872 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2014-12-13 17:28 . 2014-01-31 00:06 599040 ----a-w- c:\windows\system32\WSDApi.dll
2014-12-13 17:28 . 2014-01-02 23:35 365568 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2014-12-13 17:28 . 2014-01-31 00:48 485888 ----a-w- c:\windows\SysWow64\WSDApi.dll
2014-12-13 17:28 . 2014-01-15 23:42 118784 ----a-w- c:\windows\system32\drivers\dfsc.sys
2014-12-13 17:28 . 2014-02-01 06:55 41984 ----a-w- c:\windows\system32\fveskybackup.dll
2014-12-13 17:26 . 2014-07-24 03:33 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-12-13 17:26 . 2014-07-24 03:33 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-12-13 17:25 . 2014-07-31 23:40 1287680 ----a-w- c:\windows\system32\schedsvc.dll
2014-12-13 17:25 . 2014-06-05 01:12 678600 ----a-w- c:\windows\system32\msvcp120_clr0400.dll
2014-12-13 17:25 . 2014-06-03 23:12 536776 ----a-w- c:\windows\SysWow64\msvcp120_clr0400.dll
2014-12-13 17:25 . 2014-06-13 01:57 1453400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2014-12-13 17:25 . 2014-06-13 01:55 199680 ----a-w- c:\windows\system32\cdd.dll
2014-12-13 17:25 . 2014-03-24 23:42 305152 ----a-w- c:\windows\SysWow64\wusa.exe
2014-12-13 17:25 . 2014-03-24 22:56 309760 ----a-w- c:\windows\system32\wusa.exe
2014-12-13 17:23 . 2014-10-11 07:44 19764736 ----a-w- c:\windows\system32\shell32.dll
2014-12-13 17:18 . 2014-07-07 05:51 5982208 ----a-w- c:\windows\system32\mstscax.dll
2014-12-13 17:14 . 2014-10-01 23:05 4068864 ----a-w- c:\windows\system32\win32k.sys
2014-12-13 17:14 . 2014-10-18 08:44 778240 ----a-w- c:\windows\system32\oleaut32.dll
2014-12-13 17:14 . 2014-10-18 07:05 567808 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-12-13 17:11 . 2014-04-29 22:32 126464 ----a-w- c:\windows\system32\Robocopy.exe
2014-12-13 17:10 . 2014-07-15 23:03 1300992 ----a-w- c:\windows\system32\gdi32.dll
2014-12-13 17:10 . 2014-07-12 02:36 1023488 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-12-13 17:10 . 2014-09-24 23:29 318976 ----a-w- c:\windows\SysWow64\schannel.dll
2014-12-13 17:10 . 2014-09-24 23:01 414208 ----a-w- c:\windows\system32\schannel.dll
2014-12-13 17:10 . 2014-09-24 23:29 72192 ----a-w- c:\windows\SysWow64\ncryptsslp.dll
2014-12-13 17:10 . 2014-09-24 23:01 86528 ----a-w- c:\windows\system32\ncryptsslp.dll
2014-12-13 17:08 . 2014-06-12 23:29 2146304 ----a-w- c:\windows\system32\actxprxy.dll
2014-12-13 17:08 . 2014-06-12 23:34 754176 ----a-w- c:\windows\SysWow64\actxprxy.dll
2014-12-13 17:08 . 2014-06-05 17:56 112984 ----a-w- c:\windows\system32\consent.exe
2014-12-13 17:08 . 2014-05-29 22:24 576512 ----a-w- c:\windows\system32\drivers\afd.sys
2014-12-13 17:08 . 2014-06-06 14:06 596480 ----a-w- c:\windows\system32\qedit.dll
2014-12-13 17:08 . 2014-06-06 10:17 497152 ----a-w- c:\windows\SysWow64\qedit.dll
2014-12-13 17:08 . 2014-08-21 23:56 1418752 ----a-w- c:\windows\SysWow64\msxml3.dll
2014-12-13 17:08 . 2014-08-21 23:27 1845760 ----a-w- c:\windows\system32\msxml3.dll
2014-12-13 17:08 . 2014-10-23 12:47 79872 ----a-w- c:\windows\system32\packager.dll
2014-12-13 17:08 . 2014-10-23 11:04 68096 ----a-w- c:\windows\SysWow64\packager.dll
2014-12-13 17:06 . 2014-03-01 09:47 1258496 ----a-w- c:\windows\system32\kernel32.dll
2014-12-13 17:06 . 2014-03-01 09:47 1120768 ----a-w- c:\windows\system32\gpedit.dll
2014-12-13 17:06 . 2014-03-01 08:07 1075200 ----a-w- c:\windows\SysWow64\gpedit.dll
2014-12-13 17:06 . 2014-02-15 04:15 78336 ----a-w- c:\windows\system32\drivers\IPMIDrv.sys
2014-12-13 17:05 . 2014-05-29 04:04 94552 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2014-12-13 17:04 . 2014-08-09 08:29 144896 ----a-w- c:\windows\system32\tssdisai.dll
2014-12-13 17:04 . 2014-08-09 08:30 148480 ----a-w- c:\windows\system32\poqexec.exe
2014-12-13 16:01 . 2014-12-13 16:01 45112 ---ha-w- c:\windows\system32\drivers\Hamdrv.sys
2014-12-11 20:57 . 2014-12-19 20:58 -------- d-----w- c:\program files (x86)\Opera beta
2014-12-09 15:36 . 2014-12-09 15:37 -------- d-----w- c:\programdata\AVG2015
2014-12-09 15:36 . 2014-12-09 15:36 -------- d-----w- C:\$AVG
2014-12-09 15:36 . 2014-12-09 15:36 -------- d-----w- c:\program files (x86)\AVG
2014-12-09 15:34 . 2014-12-28 09:42 -------- d-----w- c:\programdata\MFAData
2014-12-08 22:41 . 2014-12-08 22:41 269992 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10248.bin
2014-12-01 05:34 . 2014-12-01 05:34 -------- d-----w- c:\users\Public\Foxit Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-28 17:54 . 2014-08-10 05:24 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-05 15:47 . 2013-03-10 06:24 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2014-11-27 15:40 . 2012-12-20 22:52 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-11-21 05:14 . 2014-08-10 05:24 64216 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-21 05:14 . 2014-08-10 05:24 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-21 05:14 . 2014-08-10 05:24 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-11 16:31 . 2012-12-20 19:11 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2014-11-06 05:35 . 2012-07-26 07:24 2207744 ----a-w- c:\windows\SysWow64\PrintConfig.dll
2014-10-29 20:35 . 2014-10-29 20:35 263960 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2014-10-19 03:00 . 2014-10-19 03:00 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-05 19:41 . 2014-10-05 19:41 124184 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-11-02 11:35 1727176 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-11-02 11:35 1727176 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-11-02 11:35 1727176 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2014-04-20 09:17 683200 ----a-w- c:\program files\Classic Shell\ClassicExplorer32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-02-26 642656]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"ADSK DLMSession"="c:\program files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe" [2013-02-01 1641368]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-09-26 271744]
"AVG_UI"="c:\program files (x86)\AVG\AVG2015\avgui.exe" [2014-11-09 3653136]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-12-13 3838800]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2011-4-29 276328]
Snagit 11.lnk - c:\program files (x86)\TechSmith\Snagit 11\Snagit32.exe [2012-9-7 9519544]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
R0 Avgboota;AVG Early Launch Anti-Malware Driver;c:\windows\system32\DRIVERS\avgboota.sys;c:\windows\SYSNATIVE\DRIVERS\avgboota.sys [x]
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
R2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64;c:\program files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [x]
R3 androidusb;ADB Interface Driver;c:\windows\System32\Drivers\androidusb.sys;c:\windows\SYSNATIVE\Drivers\androidusb.sys [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW86.sys;c:\windows\SYSNATIVE\drivers\AtihdW86.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 ghsdiagMDM;Handset Diagnostic Port;c:\windows\system32\DRIVERS\ghsdiagMDM.sys;c:\windows\SYSNATIVE\DRIVERS\ghsdiagMDM.sys [x]
R3 massfilter_hs;HS HandSet Mass Storage Filter Driver;c:\windows\System32\drivers\massfilter_hs.sys;c:\windows\SYSNATIVE\drivers\massfilter_hs.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
R3 zghsdiag;ZTE General Handset Diagnostic Port;c:\windows\system32\DRIVERS\zghsdiag.sys;c:\windows\SYSNATIVE\DRIVERS\zghsdiag.sys [x]
R3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\DRIVERS\zghsmdm.sys;c:\windows\SYSNATIVE\DRIVERS\zghsmdm.sys [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgwfpa;AVG Firewall Driver;c:\windows\system32\DRIVERS\avgwfpa.sys;c:\windows\SYSNATIVE\DRIVERS\avgwfpa.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S1 VD_FileDisk;VD_FileDisk; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe;c:\program files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-12 13:18 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-12-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-14 15:32]
.
2014-12-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-22 18:08]
.
2014-12-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-22 18:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-11-02 11:30 2331336 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-11-02 11:30 2331336 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-11-02 11:30 2331336 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2014-04-20 09:17 803520 ----a-w- c:\program files\Classic Shell\ClassicExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"Classic Start Menu"="c:\program files\Classic Shell\ClassicStartMenu.exe" [2014-04-20 161984]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.138
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: emclienttoolbar - {33369B62-D4CB-4E08-85A4-FD093C37AB1B} - c:\program files (x86)\eMClientToolbar\IEToolbar.dll
.
.
------- Asociace souborů -------
.
vbefile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*
vbsfile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %*
jsefile\shell\open2\command=c:\windows\System32\CScript.exe "%1" %*
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
Wow6432Node-HKCU-Run-AVG-Secure-Search-Update_1014av - c:\windows\system32\config\systemprofile\AppData\Roaming\Avg_Update_1014av\AVG-Secure-Search-Update_1014av.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-FL Studio - c:\program files (x86)\FL Studio\uninst.exe
AddRemove-Minecraft 1.6.4 + Funkcni CZ Multiplayer Server - c:\users\opopop\Uninstal.exe
AddRemove-{776AF05B-784A-416F-B14C-31A1FBAF8B19}_is1 - c:\users\opopop\AppData\Local\Mail.Ru\Cloud\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AIDA64Driver]
"ImagePath"="\??\c:\program files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe
c:\users\opopop\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files (x86)\TechSmith\Snagit 11\TSCHelp.exe
c:\program files (x86)\TechSmith\Snagit 11\SnagPriv.exe
c:\program files (x86)\TechSmith\Snagit 11\snagiteditor.exe
.
**************************************************************************
.
Celkový čas: 2014-12-28 18:56:26 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-12-28 17:56
.
Před spuštěním: 10 779 762 688 bytes free
Po spuštění: 10 301 894 656 bytes free
.
- - End Of File - - 11CF8131FFA5DB08DB6FDCBDA749A031
A36C5E4F47E84449FF07ED3517B43A31
Nahoru
Reklama
Top
Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod Orcus » 29 pro 2014 10:13

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený červeně:

ClearJavaCache::
KillAll::

File::
c:\windows\Tasks\

Folder::
c:\program files(x86)\Skype\Updater\

Driver::
SkypeUpdate

RegLock::
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.


Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.


- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu

Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.

====================================================

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Láska hřeje, ale uhlí je uhlí. :fire:


Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.
Nahoru
dantroj
nováček
Příspěvky: 8
Registrován: prosinec 14
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod dantroj » 29 pro 2014 13:57

ComboFix 14-12-25.01 - opopop . 12. 2014 13:35:57.2.3 - x64
Microsoft Windows 8 Enterprise 6.2.9200.0.1250.420.1029.18.4094.2396 [GMT 1:00]
Spuštěný z: c:\users\opopop\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\opopop\Desktop\CFScript.txt
AV: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-28 do 2014-12-29 )))))))))))))))))))))))))))))))
.
.
2014-12-29 12:41 . 2014-12-29 12:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-12-27 17:52 . 2014-12-27 17:52 -------- d-----w- c:\windows\SysWow64\IrfanView
2014-12-27 17:42 . 2014-12-27 17:42 -------- d-----w- c:\windows\SysWow64\%LOCALAPPDATA%
2014-12-27 17:42 . 2014-12-28 12:06 -------- d-----w- c:\windows\system32\%LOCALAPPDATA%
2014-12-27 16:50 . 2014-12-29 09:14 -------- d-----w- c:\users\op
2014-12-27 12:35 . 2014-12-27 12:19 24064 ----a-w- c:\windows\zoek-delete.exe
2014-12-26 18:17 . 2014-12-26 18:30 -------- d-----w- C:\zoek_backup
2014-12-26 16:45 . 2014-12-26 16:45 -------- d-s---w- c:\windows\system32\CompatTel
2014-12-26 16:45 . 2014-12-26 16:45 -------- d-----w- c:\windows\system32\appraiser
2014-12-26 15:57 . 2014-12-26 15:57 -------- d-----w- c:\program files\Classic Shell
2014-12-26 09:47 . 2014-12-26 18:08 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-12-26 09:47 . 2014-12-26 09:47 -------- d-----w- c:\programdata\RogueKiller
2014-12-26 09:34 . 2014-12-26 09:34 -------- d-----w- c:\windows\ERUNT
2014-12-23 17:45 . 2014-12-23 17:45 -------- d-----w- c:\windows\ServiceProfiles\LocalService\winhttp
2014-12-22 11:57 . 2014-12-22 12:47 -------- d-----w- c:\programdata\TrackMania
2014-12-20 12:06 . 2014-12-26 09:24 -------- d-----w- C:\AdwCleaner
2014-12-20 12:01 . 2014-12-20 12:01 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2014-12-18 18:47 . 2014-12-22 11:57 -------- d-----w- c:\program files (x86)\TmUnitedForever
2014-12-14 10:09 . 2014-11-26 21:11 714184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-14 10:09 . 2014-11-26 21:11 106440 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-13 17:54 . 2014-10-09 04:00 1484288 ----a-w- c:\windows\system32\VSSVC.exe
2014-12-13 17:54 . 2014-10-09 04:00 69632 ----a-w- c:\windows\system32\vsstrace.dll
2014-12-13 17:54 . 2014-10-09 04:00 1519104 ----a-w- c:\windows\system32\vssapi.dll
2014-12-13 17:54 . 2014-10-09 03:59 52224 ----a-w- c:\windows\SysWow64\vsstrace.dll
2014-12-13 17:54 . 2014-10-09 03:59 1195520 ----a-w- c:\windows\SysWow64\vssapi.dll
2014-12-13 17:38 . 2014-07-15 22:51 71168 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
2014-12-13 17:30 . 2014-06-10 22:44 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-12-13 17:30 . 2014-06-10 22:43 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-12-13 17:28 . 2014-01-27 03:39 1939288 ----a-w- c:\windows\system32\drivers\ntfs.sys
2014-12-13 17:28 . 2014-01-02 23:32 523264 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2014-12-13 17:28 . 2014-02-03 23:56 332632 ----a-w- c:\windows\system32\drivers\storport.sys
2014-12-13 17:28 . 2014-02-03 23:56 278872 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2014-12-13 17:28 . 2014-01-31 00:06 599040 ----a-w- c:\windows\system32\WSDApi.dll
2014-12-13 17:28 . 2014-01-02 23:35 365568 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2014-12-13 17:28 . 2014-01-31 00:48 485888 ----a-w- c:\windows\SysWow64\WSDApi.dll
2014-12-13 17:28 . 2014-01-15 23:42 118784 ----a-w- c:\windows\system32\drivers\dfsc.sys
2014-12-13 17:28 . 2014-02-01 06:55 41984 ----a-w- c:\windows\system32\fveskybackup.dll
2014-12-13 17:26 . 2014-07-24 03:33 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-12-13 17:26 . 2014-07-24 03:33 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-12-13 17:25 . 2014-07-31 23:40 1287680 ----a-w- c:\windows\system32\schedsvc.dll
2014-12-13 17:25 . 2014-06-05 01:12 678600 ----a-w- c:\windows\system32\msvcp120_clr0400.dll
2014-12-13 17:25 . 2014-06-03 23:12 536776 ----a-w- c:\windows\SysWow64\msvcp120_clr0400.dll
2014-12-13 17:25 . 2014-06-13 01:57 1453400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2014-12-13 17:25 . 2014-06-13 01:55 199680 ----a-w- c:\windows\system32\cdd.dll
2014-12-13 17:25 . 2014-03-24 23:42 305152 ----a-w- c:\windows\SysWow64\wusa.exe
2014-12-13 17:25 . 2014-03-24 22:56 309760 ----a-w- c:\windows\system32\wusa.exe
2014-12-13 17:23 . 2014-10-11 07:44 19764736 ----a-w- c:\windows\system32\shell32.dll
2014-12-13 17:18 . 2014-07-07 05:51 5982208 ----a-w- c:\windows\system32\mstscax.dll
2014-12-13 17:14 . 2014-10-01 23:05 4068864 ----a-w- c:\windows\system32\win32k.sys
2014-12-13 17:14 . 2014-10-18 08:44 778240 ----a-w- c:\windows\system32\oleaut32.dll
2014-12-13 17:14 . 2014-10-18 07:05 567808 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-12-13 17:11 . 2014-04-29 22:32 126464 ----a-w- c:\windows\system32\Robocopy.exe
2014-12-13 17:10 . 2014-07-15 23:03 1300992 ----a-w- c:\windows\system32\gdi32.dll
2014-12-13 17:10 . 2014-07-12 02:36 1023488 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-12-13 17:10 . 2014-09-24 23:29 318976 ----a-w- c:\windows\SysWow64\schannel.dll
2014-12-13 17:10 . 2014-09-24 23:01 414208 ----a-w- c:\windows\system32\schannel.dll
2014-12-13 17:10 . 2014-09-24 23:29 72192 ----a-w- c:\windows\SysWow64\ncryptsslp.dll
2014-12-13 17:10 . 2014-09-24 23:01 86528 ----a-w- c:\windows\system32\ncryptsslp.dll
2014-12-13 17:08 . 2014-06-12 23:29 2146304 ----a-w- c:\windows\system32\actxprxy.dll
2014-12-13 17:08 . 2014-06-12 23:34 754176 ----a-w- c:\windows\SysWow64\actxprxy.dll
2014-12-13 17:08 . 2014-06-05 17:56 112984 ----a-w- c:\windows\system32\consent.exe
2014-12-13 17:08 . 2014-05-29 22:24 576512 ----a-w- c:\windows\system32\drivers\afd.sys
2014-12-13 17:08 . 2014-06-06 14:06 596480 ----a-w- c:\windows\system32\qedit.dll
2014-12-13 17:08 . 2014-06-06 10:17 497152 ----a-w- c:\windows\SysWow64\qedit.dll
2014-12-13 17:08 . 2014-08-21 23:56 1418752 ----a-w- c:\windows\SysWow64\msxml3.dll
2014-12-13 17:08 . 2014-08-21 23:27 1845760 ----a-w- c:\windows\system32\msxml3.dll
2014-12-13 17:08 . 2014-10-23 12:47 79872 ----a-w- c:\windows\system32\packager.dll
2014-12-13 17:08 . 2014-10-23 11:04 68096 ----a-w- c:\windows\SysWow64\packager.dll
2014-12-13 17:06 . 2014-03-01 09:47 1258496 ----a-w- c:\windows\system32\kernel32.dll
2014-12-13 17:06 . 2014-03-01 09:47 1120768 ----a-w- c:\windows\system32\gpedit.dll
2014-12-13 17:06 . 2014-03-01 08:07 1075200 ----a-w- c:\windows\SysWow64\gpedit.dll
2014-12-13 17:06 . 2014-02-15 04:15 78336 ----a-w- c:\windows\system32\drivers\IPMIDrv.sys
2014-12-13 17:05 . 2014-05-29 04:04 94552 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2014-12-13 17:04 . 2014-08-09 08:29 144896 ----a-w- c:\windows\system32\tssdisai.dll
2014-12-13 17:04 . 2014-08-09 08:30 148480 ----a-w- c:\windows\system32\poqexec.exe
2014-12-13 16:01 . 2014-12-13 16:01 45112 ---ha-w- c:\windows\system32\drivers\Hamdrv.sys
2014-12-11 20:57 . 2014-12-19 20:58 -------- d-----w- c:\program files (x86)\Opera beta
2014-12-09 15:36 . 2014-12-09 15:37 -------- d-----w- c:\programdata\AVG2015
2014-12-09 15:36 . 2014-12-09 15:36 -------- d-----w- C:\$AVG
2014-12-09 15:36 . 2014-12-09 15:36 -------- d-----w- c:\program files (x86)\AVG
2014-12-09 15:34 . 2014-12-29 08:49 -------- d-----w- c:\programdata\MFAData
2014-12-08 22:41 . 2014-12-08 22:41 269992 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10248.bin
2014-12-01 05:34 . 2014-12-01 05:34 -------- d-----w- c:\users\Public\Foxit Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-29 12:42 . 2014-08-10 05:24 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-05 15:47 . 2013-03-10 06:24 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2014-11-27 15:40 . 2012-12-20 22:52 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-11-21 05:14 . 2014-08-10 05:24 64216 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-21 05:14 . 2014-08-10 05:24 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-21 05:14 . 2014-08-10 05:24 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-11 16:31 . 2012-12-20 19:11 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2014-11-06 05:35 . 2012-07-26 07:24 2207744 ----a-w- c:\windows\SysWow64\PrintConfig.dll
2014-10-29 20:35 . 2014-10-29 20:35 263960 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2014-10-19 03:00 . 2014-10-19 03:00 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-05 19:41 . 2014-10-05 19:41 124184 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-11-02 11:35 1727176 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-11-02 11:35 1727176 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-11-02 11:35 1727176 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2014-04-20 09:17 683200 ----a-w- c:\program files\Classic Shell\ClassicExplorer32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-02-26 642656]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"ADSK DLMSession"="c:\program files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe" [2013-02-01 1641368]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-09-26 271744]
"AVG_UI"="c:\program files (x86)\AVG\AVG2015\avgui.exe" [2014-11-09 3653136]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-12-13 3838800]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2011-4-29 276328]
Snagit 11.lnk - c:\program files (x86)\TechSmith\Snagit 11\Snagit32.exe [2012-9-7 9519544]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
R0 Avgboota;AVG Early Launch Anti-Malware Driver;c:\windows\system32\DRIVERS\avgboota.sys;c:\windows\SYSNATIVE\DRIVERS\avgboota.sys [x]
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
R2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64;c:\program files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [x]
R3 androidusb;ADB Interface Driver;c:\windows\System32\Drivers\androidusb.sys;c:\windows\SYSNATIVE\Drivers\androidusb.sys [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW86.sys;c:\windows\SYSNATIVE\drivers\AtihdW86.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 ghsdiagMDM;Handset Diagnostic Port;c:\windows\system32\DRIVERS\ghsdiagMDM.sys;c:\windows\SYSNATIVE\DRIVERS\ghsdiagMDM.sys [x]
R3 massfilter_hs;HS HandSet Mass Storage Filter Driver;c:\windows\System32\drivers\massfilter_hs.sys;c:\windows\SYSNATIVE\drivers\massfilter_hs.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
R3 zghsdiag;ZTE General Handset Diagnostic Port;c:\windows\system32\DRIVERS\zghsdiag.sys;c:\windows\SYSNATIVE\DRIVERS\zghsdiag.sys [x]
R3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\DRIVERS\zghsmdm.sys;c:\windows\SYSNATIVE\DRIVERS\zghsmdm.sys [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgwfpa;AVG Firewall Driver;c:\windows\system32\DRIVERS\avgwfpa.sys;c:\windows\SYSNATIVE\DRIVERS\avgwfpa.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S1 VD_FileDisk;VD_FileDisk; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe;c:\program files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-12 13:18 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-12-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-14 15:32]
.
2014-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-22 18:08]
.
2014-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-22 18:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-11-02 11:30 2331336 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-11-02 11:30 2331336 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-11-02 11:30 2331336 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2014-04-20 09:17 803520 ----a-w- c:\program files\Classic Shell\ClassicExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"Classic Start Menu"="c:\program files\Classic Shell\ClassicStartMenu.exe" [2014-04-20 161984]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.138
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: emclienttoolbar - {33369B62-D4CB-4E08-85A4-FD093C37AB1B} - c:\program files (x86)\eMClientToolbar\IEToolbar.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-FL Studio - c:\program files (x86)\FL Studio\uninst.exe
AddRemove-Minecraft 1.6.4 + Funkcni CZ Multiplayer Server - c:\users\opopop\Uninstal.exe
AddRemove-{776AF05B-784A-416F-B14C-31A1FBAF8B19}_is1 - c:\users\opopop\AppData\Local\Mail.Ru\Cloud\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AIDA64Driver]
"ImagePath"="\??\c:\program files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe
c:\program files (x86)\TechSmith\Snagit 11\TSCHelp.exe
c:\program files (x86)\TechSmith\Snagit 11\SnagPriv.exe
c:\program files (x86)\TechSmith\Snagit 11\snagiteditor.exe
.
**************************************************************************
.
Celkový čas: 2014-12-29 13:45:23 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-12-29 12:45
ComboFix2.txt 2014-12-28 17:56
.
Před spuštěním: 17 897 377 792 bytes free
Po spuštění: 17 545 551 872 bytes free
.
- - End Of File - - 9702DB6755C75C0C0EDE03A31D844D04
A36C5E4F47E84449FF07ED3517B43A31



aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2014-12-29 13:49:03
-----------------------------
13:49:03.788 OS Version: Windows x64 6.2.9200
13:49:03.788 Number of processors: 3 586 0x402
13:49:03.789 ComputerName: PC UserName:
13:49:04.137 Initialize success
13:49:04.204 VM: initialized successfully
13:49:04.204 VM: Amd CPU BiosDisabled
13:49:20.689 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T1L0-1
13:49:20.691 Disk 0 Vendor: M4-CT128M4SSD2 040H Size: 122104MB BusType: 3
13:49:20.692 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-6
13:49:20.694 Disk 1 Vendor: WDC_WD6401AALS-00L3B2 01.03B01 Size: 610479MB BusType: 3
13:49:20.700 Disk 0 MBR read successfully
13:49:20.701 Disk 0 MBR scan
13:49:20.702 Disk 0 Windows 7 default MBR code
13:49:20.704 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 122102 MB offset 2048
13:49:20.711 Disk 0 scanning C:\Windows\system32\drivers
13:49:21.811 Service scanning
13:49:24.937 Modules scanning
13:49:24.952 Disk 0 trace - called modules:
13:49:24.965 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys hal.dll PCIIDEX.SYS atapi.sys
13:49:24.977 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004613060]
13:49:24.986 3 CLASSPNP.SYS[fffff88000b60e0a] -> nt!IofCallDriver -> [0xfffffa8003bff9b0]
13:49:24.994 5 ACPI.sys[fffff88001120a91] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T1L0-1[0xfffffa8003eae600]
13:49:25.003 Disk 0 statistics 114475/0/0 @ 87,75 MB/s
13:49:25.011 Scan finished successfully
13:51:03.307 Disk 0 MBR has been saved successfully to "C:\Users\opopop\Desktop\MBR.dat"
13:51:03.310 The log file has been saved successfully to "C:\Users\opopop\Desktop\aswMBR.txt"


aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2014-12-29 13:52:30
-----------------------------
13:52:30.478 OS Version: Windows x64 6.2.9200
13:52:30.478 Number of processors: 3 586 0x402
13:52:30.479 ComputerName: PC UserName:
13:52:30.710 Initialze error C000010E - driver not loaded
13:52:30.728 write error "aswCmnB.dll". Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
13:52:35.964 Service scanning
13:52:39.030 Modules scanning
13:52:39.032 Disk 0 trace - called modules:
13:52:39.033
13:52:39.034 Scan finished successfully
13:52:47.950 The log file has been saved successfully to "C:\Users\opopop\Desktop\aswMBR.txt"


aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2014-12-29 13:55:04
-----------------------------
13:55:04.900 OS Version: Windows x64 6.2.9200
13:55:04.900 Number of processors: 3 586 0x402
13:55:04.900 ComputerName: PC UserName:
13:55:05.114 Initialize success
13:55:05.116 VM: initialized successfully
13:55:05.117 VM: Amd CPU BiosDisabled
13:55:14.928 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T1L0-1
13:55:14.930 Disk 0 Vendor: M4-CT128M4SSD2 040H Size: 122104MB BusType: 3
13:55:14.931 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-6
13:55:14.933 Disk 1 Vendor: WDC_WD6401AALS-00L3B2 01.03B01 Size: 610479MB BusType: 3
13:55:14.939 Disk 0 MBR read successfully
13:55:14.941 Disk 0 MBR scan
13:55:14.943 Disk 0 Windows 7 default MBR code
13:55:14.944 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 122102 MB offset 2048
13:55:14.951 Disk 0 scanning C:\Windows\system32\drivers
13:55:15.878 Service scanning
13:55:18.926 Modules scanning
13:55:18.930 Disk 0 trace - called modules:
13:55:18.935 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys hal.dll PCIIDEX.SYS atapi.sys
13:55:18.938 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004613060]
13:55:18.941 3 CLASSPNP.SYS[fffff88000b60e0a] -> nt!IofCallDriver -> [0xfffffa8003bff9b0]
13:55:18.944 5 ACPI.sys[fffff88001120a91] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T1L0-1[0xfffffa8003eae600]
13:55:18.947 Disk 0 statistics 114475/0/0 @ 81,24 MB/s
13:55:18.949 Scan finished successfully
13:55:29.730 Disk 0 MBR has been saved successfully to "C:\Users\opopop\Desktop\MBR.dat"
13:55:29.733 The log file has been saved successfully to "C:\Users\opopop\Desktop\aswMBR.txt"
Nahoru
Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu

Příspěvekod Orcus » 29 pro 2014 18:22

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

====================================================

Vyčisti systém CCleanerem

====================================================

Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt

Co problémy? + nový log z HJT
Láska hřeje, ale uhlí je uhlí. :fire:


Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.
Nahoru
Odpovědět

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 2 hosti