Zasekaný ntb HP 635 Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Zamčeno
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Zasekaný ntb HP 635

Příspěvekod memphisto » 29 srp 2013 15:57

Dej to sem a rozděl na více odpovědí
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Nahoru
Reklama
Top
Uživatelský avatar
MrAnnix99
Level 3.5
Level 3.5
Příspěvky: 935
Registrován: únor 13
Pohlaví: Muž
Stav:
Offline

Re: Zasekaný ntb HP 635

Příspěvekod MrAnnix99 » 29 srp 2013 17:56

Mě to píše, že málo znaků.. nechápu, co s tím je.
Žádný učenec z nebe nespadl, ale blbce jako by shazovali.

CPU: Intel Xeon E5450 @ 3.0 Ghz
GPU: Sapphire Radeon RX 570 Pulse 4GB
MB: MICRO-STAR INTERNATIONAL CO.,LTD MS-7395
RAM: 8,00GB Dual-Channel DDR2
Nahoru
guest
Pohlaví: Nespecifikováno

Re: Zasekaný ntb HP 635

Příspěvekod guest » 29 srp 2013 18:07

Ne píše to že je to mnoho znaků. Musíš to rozdělit a dát po dílech.
Nahoru
Uživatelský avatar
MrAnnix99
Level 3.5
Level 3.5
Příspěvky: 935
Registrován: únor 13
Pohlaví: Muž
Stav:
Offline

Re: Zasekaný ntb HP 635

Příspěvekod MrAnnix99 » 30 srp 2013 09:44

Jak to mám dát, když to má přes 5000 znaků? Poslal jsem vám link to vám musí stačit.
Žádný učenec z nebe nespadl, ale blbce jako by shazovali.

CPU: Intel Xeon E5450 @ 3.0 Ghz
GPU: Sapphire Radeon RX 570 Pulse 4GB
MB: MICRO-STAR INTERNATIONAL CO.,LTD MS-7395
RAM: 8,00GB Dual-Channel DDR2
Nahoru
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Zasekaný ntb HP 635

Příspěvekod memphisto » 30 srp 2013 13:23

To neumíš rozdělít ten log na dvě části a prostě to poslat jako 2 odpovědi?
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Nahoru
Uživatelský avatar
MrAnnix99
Level 3.5
Level 3.5
Příspěvky: 935
Registrován: únor 13
Pohlaví: Muž
Stav:
Offline

Re: Zasekaný ntb HP 635

Příspěvekod MrAnnix99 » 30 srp 2013 21:31

Když to má tolik znaků?
Žádný učenec z nebe nespadl, ale blbce jako by shazovali.

CPU: Intel Xeon E5450 @ 3.0 Ghz
GPU: Sapphire Radeon RX 570 Pulse 4GB
MB: MICRO-STAR INTERNATIONAL CO.,LTD MS-7395
RAM: 8,00GB Dual-Channel DDR2
Nahoru
Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: Zasekaný ntb HP 635

Příspěvekod Žbeky » 31 srp 2013 08:50

Posles prvni pulku, potom druhou pulku...

Odesláno z mého Galaxy Nexus pomocí Tapatalk 4
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Nahoru
Uživatelský avatar
MrAnnix99
Level 3.5
Level 3.5
Příspěvky: 935
Registrován: únor 13
Pohlaví: Muž
Stav:
Offline

Re: Zasekaný ntb HP 635

Příspěvekod MrAnnix99 » 01 zář 2013 10:14

ComboFix 13-08-31.01 - JAKUB 01.09.2013 9:46.6.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3835.2632 [GMT 2:00]
Spuštěný z: c:\users\JAKUB\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-01 do 2013-09-01 )))))))))))))))))))))))))))))))
.
.
2013-09-01 07:58 . 2013-09-01 07:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-31 12:36 . 2013-08-31 12:36 -------- d-----w- c:\program files (x86)\20Dollars2Surf
2013-08-31 12:34 . 2013-08-31 12:34 -------- d-----w- c:\programdata\Rublik
2013-08-31 12:33 . 2013-08-31 12:34 -------- d-----w- c:\users\JAKUB\AppData\Roaming\Rublik
2013-08-31 12:33 . 2013-08-31 12:44 -------- d-----w- c:\program files (x86)\Rublik
2013-08-31 07:58 . 2013-08-31 07:58 -------- d-----w- c:\windows\San Andreas Mod Installer
2013-08-30 14:40 . 2011-12-28 04:15 54600 ----a-w- c:\windows\system32\ftserui2.dll
2013-08-30 14:40 . 2011-12-28 04:14 84808 ----a-w- c:\windows\system32\drivers\ftser2k.sys
2013-08-30 14:36 . 2011-12-28 04:14 69192 ----a-w- c:\windows\system32\drivers\ftdibus.sys
2013-08-30 14:36 . 2011-12-28 04:14 330056 ----a-w- c:\windows\system32\ftd2xx.dll
2013-08-30 14:36 . 2011-12-28 04:14 206144 ----a-w- c:\windows\SysWow64\ftd2xx.dll
2013-08-30 14:36 . 2011-12-28 04:14 143688 ----a-w- c:\windows\system32\ftbusui.dll
2013-08-29 14:41 . 2013-08-29 14:42 -------- d-----w- c:\users\JAKUB\AppData\Roaming\ICQ-Profile
2013-08-29 14:41 . 2013-08-29 14:41 -------- d-----w- c:\program files (x86)\ICQM
2013-08-28 07:15 . 2013-08-28 07:15 -------- d-----w- c:\program files (x86)\GPS-Navigace-Sygic-Aura-V11.2.6-Android-CZ-pln-verze
2013-08-27 17:42 . 2013-08-29 13:32 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2013-08-26 15:59 . 2013-08-28 12:23 -------- d-----w- c:\program files (x86)\ESET
2013-08-25 17:35 . 2013-08-26 16:02 -------- d-----w- c:\program files (x86)\FreeHDSport TV
2013-08-25 17:34 . 2013-08-28 17:09 -------- d-----w- c:\program files (x86)\FreeHDSport.TV
2013-08-25 17:34 . 2013-08-25 17:40 -------- d-----w- c:\program files (x86)\LSHunter.TV
2013-08-25 16:47 . 2013-08-25 16:46 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-25 16:16 . 2013-08-29 08:08 -------- d-----w- C:\AdwCleaner
2013-08-24 14:58 . 2013-08-24 16:51 -------- d-----w- c:\users\JAKUB\AppData\Roaming\ScanMaster-ELM
2013-08-24 14:50 . 2013-08-24 14:50 -------- d-----w- c:\program files (x86)\Silabs
2013-08-24 14:40 . 2013-08-24 14:40 -------- d-----w- C:\SiLabs
2013-08-24 14:31 . 2013-08-24 17:12 -------- d-----w- c:\program files (x86)\OBD2Spy
2013-08-24 14:31 . 2013-08-24 14:31 286720 ------w- c:\windows\Setup1.exe
2013-08-24 14:31 . 2013-08-24 14:31 73216 ----a-w- c:\windows\ST6UNST.EXE
2013-08-24 07:03 . 2013-08-31 12:56 -------- d-----w- c:\users\JAKUB\AppData\Local\Deployment
2013-08-22 06:06 . 2013-08-22 06:06 -------- d-----w- c:\program files (x86)\MonkeyDragon Mods
2013-08-21 13:55 . 2013-08-21 13:55 17737608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-08-21 08:50 . 2013-08-21 08:50 -------- d-----w- c:\program files (x86)\NHL 09
2013-08-20 16:19 . 2013-08-20 16:19 -------- d-----w- c:\users\JAKUB\AppData\Roaming\ATI
2013-08-20 13:48 . 2013-08-21 10:46 -------- d--h--w- c:\windows\msdownld.tmp
2013-08-18 07:27 . 2013-08-18 07:27 -------- d-----w- c:\users\JAKUB\AppData\Roaming\skyz
2013-08-18 07:25 . 2013-08-18 07:25 -------- d-----w- C:\Minecraft_Backup
2013-08-18 06:51 . 2013-08-18 06:51 -------- d-----w- c:\users\JAKUB\AppData\Local\Apple
2013-08-16 09:01 . 2013-08-16 09:01 -------- d--h--r- c:\users\JAKUB\AppData\Roaming\SecuROM
2013-08-16 07:41 . 2013-08-16 07:41 -------- d-----w- c:\users\JAKUB\AppData\Roaming\Milestone
2013-08-15 11:14 . 2013-08-16 08:17 -------- d-----w- c:\users\JAKUB\AppData\Local\PAYDAY 2
2013-08-15 10:25 . 2013-08-16 08:43 -------- d-----w- c:\program files (x86)\PAYDAY 2
2013-08-15 10:25 . 2013-08-15 10:25 -------- d-----w- c:\users\JAKUB\AppData\Local\Programs
2013-08-14 09:11 . 2013-08-14 09:11 4774272 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-08-14 09:11 . 2013-08-14 09:11 4774272 ----a-w- c:\program files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-08-13 17:38 . 2013-08-13 17:41 -------- d-----w- c:\users\JAKUB\AppData\Local\EgisTec
2013-08-13 09:18 . 2013-08-13 09:18 -------- d-----w- c:\users\JAKUB\AppData\Local\EgisTec IPS
2013-08-13 09:13 . 2013-08-13 09:13 -------- d-----w- c:\program files (x86)\Mafia 2 Multiplayer
2013-08-13 09:13 . 2013-08-13 17:39 -------- d--h--w- c:\programdata\EgisTec
2013-08-12 19:05 . 2013-08-15 07:40 -------- d-----w- c:\program files (x86)\PC Locker Pro
2013-08-12 18:55 . 2013-09-01 08:01 -------- d-----w- c:\programdata\PDFC
2013-08-12 08:24 . 2013-08-12 08:24 -------- d-----w- c:\users\JAKUB\AppData\Roaming\Ubisoft
2013-08-12 07:22 . 2013-08-12 07:22 -------- d-----w- c:\programdata\GlarySoft
2013-08-12 07:19 . 2013-08-12 07:19 -------- d-----w- c:\users\JAKUB\AppData\Roaming\Mirillis
2013-08-07 07:46 . 2013-08-21 11:02 -------- d-----w- c:\users\JAKUB\AppData\Local\EA Games
2013-08-06 11:23 . 2013-08-12 07:35 -------- d-----w- c:\users\JAKUB\AppData\Local\iWesoft
2013-08-05 19:03 . 2013-08-05 19:03 -------- d-----w- c:\users\JAKUB\AppData\Local\Ubisoft
2013-08-05 19:03 . 2013-08-05 19:03 -------- d-----w- c:\windows\SysWow64\wbem\Logs
2013-08-05 19:02 . 2008-07-12 06:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2013-08-05 19:02 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2013-08-05 19:02 . 2008-07-12 06:18 540688 ----a-w- c:\windows\system32\d3dx10_39.dll
2013-08-05 19:02 . 2008-07-12 06:18 1942552 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2013-08-05 19:02 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2013-08-05 19:02 . 2008-07-12 06:18 4992520 ----a-w- c:\windows\system32\D3DX9_39.dll
2013-08-05 19:01 . 2013-08-05 19:01 -------- d-----w- c:\users\Public\Ubisoft
2013-08-05 19:01 . 2013-08-05 19:01 -------- d-----w- c:\programdata\InstallShield
2013-08-05 18:41 . 2007-04-27 08:12 78784 ----a-w- c:\windows\SysWow64\ISUSPM.cpl
2013-08-05 18:41 . 2006-09-10 19:56 218032 ----a-w- c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
2013-08-05 18:41 . 2007-04-27 08:12 394184 ----a-w- c:\program files (x86)\Common Files\InstallShield\UpdateService\_isusres.dll
2013-08-05 18:41 . 2007-04-27 08:12 29640 ----a-w- c:\program files (x86)\Common Files\InstallShield\UpdateService\_ispmres.dll
2013-08-05 18:41 . 2006-09-10 19:56 86960 ----a-w- c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe
2013-08-05 18:41 . 2006-09-10 19:56 992176 ----a-w- c:\program files (x86)\Common Files\InstallShield\UpdateService\agent.exe
2013-08-05 18:41 . 2006-09-10 19:56 283568 ----a-w- c:\program files (x86)\Common Files\InstallShield\UpdateService\ISDM.exe
2013-08-03 18:05 . 2013-08-03 18:05 -------- d-----w- c:\users\JAKUB\AppData\Roaming\JAM Software
2013-08-03 18:05 . 2013-08-03 18:05 -------- d-----w- c:\program files (x86)\JAM Software
2013-08-02 19:53 . 2012-10-24 23:55 439296 ----a-w- c:\windows\system32\athihvs.dll
2013-08-02 19:52 . 2013-08-02 19:54 -------- d-----w- c:\programdata\Qualcomm Atheros
2013-08-02 19:48 . 2000-01-01 00:00 56448 ----a-w- c:\windows\system32\drivers\usbfilter.sys
2013-08-02 19:48 . 2000-01-01 00:00 82560 ----a-w- c:\windows\system32\drivers\amd_sata.sys
2013-08-02 19:48 . 2000-01-01 00:00 42624 ----a-w- c:\windows\system32\drivers\amd_xata.sys
2013-08-02 19:48 . 2000-01-01 00:00 16552 ----a-w- c:\windows\system32\drivers\AtiPcie64.sys
2013-08-02 19:45 . 2000-01-01 00:00 96896 ----a-w- c:\windows\system32\drivers\AtihdW76.sys
2013-08-02 19:23 . 2000-01-01 00:00 1560168 ----a-w- c:\windows\system32\RTSnMg64.cpl
2013-08-02 19:23 . 2000-01-01 00:00 2674320 ----a-w- c:\windows\system32\RtPgEx64.dll
2013-08-02 19:23 . 2000-01-01 00:00 331880 ----a-w- c:\windows\system32\RtlCPAPI64.dll
2013-08-02 19:23 . 2000-01-01 00:00 4065296 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2013-08-02 19:23 . 2000-01-01 00:00 14952 ----a-w- c:\windows\system32\RtkCoLDR64.dll
2013-08-02 19:23 . 2000-01-01 00:00 3615888 ----a-w- c:\windows\system32\RtkAPO64.dll
2013-08-02 19:23 . 2000-01-01 00:00 869520 ----a-w- c:\windows\system32\RtkApi64.dll
2013-08-02 19:23 . 2000-01-01 00:00 1262696 ----a-w- c:\windows\system32\RTCOM64.dll
2013-08-02 19:23 . 2000-01-01 00:00 105616 ----a-w- c:\windows\system32\RCoInstII64.dll
2013-08-02 19:22 . 2000-01-01 00:00 202336 ----a-w- c:\windows\system32\AERTAC64.dll
2013-08-02 19:22 . 2000-01-01 00:00 108640 ----a-w- c:\windows\system32\AERTAR64.dll
2013-08-02 19:21 . 2013-08-02 19:24 -------- d-----w- c:\windows\SysWow64\RTCOM
2013-08-02 19:05 . 2000-01-01 00:00 9888912 ----a-w- c:\windows\SysWow64\RtsPStorIcon.dll
2013-08-02 19:05 . 2000-01-01 00:00 339600 ----a-w- c:\windows\system32\drivers\RtsPStor.sys
2013-08-02 18:29 . 2013-09-01 08:02 16152 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2013-08-02 18:29 . 2013-08-02 18:29 -------- d-----w- c:\users\JAKUB\AppData\Local\SlimWare Utilities Inc
2013-08-02 18:29 . 2013-08-02 18:29 -------- d-----w- c:\program files (x86)\SlimDrivers
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-01 07:59 . 2013-07-01 08:44 29 ----a-w- c:\windows\SysWow64\TempWmicBatchFile.bat
2013-08-25 16:46 . 2013-04-29 17:23 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-08-25 16:46 . 2011-08-03 09:50 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-08-21 13:55 . 2013-02-19 17:35 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-21 13:55 . 2013-02-19 17:35 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-20 08:46 . 2013-07-20 08:46 19138 ----a-w- C:\64to32Sidebar.zip
2013-07-19 17:10 . 2013-07-02 09:21 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2013-07-19 17:10 . 2013-07-02 09:19 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-07-15 01:34 . 2013-07-25 16:58 9460976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1E892985-19D2-46F0-B3FC-97E66B7E8369}\mpengine.dll
2013-07-05 11:36 . 2013-07-01 15:56 106224 ----a-w- c:\windows\SysWow64\drivers\GRD.sys
2013-07-03 06:41 . 2013-07-02 19:40 290776 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-07-03 06:41 . 2013-03-16 10:45 290776 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-07-03 06:30 . 2013-03-16 10:45 281288 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-07-02 19:34 . 2013-03-16 10:45 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-07-02 09:21 . 2013-07-02 09:21 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2013-07-02 09:21 . 2013-07-02 09:21 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-07-01 15:52 . 2013-07-01 15:52 48584 ----a-w- c:\windows\system32\drivers\gdwfpcd64.sys
2013-07-01 08:59 . 2013-07-01 08:59 603136 ----a-w- c:\windows\system32\msfeeds.dll
2013-07-01 08:59 . 2013-07-01 08:59 89600 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-07-01 08:59 . 2013-07-01 08:59 855552 ----a-w- c:\windows\system32\jscript.dll
2013-07-01 08:59 . 2013-07-01 08:59 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-07-01 08:59 . 2013-07-01 08:59 67072 ----a-w- c:\windows\system32\iesetup.dll
2013-07-01 08:59 . 2013-07-01 08:59 61440 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-07-01 08:59 . 2013-07-01 08:59 53248 ----a-w- c:\windows\system32\jsproxy.dll
2013-07-01 08:59 . 2013-07-01 08:59 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2013-07-01 08:59 . 2013-07-01 08:59 39936 ----a-w- c:\windows\system32\iernonce.dll
2013-07-01 08:59 . 2013-07-01 08:59 3958784 ----a-w- c:\windows\system32\jscript9.dll
2013-07-01 08:59 . 2013-07-01 08:59 2877440 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-07-01 08:59 . 2013-07-01 08:59 2241024 ----a-w- c:\windows\system32\wininet.dll
2013-07-01 08:59 . 2013-07-01 08:59 1767936 ----a-w- c:\windows\SysWow64\wininet.dll
2013-07-01 08:59 . 2013-07-01 08:59 136704 ----a-w- c:\windows\system32\iesysprep.dll
2013-07-01 08:59 . 2013-07-01 08:59 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-07-01 08:57 . 2013-07-01 08:57 526336 ----a-w- c:\windows\system32\ieui.dll
2013-07-01 08:57 . 2013-07-01 08:57 15404544 ----a-w- c:\windows\system32\ieframe.dll
2013-07-01 08:57 . 2013-07-01 08:57 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-07-01 08:57 . 2013-07-01 08:57 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-07-01 08:57 . 2013-07-01 08:57 2648064 ----a-w- c:\windows\system32\iertutil.dll
2013-07-01 08:57 . 2013-07-01 08:57 19233792 ----a-w- c:\windows\system32\mshtml.dll
2013-07-01 08:57 . 2013-07-01 08:57 1365504 ----a-w- c:\windows\system32\urlmon.dll
2013-07-01 08:45 . 2013-07-01 08:45 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-07-01 08:44 . 2013-07-01 08:44 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-07-01 08:44 . 2013-07-01 08:44 492544 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-07-01 08:44 . 2013-07-01 08:44 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-07-01 08:44 . 2013-07-01 08:44 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-07-01 08:43 . 2013-07-01 08:43 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-07-01 08:43 . 2013-07-01 08:43 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-07-01 08:43 . 2013-07-01 08:43 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-07-01 08:43 . 2013-07-01 08:43 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-07-01 08:42 . 2013-07-01 08:42 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-07-01 08:42 . 2013-07-01 08:42 52224 ----a-w- c:\windows\system32\certenc.dll
2013-07-01 08:42 . 2013-07-01 08:42 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-07-01 08:42 . 2013-07-01 08:42 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-01 08:42 . 2013-07-01 08:42 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-07-01 08:42 . 2013-07-01 08:42 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-07-01 08:42 . 2013-07-01 08:42 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-01 08:42 . 2013-07-01 08:42 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-07-01 08:42 . 2013-07-01 08:42 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-01 08:42 . 2013-07-01 08:42 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-07-01 08:40 . 2013-07-01 08:40 3174912 ----a-w- c:\windows\system32\rdpcorets.dll
2013-07-01 08:40 . 2013-07-01 08:40 243200 ----a-w- c:\windows\system32\rdpudd.dll
2013-07-01 08:40 . 2013-07-01 08:40 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2013-07-01 08:40 . 2013-07-01 08:40 62976 ----a-w- c:\windows\system32\TSWbPrxy.exe
2013-07-01 08:40 . 2013-07-01 08:40 54272 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2013-07-01 08:40 . 2013-07-01 08:40 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2013-07-01 08:40 . 2013-07-01 08:40 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2013-07-01 08:40 . 2013-07-01 08:40 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2013-07-01 08:40 . 2013-07-01 08:40 1048064 ----a-w- c:\windows\SysWow64\mstsc.exe
2013-07-01 08:40 . 2013-07-01 08:40 1123840 ----a-w- c:\windows\system32\mstsc.exe
2013-07-01 08:40 . 2013-07-01 08:40 37376 ----a-w- c:\windows\SysWow64\tsgqec.dll
2013-07-01 08:40 . 2013-07-01 08:40 269312 ----a-w- c:\windows\SysWow64\aaclient.dll
2013-07-01 08:40 . 2013-07-01 08:40 4916224 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-07-01 08:40 . 2013-07-01 08:40 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2013-07-01 08:40 . 2013-07-01 08:40 5773824 ----a-w- c:\windows\system32\mstscax.dll
2013-07-01 08:40 . 2013-07-01 08:40 46592 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll
2013-07-01 08:40 . 2013-07-01 08:40 44032 ----a-w- c:\windows\system32\tsgqec.dll
2013-07-01 08:40 . 2013-07-01 08:40 43520 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2013-07-01 08:40 . 2013-07-01 08:40 384000 ----a-w- c:\windows\system32\wksprt.exe
2013-07-01 08:40 . 2013-07-01 08:40 322560 ----a-w- c:\windows\system32\aaclient.dll
2013-07-01 08:40 . 2013-07-01 08:40 16896 ----a-w- c:\windows\SysWow64\wksprtPS.dll
2013-07-01 08:40 . 2013-07-01 08:40 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-07-01 08:40 . 2013-07-01 08:40 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-07-01 08:40 . 2013-07-01 08:40 18432 ----a-w- c:\windows\system32\wksprtPS.dll
2013-07-01 08:40 . 2013-07-01 08:40 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2013-07-01 08:38 . 2013-07-01 08:38 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-07-01 08:38 . 2013-07-01 08:38 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2013-07-01 08:38 . 2013-07-01 08:38 340992 ----a-w- c:\windows\system32\schannel.dll
2013-07-01 08:38 . 2013-07-01 08:38 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-07-01 08:38 . 2013-07-01 08:38 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-07-01 08:38 . 2013-07-01 08:38 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-07-01 08:38 . 2013-07-01 08:38 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2013-07-01 08:37 . 2013-07-01 08:37 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-07-01 08:37 . 2013-07-01 08:37 366592 ----a-w- c:\windows\system32\qdvd.dll
2013-06-07 15:45 . 2013-06-07 15:45 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2013-06-07 11:45 . 2013-08-28 07:15 84992 --s-a-w- c:\windows\inf\mscscoi\zlib1.dll
2013-06-07 11:45 . 2013-08-28 07:15 364544 --s-a-w- c:\windows\inf\mscscoi\ssleay32.dll
2013-06-07 11:45 . 2013-08-28 07:15 612352 --s-a-w- c:\windows\inf\mscscoi\libcurl.dll
2013-06-07 11:45 . 2013-08-28 07:15 279955 --s-a-w- c:\windows\inf\mscscoi\libidn-11.dll
2013-06-07 11:45 . 2013-08-28 07:15 183382 --s-a-w- c:\windows\inf\mscscoi\librtmp.dll
2013-06-07 11:45 . 2013-08-28 07:15 171008 --s-a-w- c:\windows\inf\mscscoi\libssh2.dll
2013-06-07 11:45 . 2013-08-28 07:15 1704448 --s-a-w- c:\windows\inf\mscscoi\libeay32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"RublikAutostartSetting"="c:\program files (x86)\Rublik\rublik.exe" [2013-07-10 1420288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
20Dollars2Surf.lnk - c:\program files (x86)\20Dollars2Surf\20dollars2surf.exe [2013-8-31 89088]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
R2 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 atillk64;atillk64; [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 EagleX64;EagleX64; [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 GDPkIcpt;GDPkIcpt; [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTCore64;RTCore64;c:\program files (x86)\RMClock\RTCore64.sys;c:\program files (x86)\RMClock\RTCore64.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 CronService;Cron Service for Prey;c:\prey\platform\windows\cronsvc.exe;c:\prey\platform\windows\cronsvc.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 PoSrv1;AVStreamer Service;c:\program files (x86)\ePlayWorks\AVStreamer\PoSrv.exe;c:\program files (x86)\ePlayWorks\AVStreamer\PoSrv.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys;c:\windows\SYSNATIVE\DRIVERS\teamviewervpn.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-29 18:32 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.62\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-19 13:55]
.
2013-09-01 c:\windows\Tasks\FreeHDSport TV-codedownloader.job
- c:\program files (x86)\FreeHDSport TV\FreeHDSport TV-codedownloader.exe [2013-08-25 17:35]
.
2013-09-01 c:\windows\Tasks\FreeHDSport TV-enabler.job
- c:\program files (x86)\FreeHDSport TV\FreeHDSport TV-enabler.exe [2013-08-25 17:35]
.
2013-09-01 c:\windows\Tasks\FreeHDSport TV-updater.job
- c:\program files (x86)\FreeHDSport TV\FreeHDSport TV-updater.exe [2013-08-25 17:35]
.
2013-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-24 14:30]
.
2013-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-24 14:30]
.
2013-08-28 c:\windows\Tasks\HPCeeScheduleForJAKUB.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 20:15]
.
2013-09-01 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files (x86)\SlimDrivers\SlimDrivers.exe [2013-07-10 06:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-05-09 627360]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-05-09 379552]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2000-01-01 6548112]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
FF - ProfilePath - c:\users\JAKUB\AppData\Roaming\Mozilla\Firefox\Profiles\4anqzj7d.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{41564952-412D-5637-00A7-7A786E7484D7} - (no file)
Toolbar-{41564952-412D-5637-00A7-7A786E7484D7} - (no file)
AddRemove-CZ SK IPTV v2.0.3 - c:\windows\CZ SK IPTV v2.0.3
AddRemove-SLABCOMM&10C4&EA60 - c:\program files (x86)\Silabs\MCU\DriverUninstall\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
AddRemove-WinZipper - c:\program files (x86)\WinZipper\eUninstall.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2487367 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2656351 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2736428 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2742595 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2604121 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656351 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2729449 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2736428 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2737019 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2742595 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2789642 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2804576 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1617569673-3034970362-4137664275-1001\Software\Microsoft\Internet Explorer\Approved Extensions]
@DACL=(02 0000)
"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,3b,1b,10,6e,df,
95,b6,89,ed,07,92,4e,ce,e8,47,6a,3d,27
"{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}"=hex:51,66,7a,6c,4c,1d,3b,1b,d4,e9,04,
95,31,58,bd,0f,9c,0d,50,ec,1c,9c,c7,3e
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,3b,1b,74,cb,24,
88,32,1a,d6,0e,94,c0,10,24,75,4b,25,de
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,3b,1b,10,21,da,
ca,7a,af,29,03,82,82,42,9c,2c,7b,85,57
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,3b,1b,54,1f,dc,
c3,75,f2,32,07,a6,78,dd,65,c2,86,ce,b1
"{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,24,39,
55,8e,3f,13,03,8a,f9,bc,9b,06,76,3f,6d
"{0124123D-61B4-456F-AF86-78C53A0790C5}"=hex:51,66,7a,6c,4c,1d,3b,1b,2d,0d,30,
19,84,37,06,01,b5,8a,39,85,39,44,d6,dd
"{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}"=hex:51,66,7a,6c,4c,1d,3b,1b,b0,84,c4,
29,c5,44,a7,08,a4,86,68,63,e4,25,43,c2
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,3b,1b,79,47,94,
b6,6c,78,bd,0a,95,77,b0,b7,86,59,02,8f
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,3b,1b,25,b7,e7,
ac,11,58,30,0d,a0,2e,03,f3,03,cd,44,e7
"{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}"=hex:51,66,7a,6c,4c,1d,3b,1b,1a,91,5d,
c8,87,13,c7,06,b3,a6,ea,e4,60,98,95,a7
"{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}"=hex:51,66,7a,6c,4c,1d,3b,1b,0e,19,66,
e5,ee,c9,24,0c,bf,86,4a,eb,42,12,8c,c0
.
[HKEY_USERS\S-1-5-21-1617569673-3034970362-4137664275-1001\Software\SecuROM\License information*]
"datasecu"=hex:9b,f6,6d,cd,de,56,0d,75,7f,12,eb,47,c1,d3,bd,4f,97,31,36,11,5a,
7d,e4,3c,d1,6a,36,bc,8c,0f,ff,c9,79,22,7b,0b,5e,6f,21,8e,c9,47,11,5a,ff,9b,\
"rkeysecu"=hex:eb,2d,e7,ac,2f,1c,25,0c,01,15,34,32,d5,06,56,28
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\F-Secure\My Services Agent\Protected]
@Denied: ) (Everyone)
"AgentIdentifier"=""
"AuthorizationCode"=""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Full Uninstall\FullUninstallAgent.exe
c:\windows\SysWow64\perfhost.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
.
**************************************************************************
.
Celkový čas: 2013-09-01 10:07:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-01 08:07
ComboFix2.txt 2013-07-26 17:33
ComboFix3.txt 2013-07-20 18:39
ComboFix4.txt 2013-07-20 11:42
ComboFix5.txt 2013-07-29 10:36
.
Před spuštěním: Volných bajtů: 86 051 643 392
Po spuštění: Volných bajtů: 86 027 108 352
.
- - End Of File - - AE835E2B9A936B538A795C956C5A417C
A36C5E4F47E84449FF07ED3517B43A31
Žádný učenec z nebe nespadl, ale blbce jako by shazovali.

CPU: Intel Xeon E5450 @ 3.0 Ghz
GPU: Sapphire Radeon RX 570 Pulse 4GB
MB: MICRO-STAR INTERNATIONAL CO.,LTD MS-7395
RAM: 8,00GB Dual-Channel DDR2
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Zasekaný ntb HP 635

Příspěvekod jaro3 » 02 zář 2013 10:52

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\windows\SysWow64\TempWmicBatchFile.bat
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job


Folder::
c:\program files (x86)\ESET
c:\windows\msdownld.tmp
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Google\Update

Driver::
SkypeUpdate

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000000

RegLock::
[HKEY_USERS\S-1-5-21-1617569673-3034970362-4137664275-1001\Software\Microsoft\Internet Explorer\Approved Extensions]
@DACL=(02 0000)
"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,3b,1b,10,6e,df,
 95,b6,89,ed,07,92,4e,ce,e8,47,6a,3d,27
"{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}"=hex:51,66,7a,6c,4c,1d,3b,1b,d4,e9,04,
 95,31,58,bd,0f,9c,0d,50,ec,1c,9c,c7,3e
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,3b,1b,74,cb,24,
 88,32,1a,d6,0e,94,c0,10,24,75,4b,25,de
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,3b,1b,10,21,da,
 ca,7a,af,29,03,82,82,42,9c,2c,7b,85,57
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,3b,1b,54,1f,dc,
 c3,75,f2,32,07,a6,78,dd,65,c2,86,ce,b1
"{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,24,39,
 55,8e,3f,13,03,8a,f9,bc,9b,06,76,3f,6d
"{0124123D-61B4-456F-AF86-78C53A0790C5}"=hex:51,66,7a,6c,4c,1d,3b,1b,2d,0d,30,
 19,84,37,06,01,b5,8a,39,85,39,44,d6,dd
"{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}"=hex:51,66,7a,6c,4c,1d,3b,1b,b0,84,c4,
 29,c5,44,a7,08,a4,86,68,63,e4,25,43,c2
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,3b,1b,79,47,94,
 b6,6c,78,bd,0a,95,77,b0,b7,86,59,02,8f
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,3b,1b,25,b7,e7,
 ac,11,58,30,0d,a0,2e,03,f3,03,cd,44,e7
"{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}"=hex:51,66,7a,6c,4c,1d,3b,1b,1a,91,5d,
 c8,87,13,c7,06,b3,a6,ea,e4,60,98,95,a7
"{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}"=hex:51,66,7a,6c,4c,1d,3b,1b,0e,19,66,
 e5,ee,c9,24,0c,bf,86,4a,eb,42,12,8c,c0
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\F-Secure\My Services Agent\Protected]
@Denied: ) (Everyone)
"AgentIdentifier"=""
"AuthorizationCode"=""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\system32\TSWbPrxy.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Uživatelský avatar
MrAnnix99
Level 3.5
Level 3.5
Příspěvky: 935
Registrován: únor 13
Pohlaví: Muž
Stav:
Offline

Re: Zasekaný ntb HP 635

Příspěvekod MrAnnix99 » 02 zář 2013 11:59

ComboFix 13-09-01.02 - JAKUB 02.09.2013 11:34:49.7.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3835.2580 [GMT 2:00]
Spuštěný z: c:\users\JAKUB\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\JAKUB\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\SysWow64\TempWmicBatchFile.bat"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ESET
c:\program files (x86)\ESET\ESET Online Scanner\esets_apiA.dll
c:\program files (x86)\ESET\ESET Online Scanner\esets_apiW.dll
c:\program files (x86)\ESET\ESET Online Scanner\esets_apiW_a.dll
c:\program files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
c:\program files (x86)\ESET\ESET Online Scanner\log.txt
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\continuous\nod2453.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\continuous\nod6AE1.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\http_update.eset.com\update.ver
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\lastupd.ver
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod04E8.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod0CE1.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod0CE9.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod0D30.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod1E37.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod226D.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod2BED.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod2EA4.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod35C2.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod3D78.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod4AEC.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod4F7A.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod5043.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod5C70.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod5CFA.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod5E1E.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod5E6F.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod6636.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod679C.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod69CC.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod6B27.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\nod7232.nup
c:\program files (x86)\ESET\ESET Online Scanner\Modules\data\updfiles\upd.ver
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em000_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em000_64.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em001_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em002_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em003_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em004_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em005_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em006_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em006_64.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em023_32.dat
c:\program files (x86)\ESET\ESET Online Scanner\Modules\em028_64.dat
c:\program files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
c:\program files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScanner.cab
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScanner.inf
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScanner.ocx
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScanner64.ocx
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerLang.dll
c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
c:\program files (x86)\ESET\ESET Online Scanner\unicows.dll
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.21.153\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.21.153\goopdate.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.21.153\psmachine.dll
c:\program files (x86)\Google\Update\1.3.21.153\psuser.dll
c:\program files (x86)\Google\Update\Download\{2BF2CA35-CCAF-4E58-BAB7-4163BFA03B88}\0.0.0.0\GoogleEarth-Win-Plugin-7.1.1.1871.exe
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.153\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\29.0.1547.62\29.0.1547.62_29.0.1547.57_chrome_updater.exe
c:\program files (x86)\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\0.0.0.0\GoogleEarth-Win-Bundle-7.1.1.1871.exe
c:\program files (x86)\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\7.1.1.1888\GoogleEarth-Win-Bundle-7.1.1.1888.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\windows\msdownld.tmp
c:\windows\SysWow64\TempWmicBatchFile.bat
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-02 do 2013-09-02 )))))))))))))))))))))))))))))))
.
.
2013-09-02 09:46 . 2013-09-02 09:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-01 14:44 . 2013-09-01 14:48 -------- d-----w- c:\programdata\NortonInstaller
2013-08-31 12:36 . 2013-08-31 12:36 -------- d-----w- c:\program files (x86)\20Dollars2Surf
2013-08-31 12:34 . 2013-08-31 12:34 -------- d-----w- c:\programdata\Rublik
2013-08-31 12:33 . 2013-08-31 12:34 -------- d-----w- c:\users\JAKUB\AppData\Roaming\Rublik
2013-08-31 12:33 . 2013-08-31 12:44 -------- d-----w- c:\program files (x86)\Rublik
2013-08-31 07:58 . 2013-08-31 07:58 -------- d-----w- c:\windows\San Andreas Mod Installer
2013-08-30 14:40 . 2011-12-28 04:15 54600 ----a-w- c:\windows\system32\ftserui2.dll
2013-08-30 14:40 . 2011-12-28 04:14 84808 ----a-w- c:\windows\system32\drivers\ftser2k.sys
2013-08-30 14:36 . 2011-12-28 04:14 69192 ----a-w- c:\windows\system32\drivers\ftdibus.sys
2013-08-30 14:36 . 2011-12-28 04:14 330056 ----a-w- c:\windows\system32\ftd2xx.dll
2013-08-30 14:36 . 2011-12-28 04:14 206144 ----a-w- c:\windows\SysWow64\ftd2xx.dll
2013-08-30 14:36 . 2011-12-28 04:14 143688 ----a-w- c:\windows\system32\ftbusui.dll
2013-08-29 14:41 . 2013-08-29 14:42 -------- d-----w- c:\users\JAKUB\AppData\Roaming\ICQ-Profile
2013-08-29 14:41 . 2013-08-29 14:41 -------- d-----w- c:\program files (x86)\ICQM
2013-08-28 07:15 . 2013-08-28 07:15 -------- d-----w- c:\program files (x86)\GPS-Navigace-Sygic-Aura-V11.2.6-Android-CZ-pln-verze
2013-08-27 17:42 . 2013-08-29 13:32 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2013-08-25 17:35 . 2013-08-26 16:02 -------- d-----w- c:\program files (x86)\FreeHDSport TV
2013-08-25 17:34 . 2013-08-28 17:09 -------- d-----w- c:\program files (x86)\FreeHDSport.TV
2013-08-25 17:34 . 2013-08-25 17:40 -------- d-----w- c:\program files (x86)\LSHunter.TV
2013-08-25 16:47 . 2013-08-25 16:46 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-25 16:16 . 2013-08-29 08:08 -------- d-----w- C:\AdwCleaner
2013-08-24 14:58 . 2013-08-24 16:51 -------- d-----w- c:\users\JAKUB\AppData\Roaming\ScanMaster-ELM
2013-08-24 14:50 . 2013-08-24 14:50 -------- d-----w- c:\program files (x86)\Silabs
2013-08-24 14:40 . 2013-08-24 14:40 -------- d-----w- C:\SiLabs
2013-08-24 14:31 . 2013-08-24 17:12 -------- d-----w- c:\program files (x86)\OBD2Spy
2013-08-24 14:31 . 2013-08-24 14:31 286720 ------w- c:\windows\Setup1.exe
2013-08-24 14:31 . 2013-08-24 14:31 73216 ----a-w- c:\windows\ST6UNST.EXE
2013-08-24 07:03 . 2013-08-31 12:56 -------- d-----w- c:\users\JAKUB\AppData\Local\Deployment
2013-08-22 06:06 . 2013-08-22 06:06 -------- d-----w- c:\program files (x86)\MonkeyDragon Mods
2013-08-21 13:55 . 2013-08-21 13:55 17737608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-08-21 08:50 . 2013-08-21 08:50 -------- d-----w- c:\program files (x86)\NHL 09
2013-08-20 16:19 . 2013-08-20 16:19 -------- d-----w- c:\users\JAKUB\AppData\Roaming\ATI
2013-08-18 07:27 . 2013-08-18 07:27 -------- d-----w- c:\users\JAKUB\AppData\Roaming\skyz
2013-08-18 07:25 . 2013-08-18 07:25 -------- d-----w- C:\Minecraft_Backup
2013-08-18 06:51 . 2013-08-18 06:51 -------- d-----w- c:\users\JAKUB\AppData\Local\Apple
2013-08-16 09:01 . 2013-08-16 09:01 -------- d--h--r- c:\users\JAKUB\AppData\Roaming\SecuROM
2013-08-16 07:41 . 2013-08-16 07:41 -------- d-----w- c:\users\JAKUB\AppData\Roaming\Milestone
2013-08-15 11:14 . 2013-08-16 08:17 -------- d-----w- c:\users\JAKUB\AppData\Local\PAYDAY 2
2013-08-15 10:25 . 2013-08-16 08:43 -------- d-----w- c:\program files (x86)\PAYDAY 2
2013-08-15 10:25 . 2013-08-15 10:25 -------- d-----w- c:\users\JAKUB\AppData\Local\Programs
2013-08-14 09:11 . 2013-08-14 09:11 4774272 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-08-14 09:11 . 2013-08-14 09:11 4774272 ----a-w- c:\program files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-08-13 17:38 . 2013-08-13 17:41 -------- d-----w- c:\users\JAKUB\AppData\Local\EgisTec
2013-08-13 09:18 . 2013-08-13 09:18 -------- d-----w- c:\users\JAKUB\AppData\Local\EgisTec IPS
2013-08-13 09:13 . 2013-08-13 09:13 -------- d-----w- c:\program files (x86)\Mafia 2 Multiplayer
2013-08-13 09:13 . 2013-08-13 17:39 -------- d--h--w- c:\programdata\EgisTec
2013-08-12 19:05 . 2013-08-15 07:40 -------- d-----w- c:\program files (x86)\PC Locker Pro
2013-08-12 18:55 . 2013-09-01 08:02 -------- d-----w- c:\programdata\PDFC
2013-08-12 08:24 . 2013-08-12 08:24 -------- d-----w- c:\users\JAKUB\AppData\Roaming\Ubisoft
2013-08-12 07:22 . 2013-08-12 07:22 -------- d-----w- c:\programdata\GlarySoft
2013-08-12 07:19 . 2013-08-12 07:19 -------- d-----w- c:\users\JAKUB\AppData\Roaming\Mirillis
2013-08-07 07:46 . 2013-08-21 11:02 -------- d-----w- c:\users\JAKUB\AppData\Local\EA Games
2013-08-06 11:23 . 2013-08-12 07:35 -------- d-----w- c:\users\JAKUB\AppData\Local\iWesoft
2013-08-05 19:03 . 2013-08-05 19:03 -------- d-----w- c:\users\JAKUB\AppData\Local\Ubisoft
2013-08-05 19:03 . 2013-08-05 19:03 -------- d-----w- c:\windows\SysWow64\wbem\Logs
2013-08-05 19:02 . 2008-07-12 06:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2013-08-05 19:02 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2013-08-05 19:02 . 2008-07-12 06:18 540688 ----a-w- c:\windows\system32\d3dx10_39.dll
2013-08-05 19:02 . 2008-07-12 06:18 1942552 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2013-08-05 19:02 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2013-08-05 19:02 . 2008-07-12 06:18 4992520 ----a-w- c:\windows\system32\D3DX9_39.dll
2013-08-05 19:01 . 2013-08-05 19:01 -------- d-----w- c:\users\Public\Ubisoft
2013-08-05 19:01 . 2013-08-05 19:01 -------- d-----w- c:\programdata\InstallShield
2013-08-05 18:41 . 2007-04-27 08:12 78784 ----a-w- c:\windows\SysWow64\ISUSPM.cpl
2013-08-05 18:41 . 2006-09-10 19:56 218032 ----a-w- c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
2013-08-05 18:41 . 2007-04-27 08:12 394184 ----a-w- c:\program files (x86)\Common Files\InstallShield\UpdateService\_isusres.dll
2013-08-05 18:41 . 2007-04-27 08:12 29640 ----a-w- c:\program files (x86)\Common Files\InstallShield\UpdateService\_ispmres.dll
2013-08-05 18:41 . 2006-09-10 19:56 86960 ----a-w- c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe
2013-08-05 18:41 . 2006-09-10 19:56 992176 ----a-w- c:\program files (x86)\Common Files\InstallShield\UpdateService\agent.exe
2013-08-05 18:41 . 2006-09-10 19:56 283568 ----a-w- c:\program files (x86)\Common Files\InstallShield\UpdateService\ISDM.exe
2013-08-03 18:05 . 2013-08-03 18:05 -------- d-----w- c:\users\JAKUB\AppData\Roaming\JAM Software
2013-08-03 18:05 . 2013-08-03 18:05 -------- d-----w- c:\program files (x86)\JAM Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-02 09:50 . 2013-08-02 18:29 16152 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2013-08-25 16:46 . 2013-04-29 17:23 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-08-25 16:46 . 2011-08-03 09:50 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-08-21 13:55 . 2013-02-19 17:35 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-21 13:55 . 2013-02-19 17:35 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-20 08:46 . 2013-07-20 08:46 19138 ----a-w- C:\64to32Sidebar.zip
2013-07-19 17:10 . 2013-07-02 09:21 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2013-07-19 17:10 . 2013-07-02 09:19 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-07-15 01:34 . 2013-07-25 16:58 9460976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1E892985-19D2-46F0-B3FC-97E66B7E8369}\mpengine.dll
2013-07-05 11:36 . 2013-07-01 15:56 106224 ----a-w- c:\windows\SysWow64\drivers\GRD.sys
2013-07-03 06:41 . 2013-07-02 19:40 290776 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-07-03 06:41 . 2013-03-16 10:45 290776 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-07-03 06:30 . 2013-03-16 10:45 281288 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-07-02 19:34 . 2013-03-16 10:45 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-07-02 09:21 . 2013-07-02 09:21 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2013-07-02 09:21 . 2013-07-02 09:21 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-07-01 15:52 . 2013-07-01 15:52 48584 ----a-w- c:\windows\system32\drivers\gdwfpcd64.sys
2013-07-01 08:59 . 2013-07-01 08:59 603136 ----a-w- c:\windows\system32\msfeeds.dll
2013-07-01 08:59 . 2013-07-01 08:59 89600 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-07-01 08:59 . 2013-07-01 08:59 855552 ----a-w- c:\windows\system32\jscript.dll
2013-07-01 08:59 . 2013-07-01 08:59 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-07-01 08:59 . 2013-07-01 08:59 67072 ----a-w- c:\windows\system32\iesetup.dll
2013-07-01 08:59 . 2013-07-01 08:59 61440 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-07-01 08:59 . 2013-07-01 08:59 53248 ----a-w- c:\windows\system32\jsproxy.dll
2013-07-01 08:59 . 2013-07-01 08:59 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2013-07-01 08:59 . 2013-07-01 08:59 39936 ----a-w- c:\windows\system32\iernonce.dll
2013-07-01 08:59 . 2013-07-01 08:59 3958784 ----a-w- c:\windows\system32\jscript9.dll
2013-07-01 08:59 . 2013-07-01 08:59 2877440 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-07-01 08:59 . 2013-07-01 08:59 2241024 ----a-w- c:\windows\system32\wininet.dll
2013-07-01 08:59 . 2013-07-01 08:59 1767936 ----a-w- c:\windows\SysWow64\wininet.dll
2013-07-01 08:59 . 2013-07-01 08:59 136704 ----a-w- c:\windows\system32\iesysprep.dll
2013-07-01 08:59 . 2013-07-01 08:59 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-07-01 08:57 . 2013-07-01 08:57 526336 ----a-w- c:\windows\system32\ieui.dll
2013-07-01 08:57 . 2013-07-01 08:57 15404544 ----a-w- c:\windows\system32\ieframe.dll
2013-07-01 08:57 . 2013-07-01 08:57 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-07-01 08:57 . 2013-07-01 08:57 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-07-01 08:57 . 2013-07-01 08:57 2648064 ----a-w- c:\windows\system32\iertutil.dll
2013-07-01 08:57 . 2013-07-01 08:57 19233792 ----a-w- c:\windows\system32\mshtml.dll
2013-07-01 08:57 . 2013-07-01 08:57 1365504 ----a-w- c:\windows\system32\urlmon.dll
2013-07-01 08:45 . 2013-07-01 08:45 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-07-01 08:44 . 2013-07-01 08:44 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-07-01 08:44 . 2013-07-01 08:44 492544 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-07-01 08:44 . 2013-07-01 08:44 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-07-01 08:44 . 2013-07-01 08:44 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-07-01 08:43 . 2013-07-01 08:43 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-07-01 08:43 . 2013-07-01 08:43 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-07-01 08:43 . 2013-07-01 08:43 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-07-01 08:43 . 2013-07-01 08:43 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-07-01 08:42 . 2013-07-01 08:42 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-07-01 08:42 . 2013-07-01 08:42 52224 ----a-w- c:\windows\system32\certenc.dll
2013-07-01 08:42 . 2013-07-01 08:42 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-07-01 08:42 . 2013-07-01 08:42 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-01 08:42 . 2013-07-01 08:42 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-07-01 08:42 . 2013-07-01 08:42 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-07-01 08:42 . 2013-07-01 08:42 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-01 08:42 . 2013-07-01 08:42 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-07-01 08:42 . 2013-07-01 08:42 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-01 08:42 . 2013-07-01 08:42 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-07-01 08:40 . 2013-07-01 08:40 3174912 ----a-w- c:\windows\system32\rdpcorets.dll
2013-07-01 08:40 . 2013-07-01 08:40 243200 ----a-w- c:\windows\system32\rdpudd.dll
2013-07-01 08:40 . 2013-07-01 08:40 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2013-07-01 08:40 . 2013-07-01 08:40 62976 ----a-w- c:\windows\system32\TSWbPrxy.exe
2013-07-01 08:40 . 2013-07-01 08:40 54272 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2013-07-01 08:40 . 2013-07-01 08:40 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2013-07-01 08:40 . 2013-07-01 08:40 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2013-07-01 08:40 . 2013-07-01 08:40 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2013-07-01 08:40 . 2013-07-01 08:40 1048064 ----a-w- c:\windows\SysWow64\mstsc.exe
2013-07-01 08:40 . 2013-07-01 08:40 1123840 ----a-w- c:\windows\system32\mstsc.exe
2013-07-01 08:40 . 2013-07-01 08:40 37376 ----a-w- c:\windows\SysWow64\tsgqec.dll
2013-07-01 08:40 . 2013-07-01 08:40 269312 ----a-w- c:\windows\SysWow64\aaclient.dll
2013-07-01 08:40 . 2013-07-01 08:40 4916224 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-07-01 08:40 . 2013-07-01 08:40 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2013-07-01 08:40 . 2013-07-01 08:40 5773824 ----a-w- c:\windows\system32\mstscax.dll
2013-07-01 08:40 . 2013-07-01 08:40 46592 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll
2013-07-01 08:40 . 2013-07-01 08:40 44032 ----a-w- c:\windows\system32\tsgqec.dll
2013-07-01 08:40 . 2013-07-01 08:40 43520 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2013-07-01 08:40 . 2013-07-01 08:40 384000 ----a-w- c:\windows\system32\wksprt.exe
2013-07-01 08:40 . 2013-07-01 08:40 322560 ----a-w- c:\windows\system32\aaclient.dll
2013-07-01 08:40 . 2013-07-01 08:40 16896 ----a-w- c:\windows\SysWow64\wksprtPS.dll
2013-07-01 08:40 . 2013-07-01 08:40 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-07-01 08:40 . 2013-07-01 08:40 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-07-01 08:40 . 2013-07-01 08:40 18432 ----a-w- c:\windows\system32\wksprtPS.dll
2013-07-01 08:40 . 2013-07-01 08:40 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2013-07-01 08:38 . 2013-07-01 08:38 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-07-01 08:38 . 2013-07-01 08:38 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2013-07-01 08:38 . 2013-07-01 08:38 340992 ----a-w- c:\windows\system32\schannel.dll
2013-07-01 08:38 . 2013-07-01 08:38 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-07-01 08:38 . 2013-07-01 08:38 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-07-01 08:38 . 2013-07-01 08:38 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-07-01 08:38 . 2013-07-01 08:38 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2013-07-01 08:37 . 2013-07-01 08:37 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-07-01 08:37 . 2013-07-01 08:37 366592 ----a-w- c:\windows\system32\qdvd.dll
2013-06-07 15:45 . 2013-06-07 15:45 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2013-06-07 11:45 . 2013-08-28 07:15 84992 --s-a-w- c:\windows\inf\mscscoi\zlib1.dll
2013-06-07 11:45 . 2013-08-28 07:15 364544 --s-a-w- c:\windows\inf\mscscoi\ssleay32.dll
2013-06-07 11:45 . 2013-08-28 07:15 612352 --s-a-w- c:\windows\inf\mscscoi\libcurl.dll
2013-06-07 11:45 . 2013-08-28 07:15 279955 --s-a-w- c:\windows\inf\mscscoi\libidn-11.dll
2013-06-07 11:45 . 2013-08-28 07:15 183382 --s-a-w- c:\windows\inf\mscscoi\librtmp.dll
2013-06-07 11:45 . 2013-08-28 07:15 171008 --s-a-w- c:\windows\inf\mscscoi\libssh2.dll
2013-06-07 11:45 . 2013-08-28 07:15 1704448 --s-a-w- c:\windows\inf\mscscoi\libeay32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"RublikAutostartSetting"="c:\program files (x86)\Rublik\rublik.exe" [2013-07-10 1420288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
20Dollars2Surf.lnk - c:\program files (x86)\20Dollars2Surf\20dollars2surf.exe [2013-8-31 89088]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
R2 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R2 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 atillk64;atillk64; [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 EagleX64;EagleX64; [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 GDPkIcpt;GDPkIcpt; [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTCore64;RTCore64;c:\program files (x86)\RMClock\RTCore64.sys;c:\program files (x86)\RMClock\RTCore64.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 CronService;Cron Service for Prey;c:\prey\platform\windows\cronsvc.exe;c:\prey\platform\windows\cronsvc.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
S2 PoSrv1;AVStreamer Service;c:\program files (x86)\ePlayWorks\AVStreamer\PoSrv.exe;c:\program files (x86)\ePlayWorks\AVStreamer\PoSrv.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys;c:\windows\SYSNATIVE\DRIVERS\teamviewervpn.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-29 18:32 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.62\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-19 13:55]
.
2013-09-02 c:\windows\Tasks\FreeHDSport TV-codedownloader.job
- c:\program files (x86)\FreeHDSport TV\FreeHDSport TV-codedownloader.exe [2013-08-25 17:35]
.
2013-09-02 c:\windows\Tasks\FreeHDSport TV-enabler.job
- c:\program files (x86)\FreeHDSport TV\FreeHDSport TV-enabler.exe [2013-08-25 17:35]
.
2013-09-02 c:\windows\Tasks\FreeHDSport TV-updater.job
- c:\program files (x86)\FreeHDSport TV\FreeHDSport TV-updater.exe [2013-08-25 17:35]
.
2013-09-01 c:\windows\Tasks\HPCeeScheduleForJAKUB.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 20:15]
.
2013-09-02 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files (x86)\SlimDrivers\SlimDrivers.exe [2013-07-10 06:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-05-09 627360]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-05-09 379552]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2000-01-01 6548112]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 78.157.167.7
FF - ProfilePath - c:\users\JAKUB\AppData\Roaming\Mozilla\Firefox\Profiles\4anqzj7d.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{41564952-412D-5637-00A7-7A786E7484D7} - (no file)
Toolbar-{41564952-412D-5637-00A7-7A786E7484D7} - (no file)
AddRemove-CZ SK IPTV v2.0.3 - c:\windows\CZ SK IPTV v2.0.3
AddRemove-ESET Online Scanner - c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
AddRemove-SLABCOMM&10C4&EA60 - c:\program files (x86)\Silabs\MCU\DriverUninstall\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
AddRemove-WinZipper - c:\program files (x86)\WinZipper\eUninstall.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2487367 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2656351 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2736428 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2742595 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2604121 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656351 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2729449 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2736428 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2737019 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2742595 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2789642 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2804576 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1617569673-3034970362-4137664275-1001\Software\SecuROM\License information*]
"datasecu"=hex:9b,f6,6d,cd,de,56,0d,75,7f,12,eb,47,c1,d3,bd,4f,97,31,36,11,5a,
7d,e4,3c,d1,6a,36,bc,8c,0f,ff,c9,79,22,7b,0b,5e,6f,21,8e,c9,47,11,5a,ff,9b,\
"rkeysecu"=hex:eb,2d,e7,ac,2f,1c,25,0c,01,15,34,32,d5,06,56,28
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Full Uninstall\FullUninstallAgent.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\windows\SysWow64\perfhost.exe
.
**************************************************************************
.
Celkový čas: 2013-09-02 11:54:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-02 09:54
ComboFix2.txt 2013-09-01 08:07
ComboFix3.txt 2013-07-26 17:33
ComboFix4.txt 2013-07-20 18:39
ComboFix5.txt 2013-09-02 09:32
.
Před spuštěním: Volných bajtů: 84 282 732 544
Po spuštění: Volných bajtů: 83 931 525 120
.
- - End Of File - - 04B1988E010A793EDD03FAF6A0425505
A36C5E4F47E84449FF07ED3517B43A31


----------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:59:20, on 2.9.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16611)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Full Uninstall\FullUninstallAgent.exe
C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\JAKUB\Downloads\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O2 - BHO: Avira SearchFree Toolbar plus Web Protection BHO - {41564952-412D-5637-00A7-7A786E7484D7} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RublikAutostartSetting] "C:\Program Files (x86)\Rublik\rublik.exe"
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Global Startup: 20Dollars2Surf.lnk = C:\Program Files (x86)\20Dollars2Surf\20dollars2surf.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: AVStreamer Service (PoSrv1) - ePlayWorks, Inc. - C:\Program Files (x86)\ePlayWorks\AVStreamer\PoSrv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lokátor vzdáleného volání procedur (RPC) (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Zachytávání pro službu SNMP (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 10851 bytes
Žádný učenec z nebe nespadl, ale blbce jako by shazovali.

CPU: Intel Xeon E5450 @ 3.0 Ghz
GPU: Sapphire Radeon RX 570 Pulse 4GB
MB: MICRO-STAR INTERNATIONAL CO.,LTD MS-7395
RAM: 8,00GB Dual-Channel DDR2
Nahoru
Uživatelský avatar
MrAnnix99
Level 3.5
Level 3.5
Příspěvky: 935
Registrován: únor 13
Pohlaví: Muž
Stav:
Offline

Re: Zasekaný ntb HP 635

Příspěvekod MrAnnix99 » 02 zář 2013 12:24

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-09-02 12:22:13
-----------------------------
12:22:13.695 OS Version: Windows x64 6.1.7601 Service Pack 1
12:22:13.695 Number of processors: 2 586 0x603
12:22:13.695 ComputerName: JAKUB-HP UserName: JAKUB
12:22:16.721 Initialize success
12:22:24.226 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000068
12:22:24.242 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 11
12:22:24.382 Disk 0 MBR read successfully
12:22:24.382 Disk 0 MBR scan
12:22:24.382 Disk 0 Windows 7 default MBR code
12:22:24.398 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
12:22:24.414 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 460243 MB offset 409600
12:22:24.429 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 16393 MB offset 942987264
12:22:24.460 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128
12:22:24.538 Disk 0 scanning C:\Windows\system32\drivers
12:22:34.897 Service scanning
12:23:03.975 Modules scanning
12:23:03.975 Disk 0 trace - called modules:
12:23:03.991 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys ACPI.sys storport.sys hal.dll amd_sata.sys
12:23:04.006 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80046ac530]
12:23:04.006 3 CLASSPNP.SYS[fffff8800194a43f] -> nt!IofCallDriver -> [0xfffffa80045fd830]
12:23:04.006 5 amd_xata.sys[fffff8800109ad00] -> nt!IofCallDriver -> [0xfffffa80045fa740]
12:23:04.022 7 ACPI.sys[fffff88000f757a1] -> nt!IofCallDriver -> \Device\00000068[0xfffffa80045fb060]
12:23:04.022 Scan finished successfully
12:24:07.249 Disk 0 MBR has been saved successfully to "C:\Users\JAKUB\Desktop\MBR.dat"
12:24:07.249 The log file has been saved successfully to "C:\Users\JAKUB\Desktop\aswMBR.txt"
Žádný učenec z nebe nespadl, ale blbce jako by shazovali.

CPU: Intel Xeon E5450 @ 3.0 Ghz
GPU: Sapphire Radeon RX 570 Pulse 4GB
MB: MICRO-STAR INTERNATIONAL CO.,LTD MS-7395
RAM: 8,00GB Dual-Channel DDR2
Nahoru
Uživatelský avatar
MrAnnix99
Level 3.5
Level 3.5
Příspěvky: 935
Registrován: únor 13
Pohlaví: Muž
Stav:
Offline

Re: Zasekaný ntb HP 635

Příspěvekod MrAnnix99 » 02 zář 2013 12:30

Já v Systemu32 mám jen TsWpfWrp ne TSWbPrxy.exe
Žádný učenec z nebe nespadl, ale blbce jako by shazovali.

CPU: Intel Xeon E5450 @ 3.0 Ghz
GPU: Sapphire Radeon RX 570 Pulse 4GB
MB: MICRO-STAR INTERNATIONAL CO.,LTD MS-7395
RAM: 8,00GB Dual-Channel DDR2
Nahoru
Zamčeno

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 98 hostů