Pomalý počítač, prosím o kontrolu logu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Zamčeno
Sikilik
nováček
Příspěvky: 23
Registrován: březen 14
Pohlaví: Muž
Stav:
Offline

Re: Pomalý počítač, prosím o kontrolu logu

Příspěvekod Sikilik » 20 kvě 2014 20:46

Vše provedeno bez problémů.

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : oem [Práva správce]
Mód : Odebrat -- Datum : 05/20/2014 20:22:46
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] ns4D37.tmp -- C:\Windows\Temp\nsu4BBF.tmp\ns4D37.tmp [-] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] EAT @explorer.exe (BeginBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748E09AE)
[Address] EAT @explorer.exe (BeginBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748D49A1)
[Address] EAT @explorer.exe (BeginPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74900731)
[Address] EAT @explorer.exe (BufferedPaintClear) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748D6395)
[Address] EAT @explorer.exe (BufferedPaintInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748D940E)
[Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748E08ED)
[Address] EAT @explorer.exe (BufferedPaintSetAlpha) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748EE6B3)
[Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748ED395)
[Address] EAT @explorer.exe (BufferedPaintUnInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748D94AB)
[Address] EAT @explorer.exe (CloseThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748D6A18)
[Address] EAT @explorer.exe (DrawThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748D3982)
[Address] EAT @explorer.exe (DrawThemeBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748ED9DA)
[Address] EAT @explorer.exe (DrawThemeEdge) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F3B52)
[Address] EAT @explorer.exe (DrawThemeIcon) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749035E7)
[Address] EAT @explorer.exe (DrawThemeParentBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748D53E5)
[Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748D51BF)
[Address] EAT @explorer.exe (DrawThemeText) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748D4EA1)
[Address] EAT @explorer.exe (DrawThemeTextEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748D63E6)
[Address] EAT @explorer.exe (EnableThemeDialogTexture) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748DFCAF)
[Address] EAT @explorer.exe (EnableTheming) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74902FEB)
[Address] EAT @explorer.exe (EndBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748D3F9A)
[Address] EAT @explorer.exe (EndBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748D3F9A)
[Address] EAT @explorer.exe (EndPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749006CC)
[Address] EAT @explorer.exe (GetBufferedPaintBits) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748D4BAF)
[Address] EAT @explorer.exe (GetBufferedPaintDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748E04BC)
[Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748E0473)
[Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74902E7F)
[Address] EAT @explorer.exe (GetCurrentThemeName) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748E05DD)
[Address] EAT @explorer.exe (GetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748E0FB1)
[Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748DCD2E)
[Address] EAT @explorer.exe (GetThemeBackgroundExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748DF8BF)
[Address] EAT @explorer.exe (GetThemeBackgroundRegion) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748E165D)
[Address] EAT @explorer.exe (GetThemeBitmap) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748DBF93)
[Address] EAT @explorer.exe (GetThemeBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748D7C1F)
[Address] EAT @explorer.exe (GetThemeColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748D616C)
[Address] EAT @explorer.exe (GetThemeDocumentationProperty) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74902932)
[Address] EAT @explorer.exe (GetThemeEnumValue) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748D616C)
[Address] EAT @explorer.exe (GetThemeFilename) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74902412)
[Address] EAT @explorer.exe (GetThemeFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748DFF21)
[Address] EAT @explorer.exe (GetThemeInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748D616C)
[Address] EAT @explorer.exe (GetThemeIntList) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749023B1)
[Address] EAT @explorer.exe (GetThemeMargins) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748D86E9)
[Address] EAT @explorer.exe (GetThemeMetric) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748E06E2)
[Address] EAT @explorer.exe (GetThemePartSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748DCDB1)
[Address] EAT @explorer.exe (GetThemePosition) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74902350)
[Address] EAT @explorer.exe (GetThemePropertyOrigin) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F3FBB)
[Address] EAT @explorer.exe (GetThemeRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748E3611)
[Address] EAT @explorer.exe (GetThemeStream) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748E39D9)
[Address] EAT @explorer.exe (GetThemeString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749022E4)
[Address] EAT @explorer.exe (GetThemeSysBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74903172)
[Address] EAT @explorer.exe (GetThemeSysColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F3274)
[Address] EAT @explorer.exe (GetThemeSysColorBrush) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7490301E)
[Address] EAT @explorer.exe (GetThemeSysFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749029C4)
[Address] EAT @explorer.exe (GetThemeSysInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74902BD3)
[Address] EAT @explorer.exe (GetThemeSysSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7490320B)
[Address] EAT @explorer.exe (GetThemeSysString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74902B3F)
[Address] EAT @explorer.exe (GetThemeTextExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748D2D57)
[Address] EAT @explorer.exe (GetThemeTextMetrics) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748DF992)
[Address] EAT @explorer.exe (GetThemeTransitionDuration) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748E1081)
[Address] EAT @explorer.exe (GetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748DDF46)
[Address] EAT @explorer.exe (HitTestThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748E3CE3)
[Address] EAT @explorer.exe (IsAppThemed) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748DF869)
[Address] EAT @explorer.exe (IsCompositionActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748D2E9A)
[Address] EAT @explorer.exe (IsThemeActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748DF785)
[Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748D60AB)
[Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7490312B)
[Address] EAT @explorer.exe (IsThemePartDefined) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748D85B4)
[Address] EAT @explorer.exe (OpenThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748D73D2)
[Address] EAT @explorer.exe (OpenThemeDataEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F3D43)
[Address] EAT @explorer.exe (SetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74903296)
[Address] EAT @explorer.exe (SetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748E0134)
[Address] EAT @explorer.exe (SetWindowThemeAttribute) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748ECFE6)
[Address] EAT @explorer.exe (ThemeInitApiHook) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748DB176)
[Address] EAT @explorer.exe (UpdatePanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7490068D)
[Address] EAT @explorer.exe (DllGetClassObject) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447CF9D)
[Address] EAT @explorer.exe (IEnumString_Next_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447E000)
[Address] EAT @explorer.exe (IEnumString_Reset_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447E029)
[Address] EAT @explorer.exe (IPropertyBag2_Write_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447E049)
[Address] EAT @explorer.exe (IWICBitmapClipper_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DD2A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447EA9A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447EABD)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447EAE0)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447E9D3)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447E9F6)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447EA1F)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447EA71)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447EA48)
[Address] EAT @explorer.exe (IWICBitmapDecoder_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D845)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447E9AA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D822)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D9A2)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D868)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D8DA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetPreview_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DC74)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447E9D3)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DC05)
[Address] EAT @explorer.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DB87)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DB5E)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D9A2)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DB32)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DBDC)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DBB3)
[Address] EAT @explorer.exe (IWICBitmapFlipRotator_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DD2A)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D88E)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D8DA)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D8B7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D9C5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447EB03)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DFB7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DB06)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DA17)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D9E5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DADD)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DA71)
[Address] EAT @explorer.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D7FC)
[Address] EAT @explorer.exe (IWICBitmapLock_GetStride_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DC25)
[Address] EAT @explorer.exe (IWICBitmapScaler_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DCFE)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D822)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPixels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DC48)
[Address] EAT @explorer.exe (IWICBitmapSource_GetPixelFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DC25)
[Address] EAT @explorer.exe (IWICBitmapSource_GetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D7FC)
[Address] EAT @explorer.exe (IWICBitmapSource_GetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D91D)
[Address] EAT @explorer.exe (IWICBitmap_Lock_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447E981)
[Address] EAT @explorer.exe (IWICBitmap_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DC74)
[Address] EAT @explorer.exe (IWICBitmap_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DC97)
[Address] EAT @explorer.exe (IWICColorContext_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447EB75)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D7AA)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D7D3)
[Address] EAT @explorer.exe (IWICComponentInfo_GetAuthor_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447E958)
[Address] EAT @explorer.exe (IWICComponentInfo_GetCLSID_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DC25)
[Address] EAT @explorer.exe (IWICComponentInfo_GetFriendlyName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447E9AA)
[Address] EAT @explorer.exe (IWICComponentInfo_GetSpecVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D88E)
[Address] EAT @explorer.exe (IWICComponentInfo_GetVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447E981)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D8FD)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DC25)
[Address] EAT @explorer.exe (IWICFormatConverter_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DCC7)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D557)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D580)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D6BA)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D6E6)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D656)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D62D)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D52E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D68B)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D4D9)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D4A1)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D466)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D42E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateEncoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D5D2)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D70C)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_Proxo¡v‚È–ø">) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D732)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFormatConverter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D505)
[Address] EAT @explorer.exe (IWICImagingFactory_CreatePalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DADD)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D781)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D758)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D5A9)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DC25)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetReaderByIndex_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DFB7)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetEnumerator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D822)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetLocation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447E049)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_RemoveMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D8DA)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_SetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DFDA)
[Address] EAT @explorer.exe (IWICPalette_GetColorCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D96C)
[Address] EAT @explorer.exe (IWICPalette_GetColors_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D88E)
[Address] EAT @explorer.exe (IWICPalette_GetType_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D845)
[Address] EAT @explorer.exe (IWICPalette_HasAlpha_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D9A2)
[Address] EAT @explorer.exe (IWICPalette_InitializeCustom_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447EB75)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D943)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D822)
[Address] EAT @explorer.exe (IWICPalette_InitializePredefined_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D91D)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetBitsPerPixel_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447EB03)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DD50)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelMask_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447EB26)
[Address] EAT @explorer.exe (IWICStream_InitializeFromIStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DD50)
[Address] EAT @explorer.exe (IWICStream_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DD73)
[Address] EAT @explorer.exe (WICConvertBitmapSource) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DDB8)
[Address] EAT @explorer.exe (WICCreateBitmapFromSection) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DF8D)
[Address] EAT @explorer.exe (WICCreateBitmapFromSectionEx) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DE8C)
[Address] EAT @explorer.exe (WICCreateColorContext_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447EB52)
[Address] EAT @explorer.exe (WICCreateImagingFactory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D02B)
[Address] EAT @explorer.exe (WICGetMetadataContentSize) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447E61D)
[Address] EAT @explorer.exe (WICMapGuidToShortName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D0EC)
[Address] EAT @explorer.exe (WICMapSchemaToName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D2E0)
[Address] EAT @explorer.exe (WICMapShortNameToGuid) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447D217)
[Address] EAT @explorer.exe (WICMatchMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447E072)
[Address] EAT @explorer.exe (WICSerializeMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447E1B4)
[Address] EAT @explorer.exe (WICSetEncoderFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7447DD99)
[Address] EAT @explorer.exe (DriverProc) : GrooveMisc.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x708F3FEE)
[Address] EAT @explorer.exe (midMessage) : GrooveMisc.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x708F817A)
[Address] EAT @explorer.exe (modMessage) : GrooveMisc.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x708F7F0C)
[Address] EAT @explorer.exe (mxdMessage) : GrooveMisc.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x708F3F5C)
[Address] EAT @explorer.exe (widMessage) : GrooveMisc.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x708F65C3)
[Address] EAT @explorer.exe (wodMessage) : GrooveMisc.dll -> HOOKED (C:\Windows\system32\wdmaud.drv @ 0x708F4AB6)

¤¤¤ Externí včelstvo: ¤¤¤
-> D:\windows\system32\config\SYSTEM | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\SOFTWARE | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\SECURITY | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\Default User\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\Karel\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\LocalService\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\NetworkService\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST500DM002-1BD142 ATA Device +++++
--- User ---
[MBR] 58f374e064c1b8cd961722dad6bb4042
[BSP] 481eec2aad7e91125f867771a6de41cd : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 69996 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 143352720 | Size: 69996 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 286705440 | Size: 336944 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_05202014_202246.txt >>
RKreport[0]_S_05202014_202223.txt


ComboFix 14-05-19.01 - oem 20.05.2014 20:27:51.1.3 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.1533.906 [GMT 2:00]
Spuštěný z: c:\users\oem\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-04-20 do 2014-05-20 )))))))))))))))))))))))))))))))
.
.
2014-05-20 18:33 . 2014-05-20 18:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-20 16:15 . 2014-04-16 09:25 8050496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{36705ADC-7D4C-4434-818F-D897684EE9F3}\mpengine.dll
2014-05-18 14:22 . 2014-04-16 09:25 8050496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-05-16 10:21 . 2014-05-02 14:43 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FF526234-F1E9-4CAA-A980-A0A77B7B49C7}\gapaengine.dll
2014-05-15 01:03 . 2014-05-06 03:07 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-09 13:17 . 2014-05-09 13:17 -------- d-----w- c:\windows\ERUNT
2014-05-09 11:50 . 2014-05-20 16:45 -------- d-----w- c:\users\oem\AppData\Local\Adobe
2014-05-06 19:19 . 2014-05-09 13:33 107736 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-06 19:18 . 2014-05-06 19:18 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-05-06 19:18 . 2014-05-06 19:18 -------- d-----w- c:\programdata\Malwarebytes
2014-05-06 19:18 . 2014-04-03 07:51 51416 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-05-06 19:18 . 2014-04-03 07:51 73432 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-05-06 19:18 . 2014-04-03 07:50 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-05-06 19:17 . 2014-05-06 19:17 -------- d-----w- c:\users\oem\AppData\Local\Programs
2014-05-06 19:02 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-05-06 19:01 . 2014-05-09 13:07 -------- d-----w- C:\AdwCleaner
2014-04-22 22:52 . 2014-05-13 15:59 -------- d-----w- c:\program files\Mozilla Maintenance Service
2014-04-22 20:51 . 2014-04-22 20:51 -------- d-sh--w- c:\users\oem\AppData\Local\EmieUserList
2014-04-22 20:51 . 2014-04-22 20:51 -------- d-sh--w- c:\users\oem\AppData\Local\EmieSiteList
2014-04-22 20:29 . 2012-05-04 17:29 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
2014-04-22 20:29 . 2012-05-04 17:29 687504 ----a-w- c:\windows\system32\deployJava1.dll
2014-04-22 20:08 . 2014-05-15 01:28 -------- d-s---w- c:\windows\system32\CompatTel
2014-04-22 20:00 . 2014-03-06 08:02 455168 ----a-w- c:\windows\system32\vbscript.dll
2014-04-22 20:00 . 2014-03-06 05:50 257536 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2014-04-22 20:00 . 2014-03-08 01:59 235216 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2014-04-22 20:00 . 2014-03-06 08:31 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-04-22 20:00 . 2014-03-06 05:31 271360 ----a-w- c:\program files\Internet Explorer\ieproxy.dll
2014-04-22 20:00 . 2014-03-06 08:13 37888 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub_is.dll
2014-04-21 07:50 . 2014-04-21 07:50 79 ----a-w- c:\windows\system32\ssinstall-uninstall.bat
2014-04-21 07:50 . 2014-04-21 07:50 2324216 ----a-w- c:\windows\system32\ssins.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-20 16:45 . 2012-06-11 20:04 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-05-20 16:45 . 2012-06-11 20:04 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-05-02 14:43 . 2012-06-14 07:08 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-03-31 20:46 . 2014-03-31 20:46 130712 ----a-w- c:\windows\system32\MSSTDFMT.DLL
2014-03-31 20:46 . 2014-03-31 20:46 1070232 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2014-03-11 07:52 . 2012-03-20 18:44 104264 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2014-03-04 09:17 . 2014-05-14 19:43 247808 ----a-w- c:\windows\system32\schannel.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OscarX7Mouse5Mode"="c:\program files\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe" [2011-10-21 3518976]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-06-07 336384]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-06-09 10082920]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 951576]
"EEventManager"="c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe" [2009-04-07 673616]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 ProtectMonitor;Protect Monitor;c:\program files\PCData\StartHelp.exe [2014-02-27 90668]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-03-06 108032]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-18 1343400]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\drivers\WSDScan.sys [2009-07-14 20480]
S1 PCSUUCDRV;PC Speed Up Usb Cache Driver;c:\program files\Zrychleni Pocitace\PCSpeedUp.sys [2013-10-01 40472]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-06-07 176128]
S2 ssinstall;SInstalátor;c:\windows\System32\ssins.exe [2014-04-21 2324216]
S3 netr73;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-01 393320]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-12-15 37504]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - TrueSight
.
Obsah adresáře 'Naplánované úlohy'
.
2014-05-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-11 16:45]
.
2014-05-16 c:\windows\Tasks\Epson Printer Software Downloader.job
- c:\program files\EPSON\EPAPDL\E_SAPDL2.EXE [2009-05-26 09:43]
.
2014-05-20 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-11-26 01:38]
.
2014-05-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-11-06 08:27]
.
2014-05-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-11-06 08:27]
.
2014-05-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3255629103-1225574464-3123061909-1000Core.job
- c:\users\oem\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-13 13:32]
.
2014-05-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3255629103-1225574464-3123061909-1000UA.job
- c:\users\oem\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-13 13:32]
.
2014-05-15 c:\windows\Tasks\PC Speed Up Update Cache.job
- c:\program files\Zrychleni Pocitace\PCSUUCC.exe [2013-11-26 15:13]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\sqgjsecl.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{9421DD08-935F-4701-A9CA-22DF90AC4EA6}"=hex:51,66,7a,6c,4c,1d,38,12,66,de,32,
90,6d,dd,6f,02,d6,dc,61,9f,95,f2,0a,b2
"{CD1A63BA-A08C-431B-9A34-F240AADC728D}"=hex:51,66,7a,6c,4c,1d,38,12,d4,60,09,
c9,be,ee,75,06,e5,22,b1,00,af,82,36,99
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797}"=hex:51,66,7a,6c,4c,1d,38,12,7e,f8,d1,
a0,f1,ca,85,01,e0,88,c5,4f,a4,87,e3,83
"{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}"=hex:51,66,7a,6c,4c,1d,38,12,2d,dd,7a,
ab,6a,33,56,03,c9,ec,8d,26,b0,f3,64,49
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{FBCBC43A-DCA9-4192-A4C8-B57FD0F77D4D}"=hex:51,66,7a,6c,4c,1d,38,12,54,c7,d8,
ff,9b,92,fc,04,db,de,f6,3f,d5,a9,39,59
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:a8,4b,d7,dc,4b,ea,ce,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-05-20 20:39:52
ComboFix-quarantined-files.txt 2014-05-20 18:39
.
Před spuštěním: Volných bajtů: 26 182 914 048
Po spuštění: Volných bajtů: 25 947 066 368
.
- - End Of File - - 56CAB878C9A4B3B7912273EDDF59D992
A36C5E4F47E84449FF07ED3517B43A31
Nahoru
Reklama
Top
Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: Pomalý počítač, prosím o kontrolu logu

Příspěvekod Orcus » 20 kvě 2014 20:58

Microsoft Security Essentials nahraď něčím z kvarteta Avira, Avast, AVG, Comodo. MSE moc ochrany neposkytujou. :-/

====================================================

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený červeně:

ClearJavaCache::
KillAll::

File::
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\Epson Printer Software Downloader.job
c:\windows\Tasks\Google Software Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3255629103-1225574464-3123061909-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3255629103-1225574464-3123061909-1000UA.job
c:\windows\Tasks\PC Speed Up Update Cache.job

Folder::
c:\program files\Google\Update\
c:\program files\Skype\Updater\

Driver::
SkypeUpdate

RegLock::
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{9421DD08-935F-4701-A9CA-22DF90AC4EA6}"=hex:51,66,7a,6c,4c,1d,38,12,66,de,32,
90,6d,dd,6f,02,d6,dc,61,9f,95,f2,0a,b2
"{CD1A63BA-A08C-431B-9A34-F240AADC728D}"=hex:51,66,7a,6c,4c,1d,38,12,d4,60,09,
c9,be,ee,75,06,e5,22,b1,00,af,82,36,99
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797}"=hex:51,66,7a,6c,4c,1d,38,12,7e,f8,d1,
a0,f1,ca,85,01,e0,88,c5,4f,a4,87,e3,83
"{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}"=hex:51,66,7a,6c,4c,1d,38,12,2d,dd,7a,
ab,6a,33,56,03,c9,ec,8d,26,b0,f3,64,49
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{FBCBC43A-DCA9-4192-A4C8-B57FD0F77D4D}"=hex:51,66,7a,6c,4c,1d,38,12,54,c7,d8,
ff,9b,92,fc,04,db,de,f6,3f,d5,a9,39,59
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:a8,4b,d7,dc,4b,ea,ce,01
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.



Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.


Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.
Obrázek

- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu

Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.

====================================================

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

====================================================

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\System32\ssins.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

====================================================

+ nový log z HJT
Láska hřeje, ale uhlí je uhlí. :fire:


Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.
Nahoru
Sikilik
nováček
Příspěvky: 23
Registrován: březen 14
Pohlaví: Muž
Stav:
Offline

Re: Pomalý počítač, prosím o kontrolu logu

Příspěvekod Sikilik » 21 kvě 2014 16:51

Provedeno a posílám požadované informace :

ComboFix 14-05-19.01 - oem 21.05.2014 16:11:04.2.3 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.1533.729 [GMT 2:00]
Spuštěný z: c:\users\oem\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\oem\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\Epson Printer Software Downloader.job"
"c:\windows\Tasks\Google Software Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3255629103-1225574464-3123061909-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3255629103-1225574464-3123061909-1000UA.job"
"c:\windows\Tasks\PC Speed Up Update Cache.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.24.7\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.24.7\GoogleUpdate.exe
c:\program files\Google\Update\1.3.24.7\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.24.7\GoogleUpdateComRegisterShell64.exe
c:\program files\Google\Update\1.3.24.7\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.24.7\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.24.7\goopdate.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_am.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_ar.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_bg.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_bn.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_ca.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_cs.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_da.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_de.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_el.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_en.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_es.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_et.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_fa.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_fi.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_fil.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_fr.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_gu.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_hi.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_hr.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_hu.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_id.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_is.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_it.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_iw.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_ja.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_kn.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_ko.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_lt.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_lv.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_ml.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_mr.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_ms.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_nl.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_no.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_pl.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_ro.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_ru.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_sk.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_sl.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_sr.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_sv.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_sw.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_ta.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_te.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_th.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_tr.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_uk.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_ur.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_vi.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.24.7\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.24.7\psmachine.dll
c:\program files\Google\Update\1.3.24.7\psmachine_64.dll
c:\program files\Google\Update\1.3.24.7\psuser.dll
c:\program files\Google\Update\1.3.24.7\psuser_64.dll
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.24.7\GoogleUpdateSetup.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-04-21 do 2014-05-21 )))))))))))))))))))))))))))))))
.
.
2014-05-21 14:17 . 2014-05-21 14:19 -------- d-----w- c:\users\oem\AppData\Local\temp
2014-05-21 14:17 . 2014-05-21 14:17 -------- d-----w- c:\users\wangzhisong\AppData\Local\temp
2014-05-21 14:17 . 2014-05-21 14:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-21 14:08 . 2014-05-21 14:08 39464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A4188B88-539F-4C14-9773-031CAD5BA913}\MpKsl6ec2d57f.sys
2014-05-20 18:41 . 2014-04-16 09:25 8050496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A4188B88-539F-4C14-9773-031CAD5BA913}\mpengine.dll
2014-05-18 14:22 . 2014-04-16 09:25 8050496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-05-16 10:21 . 2014-05-02 14:43 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FF526234-F1E9-4CAA-A980-A0A77B7B49C7}\gapaengine.dll
2014-05-15 01:03 . 2014-05-06 03:07 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-09 13:17 . 2014-05-09 13:17 -------- d-----w- c:\windows\ERUNT
2014-05-09 11:50 . 2014-05-20 16:45 -------- d-----w- c:\users\oem\AppData\Local\Adobe
2014-05-06 19:19 . 2014-05-09 13:33 107736 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-06 19:18 . 2014-05-06 19:18 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-05-06 19:18 . 2014-05-06 19:18 -------- d-----w- c:\programdata\Malwarebytes
2014-05-06 19:18 . 2014-04-03 07:51 51416 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-05-06 19:18 . 2014-04-03 07:51 73432 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-05-06 19:18 . 2014-04-03 07:50 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-05-06 19:17 . 2014-05-06 19:17 -------- d-----w- c:\users\oem\AppData\Local\Programs
2014-05-06 19:02 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-05-06 19:01 . 2014-05-09 13:07 -------- d-----w- C:\AdwCleaner
2014-04-22 22:52 . 2014-05-13 15:59 -------- d-----w- c:\program files\Mozilla Maintenance Service
2014-04-22 20:51 . 2014-04-22 20:51 -------- d-sh--w- c:\users\oem\AppData\Local\EmieUserList
2014-04-22 20:51 . 2014-04-22 20:51 -------- d-sh--w- c:\users\oem\AppData\Local\EmieSiteList
2014-04-22 20:29 . 2012-05-04 17:29 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
2014-04-22 20:29 . 2012-05-04 17:29 687504 ----a-w- c:\windows\system32\deployJava1.dll
2014-04-22 20:08 . 2014-05-15 01:28 -------- d-s---w- c:\windows\system32\CompatTel
2014-04-22 20:00 . 2014-03-06 08:02 455168 ----a-w- c:\windows\system32\vbscript.dll
2014-04-22 20:00 . 2014-03-06 05:50 257536 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2014-04-22 20:00 . 2014-03-08 01:59 235216 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2014-04-22 20:00 . 2014-03-06 08:31 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-04-22 20:00 . 2014-03-06 05:31 271360 ----a-w- c:\program files\Internet Explorer\ieproxy.dll
2014-04-22 20:00 . 2014-03-06 08:13 37888 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub_is.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-20 16:45 . 2012-06-11 20:04 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-05-20 16:45 . 2012-06-11 20:04 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-05-02 14:43 . 2012-06-14 07:08 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-04-21 07:50 . 2014-04-21 07:50 79 ----a-w- c:\windows\system32\ssinstall-uninstall.bat
2014-04-21 07:50 . 2014-04-21 07:50 2324216 ----a-w- c:\windows\system32\ssins.exe
2014-03-31 20:46 . 2014-03-31 20:46 130712 ----a-w- c:\windows\system32\MSSTDFMT.DLL
2014-03-31 20:46 . 2014-03-31 20:46 1070232 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2014-03-11 07:52 . 2012-03-20 18:44 104264 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2014-03-04 09:17 . 2014-05-14 19:43 247808 ----a-w- c:\windows\system32\schannel.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OscarX7Mouse5Mode"="c:\program files\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe" [2011-10-21 3518976]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-06-07 336384]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-06-09 10082920]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 951576]
"EEventManager"="c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe" [2009-04-07 673616]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 ProtectMonitor;Protect Monitor;c:\program files\PCData\StartHelp.exe [2014-02-27 90668]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-03-06 108032]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-18 1343400]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\drivers\WSDScan.sys [2009-07-14 20480]
S1 MpKsl6ec2d57f;MpKsl6ec2d57f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A4188B88-539F-4C14-9773-031CAD5BA913}\MpKsl6ec2d57f.sys [2014-05-21 39464]
S1 PCSUUCDRV;PC Speed Up Usb Cache Driver;c:\program files\Zrychleni Pocitace\PCSpeedUp.sys [2013-10-01 40472]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-06-07 176128]
S2 ssinstall;SInstalátor;c:\windows\System32\ssins.exe [2014-04-21 2324216]
S3 netr73;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-01 393320]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-12-15 37504]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-05-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-11 16:45]
.
2014-05-16 c:\windows\Tasks\Epson Printer Software Downloader.job
- c:\program files\EPSON\EPAPDL\E_SAPDL2.EXE [2009-05-26 09:43]
.
2014-05-21 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-11-26 01:38]
.
2014-05-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3255629103-1225574464-3123061909-1000Core.job
- c:\users\oem\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-13 13:32]
.
2014-05-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3255629103-1225574464-3123061909-1000UA.job
- c:\users\oem\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-13 13:32]
.
2014-05-20 c:\windows\Tasks\PC Speed Up Update Cache.job
- c:\program files\Zrychleni Pocitace\PCSUUCC.exe [2013-11-26 15:13]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\sqgjsecl.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\atieclxx.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\TEMP\nsp5E84.tmp\ns63A4.tmp
c:\windows\system32\conhost.exe
c:\windows\system32\conhost.exe
.
**************************************************************************
.
Celkový čas: 2014-05-21 16:28:13 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-05-21 14:28
.
Před spuštěním: Volných bajtů: 26 133 000 192
Po spuštění: Volných bajtů: 25 822 961 664
.
- - End Of File - - 54F0085E58D908A79A7F17A0E74D6B17
A36C5E4F47E84449FF07ED3517B43A31


aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-05-21 16:31:20
-----------------------------
16:31:20.280 OS Version: Windows 6.1.7601 Service Pack 1
16:31:20.280 Number of processors: 3 586 0x100
16:31:20.280 ComputerName: OEM-PC UserName: oem
16:31:20.514 Initialize success
16:31:23.636 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
16:31:23.636 Disk 0 Vendor: ST500DM002-1BD142 KC45 Size: 476940MB BusType: 3
16:31:23.760 Disk 0 MBR read successfully
16:31:23.776 Disk 0 MBR scan
16:31:23.776 Disk 0 Windows 7 default MBR code
16:31:23.776 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 69996 MB offset 63
16:31:23.807 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 69996 MB offset 143352720
16:31:23.823 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 336944 MB offset 286705440
16:31:23.823 Disk 0 scanning sectors +976767120
16:31:23.885 Disk 0 scanning C:\Windows\system32\drivers
16:31:31.264 Service scanning
16:31:36.646 Service MpKsl7cc80f5a C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{99F701FD-A5D2-42B7-A8BA-90254116FC8C}\MpKsl7cc80f5a.sys **LOCKED** 32
16:31:44.274 Modules scanning
16:31:52.823 Disk 0 trace - called modules:
16:31:53.354 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS amdide.sys PCIIDEX.SYS atapi.sys
16:31:53.369 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85ae3648]
16:31:53.385 3 CLASSPNP.SYS[87f8659e] -> nt!IofCallDriver -> [0x85a12918]
16:31:53.400 5 ACPI.sys[837af3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x85652030]
16:31:53.400 Scan finished successfully
16:32:06.411 Disk 0 MBR has been saved successfully to "C:\Users\oem\Desktop\MBR.dat"
16:32:06.411 The log file has been saved successfully to "C:\Users\oem\Desktop\aswMBR.txt"


https://www.virustotal.com/cs/file/9a7d ... 400683316/


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:49:39, on 21.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
CHROME: 34.0.1847.137
FIREFOX: 29.0.1 (cs)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\oem\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [OscarX7Mouse5Mode] "C:\Program Files\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Protect Monitor (ProtectMonitor) - Unknown owner - C:\Program Files\PCData\StartHelp.exe
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\System32\ssins.exe

--
End of file - 4599 bytes
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Pomalý počítač, prosím o kontrolu logu

Příspěvekod jaro3 » 21 kvě 2014 18:29

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Sikilik
nováček
Příspěvky: 23
Registrován: březen 14
Pohlaví: Muž
Stav:
Offline

Re: Pomalý počítač, prosím o kontrolu logu  Vyřešeno

Příspěvekod Sikilik » 22 kvě 2014 14:03

Počítač se zrychlil a již nevykakují otravná blikající okna, že jsem x-tý návštěvním a oznámení o nesmyslných výhrách.
Děkuji za odbornou pomoc.
Nahoru
Zamčeno

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 122 hostů