Jojo uživatel ale již smazaný asi tam jen pozůstaly složky ...
_____
user32.dll 0/53 je čistý
___
ComboFix 14-05-19.01 - Hrosik-Woytman 21.05.2014 20:23:39.3.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.3690.1580 [GMT 2:00]
Spuštěný z: c:\users\Hrosik-Woytman\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Hrosik-Woytman\Desktop\CFScript.txt
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\system32\mnccmxde.vbe"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3529244034-2779903136-2417513714-1000Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3529244034-2779903136-2417513714-1000UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.24.7\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.24.7\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.24.7\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.24.7\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.24.7\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.24.7\goopdate.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.24.7\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.24.7\psmachine.dll
c:\program files (x86)\Google\Update\1.3.24.7\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.24.7\psuser.dll
c:\program files (x86)\Google\Update\1.3.24.7\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.24.7\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\34.0.1847.137\34.0.1847.137_34.0.1847.131_chrome_updater.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\FacebookCrashHandler.exe
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdate.exe
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdateHelper.msi
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ar.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bg.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bn.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ca.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_cs.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_da.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_de.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_el.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en-GB.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es-419.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_et.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fa.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fi.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fil.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fr.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_gu.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hi.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hr.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hu.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_id.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_is.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_it.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_iw.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ja.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_kn.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ko.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lt.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lv.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ml.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_mr.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ms.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_nl.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_no.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_or.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pl.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-BR.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-PT.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ro.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ru.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sk.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sl.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sr.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sv.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ta.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_te.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_th.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_tr.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_uk.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ur.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_vi.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-CN.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-TW.dll
c:\users\Hrosik-Woytman\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-04-21 do 2014-05-21 )))))))))))))))))))))))))))))))
.
.
2014-05-21 18:32 . 2014-05-21 18:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-20 18:34 . 2014-05-20 18:34 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software
2014-05-18 10:23 . 2014-05-18 10:23 -------- d-----w- c:\windows\ERUNT
2014-05-17 19:09 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-05-17 19:09 . 2014-05-18 10:16 -------- d-----w- C:\AdwCleaner
2014-05-17 10:09 . 2014-05-18 10:17 -------- d-----w- c:\users\Hrosik-Woytman\AppData\Local\AVG SafeGuard toolbar
2014-05-17 10:09 . 2014-05-17 10:08 50464 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2014-05-15 19:58 . 2014-05-15 19:58 -------- d-----w- C:\$AVG
2014-05-15 19:54 . 2014-05-21 15:19 -------- d-----w- c:\programdata\MFAData
2014-05-15 19:54 . 2014-05-15 21:11 -------- d-----w- c:\users\Hrosik-Woytman\AppData\Local\Avg2014
2014-05-15 19:54 . 2014-05-15 19:54 -------- d-----w- c:\users\Hrosik-Woytman\AppData\Local\MFAData
2014-05-15 14:19 . 2014-05-15 14:21 -------- d-----w- c:\program files (x86)\WWE RAW - Ultimate Impact
2014-05-15 13:52 . 2014-05-15 19:59 -------- d-----w- c:\users\Hrosik-Woytman\AppData\Roaming\TuneUp Software
2014-05-15 13:50 . 2013-10-08 11:46 40248 ----a-w- c:\windows\system32\TURegOpt.exe
2014-05-15 13:49 . 2013-10-08 11:46 29496 ----a-w- c:\windows\system32\authuitu.dll
2014-05-15 13:49 . 2013-10-08 11:46 25400 ----a-w- c:\windows\SysWow64\authuitu.dll
2014-05-15 13:49 . 2014-05-15 13:49 -------- d-----w- c:\users\Hrosik-Woytman\AppData\Roaming\AVG
2014-05-15 13:48 . 2014-05-15 19:57 -------- d-----w- c:\program files (x86)\AVG
2014-05-15 13:46 . 2014-05-15 13:52 -------- d-----w- c:\programdata\AVG
2014-05-15 13:45 . 2014-05-15 14:02 -------- d-sh--w- c:\programdata\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-05-15 13:45 . 2014-05-15 13:45 -------- d--h--w- c:\programdata\Common Files
2014-05-15 13:40 . 2014-05-15 13:40 -------- d-----w- c:\users\Hrosik-Woytman\AppData\Roaming\KoshyJohn.com
2014-05-14 10:43 . 2014-05-15 14:02 -------- d--h--w- c:\programdata\{FD433863-51C6-4D7C-9193-D0644A854F23}
2014-05-14 10:42 . 2014-05-14 10:42 -------- d-----w- c:\program files (x86)\Max Payne 3 esky 0.58.1.0
2014-05-14 10:40 . 2014-05-14 10:45 -------- d-----w- c:\programdata\Tunngle
2014-05-14 10:40 . 2014-05-14 10:41 -------- d-----w- c:\users\Hrosik-Woytman\AppData\Roaming\Tunngle
2014-05-14 10:40 . 2009-09-16 05:02 31232 ----a-w- c:\windows\system32\drivers\tap0901t.sys
2014-05-14 10:40 . 2014-05-14 10:41 -------- d-----w- c:\program files (x86)\Tunngle
2014-05-14 10:23 . 2014-05-14 10:23 17938608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-05-14 09:51 . 2014-05-14 09:51 -------- d-----w- c:\programdata\Rockstar Games
2014-05-13 12:20 . 2014-05-13 12:20 235800 ----a-w- c:\windows\system32\drivers\avgldx64.sys
2014-05-13 12:20 . 2014-05-13 12:20 273176 ----a-w- c:\windows\system32\drivers\avgtdia.sys
2014-05-13 12:06 . 2014-05-13 12:06 323352 ----a-w- c:\windows\system32\drivers\avgloga.sys
2014-05-13 12:05 . 2014-05-13 12:05 191768 ----a-w- c:\windows\system32\drivers\avgidsha.sys
2014-05-13 12:05 . 2014-05-13 12:05 152344 ----a-w- c:\windows\system32\drivers\avgdiska.sys
2014-05-13 12:05 . 2014-05-13 12:05 130328 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2014-05-13 12:04 . 2014-05-13 12:04 236312 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2014-05-13 12:04 . 2014-05-13 12:04 31512 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
2014-05-12 00:48 . 2014-05-12 00:48 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3898646F-F9CA-42F0-8998-4F3DD5A4139B}\offreg.dll
2014-05-09 10:52 . 2014-05-09 10:52 -------- d-----w- c:\program files (x86)\Manual
2014-05-09 10:52 . 2014-05-09 10:52 -------- d-----w- c:\program files (x86)\Uninstall Nexus
2014-05-09 10:52 . 2009-10-24 19:15 1332224 ----a-w- c:\windows\SysWow64\SYNSOEMU.DLL
2014-05-09 10:52 . 2009-10-23 21:00 5811712 ----a-w- c:\program files (x86)\Nexus.dll
2014-05-08 18:22 . 2014-04-17 03:31 10651704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3898646F-F9CA-42F0-8998-4F3DD5A4139B}\mpengine.dll
2014-05-08 09:43 . 2014-05-08 09:43 -------- d-----w- c:\users\Hrosik-Woytman\AppData\Roaming\Ashampoo
2014-05-08 09:42 . 2014-05-08 09:42 -------- d-----w- c:\users\Hrosik-Woytman\AppData\Local\ashampoo
2014-05-08 09:42 . 2014-05-08 09:42 -------- d-----w- c:\programdata\Ashampoo
2014-05-08 09:42 . 2014-05-08 09:42 -------- d-----w- c:\program files (x86)\Ashampoo
2014-05-05 04:38 . 2014-05-05 04:38 -------- d-----w- c:\program files (x86)\MegaDev
2014-05-04 21:45 . 2014-05-06 12:20 -------- d-----w- c:\users\Hrosik-Woytman\AppData\Roaming\Might & Magic Heroes VI
2014-05-04 20:27 . 2014-05-04 20:27 282512 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-05-04 20:27 . 2014-05-04 20:27 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-05-03 21:44 . 2011-10-27 08:27 9887848 ----a-w- c:\windows\SysWow64\RtsP2StorIcon.dll
2014-05-03 21:44 . 2011-10-27 08:27 259688 ----a-w- c:\windows\system32\drivers\RtsP2Stor.sys
2014-05-03 21:42 . 2013-11-18 12:02 25840 ----a-w- c:\windows\system32\drivers\excfs.sys
2014-05-03 21:42 . 2014-05-03 21:42 -------- dc----w- c:\windows\system32\DRVSTORE
2014-05-03 21:42 . 2013-11-18 12:02 117488 ----a-w- c:\windows\system32\drivers\excsd.sys
2014-05-03 21:42 . 2014-05-03 21:42 -------- d-----w- c:\programdata\Condusiv Technologies
2014-05-03 21:42 . 2014-05-03 21:42 -------- d-----w- c:\program files\Condusiv Technologies
2014-05-03 21:42 . 2014-05-03 21:42 -------- d-----w- c:\program files\Common Files\Diskeeper Corporation
2014-05-03 21:41 . 2013-04-10 09:09 849992 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2014-05-03 21:41 . 2013-04-10 09:09 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-05-03 21:41 . 2013-04-10 09:09 108104 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-05-03 21:34 . 2014-05-03 21:34 -------- d-----w- C:\DRIVERS
2014-05-03 21:34 . 2014-05-03 21:34 -------- d-----w- c:\program files (x86)\SanDisk
2014-05-03 21:33 . 2014-05-03 21:33 -------- d-----w- C:\SWtools
2014-05-02 12:04 . 2014-05-02 12:04 -------- d-----w- c:\program files\Dostihy 3000 Deluxe
2014-04-29 21:17 . 2013-12-21 09:53 548864 ----a-w- c:\windows\system32\vbscript.dll
2014-04-29 21:17 . 2013-12-21 08:56 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-04-29 21:14 . 2013-11-26 23:29 5693440 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-04-29 21:14 . 2013-11-26 22:49 6573056 ----a-w- c:\windows\system32\mstscax.dll
2014-04-28 21:07 . 2014-04-28 21:07 -------- d-----w- c:\users\Hrosik-Woytman\AppData\Local\Game Updater
2014-04-27 20:40 . 2014-04-27 20:40 -------- d-----w- c:\users\Hrosik-Woytman\AppData\Local\Setup Integrity Check
2014-04-27 20:26 . 2014-04-27 20:39 -------- d-----w- c:\program files (x86)\Might and Magic X Legacy
2014-04-25 11:47 . 2014-04-25 11:47 -------- d-----w- c:\users\Hrosik-Woytman\AppData\Local\GIANTS Editor 5.0.1
2014-04-25 11:45 . 2014-04-25 11:45 -------- d-----w- c:\program files (x86)\GIANTS Software
2014-04-24 21:35 . 2014-04-24 21:35 -------- d--h--r- c:\users\Hrosik-Woytman\AppData\Roaming\SecuROM
2014-04-24 20:35 . 2014-04-03 07:51 63192 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-04-24 20:35 . 2014-04-03 07:51 88280 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-04-24 20:35 . 2014-04-03 07:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-04-24 20:35 . 2014-05-15 13:05 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-04-24 20:14 . 2014-04-24 20:15 -------- d-----w- c:\users\woyta
2014-04-23 09:36 . 2014-04-23 09:36 -------- d-----w- c:\program files\Alan Wake
2014-04-23 06:22 . 2014-04-23 06:22 -------- d-----w- c:\users\Hrosik-Woytman\AppData\Local\CrashRpt
2014-04-21 20:40 . 2014-04-23 18:39 -------- d-----w- c:\program files\MAXON
2014-04-21 20:38 . 2014-04-23 19:02 -------- d-----w- c:\users\Hrosik-Woytman\AppData\Roaming\MAXON
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-17 19:11 . 2014-03-30 13:23 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-14 10:23 . 2014-02-25 18:34 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 10:23 . 2014-02-25 18:34 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-05 23:55 . 2014-04-05 23:41 94208 ----a-w- c:\windows\DIIUnin.exe
2014-04-05 23:55 . 2014-04-05 23:41 2829 ----a-w- c:\windows\DIIUnin.pif
2014-04-05 23:26 . 2014-04-05 23:26 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-04-05 23:08 . 2014-04-05 22:26 386680 ----a-w- c:\windows\system32\drivers\sptd.sys
2014-04-05 22:52 . 2014-04-05 22:52 249856 ------w- c:\windows\Setup1.exe
2014-04-05 22:52 . 2014-04-05 22:52 73216 ----a-w- c:\windows\ST6UNST.EXE
2014-03-31 01:51 . 2014-02-22 01:26 90655440 ----a-w- c:\windows\system32\MRT.exe
2014-03-30 21:42 . 2014-03-30 21:42 71680 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2014-03-30 00:37 . 2014-03-30 00:37 61112 ----a-w- c:\windows\system32\drivers\wStLib64.sys
2014-03-27 19:57 . 2014-03-27 19:56 2048 ----a-w- c:\windows\SysWow64\winver.exe
2014-03-27 19:57 . 2014-03-27 19:56 833024 ----a-w- c:\windows\SysWow64\user32.dll
2014-03-27 19:56 . 2014-03-27 19:56 410624 ----a-w- c:\windows\SysWow64\systemcpl.dll
2014-03-27 19:56 . 2014-03-27 19:56 1536 ----a-w- c:\windows\SysWow64\sppcomapi.dll
2014-03-27 19:56 . 2014-03-27 19:56 113543 ----a-w- c:\windows\SysWow64\slmgr.vbs
2014-03-04 14:35 . 2014-03-29 23:43 832936 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2014-03-04 14:35 . 2014-03-29 23:43 33736 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2014-03-04 14:35 . 2014-03-29 23:43 18302384 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-03-04 14:35 . 2014-03-29 23:43 15783992 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-03-04 14:35 . 2014-03-29 23:43 9690424 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-03-04 14:35 . 2014-03-29 23:43 892704 ----a-w- c:\windows\system32\NvIFR64.dll
2014-03-04 14:35 . 2014-03-29 23:43 877856 ----a-w- c:\windows\system32\NvFBC64.dll
2014-03-04 14:35 . 2014-03-29 23:43 863064 ----a-w- c:\windows\SysWow64\NvIFR.dll
2014-03-04 14:35 . 2014-03-29 23:43 846168 ----a-w- c:\windows\SysWow64\NvFBC.dll
2014-03-04 14:35 . 2014-03-29 23:43 353504 ----a-w- c:\windows\system32\nvoglshim64.dll
2014-03-04 14:35 . 2014-03-29 23:43 31474976 ----a-w- c:\windows\system32\nvoglv64.dll
2014-03-04 14:35 . 2014-03-29 23:43 305600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2014-03-04 14:35 . 2014-03-29 23:43 23716640 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2014-03-04 14:35 . 2014-03-29 23:43 12708128 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2014-03-04 14:35 . 2014-03-29 23:43 11589272 ----a-w- c:\windows\system32\nvopencl.dll
2014-03-04 14:35 . 2014-03-29 23:43 9728064 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-03-04 14:35 . 2014-03-29 23:43 3143456 ----a-w- c:\windows\system32\nvcuvid.dll
2014-03-04 14:35 . 2014-03-29 23:43 2958792 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2014-03-04 14:35 . 2014-03-29 23:43 2783008 ----a-w- c:\windows\system32\nvcuvenc.dll
2014-03-04 14:35 . 2014-03-29 23:43 2411976 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2014-03-04 14:35 . 2014-03-29 23:43 1885472 ----a-w- c:\windows\system32\nvdispco6433523.dll
2014-03-04 14:35 . 2014-03-29 23:43 17755424 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-03-04 14:35 . 2014-03-29 23:43 1516488 ----a-w- c:\windows\system32\nvdispgenco6433523.dll
2014-03-04 14:35 . 2014-03-29 23:43 14709720 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-03-04 14:35 . 2014-03-29 23:43 11636176 ----a-w- c:\windows\system32\nvcuda.dll
2014-03-04 14:35 . 2014-03-29 23:43 2715264 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-03-04 14:35 . 2014-03-29 23:43 25255256 ----a-w- c:\windows\system32\nvcompiler.dll
2014-03-04 14:35 . 2014-03-29 23:43 17561544 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2014-03-04 14:35 . 2014-02-21 23:45 947808 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-03-04 14:35 . 2014-02-21 23:45 3093280 ----a-w- c:\windows\system32\nvapi64.dll
2014-03-04 14:35 . 2014-02-21 23:45 174296 ----a-w- c:\windows\system32\nvinitx.dll
2014-03-04 14:35 . 2014-02-21 23:45 148016 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-03-04 13:06 . 2014-02-21 23:47 6714312 ----a-w- c:\windows\system32\nvcpl.dll
2014-03-04 13:06 . 2014-02-21 23:47 3497816 ----a-w- c:\windows\system32\nvsvc64.dll
2014-03-04 13:05 . 2014-02-21 23:47 922968 ----a-w- c:\windows\system32\nvvsvc.exe
2014-03-04 13:05 . 2014-02-21 23:47 64968 ----a-w- c:\windows\system32\nvshext.dll
2014-03-04 13:05 . 2014-02-21 23:47 2558808 ----a-w- c:\windows\system32\nvsvcr.dll
2014-03-04 13:05 . 2014-02-21 23:47 607064 ----a-w- c:\windows\SysWow64\oemdspif.dll
2014-03-04 13:05 . 2014-02-21 23:47 67072 ----a-w- c:\windows\system32\nv3dappshextr.dll
2014-03-04 13:05 . 2014-02-21 23:47 386336 ----a-w- c:\windows\system32\nvmctray.dll
2014-03-04 13:05 . 2014-02-21 23:47 1075032 ----a-w- c:\windows\system32\nv3dappshext.dll
2014-03-04 13:05 . 2014-02-21 23:47 3649185 ----a-w- c:\windows\system32\nvcoproc.bin
2014-03-04 09:17 . 2014-04-29 21:13 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-02-27 14:28 . 2014-02-27 14:28 348160 ----a-w- c:\windows\SysWow64\Msvcr71.dll
2014-02-27 14:28 . 2014-02-27 14:28 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2014-02-27 14:28 . 2014-02-27 14:28 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2014-02-27 14:27 . 2014-02-27 14:27 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2014-02-24 19:39 . 2014-02-21 23:19 552176 ----a-w- c:\windows\system32\drivers\SynTP.sys
2014-02-24 19:39 . 2014-02-21 23:19 31472 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys
2014-02-24 19:39 . 2014-03-29 23:34 208112 ----a-w- c:\windows\system32\SynTPCo20.dll
2014-02-24 19:39 . 2014-02-21 23:19 254704 ----a-w- c:\windows\system32\SynTPAPI.dll
2014-02-24 19:39 . 2014-02-21 23:19 404720 ----a-w- c:\windows\SysWow64\SynCom.dll
2014-02-24 19:39 . 2014-02-21 23:19 745200 ----a-w- c:\windows\system32\SynCOM.dll
2014-02-24 00:47 . 2014-02-24 00:47 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-02-24 00:47 . 2014-02-24 00:47 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-02-24 00:47 . 2014-02-24 00:47 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-02-24 00:47 . 2014-02-24 00:47 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-02-24 00:47 . 2014-02-24 00:47 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-02-24 00:47 . 2014-02-24 00:47 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-02-24 00:47 . 2014-02-24 00:47 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-02-24 00:47 . 2014-02-24 00:47 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-02-24 00:47 . 2014-02-24 00:47 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-02-24 00:47 . 2014-02-24 00:47 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-02-24 00:47 . 2014-02-24 00:47 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-02-24 00:47 . 2014-02-24 00:47 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-02-24 00:47 . 2014-02-24 00:47 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-02-24 00:47 . 2014-02-24 00:47 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-02-24 00:47 . 2014-02-24 00:47 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-02-24 00:47 . 2014-02-24 00:47 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-02-24 00:47 . 2014-02-24 00:47 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-02-24 00:47 . 2014-02-24 00:47 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-02-24 00:47 . 2014-02-24 00:47 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-02-24 00:47 . 2014-02-24 00:47 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-02-24 00:47 . 2014-02-24 00:47 77312 ----a-w- c:\windows\system32\tdc.ocx
2014-02-24 00:47 . 2014-02-24 00:47 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-02-24 00:47 . 2014-02-24 00:47 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-02-24 00:47 . 2014-02-24 00:47 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-02-24 00:47 . 2014-02-24 00:47 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-02-24 00:47 . 2014-02-24 00:47 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-02-24 00:47 . 2014-02-24 00:47 247808 ----a-w- c:\windows\system32\msls31.dll
2014-02-24 00:47 . 2014-02-24 00:47 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-02-24 00:47 . 2014-02-24 00:47 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-02-24 00:47 . 2014-02-24 00:47 105984 ----a-w- c:\windows\system32\iesysprep.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2010-11-20 . E573BD9AB55C8E333C202B9E255F972E . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\users\Hrosik-Woytman\AppData\Roaming\uTorrent\uTorrent.exe" [2014-04-26 1266520]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2012-08-31 508656]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2014-05-13 5181456]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2013-3-29 1395416]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RCUVCAVS;Ricoh UVC AVStream driver;c:\windows\system32\DRIVERS\RCUVCAVS.sys;c:\windows\SYSNATIVE\DRIVERS\RCUVCAVS.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;tsusbhub [x]
R4 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R4 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
R4 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
R4 ExpressCache;ExpressCache;c:\program files\Condusiv Technologies\ExpressCache\ExpressCache.exe;c:\program files\Condusiv Technologies\ExpressCache\ExpressCache.exe [x]
R4 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [x]
R4 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [x]
R4 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [x]
R4 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [x]
R4 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [x]
R4 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 excsd;ExpressCache Storage Filter Driver;c:\windows\system32\DRIVERS\excsd.sys;c:\windows\SYSNATIVE\DRIVERS\excsd.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 excfs;ExpressCache File System Filter Driver;c:\windows\system32\DRIVERS\excfs.sys;c:\windows\SYSNATIVE\DRIVERS\excfs.sys [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 SAService;Conexant SmartAudio service;c:\windows\system32\SAsrv.exe;c:\windows\SYSNATIVE\SAsrv.exe [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsP2Stor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-14 22:04 1077576 ----a-w- c:\program files (x86)\Google\Chrome\Application\34.0.1847.137\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-05-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-25 10:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-06-06 399856]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-06-06 442352]
"SmartAudio"="c:\program files\CONEXANT\SAII\SACpl.exe" [2012-06-13 1647616]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2012-06-14 887968]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-02-05 2234144]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2014-01-28 297008]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SYSTEM32\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.10.254
FF - ProfilePath - c:\users\Hrosik-Woytman\AppData\Roaming\Mozilla\Firefox\Profiles\4cdpypkw.default\
FF - prefs.js: keyword.URL -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{7E979ABE-4C1A-4248-BF27-17C668A05798} - c:\programdata\{FD433863-51C6-4D7C-9193-D0644A854F23}\Max Payne 3 Česky 0.58.1.0.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3529244034-2779903136-2417513714-1000\Software\SecuROM\License information*]
"datasecu"=hex:6d,bb,80,ca,58,6a,61,7c,13,2d,05,98,d5,a8,b6,d9,4f,7e,ae,88,37,
47,f8,d2,07,1b,74,e4,74,9b,5c,2b,3b,fa,1c,47,3b,ad,d8,ae,6e,1b,7c,8e,3d,ad,\
"rkeysecu"=hex:cc,f3,0f,b8,b5,05,ae,94,32,98,15,3f,d5,08,01,0f
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\SAsrv.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-05-21 20:42:42 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-05-21 18:42
ComboFix2.txt 2014-05-20 18:55
.
Před spuštěním: Volných bajtů: 300 154 548 224
Po spuštění: Volných bajtů: 299 872 604 160
.
- - End Of File - - 86CAAEA2E3E4605363B3B99FB4D51D37
A36C5E4F47E84449FF07ED3517B43A31
_____________________
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-05-21 20:45:23
-----------------------------
20:45:23.989 OS Version: Windows x64 6.1.7601 Service Pack 1
20:45:23.989 Number of processors: 2 586 0x3A09
20:45:23.989 ComputerName: HROCH UserName:
20:45:27.405 Initialize success
20:45:35.633 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
20:45:35.633 Disk 0 Vendor: WDC_WD10JPVT-08A1YT2 01.01A01 Size: 953869MB BusType: 11
20:45:35.695 Disk 0 MBR read successfully
20:45:35.695 Disk 0 MBR scan
20:45:35.695 Disk 0 Windows 7 default MBR code
20:45:35.726 Disk 0 Partition 1 80 (A) 0B FAT32 FRDOS5.1 1024 MB offset 2048
20:45:35.835 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 952843 MB offset 2099200
20:45:35.945 Disk 0 scanning C:\Windows\system32\drivers
20:46:06.864 Service scanning
20:47:32.898 Modules scanning
20:47:32.898 Disk 0 trace - called modules:
20:47:32.914 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa800425a2c0]<<sptd.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
20:47:32.914 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004eb1370]
20:47:32.914 3 CLASSPNP.SYS[fffff88001a0143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004d5f060]
20:47:32.929 \Driver\atapi[0xfffffa8004cf35a0] -> IRP_MJ_CREATE -> 0xfffffa800425a2c0
20:47:32.929 Scan finished successfully
20:48:21.554 Disk 0 MBR has been saved successfully to "C:\Users\Hrosik-Woytman\Desktop\MBR.dat"
20:48:21.554 The log file has been saved successfully to "C:\Users\Hrosik-Woytman\Desktop\aswMBR.txt"
Využití paměti 50% v nečinnosti
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Využití paměti 50% v nečinnosti
c:\users\woyta tak ten účet vymaž.
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Vlož nový log z HJT + info o problémech.
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Vlož nový log z HJT + info o problémech.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
autoprd
- Level 4.5
- Příspěvky: 1715
- Registrován: únor 09
- Bydliště: ▼▲☺U Pc ☺▼▲
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Využití paměti 50% v nečinnosti
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:57:06, on 22.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Users\Hrosik-Woytman\Desktop\hijackthis (1).exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Hrosik-Woytman\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9451 bytes
_____________
Tak pc jede pořád na těch 40-50% nu ale jsem rád že se pc vyčistil a je i trochu rychlejší mockrát děkuju
Scan saved at 12:57:06, on 22.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Users\Hrosik-Woytman\Desktop\hijackthis (1).exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Hrosik-Woytman\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9451 bytes
_____________
Tak pc jede pořád na těch 40-50% nu ale jsem rád že se pc vyčistil a je i trochu rychlejší mockrát děkuju
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Využití paměti 50% v nečinnosti
To bude možná nějaký HW problém.
Ještě:
Stáhni Kaspersky VRT
na svojí plochu.
Spusť program Kaspersky VRT, .Program se nainstaluje.
Potvrď licenci a klikni na „Start“ . Pokud program nabídne aktualizaci , klikni dole na na „Download Now“.
- Klikni na ozubené kolečko v pravém horním rohu. V okně vyber kromě již zatržených , svojí jednotku disku , pokud jich máš víc , můžeš zatrhnout všechny.
- zvol „Automatic Scan“ nahoře vlevo. a stiskni tlačítko „Start Scanning“
- Program začne skenovat zatržené jednotky
Zaškrtnuté :
Hidden startup objects
System Memory
Disk boot sectors
Počítač
Místní disk C
Nezašrkrtnuté:
Dokumenty
My email
Místní disk D
Jednotka DVD-Rom (E)
Jednotka BD-ROM (G)
Disketová jednotka
A jiné , např. Flash disky , které máš připojeny.
- povol programu Virus Removal Tool odstranit všechny nalezené infekce
- jakmile sken skončí ,zvol záložku „Report“ , vpravo nahoře (vedle ozubeného kolečka)
- klikni na „Detected Threads“ a klikni na obrázek diskety („Save“)
- ulož do počítače zprávu a vložit ji sem do příspěvku
Ještě:
Stáhni Kaspersky VRT
na svojí plochu.
Spusť program Kaspersky VRT, .Program se nainstaluje.
Potvrď licenci a klikni na „Start“ . Pokud program nabídne aktualizaci , klikni dole na na „Download Now“.
- Klikni na ozubené kolečko v pravém horním rohu. V okně vyber kromě již zatržených , svojí jednotku disku , pokud jich máš víc , můžeš zatrhnout všechny.
- zvol „Automatic Scan“ nahoře vlevo. a stiskni tlačítko „Start Scanning“
- Program začne skenovat zatržené jednotky
Zaškrtnuté :
Hidden startup objects
System Memory
Disk boot sectors
Počítač
Místní disk C
Nezašrkrtnuté:
Dokumenty
My email
Místní disk D
Jednotka DVD-Rom (E)
Jednotka BD-ROM (G)
Disketová jednotka
A jiné , např. Flash disky , které máš připojeny.
- povol programu Virus Removal Tool odstranit všechny nalezené infekce
- jakmile sken skončí ,zvol záložku „Report“ , vpravo nahoře (vedle ozubeného kolečka)
- klikni na „Detected Threads“ a klikni na obrázek diskety („Save“)
- ulož do počítače zprávu a vložit ji sem do příspěvku
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 27 hostů