Zavirovaný systém? Nevím co dál :-(

Vstrom650 · Příspěvekod **Vstrom650** » 27 čer 2014 07:38

No jo, zatím jsem se ale nic kloudného nedozvěděl. Jsem rád, že to maká a děkuju členům Security teamu, ale že by to takhle dlouho najíždělo se mi moc nezdá. Pokud je to tou mou verzí, tak mě to docela štve, hlavně jsem byl zvyklej na hibernaci u ntb, kde to naběhlo hodně rychle

Reklama

Příspěvekod **jaro3** » 27 čer 2014 10:17

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\programdata\Norton
c:\program files (x86)\Google\Update

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Vstrom650 · Příspěvekod **Vstrom650** » 28 čer 2014 11:55

ComboFix 14-06-27.01 - Pavel 28.06.2014 11:28:17.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8068.6325 [GMT 2:00]
Spuštěný z: c:\users\Pavel\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Pavel\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.24.15\goopdate.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.24.15\psmachine.dll
c:\program files (x86)\Google\Update\1.3.24.15\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.24.15\psuser.dll
c:\program files (x86)\Google\Update\1.3.24.15\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.24.15\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\35.0.1916.153\35.0.1916.153_chrome_installer.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\programdata\Norton
c:\programdata\Norton\{086A63F0-6B13-4F29-9695-134E7A01E963}\LC.INI
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-05-28 do 2014-06-28 )))))))))))))))))))))))))))))))
.
.
2014-06-26 16:12 . 2014-06-26 16:12 31648 ----a-w- c:\windows\system32\drivers\HWiNFO64A.SYS
2014-06-25 20:08 . 2014-06-25 20:08 85328 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-06-25 20:08 . 2014-06-25 20:08 423240 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-06-25 20:08 . 2014-06-25 20:08 1039096 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-06-25 20:08 . 2014-06-25 20:08 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-06-25 20:08 . 2014-06-25 20:08 208416 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-06-25 20:08 . 2014-06-25 20:08 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-06-25 20:08 . 2014-06-25 20:08 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-06-25 20:08 . 2014-06-25 20:08 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-06-25 20:08 . 2014-06-25 20:08 334648 ----a-w- c:\windows\system32\aswBoot.exe
2014-06-25 20:08 . 2014-06-25 20:08 43152 ----a-w- c:\windows\avastSS.scr
2014-06-25 20:05 . 2014-06-25 20:05 -------- d-----w- c:\program files\AVAST Software
2014-06-25 19:09 . 2014-06-25 20:04 -------- d-----w- c:\programdata\AVAST Software
2014-06-25 13:14 . 2014-06-25 13:14 -------- d-----w- c:\programdata\RogueKiller
2014-06-25 12:53 . 2014-06-25 12:53 -------- d-----w- c:\windows\ERUNT
2014-06-25 12:28 . 2014-06-25 12:28 180 ----a-w- c:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-06-24 19:36 . 2014-06-24 19:38 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-24 19:36 . 2014-06-24 19:36 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-06-24 19:36 . 2014-06-24 19:36 -------- d-----w- c:\programdata\Malwarebytes
2014-06-24 19:36 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-06-24 19:36 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-24 19:36 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-06-24 19:25 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-06-24 19:25 . 2014-06-25 12:35 -------- d-----w- C:\AdwCleaner
2014-06-23 20:40 . 2014-06-23 20:40 -------- d-----w- c:\program files (x86)\2K Games
2014-06-23 20:34 . 2014-06-23 20:34 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2014-06-23 20:21 . 2014-06-23 20:21 -------- d-----w- c:\windows\PCHEALTH
2014-06-23 20:19 . 2014-06-23 20:19 -------- d-----w- c:\program files\Microsoft Office
2014-06-23 20:19 . 2014-06-23 20:21 -------- d-----w- c:\programdata\Microsoft Help
2014-06-23 20:18 . 2014-06-23 20:18 -------- d-----r- C:\MSOCache
2014-06-23 20:14 . 2014-06-23 20:14 -------- d-----w- c:\programdata\Zoner
2014-06-23 20:13 . 2014-06-23 20:13 -------- d-----w- c:\program files\Zoner
2014-06-23 20:08 . 2014-06-23 20:08 -------- d-----w- c:\program files (x86)\Lavalys
2014-06-23 04:15 . 2014-06-22 18:27 -------- d-----w- c:\windows\Panther
2014-06-22 21:18 . 2014-06-22 21:18 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-06-22 21:17 . 2014-06-22 21:17 -------- d-----w- c:\programdata\Orbit
2014-06-22 21:08 . 2014-06-22 21:08 -------- d-----w- c:\program files\CPUID
2014-06-22 21:01 . 2014-06-22 21:01 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-06-22 21:01 . 2014-05-19 23:10 601432 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-06-22 20:52 . 2014-06-25 21:41 -------- d-----w- c:\program files\HWiNFO64
2014-06-22 20:51 . 2014-06-25 20:29 -------- d-----w- c:\program files (x86)\SpeedFan
2014-06-22 20:26 . 2014-06-22 21:18 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-06-22 20:26 . 2014-06-22 20:26 282512 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-06-22 20:26 . 2014-06-22 20:26 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-06-22 20:23 . 2014-06-18 14:55 61112 ----a-w- c:\windows\system32\drivers\{b2db3058-74ee-4ace-bcd8-8cd0fbe3a4f6}Gw64.sys
2014-06-22 20:23 . 2014-06-22 20:23 -------- d-----w- c:\program files (x86)\VideoLAN
2014-06-22 20:23 . 2014-06-22 20:23 -------- d-----w- c:\programdata\WinZip
2014-06-22 20:14 . 2014-04-03 20:05 323584 ---h--w- c:\windows\system32\workgroup
2014-06-22 20:12 . 2014-06-22 20:12 -------- d-----w- c:\program files (x86)\7-Zip
2014-06-22 20:11 . 2014-06-22 20:26 -------- d-----w- c:\program files (x86)\Ubisoft
2014-06-22 20:10 . 2010-05-26 09:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
2014-06-22 20:10 . 2010-05-26 09:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll
2014-06-22 20:10 . 2010-05-26 09:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll
2014-06-22 20:10 . 2010-05-26 09:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll
2014-06-22 20:10 . 2010-05-26 09:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
2014-06-22 20:10 . 2010-05-26 09:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2014-06-22 20:10 . 2014-05-29 23:07 1291232 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-06-22 20:10 . 2014-05-29 23:07 1715176 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-06-22 20:06 . 2014-06-22 20:06 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-06-22 20:06 . 2014-06-22 20:06 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2014-06-22 20:05 . 2014-06-22 20:10 -------- d-----w- c:\programdata\DAEMON Tools Lite
2014-06-22 19:56 . 2014-06-22 19:59 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2014-06-22 19:47 . 2014-06-22 19:47 -------- d-----w- c:\programdata\NortonInstaller
2014-06-22 19:46 . 2014-06-28 09:35 -------- d-----w- c:\program files (x86)\Google
2014-06-22 19:22 . 2014-06-22 19:22 -------- d-----w- c:\program files (x86)\Seznam.cz
2014-06-22 19:15 . 2014-06-22 19:15 451 ----a-w- c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-06-22 19:14 . 2014-05-29 23:07 1122312 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-06-22 19:14 . 2014-05-29 23:07 1279480 ----a-w- c:\windows\system32\nvspcap64.dll
2014-06-22 19:13 . 2014-06-28 09:39 -------- d-----w- c:\programdata\NVIDIA
2014-06-22 19:13 . 2014-05-20 01:25 6769096 ----a-w- c:\windows\system32\nvcpl.dll
2014-06-22 19:13 . 2014-05-20 01:25 3514144 ----a-w- c:\windows\system32\nvsvc64.dll
2014-06-22 19:13 . 2014-05-20 01:25 927520 ----a-w- c:\windows\system32\nvvsvc.exe
2014-06-22 19:13 . 2014-05-20 01:25 62808 ----a-w- c:\windows\system32\nvshext.dll
2014-06-22 19:13 . 2014-05-20 01:25 387528 ----a-w- c:\windows\system32\nvmctray.dll
2014-06-22 19:13 . 2014-05-20 01:25 2560968 ----a-w- c:\windows\system32\nvsvcr.dll
2014-06-22 19:13 . 2014-05-14 23:49 3774821 ----a-w- c:\windows\system32\nvcoproc.bin
2014-06-22 19:11 . 2014-06-22 20:10 -------- d-----w- c:\program files\NVIDIA Corporation
2014-06-22 19:08 . 2014-06-22 19:08 -------- d--h--w- c:\windows\system32\WLANProfiles
2014-06-22 19:08 . 2014-06-22 19:08 -------- d-----w- c:\users\Public\Roaming
2014-06-22 19:08 . 2014-06-22 19:08 -------- d-----w- c:\users\Default\Roaming
2014-06-22 19:08 . 2014-06-22 19:08 -------- d-----w- c:\program files\Common Files\Intel
2014-06-22 19:08 . 2014-06-22 19:08 -------- d-----w- c:\program files (x86)\Cisco
2014-06-22 19:07 . 2014-06-22 19:07 -------- d-----w- c:\programdata\Package Cache
2014-06-22 19:05 . 2014-06-22 19:05 -------- d-----w- c:\program files (x86)\GIGABYTE
2014-06-22 19:03 . 2014-03-28 11:06 64000 ----a-w- c:\windows\system32\OpenCL.DLL
2014-06-22 19:03 . 2014-03-28 11:06 60416 ----a-w- c:\windows\SysWow64\OpenCL.DLL
2014-06-22 19:03 . 2014-06-22 19:03 -------- d-----w- c:\program files (x86)\Common Files\Intel
2014-06-22 19:01 . 2012-08-31 23:00 32400 ----a-w- c:\windows\system32\drivers\RtVlan620.sys
2014-06-22 19:01 . 2012-07-03 12:32 58512 ----a-w- c:\windows\system32\drivers\RtTeam620.sys
2014-06-22 19:01 . 2011-06-15 13:11 32544 ----a-w- c:\windows\system32\drivers\RtNdPt60.sys
2014-06-22 18:59 . 2014-03-18 02:44 906968 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2014-06-22 18:59 . 2014-03-18 02:44 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-06-22 18:59 . 2014-03-18 02:44 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-06-22 18:58 . 2014-02-21 05:56 41984 ----a-w- c:\windows\system32\drivers\USB3Ver.dll
2014-06-22 18:58 . 2014-02-21 05:56 20464 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys
2014-06-22 18:58 . 2014-02-21 05:56 791024 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys
2014-06-22 18:58 . 2014-02-21 05:56 370672 ----a-w- c:\windows\system32\drivers\iusb3hub.sys
2014-06-22 18:57 . 2014-06-22 18:57 -------- d-----w- c:\program files (x86)\Common Files\Intel Corporation
2014-06-22 18:57 . 2013-09-16 10:17 16344 ----a-w- c:\windows\system32\drivers\IntelMEFWVer.dll
2014-06-22 18:56 . 2014-06-22 18:56 -------- d-----w- c:\program files (x86)\Common Files\postureAgent
2014-06-22 18:56 . 2013-09-16 10:17 99288 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
2014-06-22 18:53 . 2014-06-22 18:53 -------- d-----w- c:\windows\SysWow64\config\systemprofile\Intel
2014-06-22 18:53 . 2014-06-22 19:08 -------- d-----w- c:\programdata\Intel
2014-06-22 18:51 . 2013-08-21 13:16 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2014-06-22 18:50 . 2014-06-22 19:03 -------- d-----w- C:\Intel
2014-06-22 18:50 . 2014-06-22 18:50 -------- d-----w- c:\windows\system32\drivers\Win64
2014-06-22 18:49 . 2014-06-22 19:08 -------- d-----w- c:\program files\Intel
2014-06-22 18:49 . 2014-06-22 19:08 -------- d-----w- c:\program files (x86)\Intel
2014-06-22 18:27 . 2014-06-22 19:15 -------- d-----w- c:\users\Pavel
2014-06-22 18:16 . 2009-07-14 01:41 101376 ----a-w- c:\windows\system32\Spool\prtprocs\x64\HPZPPWN7.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-23 20:54 . 2014-04-29 17:03 6656 ----a-w- c:\windows\system32\lpcio.dll
2014-04-30 12:38 . 2014-04-29 17:19 2250240 ----a-w- c:\windows\system32\WinToolkitRunOnce.exe
2014-04-29 19:47 . 2014-04-29 19:47 574976 ----a-w- c:\windows\system32\ieui.dll
2014-04-29 19:47 . 2014-04-29 19:47 13551616 ----a-w- c:\windows\system32\ieframe.dll
2014-04-29 19:46 . 2014-04-29 19:46 628736 ----a-w- c:\windows\system32\msfeeds.dll
2014-04-29 19:46 . 2014-04-29 19:46 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2014-04-29 19:46 . 2014-04-29 19:46 296960 ----a-w- c:\windows\system32\dxtrans.dll
2014-04-29 19:46 . 2014-04-29 19:46 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-04-29 19:46 . 2014-04-29 19:46 846336 ----a-w- c:\windows\system32\ieapfltr.dll
2014-04-29 19:46 . 2014-04-29 19:46 752640 ----a-w- c:\windows\system32\jscript9diag.dll
2014-04-29 19:46 . 2014-04-29 19:46 66048 ----a-w- c:\windows\system32\iesetup.dll
2014-04-29 19:46 . 2014-04-29 19:46 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-04-29 19:46 . 2014-04-29 19:46 592896 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-04-29 19:46 . 2014-04-29 19:46 586240 ----a-w- c:\windows\system32\ie4uinit.exe
2014-04-29 19:46 . 2014-04-29 19:46 5784064 ----a-w- c:\windows\system32\jscript9.dll
2014-04-29 19:46 . 2014-04-29 19:46 548352 ----a-w- c:\windows\system32\vbscript.dll
2014-04-29 19:46 . 2014-04-29 19:46 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-04-29 19:46 . 2014-04-29 19:46 51200 ----a-w- c:\windows\system32\jsproxy.dll
2014-04-29 19:46 . 2014-04-29 19:46 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-04-29 19:46 . 2014-04-29 19:46 455168 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-04-29 19:46 . 2014-04-29 19:46 4254720 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-04-29 19:46 . 2014-04-29 19:46 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-04-29 19:46 . 2014-04-29 19:46 38400 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-04-29 19:46 . 2014-04-29 19:46 33792 ----a-w- c:\windows\system32\iernonce.dll
2014-04-29 19:46 . 2014-04-29 19:46 32256 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-04-29 19:46 . 2014-04-29 19:46 2767360 ----a-w- c:\windows\system32\iertutil.dll
2014-04-29 19:46 . 2014-04-29 19:46 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-04-29 19:46 . 2014-04-29 19:46 23549440 ----a-w- c:\windows\system32\mshtml.dll
2014-04-29 19:46 . 2014-04-29 19:46 2260480 ----a-w- c:\windows\system32\wininet.dll
2014-04-29 19:46 . 2014-04-29 19:46 2043904 ----a-w- c:\windows\system32\inetcpl.cpl
2014-04-29 19:46 . 2014-04-29 19:46 1967104 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-04-29 19:46 . 2014-04-29 19:46 195584 ----a-w- c:\windows\system32\msrating.dll
2014-04-29 19:46 . 2014-04-29 19:46 1789440 ----a-w- c:\windows\SysWow64\wininet.dll
2014-04-29 19:46 . 2014-04-29 19:46 1400832 ----a-w- c:\windows\system32\urlmon.dll
2014-04-29 19:46 . 2014-04-29 19:46 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2014-04-29 19:46 . 2014-04-29 19:46 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-04-29 19:46 . 2014-04-29 19:46 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-04-29 19:46 . 2014-04-29 19:46 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-04-29 19:45 . 2014-04-29 19:45 6574592 ----a-w- c:\windows\system32\mstscax.dll
2014-04-29 19:45 . 2014-04-29 19:45 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-04-29 19:45 . 2014-04-29 19:45 855552 ----a-w- c:\windows\SysWow64\rdvidcrl.dll
2014-04-29 19:45 . 2014-04-29 19:45 83968 ----a-w- c:\windows\system32\TSWbPrxy.exe
2014-04-29 19:45 . 2014-04-29 19:45 56832 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2014-04-29 19:45 . 2014-04-29 19:45 53248 ----a-w- c:\windows\SysWow64\tsgqec.dll
2014-04-29 19:45 . 2014-04-29 19:45 50176 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll
2014-04-29 19:45 . 2014-04-29 19:45 18944 ----a-w- c:\windows\system32\wksprtPS.dll
2014-04-29 19:45 . 2014-04-29 19:45 17920 ----a-w- c:\windows\SysWow64\wksprtPS.dll
2014-04-29 19:45 . 2014-04-29 19:45 1147392 ----a-w- c:\windows\system32\mstsc.exe
2014-04-29 19:45 . 2014-04-29 19:45 1068544 ----a-w- c:\windows\SysWow64\mstsc.exe
2014-04-29 19:45 . 2014-04-29 19:45 62976 ----a-w- c:\windows\system32\tsgqec.dll
2014-04-29 19:45 . 2014-04-29 19:45 56832 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2014-04-29 19:45 . 2014-04-29 19:45 44544 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2014-04-29 19:45 . 2014-04-29 19:45 420864 ----a-w- c:\windows\system32\wksprt.exe
2014-04-29 19:45 . 2014-04-29 19:45 29696 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2014-04-29 19:45 . 2014-04-29 19:45 13824 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-04-29 19:45 . 2014-04-29 19:45 12800 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-04-29 19:45 . 2014-04-29 19:45 1057280 ----a-w- c:\windows\system32\rdvidcrl.dll
2014-04-29 19:45 . 2014-04-29 19:45 3178496 ----a-w- c:\windows\system32\rdpcorets.dll
2014-04-29 19:45 . 2014-04-29 19:45 243200 ----a-w- c:\windows\system32\rdpudd.dll
2014-04-29 19:45 . 2014-04-29 19:45 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-04-29 19:43 . 2014-04-29 19:43 29696 ----a-w- c:\windows\system32\drivers\terminpt.sys
2014-04-29 19:43 . 2014-04-29 19:43 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2014-04-29 19:43 . 2014-04-29 19:43 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2014-04-29 19:43 . 2014-04-29 19:43 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2014-04-29 19:43 . 2014-04-29 19:43 792576 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-04-29 19:43 . 2014-04-29 19:43 1030144 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-04-29 17:17 . 2014-04-29 17:17 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-04-29 17:17 . 2014-04-29 17:17 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-04-29 17:17 . 2014-04-29 17:17 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-04-29 17:17 . 2014-04-29 17:17 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-04-29 17:17 . 2014-04-29 17:17 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-04-29 17:17 . 2014-04-29 17:17 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-04-29 17:17 . 2014-04-29 17:17 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-04-29 17:17 . 2014-04-29 17:17 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-04-29 17:17 . 2014-04-29 17:17 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-04-29 17:17 . 2014-04-29 17:17 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-04-29 17:17 . 2014-04-29 17:17 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-04-29 17:17 . 2014-04-29 17:17 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-04-29 17:17 . 2014-04-29 17:17 247808 ----a-w- c:\windows\system32\msls31.dll
2014-04-29 17:17 . 2014-04-29 17:17 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-04-29 17:17 . 2014-04-29 17:17 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-04-29 17:17 . 2014-04-29 17:17 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-04-29 17:17 . 2014-04-29 17:17 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-04-29 17:17 . 2014-04-29 17:17 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-04-29 17:17 . 2014-04-29 17:17 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-04-29 17:17 . 2014-04-29 17:17 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-04-29 17:17 . 2014-04-29 17:17 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-04-29 17:17 . 2014-04-29 17:17 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-04-29 17:17 . 2014-04-29 17:17 81408 ----a-w- c:\windows\system32\icardie.dll
2014-04-29 17:17 . 2014-04-29 17:17 77312 ----a-w- c:\windows\system32\tdc.ocx
2014-04-29 17:17 . 2014-04-29 17:17 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2014-04-29 17:17 . 2014-04-29 17:17 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-04-29 17:17 . 2014-04-29 17:17 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-04-29 17:17 . 2014-04-29 17:17 413696 ----a-w- c:\windows\system32\html.iec
2014-04-29 17:17 . 2014-04-29 17:17 30208 ----a-w- c:\windows\system32\licmgr10.dll
2014-04-29 17:17 . 2014-04-29 17:17 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2014-04-29 17:17 . 2014-04-29 17:17 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-04-29 17:17 . 2014-04-29 17:17 235520 ----a-w- c:\windows\system32\url.dll
2014-04-29 17:17 . 2014-04-29 17:17 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-04-29 17:17 . 2014-04-29 17:17 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-02-21 292848]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2013-09-16 134616]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-06-25 3890208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.20);c:\windows\system32\DRIVERS\RtTeam620.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam620.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan620.sys;c:\windows\SYSNATIVE\DRIVERS\RtVlan620.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 {b2db3058-74ee-4ace-bcd8-8cd0fbe3a4f6}Gw64;{b2db3058-74ee-4ace-bcd8-8cd0fbe3a4f6}Gw64;c:\windows\system32\drivers\{b2db3058-74ee-4ace-bcd8-8cd0fbe3a4f6}Gw64.sys;c:\windows\SYSNATIVE\drivers\{b2db3058-74ee-4ace-bcd8-8cd0fbe3a4f6}Gw64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys;c:\windows\SYSNATIVE\DRIVERS\RtNdPt60.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 Virtual Router;VirtualRouterService;c:\program files (x86)\GIGABYTE\WiFiShare\VirtualRouterService.exe;c:\program files (x86)\GIGABYTE\WiFiShare\VirtualRouterService.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 ibtusb;Aplikace Intel(R) Wireless Bluetooth(R) 4.0 a vysokorychlostní (HS) adaptér;c:\windows\system32\DRIVERS\ibtusb.sys;c:\windows\SYSNATIVE\DRIVERS\ibtusb.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-22 19:48 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-06-25 20:08 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2014-03-14 13671792]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-09-17 184112]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2013-05-21 7830328]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2014-04-11 36352]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-05-29 2352072]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-05-29 1279480]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [BU]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/?clid=13415
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.129.249.177
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-PCData App - c:\program files\PCDApp\uninstaller.exe
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-06-28 11:49:37 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-06-28 09:49
ComboFix2.txt 2014-06-26 22:04
.
Před spuštěním: Volných bajtů: 876 647 972 864
Po spuštění: Volných bajtů: 876 402 356 224
.
- - End Of File - - 961B79D27DE793F351EB0917FC5D9694
A36C5E4F47E84449FF07ED3517B43A31

Vstrom650 · Příspěvekod **Vstrom650** » 28 čer 2014 11:57

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:56:33, on 28.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Pavel\Desktop\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VirtualRouterService (Virtual Router) - Chris Pietschmann (http://pietschsoft.com) - C:\Program Files (x86)\GIGABYTE\WiFiShare\VirtualRouterService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 7962 bytes

Vstrom650 · Příspěvekod **Vstrom650** » 28 čer 2014 12:32

https://www.virustotal.com/en/file/10b2 ... 403951388/
https://www.virustotal.com/en/file/7aa7 ... 403951457/

Vstrom650 · Příspěvekod **Vstrom650** » 28 čer 2014 12:40

aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-06-28 12:34:05
-----------------------------
12:34:05.446 OS Version: Windows x64 6.1.7601 Service Pack 1
12:34:05.446 Number of processors: 4 586 0x3C03
12:34:05.446 ComputerName: PAVEL-PC UserName: Pavel
12:34:05.930 Initialize success
12:34:05.930 VM: initialized successfully
12:34:05.930 VM: outdated driver version !
12:34:09.393 AVAST engine defs: 14062701
12:34:14.619 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006e
12:34:14.619 Disk 0 Vendor: ST1000DM CC49 Size: 953869MB BusType: 11
12:34:14.713 Disk 0 MBR read successfully
12:34:14.728 Disk 0 MBR scan
12:34:14.728 Disk 0 Windows 7 default MBR code
12:34:14.744 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
12:34:14.744 Disk 0 Boot: NTFS code=2
12:34:14.775 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
12:34:14.806 Disk 0 scanning C:\Windows\system32\drivers
12:34:20.235 Service scanning
12:34:33.932 Modules scanning
12:34:33.932 Disk 0 trace - called modules:
12:34:33.963 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys hal.dll iaStorA.sys
12:34:33.963 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009e56060]
12:34:33.979 3 CLASSPNP.SYS[fffff8800100143f] -> nt!IofCallDriver -> [0xfffffa8007b4bc50]
12:34:33.979 5 iaStorF.sys[fffff880018b7f84] -> nt!IofCallDriver -> \Device\0000006e[0xfffffa80075ed1d0]
12:34:34.852 AVAST engine scan C:\Windows
12:34:37.411 AVAST engine scan C:\Windows\system32
12:35:18.002 File: C:\Windows\system32\workgroup **INFECTED** MSIL:Agent-BBO [Trj]
12:35:18.501 File: C:\Windows\system32\WSManMigrationPlugin.dll **INFECTED** Win64:Evo-gen [Susp]
12:35:58.999 AVAST engine scan C:\Windows\system32\drivers
12:36:06.378 AVAST engine scan C:\Users\Pavel
12:36:31.385 File: C:\Users\Pavel\AppData\Local\Math Problem Solver\Uninstall.exe **INFECTED** Win32:Evo-gen [Susp]
12:36:34.770 File: C:\Users\Pavel\AppData\Local\msgr1msgr1.exe **INFECTED** MSIL:Agent-BBO [Trj]
12:37:24.300 AVAST engine scan C:\ProgramData
12:37:33.707 Scan finished successfully
12:38:00.086 Disk 0 MBR has been saved successfully to "C:\Users\Pavel\Desktop\MBR.dat"
12:38:00.086 The log file has been saved successfully to "C:\Users\Pavel\Desktop\aswMBR.txt"

Vstrom650 · Příspěvekod **Vstrom650** » 28 čer 2014 16:49

A má nějakou podporu her atd?

Příspěvekod **Orcus** » 28 čer 2014 18:53

Promazány příspěvky od ostatních, kteří nemají v HJT sekci, co pohledávat!

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

====================================================

Vyčisti systém CCleanerem

====================================================

Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt

Vstrom650 · Příspěvekod **Vstrom650** » 29 čer 2014 11:39

# DelFix v10.7 - Logfile created 29/06/2014 at 10:18:36
# Updated 27/04/2014 by Xplode
# Username : Pavel - PAVEL-PC
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\AdwCleaner
Deleted : C:\ComboFix.txt
Deleted : C:\TDSSKiller.3.0.0.39_25.06.2014_21.44.34_log.txt
Deleted : C:\Users\Pavel\Desktop\AdwCleaner.exe
Deleted : C:\Users\Pavel\Desktop\aswmbr.exe
Deleted : C:\Users\Pavel\Desktop\aswMBR.txt
Deleted : C:\Users\Pavel\Desktop\JRT.exe
Deleted : C:\Users\Pavel\Desktop\hijackthis.exe
Deleted : C:\Users\Pavel\Desktop\hijackthis.log
Deleted : C:\Users\Pavel\Desktop\MBR.dat
Deleted : C:\Users\Pavel\Desktop\RogueKillerX64.exe
Deleted : C:\Users\Pavel\Desktop\tdsskiller.exe
Deleted : C:\Users\Pavel\Downloads\TFC.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Cleaning system restore ...

Deleted : RP #18 [ComboFix created restore point | 06/29/2014 07:45:53]

New restore point created !

########## - EOF - ##########

Vstrom650 · Příspěvekod **Vstrom650** » 29 čer 2014 11:41

Počítač jede dobře a stabilně, bohužel nějak padlo připojení netu. Skoro nic to nechce načítat, tak nainstaluju nové ovladače a uvidím. Signál je plný, ale načítáto hrozně pomalu a kolikrát to nenačte vůbec nic

Příspěvekod **Orcus** » 29 čer 2014 18:06

OK, kdyby to přetrvalo, stáhni si MiniToolBox a spusť ho.
V okně zaškrtni čtverečky:
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
Potom klikni na GO , po chvíli skenu se objeví log s názvem „Result“ , zkopíruj sem celý jeho obsah.

Vstrom650 · Příspěvekod **Vstrom650** » 29 čer 2014 21:35

Dvakrát jsem restartoval a zdá se ti být ok, ale i tak je prohlížeč pomalý oproti tomu samému co mám na notebooku

Zavirovaný systém? Nevím co dál :-(

Re: Zavirovaný systém? Nevím co dál :-(

Re: Zavirovaný systém? Nevím co dál :-(

Re: Zavirovaný systém? Nevím co dál :-(

Re: Zavirovaný systém? Nevím co dál :-(

Re: Zavirovaný systém? Nevím co dál :-(

Re: Zavirovaný systém? Nevím co dál :-(

Re: Zavirovaný systém? Nevím co dál :-(

Re: Zavirovaný systém? Nevím co dál :-(

Re: Zavirovaný systém? Nevím co dál :-(

Re: Zavirovaný systém? Nevím co dál :-(

Re: Zavirovaný systém? Nevím co dál :-(

Re: Zavirovaný systém? Nevím co dál :-(

Kdo je online