Prosím o kontrolu logu(problém se zpomalováním času ve Win7) Vyřešeno
Re: Prosím o kontrolu logu(problém se zpomalováním času ve W
Log z Malwarebytes se mi nepodařilo zkopírovat, ale je tam zelený nápis: "Scan completed successfully! No malicious items were detected!"
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu(problém se zpomalováním času ve W
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu(problém se zpomalováním času ve W
Ahoj, bohužel se objevily "problémy". Při spuštění v normálním režimu se ComboFix zaseknul při fázi_4. Když se ani po hodině nic nestalo, restartovala jsem počítač do nouzového režimu. Počkala jsem, zda se spustí Eset Smart Security (abych vypla ochranu), ale nespustil se. Nebyl vidět ani ve Windowsovém správci úloh. Pustila jsem tedy Combofix a vyskočila na mě hláška, že je spuštěn Eset, že pokud se bude pokračovat, může dojít k chybě. Vypla jsem proto přes příkaz msconfig automatické spuštění esetu (nenapadlo mě jak jinak vypnout program který nikde nevidím) a znovu resetovala počítač do nouzového režimu. Po té pustila opět ComboFix, ale opět vyskočila hláška se spuštěným Esetem (ikdyž opět ve správci spuštěných programů nebyl vidět) - rozhodla jsem se to tedy ignorovat a nechala Combofix pokračovat. Tentokrát se na fázi_4 nezasekl - dojel až do fáze_50, po té pokračoval hláškou, že připraví log, a že nemám spouštět žádné jiné programy - ale ani po půl hodině se nic nestalo..
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu(problém se zpomalováním času ve W
Zkus ještě počkat na vytvoření logu , nech to třeba 2 hodiny , ono to někdy trvá velmi dlouho.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu(problém se zpomalováním času ve W
Ahoj, tak problém s Esetem se opakoval, nicméně tentokrát se log objevil výrazně rychleji 
ComboFix 14-12-10.03 - HP 12.12.2014 18:36:29.5.4 - x64 MINIMAL
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3997.3047 [GMT 1:00]
Spuštěný z: c:\users\HP\Desktop\ComboFix.exe
AV: ESET Smart Security 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-12 do 2014-12-12 )))))))))))))))))))))))))))))))
.
.
2014-12-12 17:57 . 2014-12-12 17:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-12-11 11:34 . 2014-12-11 11:34 -------- d-----w- c:\users\HP\AppData\Local\GHISLER
2014-12-11 07:01 . 2014-12-11 07:01 -------- d-----w- c:\windows\system32\appraiser
2014-12-10 19:06 . 2014-07-07 02:06 206848 ----a-w- c:\windows\system32\mfps.dll
2014-12-10 19:06 . 2014-07-07 02:05 55808 ----a-w- c:\windows\system32\rrinstaller.exe
2014-12-10 19:06 . 2014-07-07 02:05 24576 ----a-w- c:\windows\system32\mfpmp.exe
2014-12-10 19:06 . 2014-07-07 02:02 2048 ----a-w- c:\windows\system32\mferror.dll
2014-12-10 19:06 . 2014-07-07 01:40 103424 ----a-w- c:\windows\SysWow64\mfps.dll
2014-12-10 19:06 . 2014-07-07 01:40 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe
2014-12-10 19:06 . 2014-07-07 01:40 23040 ----a-w- c:\windows\SysWow64\mfpmp.exe
2014-12-10 19:06 . 2014-07-07 01:37 2048 ----a-w- c:\windows\SysWow64\mferror.dll
2014-12-10 19:06 . 2014-10-18 02:03 4121600 ----a-w- c:\windows\system32\mf.dll
2014-12-10 19:06 . 2014-10-18 01:32 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2014-12-10 15:52 . 2014-12-10 15:27 24064 ----a-w- c:\windows\zoek-delete.exe
2014-12-10 15:52 . 2014-12-12 17:57 -------- d-----w- c:\users\HP\AppData\Local\Temp
2014-12-10 15:27 . 2014-12-10 15:47 -------- d-----w- C:\zoek_backup
2014-12-10 05:04 . 2014-11-22 02:41 54784 ----a-w- c:\windows\system32\jsproxy.dll
2014-12-10 04:59 . 2014-12-04 02:50 741376 ----a-w- c:\windows\system32\invagent.dll
2014-12-10 04:59 . 2014-12-04 02:50 192000 ----a-w- c:\windows\system32\aepic.dll
2014-12-10 04:59 . 2014-12-04 02:44 1083392 ----a-w- c:\windows\system32\aeinv.dll
2014-12-10 04:59 . 2014-12-01 23:28 1232040 ----a-w- c:\windows\system32\aitstatic.exe
2014-12-10 04:59 . 2014-12-04 02:50 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-10 04:59 . 2014-12-04 02:50 396800 ----a-w- c:\windows\system32\devinv.dll
2014-12-10 04:59 . 2014-12-04 02:50 227328 ----a-w- c:\windows\system32\aepdu.dll
2014-12-10 04:58 . 2014-11-11 03:09 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-12-10 04:58 . 2014-11-11 02:44 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-12-10 04:58 . 2014-11-11 01:56 118272 ----a-w- c:\windows\system32\drivers\tdx.sys
2014-12-09 18:07 . 2014-12-10 15:14 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-12-09 18:07 . 2014-12-09 18:07 -------- d-----w- c:\programdata\RogueKiller
2014-12-09 17:55 . 2014-12-09 17:55 -------- d-----w- c:\windows\ERUNT
2014-12-09 09:01 . 2014-11-02 04:20 11632448 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D1E580ED-4EDC-496A-A67D-EF3DA45D292E}\mpengine.dll
2014-12-08 18:04 . 2014-12-10 18:02 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-08 18:03 . 2014-12-08 18:03 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-12-08 18:03 . 2014-12-08 18:03 -------- d-----w- c:\programdata\Malwarebytes
2014-12-08 18:03 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-12-08 18:03 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-12-08 18:03 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-12-08 17:50 . 2014-12-09 17:28 -------- d-----w- C:\AdwCleaner
2014-12-02 11:12 . 2014-12-02 11:12 -------- d-----w- c:\users\HP\restore
2014-12-02 11:08 . 2014-12-03 14:28 -------- d-----w- c:\programdata\tmp
2014-12-02 11:08 . 2014-12-02 11:14 -------- d-----w- c:\programdata\hps
2014-12-01 15:19 . 2014-12-01 15:19 -------- d-----w- c:\program files\Fotolab
2014-11-19 06:39 . 2014-11-11 03:45 729600 ----a-w- c:\windows\system32\kerberos.dll
2014-11-19 06:39 . 2014-11-11 03:45 463872 ----a-w- c:\windows\system32\certcli.dll
2014-11-19 06:39 . 2014-11-11 03:35 690688 ----a-w- c:\windows\system32\adtschema.dll
2014-11-19 06:39 . 2014-11-11 03:21 551424 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-19 06:39 . 2014-11-11 03:21 342528 ----a-w- c:\windows\SysWow64\certcli.dll
2014-11-19 06:39 . 2014-11-11 03:13 690688 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-11-19 06:39 . 2014-11-11 03:08 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-19 06:39 . 2014-11-11 02:44 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-16 14:25 . 2014-11-16 14:25 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-11-16 14:25 . 2014-11-16 14:25 -------- d-----r- c:\program files (x86)\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-10 19:08 . 2014-08-28 10:56 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-12-10 15:04 . 2014-08-28 04:13 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-10 15:04 . 2014-08-28 04:13 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-04 13:30 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-25 02:19 . 2014-11-12 06:36 77824 ----a-w- c:\windows\system32\packager.dll
2014-10-25 02:08 . 2014-11-12 06:36 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-10-18 02:05 . 2014-11-12 06:36 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-12 06:36 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-10-14 02:20 . 2014-11-12 06:46 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 02:16 . 2014-11-12 06:46 686592 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 02:16 . 2014-11-12 06:46 341504 ----a-w- c:\windows\system32\schannel.dll
2014-10-14 02:16 . 2014-11-12 06:46 309760 ----a-w- c:\windows\system32\ncrypt.dll
2014-10-14 02:16 . 2014-11-12 06:36 3243008 ----a-w- c:\windows\system32\msi.dll
2014-10-14 02:16 . 2014-11-12 06:46 1463808 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 02:13 . 2014-11-12 06:46 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 01:50 . 2014-11-12 06:46 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2014-10-14 01:50 . 2014-11-12 06:46 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-10-14 01:49 . 2014-11-12 06:46 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-10-14 01:49 . 2014-11-12 06:36 2364416 ----a-w- c:\windows\SysWow64\msi.dll
2014-10-14 01:48 . 2014-11-12 06:46 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-10-14 01:46 . 2014-11-12 06:46 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-10-09 06:49 . 2014-11-12 06:36 3201536 ----a-w- c:\windows\system32\win32k.sys
2014-10-03 02:07 . 2014-11-12 06:41 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-10-03 02:06 . 2014-11-12 06:41 284672 ----a-w- c:\windows\system32\EncDump.dll
2014-10-03 02:06 . 2014-11-12 06:41 680960 ----a-w- c:\windows\system32\audiosrv.dll
2014-10-03 02:06 . 2014-11-12 06:41 440832 ----a-w- c:\windows\system32\AudioEng.dll
2014-10-03 02:06 . 2014-11-12 06:41 296448 ----a-w- c:\windows\system32\AudioSes.dll
2014-10-03 01:46 . 2014-11-12 06:41 442880 ----a-w- c:\windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:46 . 2014-11-12 06:41 374784 ----a-w- c:\windows\SysWow64\AudioEng.dll
2014-10-03 01:46 . 2014-11-12 06:41 195584 ----a-w- c:\windows\SysWow64\AudioSes.dll
2014-09-25 02:08 . 2014-10-01 15:15 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-01 15:15 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-18 21:32 . 2014-10-16 07:49 112568 ----a-w- c:\windows\system32\consent.exe
2014-09-18 21:29 . 2014-10-16 07:49 1942016 ----a-w- c:\windows\system32\authui.dll
2014-09-18 01:43 . 2014-10-16 07:49 337408 ----a-w- c:\windows\SysWow64\msihnd.dll
2014-09-18 01:43 . 2014-10-16 07:49 1806848 ----a-w- c:\windows\SysWow64\authui.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2014-10-21 22869088]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-03-06 292848]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
c:\users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Serviio.lnk - c:\program files\Serviio\bin\ServiioConsole.exe [2014-3-21 399360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
R0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
R1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
R1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
R2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE [x]
R2 AllShare Framework DMS;AllShare Framework DMS;c:\program files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe;c:\program files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [x]
R2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\TXE Components\TCS\HeciServer.exe;c:\program files\Intel\TXE Components\TCS\HeciServer.exe [x]
R2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]
R2 Samsung Link Service;Samsung Link Service;c:\program files\Samsung\Samsung Link\Samsung Link.exe;c:\program files\Samsung\Samsung Link\Samsung Link.exe [x]
R2 Serviio;Serviio;c:\program files\Serviio\bin\ServiioService.exe;c:\program files\Serviio\bin\ServiioService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
R2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\TXE Components\TCS\SocketHeciServer.exe;c:\program files\Intel\TXE Components\TCS\SocketHeciServer.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 TXEIx64;Intel(R) Trusted Execution Engine Interface ;c:\windows\system32\DRIVERS\TXEIx64.sys;c:\windows\SYSNATIVE\DRIVERS\TXEIx64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-27 11:28 1087304 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-12-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-28 15:04]
.
2014-12-12 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2014-08-28 05:33]
.
2014-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-28 04:55]
.
2014-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-28 04:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-11-04 7204568]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 77.236.192.130 77.236.192.150
FF - ProfilePath - c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\hz4936lz.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-12-12 19:02:02
ComboFix-quarantined-files.txt 2014-12-12 18:02
.
Před spuštěním: Volných bajtů: 61 123 592 192
Po spuštění: Volných bajtů: 60 720 738 304
.
- - End Of File - - F60C63A96AB5534B8192AD1EE9FA2320
A36C5E4F47E84449FF07ED3517B43A31
ComboFix 14-12-10.03 - HP 12.12.2014 18:36:29.5.4 - x64 MINIMAL
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3997.3047 [GMT 1:00]
Spuštěný z: c:\users\HP\Desktop\ComboFix.exe
AV: ESET Smart Security 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-12 do 2014-12-12 )))))))))))))))))))))))))))))))
.
.
2014-12-12 17:57 . 2014-12-12 17:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-12-11 11:34 . 2014-12-11 11:34 -------- d-----w- c:\users\HP\AppData\Local\GHISLER
2014-12-11 07:01 . 2014-12-11 07:01 -------- d-----w- c:\windows\system32\appraiser
2014-12-10 19:06 . 2014-07-07 02:06 206848 ----a-w- c:\windows\system32\mfps.dll
2014-12-10 19:06 . 2014-07-07 02:05 55808 ----a-w- c:\windows\system32\rrinstaller.exe
2014-12-10 19:06 . 2014-07-07 02:05 24576 ----a-w- c:\windows\system32\mfpmp.exe
2014-12-10 19:06 . 2014-07-07 02:02 2048 ----a-w- c:\windows\system32\mferror.dll
2014-12-10 19:06 . 2014-07-07 01:40 103424 ----a-w- c:\windows\SysWow64\mfps.dll
2014-12-10 19:06 . 2014-07-07 01:40 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe
2014-12-10 19:06 . 2014-07-07 01:40 23040 ----a-w- c:\windows\SysWow64\mfpmp.exe
2014-12-10 19:06 . 2014-07-07 01:37 2048 ----a-w- c:\windows\SysWow64\mferror.dll
2014-12-10 19:06 . 2014-10-18 02:03 4121600 ----a-w- c:\windows\system32\mf.dll
2014-12-10 19:06 . 2014-10-18 01:32 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2014-12-10 15:52 . 2014-12-10 15:27 24064 ----a-w- c:\windows\zoek-delete.exe
2014-12-10 15:52 . 2014-12-12 17:57 -------- d-----w- c:\users\HP\AppData\Local\Temp
2014-12-10 15:27 . 2014-12-10 15:47 -------- d-----w- C:\zoek_backup
2014-12-10 05:04 . 2014-11-22 02:41 54784 ----a-w- c:\windows\system32\jsproxy.dll
2014-12-10 04:59 . 2014-12-04 02:50 741376 ----a-w- c:\windows\system32\invagent.dll
2014-12-10 04:59 . 2014-12-04 02:50 192000 ----a-w- c:\windows\system32\aepic.dll
2014-12-10 04:59 . 2014-12-04 02:44 1083392 ----a-w- c:\windows\system32\aeinv.dll
2014-12-10 04:59 . 2014-12-01 23:28 1232040 ----a-w- c:\windows\system32\aitstatic.exe
2014-12-10 04:59 . 2014-12-04 02:50 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-10 04:59 . 2014-12-04 02:50 396800 ----a-w- c:\windows\system32\devinv.dll
2014-12-10 04:59 . 2014-12-04 02:50 227328 ----a-w- c:\windows\system32\aepdu.dll
2014-12-10 04:58 . 2014-11-11 03:09 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-12-10 04:58 . 2014-11-11 02:44 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-12-10 04:58 . 2014-11-11 01:56 118272 ----a-w- c:\windows\system32\drivers\tdx.sys
2014-12-09 18:07 . 2014-12-10 15:14 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-12-09 18:07 . 2014-12-09 18:07 -------- d-----w- c:\programdata\RogueKiller
2014-12-09 17:55 . 2014-12-09 17:55 -------- d-----w- c:\windows\ERUNT
2014-12-09 09:01 . 2014-11-02 04:20 11632448 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D1E580ED-4EDC-496A-A67D-EF3DA45D292E}\mpengine.dll
2014-12-08 18:04 . 2014-12-10 18:02 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-08 18:03 . 2014-12-08 18:03 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-12-08 18:03 . 2014-12-08 18:03 -------- d-----w- c:\programdata\Malwarebytes
2014-12-08 18:03 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-12-08 18:03 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-12-08 18:03 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-12-08 17:50 . 2014-12-09 17:28 -------- d-----w- C:\AdwCleaner
2014-12-02 11:12 . 2014-12-02 11:12 -------- d-----w- c:\users\HP\restore
2014-12-02 11:08 . 2014-12-03 14:28 -------- d-----w- c:\programdata\tmp
2014-12-02 11:08 . 2014-12-02 11:14 -------- d-----w- c:\programdata\hps
2014-12-01 15:19 . 2014-12-01 15:19 -------- d-----w- c:\program files\Fotolab
2014-11-19 06:39 . 2014-11-11 03:45 729600 ----a-w- c:\windows\system32\kerberos.dll
2014-11-19 06:39 . 2014-11-11 03:45 463872 ----a-w- c:\windows\system32\certcli.dll
2014-11-19 06:39 . 2014-11-11 03:35 690688 ----a-w- c:\windows\system32\adtschema.dll
2014-11-19 06:39 . 2014-11-11 03:21 551424 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-19 06:39 . 2014-11-11 03:21 342528 ----a-w- c:\windows\SysWow64\certcli.dll
2014-11-19 06:39 . 2014-11-11 03:13 690688 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-11-19 06:39 . 2014-11-11 03:08 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-19 06:39 . 2014-11-11 02:44 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-16 14:25 . 2014-11-16 14:25 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-11-16 14:25 . 2014-11-16 14:25 -------- d-----r- c:\program files (x86)\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-10 19:08 . 2014-08-28 10:56 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-12-10 15:04 . 2014-08-28 04:13 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-10 15:04 . 2014-08-28 04:13 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-04 13:30 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-25 02:19 . 2014-11-12 06:36 77824 ----a-w- c:\windows\system32\packager.dll
2014-10-25 02:08 . 2014-11-12 06:36 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-10-18 02:05 . 2014-11-12 06:36 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-12 06:36 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-10-14 02:20 . 2014-11-12 06:46 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 02:16 . 2014-11-12 06:46 686592 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 02:16 . 2014-11-12 06:46 341504 ----a-w- c:\windows\system32\schannel.dll
2014-10-14 02:16 . 2014-11-12 06:46 309760 ----a-w- c:\windows\system32\ncrypt.dll
2014-10-14 02:16 . 2014-11-12 06:36 3243008 ----a-w- c:\windows\system32\msi.dll
2014-10-14 02:16 . 2014-11-12 06:46 1463808 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 02:13 . 2014-11-12 06:46 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 01:50 . 2014-11-12 06:46 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2014-10-14 01:50 . 2014-11-12 06:46 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-10-14 01:49 . 2014-11-12 06:46 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-10-14 01:49 . 2014-11-12 06:36 2364416 ----a-w- c:\windows\SysWow64\msi.dll
2014-10-14 01:48 . 2014-11-12 06:46 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-10-14 01:46 . 2014-11-12 06:46 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-10-09 06:49 . 2014-11-12 06:36 3201536 ----a-w- c:\windows\system32\win32k.sys
2014-10-03 02:07 . 2014-11-12 06:41 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-10-03 02:06 . 2014-11-12 06:41 284672 ----a-w- c:\windows\system32\EncDump.dll
2014-10-03 02:06 . 2014-11-12 06:41 680960 ----a-w- c:\windows\system32\audiosrv.dll
2014-10-03 02:06 . 2014-11-12 06:41 440832 ----a-w- c:\windows\system32\AudioEng.dll
2014-10-03 02:06 . 2014-11-12 06:41 296448 ----a-w- c:\windows\system32\AudioSes.dll
2014-10-03 01:46 . 2014-11-12 06:41 442880 ----a-w- c:\windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:46 . 2014-11-12 06:41 374784 ----a-w- c:\windows\SysWow64\AudioEng.dll
2014-10-03 01:46 . 2014-11-12 06:41 195584 ----a-w- c:\windows\SysWow64\AudioSes.dll
2014-09-25 02:08 . 2014-10-01 15:15 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-01 15:15 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-18 21:32 . 2014-10-16 07:49 112568 ----a-w- c:\windows\system32\consent.exe
2014-09-18 21:29 . 2014-10-16 07:49 1942016 ----a-w- c:\windows\system32\authui.dll
2014-09-18 01:43 . 2014-10-16 07:49 337408 ----a-w- c:\windows\SysWow64\msihnd.dll
2014-09-18 01:43 . 2014-10-16 07:49 1806848 ----a-w- c:\windows\SysWow64\authui.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2014-10-21 22869088]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-03-06 292848]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
c:\users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Serviio.lnk - c:\program files\Serviio\bin\ServiioConsole.exe [2014-3-21 399360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
R0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
R1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
R1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
R2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE [x]
R2 AllShare Framework DMS;AllShare Framework DMS;c:\program files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe;c:\program files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [x]
R2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\TXE Components\TCS\HeciServer.exe;c:\program files\Intel\TXE Components\TCS\HeciServer.exe [x]
R2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]
R2 Samsung Link Service;Samsung Link Service;c:\program files\Samsung\Samsung Link\Samsung Link.exe;c:\program files\Samsung\Samsung Link\Samsung Link.exe [x]
R2 Serviio;Serviio;c:\program files\Serviio\bin\ServiioService.exe;c:\program files\Serviio\bin\ServiioService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
R2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\TXE Components\TCS\SocketHeciServer.exe;c:\program files\Intel\TXE Components\TCS\SocketHeciServer.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 TXEIx64;Intel(R) Trusted Execution Engine Interface ;c:\windows\system32\DRIVERS\TXEIx64.sys;c:\windows\SYSNATIVE\DRIVERS\TXEIx64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-27 11:28 1087304 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-12-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-28 15:04]
.
2014-12-12 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2014-08-28 05:33]
.
2014-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-28 04:55]
.
2014-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-28 04:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-11-04 7204568]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 77.236.192.130 77.236.192.150
FF - ProfilePath - c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\hz4936lz.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-12-12 19:02:02
ComboFix-quarantined-files.txt 2014-12-12 18:02
.
Před spuštěním: Volných bajtů: 61 123 592 192
Po spuštění: Volných bajtů: 60 720 738 304
.
- - End Of File - - F60C63A96AB5534B8192AD1EE9FA2320
A36C5E4F47E84449FF07ED3517B43A31
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu(problém se zpomalováním času ve W
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Kód: Vybrat vše
ClearJavaCache::
KillAll::
File::
c:\windows\Tasks\AutoKMS.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
Folder::
c:\program files (x86)\Skype\Updater
c:\windows\AutoKMS
c:\program files (x86)\Google\Update
Driver::
SkypeUpdate
RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu(problém se zpomalováním času ve W
Ahoj, tak splněno..
Log z Combofixu:
ComboFix 14-12-14.01 - HP 14.12.2014 19:18:31.7.4 - x64 MINIMAL
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3997.3453 [GMT 1:00]
Spuštěný z: c:\users\HP\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\HP\Desktop\CFScript.txt
AV: ESET Smart Security 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\AutoKMS.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.25.11\goopdate.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.25.11\psmachine.dll
c:\program files (x86)\Google\Update\1.3.25.11\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.25.11\psuser.dll
c:\program files (x86)\Google\Update\1.3.25.11\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{3C122445-AECE-4309-90B7-85A6AEF42AC0}\1.18.7821.2489\gsync.msi
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.11\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\39.0.2171.95\39.0.2171.95_39.0.2171.71_chrome_updater.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\39.0.2171.95\39.0.2171.95_chrome_installer.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\windows\AutoKMS
c:\windows\AutoKMS\AutoKMS.exe
c:\windows\AutoKMS\AutoKMS.ini
c:\windows\AutoKMS\AutoKMS.log
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-14 do 2014-12-14 )))))))))))))))))))))))))))))))
.
.
2014-12-14 18:26 . 2014-12-14 18:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-12-14 07:09 . 2014-11-02 04:20 11632448 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BBB3B6FF-B3D9-41B6-A072-BA57A176D3CC}\mpengine.dll
2014-12-11 11:34 . 2014-12-11 11:34 -------- d-----w- c:\users\HP\AppData\Local\GHISLER
2014-12-11 07:01 . 2014-12-11 07:01 -------- d-----w- c:\windows\system32\appraiser
2014-12-10 19:06 . 2014-07-07 02:06 206848 ----a-w- c:\windows\system32\mfps.dll
2014-12-10 19:06 . 2014-07-07 02:05 55808 ----a-w- c:\windows\system32\rrinstaller.exe
2014-12-10 19:06 . 2014-07-07 02:05 24576 ----a-w- c:\windows\system32\mfpmp.exe
2014-12-10 19:06 . 2014-07-07 02:02 2048 ----a-w- c:\windows\system32\mferror.dll
2014-12-10 19:06 . 2014-07-07 01:40 103424 ----a-w- c:\windows\SysWow64\mfps.dll
2014-12-10 19:06 . 2014-07-07 01:40 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe
2014-12-10 19:06 . 2014-07-07 01:40 23040 ----a-w- c:\windows\SysWow64\mfpmp.exe
2014-12-10 19:06 . 2014-07-07 01:37 2048 ----a-w- c:\windows\SysWow64\mferror.dll
2014-12-10 19:06 . 2014-10-18 02:03 4121600 ----a-w- c:\windows\system32\mf.dll
2014-12-10 19:06 . 2014-10-18 01:32 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2014-12-10 15:52 . 2014-12-10 15:27 24064 ----a-w- c:\windows\zoek-delete.exe
2014-12-10 15:52 . 2014-12-14 18:28 -------- d-----w- c:\users\HP\AppData\Local\Temp
2014-12-10 15:27 . 2014-12-10 15:47 -------- d-----w- C:\zoek_backup
2014-12-10 05:04 . 2014-11-22 02:41 54784 ----a-w- c:\windows\system32\jsproxy.dll
2014-12-10 04:59 . 2014-12-04 02:50 741376 ----a-w- c:\windows\system32\invagent.dll
2014-12-10 04:59 . 2014-12-04 02:50 192000 ----a-w- c:\windows\system32\aepic.dll
2014-12-10 04:59 . 2014-12-04 02:44 1083392 ----a-w- c:\windows\system32\aeinv.dll
2014-12-10 04:59 . 2014-12-01 23:28 1232040 ----a-w- c:\windows\system32\aitstatic.exe
2014-12-10 04:59 . 2014-12-04 02:50 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-10 04:59 . 2014-12-04 02:50 396800 ----a-w- c:\windows\system32\devinv.dll
2014-12-10 04:59 . 2014-12-04 02:50 227328 ----a-w- c:\windows\system32\aepdu.dll
2014-12-10 04:58 . 2014-11-11 03:09 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-12-10 04:58 . 2014-11-11 02:44 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-12-10 04:58 . 2014-11-11 01:56 118272 ----a-w- c:\windows\system32\drivers\tdx.sys
2014-12-09 18:07 . 2014-12-10 15:14 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-12-09 18:07 . 2014-12-09 18:07 -------- d-----w- c:\programdata\RogueKiller
2014-12-09 17:55 . 2014-12-09 17:55 -------- d-----w- c:\windows\ERUNT
2014-12-08 18:04 . 2014-12-10 18:02 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-08 18:03 . 2014-12-08 18:03 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-12-08 18:03 . 2014-12-08 18:03 -------- d-----w- c:\programdata\Malwarebytes
2014-12-08 18:03 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-12-08 18:03 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-12-08 18:03 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-12-08 17:50 . 2014-12-09 17:28 -------- d-----w- C:\AdwCleaner
2014-12-02 11:12 . 2014-12-02 11:12 -------- d-----w- c:\users\HP\restore
2014-12-02 11:08 . 2014-12-03 14:28 -------- d-----w- c:\programdata\tmp
2014-12-02 11:08 . 2014-12-02 11:14 -------- d-----w- c:\programdata\hps
2014-12-01 15:19 . 2014-12-01 15:19 -------- d-----w- c:\program files\Fotolab
2014-11-19 06:39 . 2014-11-11 03:45 729600 ----a-w- c:\windows\system32\kerberos.dll
2014-11-19 06:39 . 2014-11-11 03:45 463872 ----a-w- c:\windows\system32\certcli.dll
2014-11-19 06:39 . 2014-11-11 03:35 690688 ----a-w- c:\windows\system32\adtschema.dll
2014-11-19 06:39 . 2014-11-11 03:21 551424 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-19 06:39 . 2014-11-11 03:21 342528 ----a-w- c:\windows\SysWow64\certcli.dll
2014-11-19 06:39 . 2014-11-11 03:13 690688 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-11-19 06:39 . 2014-11-11 03:08 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-19 06:39 . 2014-11-11 02:44 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-16 14:25 . 2014-11-16 14:25 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-11-16 14:25 . 2014-12-14 18:25 -------- d-----r- c:\program files (x86)\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-10 19:08 . 2014-08-28 10:56 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-12-10 15:04 . 2014-08-28 04:13 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-10 15:04 . 2014-08-28 04:13 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-04 13:30 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-25 02:19 . 2014-11-12 06:36 77824 ----a-w- c:\windows\system32\packager.dll
2014-10-25 02:08 . 2014-11-12 06:36 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-10-18 02:05 . 2014-11-12 06:36 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-12 06:36 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-10-14 02:20 . 2014-11-12 06:46 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 02:16 . 2014-11-12 06:46 686592 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 02:16 . 2014-11-12 06:46 341504 ----a-w- c:\windows\system32\schannel.dll
2014-10-14 02:16 . 2014-11-12 06:46 309760 ----a-w- c:\windows\system32\ncrypt.dll
2014-10-14 02:16 . 2014-11-12 06:36 3243008 ----a-w- c:\windows\system32\msi.dll
2014-10-14 02:16 . 2014-11-12 06:46 1463808 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 02:13 . 2014-11-12 06:46 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 01:50 . 2014-11-12 06:46 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2014-10-14 01:50 . 2014-11-12 06:46 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-10-14 01:49 . 2014-11-12 06:46 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-10-14 01:49 . 2014-11-12 06:36 2364416 ----a-w- c:\windows\SysWow64\msi.dll
2014-10-14 01:48 . 2014-11-12 06:46 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-10-14 01:46 . 2014-11-12 06:46 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-10-09 06:49 . 2014-11-12 06:36 3201536 ----a-w- c:\windows\system32\win32k.sys
2014-10-03 02:07 . 2014-11-12 06:41 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-10-03 02:06 . 2014-11-12 06:41 284672 ----a-w- c:\windows\system32\EncDump.dll
2014-10-03 02:06 . 2014-11-12 06:41 680960 ----a-w- c:\windows\system32\audiosrv.dll
2014-10-03 02:06 . 2014-11-12 06:41 440832 ----a-w- c:\windows\system32\AudioEng.dll
2014-10-03 02:06 . 2014-11-12 06:41 296448 ----a-w- c:\windows\system32\AudioSes.dll
2014-10-03 01:46 . 2014-11-12 06:41 442880 ----a-w- c:\windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:46 . 2014-11-12 06:41 374784 ----a-w- c:\windows\SysWow64\AudioEng.dll
2014-10-03 01:46 . 2014-11-12 06:41 195584 ----a-w- c:\windows\SysWow64\AudioSes.dll
2014-09-25 02:08 . 2014-10-01 15:15 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-01 15:15 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-18 21:32 . 2014-10-16 07:49 112568 ----a-w- c:\windows\system32\consent.exe
2014-09-18 21:29 . 2014-10-16 07:49 1942016 ----a-w- c:\windows\system32\authui.dll
2014-09-18 01:43 . 2014-10-16 07:49 337408 ----a-w- c:\windows\SysWow64\msihnd.dll
2014-09-18 01:43 . 2014-10-16 07:49 1806848 ----a-w- c:\windows\SysWow64\authui.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2014-10-21 22869088]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-03-06 292848]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
c:\users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Serviio.lnk - c:\program files\Serviio\bin\ServiioConsole.exe [2014-3-21 399360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\TXE Components\TCS\SocketHeciServer.exe;c:\program files\Intel\TXE Components\TCS\SocketHeciServer.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE [x]
S2 AllShare Framework DMS;AllShare Framework DMS;c:\program files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe;c:\program files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\TXE Components\TCS\HeciServer.exe;c:\program files\Intel\TXE Components\TCS\HeciServer.exe [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]
S2 Samsung Link Service;Samsung Link Service;c:\program files\Samsung\Samsung Link\Samsung Link.exe;c:\program files\Samsung\Samsung Link\Samsung Link.exe [x]
S2 Serviio;Serviio;c:\program files\Serviio\bin\ServiioService.exe;c:\program files\Serviio\bin\ServiioService.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 TXEIx64;Intel(R) Trusted Execution Engine Interface ;c:\windows\system32\DRIVERS\TXEIx64.sys;c:\windows\SYSNATIVE\DRIVERS\TXEIx64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-14 07:29 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-12-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-28 15:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-11-04 7204568]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 77.236.192.130 77.236.192.150
FF - ProfilePath - c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\hz4936lz.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
.
**************************************************************************
.
Celkový čas: 2014-12-14 19:34:23 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-12-14 18:34
ComboFix2.txt 2014-12-12 18:02
.
Před spuštěním: Volných bajtů: 60 598 026 240
Po spuštění: Volných bajtů: 60 047 327 232
.
- - End Of File - - 2953FF4CD9703198680911DCF4A97082
A36C5E4F47E84449FF07ED3517B43A31
-----------------------------------------------------------------------------------------------------------------------------
Log z HiJackThis:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:39:32, on 14.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
FIREFOX: 34.0 (x86 cs)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
D:\DOWNLOAD\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Startup: Serviio.lnk = C:\Program Files\Serviio\bin\ServiioConsole.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
O23 - Service: Serviio - Unknown owner - C:\Program Files\Serviio\bin\ServiioService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 8293 bytes
-------------------------------------------------------------------------------------------------------------------------------------------
Log z aswMBR:
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2014-12-14 19:40:54
-----------------------------
19:40:54.555 OS Version: Windows x64 6.1.7601 Service Pack 1
19:40:54.556 Number of processors: 4 586 0x3703
19:40:54.559 ComputerName: HP-PC UserName: HP
19:40:55.218 Initialize success
19:40:55.319 VM: initialized successfully
19:40:55.321 VM: Intel CPU BiosDisabled
19:41:34.744 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:41:34.751 Disk 0 Vendor: WDC_WD7500BPVX-60JC3T0 01.01A01 Size: 715404MB BusType: 11
19:41:34.936 Disk 0 MBR read successfully
19:41:34.948 Disk 0 MBR scan
19:41:34.959 Disk 0 Windows 7 default MBR code
19:41:34.972 Disk 0 Partition 1 00 0B FAT32 FRDOS4.1 7983 MB offset 2048
19:41:34.988 Disk 0 Partition 2 80 (A) 0C FAT32 LBA SYSLINUX 7985 MB offset 16351232
19:41:34.999 Disk 0 Boot: SYSLINUX code=1
19:41:35.020 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 150000 MB offset 32704512
19:41:35.039 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 549434 MB offset 339904512
19:41:35.169 Disk 0 scanning C:\Windows\system32\drivers
19:41:45.565 Service scanning
19:42:15.015 Modules scanning
19:42:15.063 Disk 0 trace - called modules:
19:42:15.096 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
19:42:15.113 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80058fe790]
19:42:15.130 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8005301680]
19:42:15.145 Disk 0 statistics 122022/0/0 @ 8,29 MB/s
19:42:15.155 Scan finished successfully
19:42:45.419 Disk 0 MBR has been saved successfully to "C:\Users\HP\Desktop\MBR.dat"
19:42:45.433 The log file has been saved successfully to "C:\Users\HP\Desktop\logggggg.txt"
Log z Combofixu:
ComboFix 14-12-14.01 - HP 14.12.2014 19:18:31.7.4 - x64 MINIMAL
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3997.3453 [GMT 1:00]
Spuštěný z: c:\users\HP\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\HP\Desktop\CFScript.txt
AV: ESET Smart Security 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\AutoKMS.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.25.11\goopdate.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.25.11\psmachine.dll
c:\program files (x86)\Google\Update\1.3.25.11\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.25.11\psuser.dll
c:\program files (x86)\Google\Update\1.3.25.11\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{3C122445-AECE-4309-90B7-85A6AEF42AC0}\1.18.7821.2489\gsync.msi
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.11\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\39.0.2171.95\39.0.2171.95_39.0.2171.71_chrome_updater.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\39.0.2171.95\39.0.2171.95_chrome_installer.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\windows\AutoKMS
c:\windows\AutoKMS\AutoKMS.exe
c:\windows\AutoKMS\AutoKMS.ini
c:\windows\AutoKMS\AutoKMS.log
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-14 do 2014-12-14 )))))))))))))))))))))))))))))))
.
.
2014-12-14 18:26 . 2014-12-14 18:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-12-14 07:09 . 2014-11-02 04:20 11632448 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BBB3B6FF-B3D9-41B6-A072-BA57A176D3CC}\mpengine.dll
2014-12-11 11:34 . 2014-12-11 11:34 -------- d-----w- c:\users\HP\AppData\Local\GHISLER
2014-12-11 07:01 . 2014-12-11 07:01 -------- d-----w- c:\windows\system32\appraiser
2014-12-10 19:06 . 2014-07-07 02:06 206848 ----a-w- c:\windows\system32\mfps.dll
2014-12-10 19:06 . 2014-07-07 02:05 55808 ----a-w- c:\windows\system32\rrinstaller.exe
2014-12-10 19:06 . 2014-07-07 02:05 24576 ----a-w- c:\windows\system32\mfpmp.exe
2014-12-10 19:06 . 2014-07-07 02:02 2048 ----a-w- c:\windows\system32\mferror.dll
2014-12-10 19:06 . 2014-07-07 01:40 103424 ----a-w- c:\windows\SysWow64\mfps.dll
2014-12-10 19:06 . 2014-07-07 01:40 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe
2014-12-10 19:06 . 2014-07-07 01:40 23040 ----a-w- c:\windows\SysWow64\mfpmp.exe
2014-12-10 19:06 . 2014-07-07 01:37 2048 ----a-w- c:\windows\SysWow64\mferror.dll
2014-12-10 19:06 . 2014-10-18 02:03 4121600 ----a-w- c:\windows\system32\mf.dll
2014-12-10 19:06 . 2014-10-18 01:32 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2014-12-10 15:52 . 2014-12-10 15:27 24064 ----a-w- c:\windows\zoek-delete.exe
2014-12-10 15:52 . 2014-12-14 18:28 -------- d-----w- c:\users\HP\AppData\Local\Temp
2014-12-10 15:27 . 2014-12-10 15:47 -------- d-----w- C:\zoek_backup
2014-12-10 05:04 . 2014-11-22 02:41 54784 ----a-w- c:\windows\system32\jsproxy.dll
2014-12-10 04:59 . 2014-12-04 02:50 741376 ----a-w- c:\windows\system32\invagent.dll
2014-12-10 04:59 . 2014-12-04 02:50 192000 ----a-w- c:\windows\system32\aepic.dll
2014-12-10 04:59 . 2014-12-04 02:44 1083392 ----a-w- c:\windows\system32\aeinv.dll
2014-12-10 04:59 . 2014-12-01 23:28 1232040 ----a-w- c:\windows\system32\aitstatic.exe
2014-12-10 04:59 . 2014-12-04 02:50 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-10 04:59 . 2014-12-04 02:50 396800 ----a-w- c:\windows\system32\devinv.dll
2014-12-10 04:59 . 2014-12-04 02:50 227328 ----a-w- c:\windows\system32\aepdu.dll
2014-12-10 04:58 . 2014-11-11 03:09 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-12-10 04:58 . 2014-11-11 02:44 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-12-10 04:58 . 2014-11-11 01:56 118272 ----a-w- c:\windows\system32\drivers\tdx.sys
2014-12-09 18:07 . 2014-12-10 15:14 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-12-09 18:07 . 2014-12-09 18:07 -------- d-----w- c:\programdata\RogueKiller
2014-12-09 17:55 . 2014-12-09 17:55 -------- d-----w- c:\windows\ERUNT
2014-12-08 18:04 . 2014-12-10 18:02 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-08 18:03 . 2014-12-08 18:03 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-12-08 18:03 . 2014-12-08 18:03 -------- d-----w- c:\programdata\Malwarebytes
2014-12-08 18:03 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-12-08 18:03 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-12-08 18:03 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-12-08 17:50 . 2014-12-09 17:28 -------- d-----w- C:\AdwCleaner
2014-12-02 11:12 . 2014-12-02 11:12 -------- d-----w- c:\users\HP\restore
2014-12-02 11:08 . 2014-12-03 14:28 -------- d-----w- c:\programdata\tmp
2014-12-02 11:08 . 2014-12-02 11:14 -------- d-----w- c:\programdata\hps
2014-12-01 15:19 . 2014-12-01 15:19 -------- d-----w- c:\program files\Fotolab
2014-11-19 06:39 . 2014-11-11 03:45 729600 ----a-w- c:\windows\system32\kerberos.dll
2014-11-19 06:39 . 2014-11-11 03:45 463872 ----a-w- c:\windows\system32\certcli.dll
2014-11-19 06:39 . 2014-11-11 03:35 690688 ----a-w- c:\windows\system32\adtschema.dll
2014-11-19 06:39 . 2014-11-11 03:21 551424 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-19 06:39 . 2014-11-11 03:21 342528 ----a-w- c:\windows\SysWow64\certcli.dll
2014-11-19 06:39 . 2014-11-11 03:13 690688 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-11-19 06:39 . 2014-11-11 03:08 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-19 06:39 . 2014-11-11 02:44 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-16 14:25 . 2014-11-16 14:25 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-11-16 14:25 . 2014-12-14 18:25 -------- d-----r- c:\program files (x86)\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-10 19:08 . 2014-08-28 10:56 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-12-10 15:04 . 2014-08-28 04:13 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-10 15:04 . 2014-08-28 04:13 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-04 13:30 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-25 02:19 . 2014-11-12 06:36 77824 ----a-w- c:\windows\system32\packager.dll
2014-10-25 02:08 . 2014-11-12 06:36 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-10-18 02:05 . 2014-11-12 06:36 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-12 06:36 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-10-14 02:20 . 2014-11-12 06:46 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 02:16 . 2014-11-12 06:46 686592 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 02:16 . 2014-11-12 06:46 341504 ----a-w- c:\windows\system32\schannel.dll
2014-10-14 02:16 . 2014-11-12 06:46 309760 ----a-w- c:\windows\system32\ncrypt.dll
2014-10-14 02:16 . 2014-11-12 06:36 3243008 ----a-w- c:\windows\system32\msi.dll
2014-10-14 02:16 . 2014-11-12 06:46 1463808 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 02:13 . 2014-11-12 06:46 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 01:50 . 2014-11-12 06:46 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2014-10-14 01:50 . 2014-11-12 06:46 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-10-14 01:49 . 2014-11-12 06:46 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-10-14 01:49 . 2014-11-12 06:36 2364416 ----a-w- c:\windows\SysWow64\msi.dll
2014-10-14 01:48 . 2014-11-12 06:46 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-10-14 01:46 . 2014-11-12 06:46 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-10-09 06:49 . 2014-11-12 06:36 3201536 ----a-w- c:\windows\system32\win32k.sys
2014-10-03 02:07 . 2014-11-12 06:41 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
2014-10-03 02:06 . 2014-11-12 06:41 284672 ----a-w- c:\windows\system32\EncDump.dll
2014-10-03 02:06 . 2014-11-12 06:41 680960 ----a-w- c:\windows\system32\audiosrv.dll
2014-10-03 02:06 . 2014-11-12 06:41 440832 ----a-w- c:\windows\system32\AudioEng.dll
2014-10-03 02:06 . 2014-11-12 06:41 296448 ----a-w- c:\windows\system32\AudioSes.dll
2014-10-03 01:46 . 2014-11-12 06:41 442880 ----a-w- c:\windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:46 . 2014-11-12 06:41 374784 ----a-w- c:\windows\SysWow64\AudioEng.dll
2014-10-03 01:46 . 2014-11-12 06:41 195584 ----a-w- c:\windows\SysWow64\AudioSes.dll
2014-09-25 02:08 . 2014-10-01 15:15 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-01 15:15 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-18 21:32 . 2014-10-16 07:49 112568 ----a-w- c:\windows\system32\consent.exe
2014-09-18 21:29 . 2014-10-16 07:49 1942016 ----a-w- c:\windows\system32\authui.dll
2014-09-18 01:43 . 2014-10-16 07:49 337408 ----a-w- c:\windows\SysWow64\msihnd.dll
2014-09-18 01:43 . 2014-10-16 07:49 1806848 ----a-w- c:\windows\SysWow64\authui.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2014-10-21 22869088]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-03-06 292848]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
c:\users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Serviio.lnk - c:\program files\Serviio\bin\ServiioConsole.exe [2014-3-21 399360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\TXE Components\TCS\SocketHeciServer.exe;c:\program files\Intel\TXE Components\TCS\SocketHeciServer.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE [x]
S2 AllShare Framework DMS;AllShare Framework DMS;c:\program files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe;c:\program files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\TXE Components\TCS\HeciServer.exe;c:\program files\Intel\TXE Components\TCS\HeciServer.exe [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]
S2 Samsung Link Service;Samsung Link Service;c:\program files\Samsung\Samsung Link\Samsung Link.exe;c:\program files\Samsung\Samsung Link\Samsung Link.exe [x]
S2 Serviio;Serviio;c:\program files\Serviio\bin\ServiioService.exe;c:\program files\Serviio\bin\ServiioService.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 TXEIx64;Intel(R) Trusted Execution Engine Interface ;c:\windows\system32\DRIVERS\TXEIx64.sys;c:\windows\SYSNATIVE\DRIVERS\TXEIx64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-14 07:29 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-12-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-28 15:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-11-04 7204568]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 77.236.192.130 77.236.192.150
FF - ProfilePath - c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\hz4936lz.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
.
**************************************************************************
.
Celkový čas: 2014-12-14 19:34:23 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-12-14 18:34
ComboFix2.txt 2014-12-12 18:02
.
Před spuštěním: Volných bajtů: 60 598 026 240
Po spuštění: Volných bajtů: 60 047 327 232
.
- - End Of File - - 2953FF4CD9703198680911DCF4A97082
A36C5E4F47E84449FF07ED3517B43A31
-----------------------------------------------------------------------------------------------------------------------------
Log z HiJackThis:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:39:32, on 14.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
FIREFOX: 34.0 (x86 cs)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
D:\DOWNLOAD\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Startup: Serviio.lnk = C:\Program Files\Serviio\bin\ServiioConsole.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
O23 - Service: Serviio - Unknown owner - C:\Program Files\Serviio\bin\ServiioService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 8293 bytes
-------------------------------------------------------------------------------------------------------------------------------------------
Log z aswMBR:
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2014-12-14 19:40:54
-----------------------------
19:40:54.555 OS Version: Windows x64 6.1.7601 Service Pack 1
19:40:54.556 Number of processors: 4 586 0x3703
19:40:54.559 ComputerName: HP-PC UserName: HP
19:40:55.218 Initialize success
19:40:55.319 VM: initialized successfully
19:40:55.321 VM: Intel CPU BiosDisabled
19:41:34.744 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:41:34.751 Disk 0 Vendor: WDC_WD7500BPVX-60JC3T0 01.01A01 Size: 715404MB BusType: 11
19:41:34.936 Disk 0 MBR read successfully
19:41:34.948 Disk 0 MBR scan
19:41:34.959 Disk 0 Windows 7 default MBR code
19:41:34.972 Disk 0 Partition 1 00 0B FAT32 FRDOS4.1 7983 MB offset 2048
19:41:34.988 Disk 0 Partition 2 80 (A) 0C FAT32 LBA SYSLINUX 7985 MB offset 16351232
19:41:34.999 Disk 0 Boot: SYSLINUX code=1
19:41:35.020 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 150000 MB offset 32704512
19:41:35.039 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 549434 MB offset 339904512
19:41:35.169 Disk 0 scanning C:\Windows\system32\drivers
19:41:45.565 Service scanning
19:42:15.015 Modules scanning
19:42:15.063 Disk 0 trace - called modules:
19:42:15.096 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
19:42:15.113 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80058fe790]
19:42:15.130 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8005301680]
19:42:15.145 Disk 0 statistics 122022/0/0 @ 8,29 MB/s
19:42:15.155 Scan finished successfully
19:42:45.419 Disk 0 MBR has been saved successfully to "C:\Users\HP\Desktop\MBR.dat"
19:42:45.433 The log file has been saved successfully to "C:\Users\HP\Desktop\logggggg.txt"
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu(problém se zpomalováním času ve W
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Co problémy?
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu(problém se zpomalováním času ve W
Ahoj, děkuju moc za vyčištění problém se zpožďováním času ale bohužel zůstal.. Chyba asi nebude v malware..
problém se zpožďováním času ale bohužel zůstal.. Chyba asi nebude v malware..-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu(problém se zpomalováním času ve W
asi ne , doporučuji návštěvu sekce winows ap.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu(problém se zpomalováním času ve W
Ahoj, tam jsem to již řešila, ty mě odkázali právě sem
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu(problém se zpomalováním času ve W
Tak jim napiš , že to viry není.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 74 hostů