ComboFix 15-01-05.01 - Ladislav 05.01.2015 19:19:08.4.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3069.1901 [GMT 1:00]
Spuštěný z: c:\users\Ladislav\Desktop\ComboFix.exe
AV: ESET Smart Security 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-12-05 do 2015-01-05 )))))))))))))))))))))))))))))))
.
.
2015-01-05 18:24 . 2015-01-05 18:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-04 18:37 . 2015-01-05 15:44 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AFC97451-DD2C-4DEC-90EA-A9AAD0B3D1DF}\offreg.dll
2015-01-02 11:51 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AFC97451-DD2C-4DEC-90EA-A9AAD0B3D1DF}\mpengine.dll
2014-12-23 10:50 . 2014-12-23 10:50 -------- d-----w- c:\users\Ladislav\AppData\Local\Apple
2014-12-21 13:06 . 2014-12-21 13:06 -------- d-----w- c:\users\Ladislav\AppData\Local\CrashDumps
2014-12-18 17:43 . 2014-12-18 17:27 24064 ----a-w- c:\windows\zoek-delete.exe
2014-12-18 17:43 . 2015-01-05 18:24 -------- d-----w- c:\users\Ladislav\AppData\Local\Temp
2014-12-18 17:27 . 2014-12-18 17:41 -------- d-----w- C:\zoek_backup
2014-12-18 13:28 . 2014-12-18 13:28 -------- d-----w- c:\users\Ladislav\AppData\Roaming\BadFlyInteractive
2014-12-18 13:28 . 2014-12-18 13:28 -------- d-----w- c:\users\Ladislav\AppData\Roaming\Steam
2014-12-18 13:23 . 2014-12-18 13:28 -------- d-----w- c:\program files (x86)\Dead Effect
2014-12-18 11:34 . 2014-12-13 05:09 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-18 11:34 . 2014-12-13 03:33 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-16 15:51 . 2014-12-20 11:39 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-12-14 11:29 . 2014-12-21 13:23 -------- d-----w- c:\program files (x86)\Bioshock Infinite
2014-12-13 20:59 . 2010-05-26 10:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
2014-12-13 20:59 . 2010-05-26 10:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll
2014-12-13 20:59 . 2010-05-26 10:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll
2014-12-13 20:59 . 2010-05-26 10:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll
2014-12-13 20:59 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
2014-12-13 20:59 . 2010-05-26 10:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2014-12-13 20:59 . 2007-04-04 17:54 107368 ----a-w- c:\windows\system32\xinput1_3.dll
2014-12-13 20:59 . 2007-04-04 17:53 81768 ----a-w- c:\windows\SysWow64\xinput1_3.dll
2014-12-11 10:37 . 2014-12-11 10:37 -------- d-----w- c:\windows\system32\appraiser
2014-12-11 09:59 . 2014-10-18 02:05 4121600 ----a-w- c:\windows\system32\mf.dll
2014-12-11 09:59 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2014-12-10 07:20 . 2014-12-04 02:50 192000 ----a-w- c:\windows\system32\aepic.dll
2014-12-10 07:20 . 2014-12-04 02:44 1083392 ----a-w- c:\windows\system32\aeinv.dll
2014-12-10 07:20 . 2014-12-01 23:28 1232040 ----a-w- c:\windows\system32\aitstatic.exe
2014-12-10 07:20 . 2014-12-04 02:50 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-10 07:20 . 2014-12-04 02:50 741376 ----a-w- c:\windows\system32\invagent.dll
2014-12-10 07:20 . 2014-12-04 02:50 396800 ----a-w- c:\windows\system32\devinv.dll
2014-12-10 07:20 . 2014-12-04 02:50 227328 ----a-w- c:\windows\system32\aepdu.dll
2014-12-10 07:19 . 2014-10-03 02:12 310272 ----a-w- c:\windows\system32\WsmWmiPl.dll
2014-12-10 07:19 . 2014-10-03 02:12 2020352 ----a-w- c:\windows\system32\WsmSvc.dll
2014-12-10 07:19 . 2014-10-03 02:11 266240 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2014-12-10 07:19 . 2014-10-03 01:45 1177088 ----a-w- c:\windows\SysWow64\WsmSvc.dll
2014-12-10 07:19 . 2014-10-03 02:12 346624 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2014-12-10 07:19 . 2014-10-03 02:12 181248 ----a-w- c:\windows\system32\WsmAuto.dll
2014-12-10 07:19 . 2014-10-03 01:45 248832 ----a-w- c:\windows\SysWow64\WSManMigrationPlugin.dll
2014-12-10 07:19 . 2014-10-03 01:45 214016 ----a-w- c:\windows\SysWow64\WsmWmiPl.dll
2014-12-10 07:19 . 2014-10-03 01:45 145920 ----a-w- c:\windows\SysWow64\WsmAuto.dll
2014-12-10 07:19 . 2014-10-03 01:44 198656 ----a-w- c:\windows\SysWow64\WSManHTTPConfig.exe
2014-12-10 07:13 . 2014-10-30 02:03 165888 ----a-w- c:\windows\system32\charmap.exe
2014-12-10 07:13 . 2014-10-30 01:45 155136 ----a-w- c:\windows\SysWow64\charmap.exe
2014-12-10 07:10 . 2014-11-08 03:16 2048 ----a-w- c:\windows\system32\tzres.dll
2014-12-10 07:10 . 2014-11-08 02:45 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-12-08 20:30 . 2014-12-08 20:30 151552 ----a-w- c:\windows\SysWow64\nvRegDev.dll
2014-12-08 20:30 . 2014-12-08 20:30 53248 ----a-w- c:\windows\SysWow64\nvTextureToolsUtil.dll
2014-12-08 20:30 . 2014-12-08 20:30 40960 ----a-w- c:\windows\SysWow64\nvISWOW64.dll
2014-12-08 19:45 . 2014-12-08 19:45 -------- d-----w- c:\program files (x86)\Steam
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-16 15:12 . 2014-06-12 14:06 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-11 10:08 . 2014-05-15 14:35 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-12-10 15:23 . 2014-06-02 18:45 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-10 15:23 . 2014-06-02 18:45 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-24 13:04 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-11-21 05:14 . 2014-06-12 14:05 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-21 05:14 . 2014-06-12 14:05 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-21 05:14 . 2014-06-12 14:05 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-19 03:26 . 2014-11-19 03:26 1614504 ----a-w- c:\windows\system32\FM20.DLL
2014-11-11 03:08 . 2014-11-19 10:38 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 10:38 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-11-19 10:38 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-19 10:38 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-10-30 02:03 . 2014-12-10 07:13 165888 ----a-w- c:\windows\system32\charmap.exe
2014-10-25 01:57 . 2014-11-12 10:04 77824 ----a-w- c:\windows\system32\packager.dll
2014-10-25 01:32 . 2014-11-12 10:04 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-10-18 02:05 . 2014-11-12 10:04 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-12 10:04 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-10-14 02:16 . 2014-11-12 10:06 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 02:13 . 2014-11-12 10:06 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 02:13 . 2014-11-12 10:04 3241984 ----a-w- c:\windows\system32\msi.dll
2014-10-14 02:12 . 2014-11-12 10:06 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 02:09 . 2014-11-12 10:06 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 02:07 . 2014-11-12 10:06 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-14 01:50 . 2014-11-12 10:06 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-10-14 01:50 . 2014-11-12 10:04 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-10-14 01:49 . 2014-11-12 10:06 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-10-14 01:47 . 2014-11-12 10:06 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-10-14 01:46 . 2014-11-12 10:06 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-10-10 00:57 . 2014-11-12 10:04 3198976 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-11-21 7063832]
"Zoner Photo Studio Autoupdate"="c:\program files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE" [2014-03-13 779776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 MMCSS;Služba Plánovač multimédií;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 sppsvc;Ochrana softwaru;c:\windows\system32\sppsvc.exe;c:\windows\SYSNATIVE\sppsvc.exe [x]
R3 AcpiPmi;ACPI Power Meter Driver;c:\windows\system32\drivers\acpipmi.sys;c:\windows\SYSNATIVE\drivers\acpipmi.sys [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 adp94xx;adp94xx;c:\windows\system32\drivers\adp94xx.sys;c:\windows\SYSNATIVE\drivers\adp94xx.sys [x]
R3 adpahci;adpahci;c:\windows\system32\drivers\adpahci.sys;c:\windows\SYSNATIVE\drivers\adpahci.sys [x]
R3 amdsata;amdsata;c:\windows\system32\drivers\amdsata.sys;c:\windows\SYSNATIVE\drivers\amdsata.sys [x]
R3 amdsbs;amdsbs;c:\windows\system32\drivers\amdsbs.sys;c:\windows\SYSNATIVE\drivers\amdsbs.sys [x]
R3 AppID;Ovladač AppID;c:\windows\system32\drivers\appid.sys;c:\windows\SYSNATIVE\drivers\appid.sys [x]
R3 AppIDSvc;Identita aplikace;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 arcsas;arcsas;c:\windows\system32\drivers\arcsas.sys;c:\windows\SYSNATIVE\drivers\arcsas.sys [x]
R3 b06bdrv;Broadcom NetXtreme II VBD;c:\windows\system32\drivers\bxvbda.sys;c:\windows\SYSNATIVE\drivers\bxvbda.sys [x]
R3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\b57nd60a.sys [x]
R3 BDESVC;Služba BitLocker Drive Encryption;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\system32\drivers\BrFiltLo.sys;c:\windows\SYSNATIVE\drivers\BrFiltLo.sys [x]
R3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\system32\drivers\BrFiltUp.sys;c:\windows\SYSNATIVE\drivers\BrFiltUp.sys [x]
R3 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\System32\Drivers\Brserid.sys;c:\windows\SYSNATIVE\Drivers\Brserid.sys [x]
R3 BrSerWdm;Brother WDM Serial driver;c:\windows\System32\Drivers\BrSerWdm.sys;c:\windows\SYSNATIVE\Drivers\BrSerWdm.sys [x]
R3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\System32\Drivers\BrUsbMdm.sys;c:\windows\SYSNATIVE\Drivers\BrUsbMdm.sys [x]
R3 BrUsbSer;Brother MFC USB Serial WDM Driver;c:\windows\System32\Drivers\BrUsbSer.sys;c:\windows\SYSNATIVE\Drivers\BrUsbSer.sys [x]
R3 BTHPORT;Ovladač portu Bluetooth;c:\windows\System32\Drivers\BTHport.sys;c:\windows\SYSNATIVE\Drivers\BTHport.sys [x]
R3 CertPropSvc;Šíření certifikátů;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 circlass;Consumer IR Devices;c:\windows\system32\drivers\circlass.sys;c:\windows\SYSNATIVE\drivers\circlass.sys [x]
R3 defragsvc;Defragmentace disku;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;c:\windows\system32\drivers\evbda.sys;c:\windows\SYSNATIVE\drivers\evbda.sys [x]
R3 EFS;Systém souborů EFS (Encrypting File System);c:\windows\System32\lsass.exe;c:\windows\SYSNATIVE\lsass.exe [x]
R3 ehRecvr;Služba přijímače aplikace Windows Media Center;c:\windows\ehome\ehRecvr.exe;c:\windows\ehome\ehRecvr.exe [x]
R3 ehSched;Služba plánování aplikace Windows Media Center;c:\windows\ehome\ehsched.exe;c:\windows\ehome\ehsched.exe [x]
R3 elxstor;elxstor;c:\windows\system32\drivers\elxstor.sys;c:\windows\SYSNATIVE\drivers\elxstor.sys [x]
R3 ErrDev;Microsoft Hardware Error Device Driver;c:\windows\system32\drivers\errdev.sys;c:\windows\SYSNATIVE\drivers\errdev.sys [x]
R3 Fax;Fax;c:\windows\system32\fxssvc.exe;c:\windows\SYSNATIVE\fxssvc.exe [x]
R3 Filetrace;Filetrace;c:\windows\system32\drivers\filetrace.sys;c:\windows\SYSNATIVE\drivers\filetrace.sys [x]
R3 FsDepends;File System Dependency Minifilter;c:\windows\system32\drivers\FsDepends.sys;c:\windows\SYSNATIVE\drivers\FsDepends.sys [x]
R3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms;c:\windows\system32\drivers\gagp30kx.sys;c:\windows\SYSNATIVE\drivers\gagp30kx.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R3 hcw85cir;Hauppauge Consumer Infrared Receiver;c:\windows\system32\drivers\hcw85cir.sys;c:\windows\SYSNATIVE\drivers\hcw85cir.sys [x]
R3 HidBth;Microsoft Bluetooth HID Miniport;c:\windows\system32\drivers\hidbth.sys;c:\windows\SYSNATIVE\drivers\hidbth.sys [x]
R3 HidIr;Microsoft Infrared HID Driver;c:\windows\system32\drivers\hidir.sys;c:\windows\SYSNATIVE\drivers\hidir.sys [x]
R3 HpSAMD;HpSAMD;c:\windows\system32\drivers\HpSAMD.sys;c:\windows\SYSNATIVE\drivers\HpSAMD.sys [x]
R3 iaStorV;Řadič Intel diskového pole RAID – Windows 7;c:\windows\system32\drivers\iaStorV.sys;c:\windows\SYSNATIVE\drivers\iaStorV.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IPBusEnum;Rozpoznávací modul sběrnice PnP-X IP;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 IPMIDRV;IPMIDRV;c:\windows\system32\drivers\IPMIDrv.sys;c:\windows\SYSNATIVE\drivers\IPMIDrv.sys [x]
R3 iScsiPrt;Ovladač iScsiPort;c:\windows\system32\drivers\msiscsi.sys;c:\windows\SYSNATIVE\drivers\msiscsi.sys [x]
R3 KtmRm;Služba KTMRM pro koordinátor DTC;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 lltdsvc;Mapovač zjišťování topologie linkové vrstvy;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 LSI_FC;LSI_FC;c:\windows\system32\drivers\lsi_fc.sys;c:\windows\SYSNATIVE\drivers\lsi_fc.sys [x]
R3 LSI_SAS;LSI_SAS;c:\windows\system32\drivers\lsi_sas.sys;c:\windows\SYSNATIVE\drivers\lsi_sas.sys [x]
R3 LSI_SAS2;LSI_SAS2;c:\windows\system32\drivers\lsi_sas2.sys;c:\windows\SYSNATIVE\drivers\lsi_sas2.sys [x]
R3 LSI_SCSI;LSI_SCSI;c:\windows\system32\drivers\lsi_scsi.sys;c:\windows\SYSNATIVE\drivers\lsi_scsi.sys [x]
R3 megasas;megasas;c:\windows\system32\drivers\megasas.sys;c:\windows\SYSNATIVE\drivers\megasas.sys [x]
R3 MegaSR;MegaSR;c:\windows\system32\drivers\MegaSR.sys;c:\windows\SYSNATIVE\drivers\MegaSR.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x]
R3 mpio;mpio;c:\windows\system32\drivers\mpio.sys;c:\windows\SYSNATIVE\drivers\mpio.sys [x]
R3 msdsm;msdsm;c:\windows\system32\drivers\msdsm.sys;c:\windows\SYSNATIVE\drivers\msdsm.sys [x]
R3 mshidkmdf;Pass-through HID to KMDF Filter Driver;c:\windows\System32\drivers\mshidkmdf.sys;c:\windows\SYSNATIVE\drivers\mshidkmdf.sys [x]
R3 MSiSCSI;Služba iniciátoru iSCSI společnosti Microsoft;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 MsRPC;MsRPC; [x]
R3 MTConfig;Microsoft Input Configuration Driver;c:\windows\system32\drivers\MTConfig.sys;c:\windows\SYSNATIVE\drivers\MTConfig.sys [x]
R3 NdisCap;NDIS Capture LightWeight Filter;c:\windows\system32\DRIVERS\ndiscap.sys;c:\windows\SYSNATIVE\DRIVERS\ndiscap.sys [x]
R3 nfrd960;nfrd960;c:\windows\system32\drivers\nfrd960.sys;c:\windows\SYSNATIVE\drivers\nfrd960.sys [x]
R3 nvstor;nvstor;c:\windows\system32\drivers\nvstor.sys;c:\windows\SYSNATIVE\drivers\nvstor.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 PeerDistSvc;BranchCache;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 PerfHost;Hostitel knihoven DLL čítačů výkonu;c:\windows\SysWow64\perfhost.exe;c:\windows\SysWow64\perfhost.exe [x]
R3 pla;Výstrahy a protokolování výkonu;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 PNRPAutoReg;Služba publikování názvu počítače pomocí protokolu PNRP;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 ql2300;ql2300;c:\windows\system32\drivers\ql2300.sys;c:\windows\SYSNATIVE\drivers\ql2300.sys [x]
R3 ql40xx;ql40xx;c:\windows\system32\drivers\ql40xx.sys;c:\windows\SYSNATIVE\drivers\ql40xx.sys [x]
R3 QWAVE;Sada qWave (Quality Windows Audio Video Experience);c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 QWAVEdrv;Ovladač QWAVE;c:\windows\system32\drivers\qwavedrv.sys;c:\windows\SYSNATIVE\drivers\qwavedrv.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 s3cap;s3cap;c:\windows\system32\drivers\vms3cap.sys;c:\windows\SYSNATIVE\drivers\vms3cap.sys [x]
R3 sbp2port;sbp2port;c:\windows\system32\drivers\sbp2port.sys;c:\windows\SYSNATIVE\drivers\sbp2port.sys [x]
R3 scfilter;Ovladač filtru čipových karet třídy PnP;c:\windows\system32\DRIVERS\scfilter.sys;c:\windows\SYSNATIVE\DRIVERS\scfilter.sys [x]
R3 SCPolicySvc;Zásady odebrání čipové karty;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 SDRSVC;Windows Zálohování;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 SensrSvc;Adaptivní jas;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 sermouse;Serial Mouse Driver;c:\windows\system32\drivers\sermouse.sys;c:\windows\SYSNATIVE\drivers\sermouse.sys [x]
R3 SessionEnv;Konfigurace vzdálené plochy;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 sffp_mmc;SFF Storage Protocol Driver for MMC;c:\windows\system32\drivers\sffp_mmc.sys;c:\windows\SYSNATIVE\drivers\sffp_mmc.sys [x]
R3 SiSRaid2;SiSRaid2;c:\windows\system32\drivers\SiSRaid2.sys;c:\windows\SYSNATIVE\drivers\SiSRaid2.sys [x]
R3 SiSRaid4;SiSRaid4;c:\windows\system32\drivers\sisraid4.sys;c:\windows\SYSNATIVE\drivers\sisraid4.sys [x]
R3 Smb;Protokol TCP/IP a TCP/IPv6 orientovaný na zprávy (relace SMB);c:\windows\system32\DRIVERS\smb.sys;c:\windows\SYSNATIVE\DRIVERS\smb.sys [x]
R3 SNMPTRAP;Zachytávání pro službu SNMP;c:\windows\System32\snmptrap.exe;c:\windows\SYSNATIVE\snmptrap.exe [x]
R3 sppuinotify;Služba Oznámení platformy SPP;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 stexstor;stexstor;c:\windows\system32\drivers\stexstor.sys;c:\windows\SYSNATIVE\drivers\stexstor.sys [x]
R3 storvsc;storvsc;c:\windows\system32\drivers\storvsc.sys;c:\windows\SYSNATIVE\drivers\storvsc.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TabletInputService;Služba Vstupní panel počítače Tablet PC;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 TBS;Služba TPM Base Services;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 TCPIP6;Microsoft IPv6 Protocol Driver;c:\windows\system32\DRIVERS\tcpip.sys;c:\windows\SYSNATIVE\DRIVERS\tcpip.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 THREADORDER;Server pro řazení podprocesů;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 TrustedInstaller;Instalační služba modulů systému Windows;c:\windows\servicing\TrustedInstaller.exe;c:\windows\servicing\TrustedInstaller.exe [x]
R3 tssecsrv;Remote Desktop Services Security Filter Driver;c:\windows\system32\DRIVERS\tssecsrv.sys;c:\windows\SYSNATIVE\DRIVERS\tssecsrv.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 uagp35;Microsoft AGPv3.5 Filter;c:\windows\system32\drivers\uagp35.sys;c:\windows\SYSNATIVE\drivers\uagp35.sys [x]
R3 UI0Detect;Zjišťování interaktivních služeb;c:\windows\system32\UI0Detect.exe;c:\windows\SYSNATIVE\UI0Detect.exe [x]
R3 uliagpkx;Uli AGP Bus Filter;c:\windows\system32\drivers\uliagpkx.sys;c:\windows\SYSNATIVE\drivers\uliagpkx.sys [x]
R3 UmPass;Microsoft UMPass Driver;c:\windows\system32\drivers\umpass.sys;c:\windows\SYSNATIVE\drivers\umpass.sys [x]
R3 UmRdpService;Přesměrovač portů uživatelského režimu služby Vzdálená plocha;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 usbcir;Infračervený přijímač eHome (USBCIR);c:\windows\system32\drivers\usbcir.sys;c:\windows\SYSNATIVE\drivers\usbcir.sys [x]
R3 VaultSvc;Správce pověření;c:\windows\system32\lsass.exe;c:\windows\SYSNATIVE\lsass.exe [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 vhdmp;vhdmp;c:\windows\system32\drivers\vhdmp.sys;c:\windows\SYSNATIVE\drivers\vhdmp.sys [x]
R3 vmbus;vmbus;c:\windows\system32\drivers\vmbus.sys;c:\windows\SYSNATIVE\drivers\vmbus.sys [x]
R3 VMBusHID;VMBusHID;c:\windows\system32\drivers\VMBusHID.sys;c:\windows\SYSNATIVE\drivers\VMBusHID.sys [x]
R3 vsmraid;vsmraid;c:\windows\system32\drivers\vsmraid.sys;c:\windows\SYSNATIVE\drivers\vsmraid.sys [x]
R3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\drivers\wacompen.sys;c:\windows\SYSNATIVE\drivers\wacompen.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wbengine;Služba jádra pro zálohování dat na úrovni bloků;c:\windows\system32\wbengine.exe;c:\windows\SYSNATIVE\wbengine.exe [x]
R3 WbioSrvc;Biometrická služba systému Windows;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WcsPlugInService;Systém barev systému Windows;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 Wd;Wd;c:\windows\system32\drivers\wd.sys;c:\windows\SYSNATIVE\drivers\wd.sys [x]
R3 WdiSystemHost;Hostitel diagnostického systému;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 Wecsvc;Sběr událostí systému Windows;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 wercplsupport;Podpora ovládacího panelu Oznámení a řešení problémů;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WerSvc;Služba Zasílání zpráv o chybách systému Windows;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WIMMount;WIMMount;c:\windows\system32\drivers\wimmount.sys;c:\windows\SYSNATIVE\drivers\wimmount.sys [x]
R3 WinRM;Vzdálená správa systému Windows (WS-Management);c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WPCSvc;Parental Controls;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB;c:\windows\system32\DRIVERS\WSDPrint.sys;c:\windows\SYSNATIVE\DRIVERS\WSDPrint.sys [x]
R3 WwanSvc;Automatická konfigurace sítě WWAN;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [x]
R4 Mcx2Svc;Služba zařízení Media Center Extender;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R4 NetMsmqActivator;Net.Msmq Listener Adapter;c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [x]
R4 NetPipeActivator;Net.Pipe Listener Adapter;c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [x]
R4 NetTcpActivator;Net.Tcp Listener Adapter;c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [x]
S0 amdxata;amdxata;c:\windows\system32\drivers\amdxata.sys;c:\windows\SYSNATIVE\drivers\amdxata.sys [x]
S0 CLFS;Systém souborů CLFS;c:\windows\System32\CLFS.sys;c:\windows\SYSNATIVE\CLFS.sys [x]
S0 CNG;CNG;c:\windows\System32\Drivers\cng.sys;c:\windows\SYSNATIVE\Drivers\cng.sys [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 FileInfo;File Information FS MiniFilter;c:\windows\system32\drivers\fileinfo.sys;c:\windows\SYSNATIVE\drivers\fileinfo.sys [x]
S0 fvevol;Ovladač filtru nástroje Bitlocker Drive Encryption;c:\windows\System32\DRIVERS\fvevol.sys;c:\windows\SYSNATIVE\DRIVERS\fvevol.sys [x]
S0 hpdskflt;HP Filter;c:\windows\system32\DRIVERS\hpdskflt.sys;c:\windows\SYSNATIVE\DRIVERS\hpdskflt.sys [x]
S0 hwpolicy;Hardware Policy Driver;c:\windows\System32\drivers\hwpolicy.sys;c:\windows\SYSNATIVE\drivers\hwpolicy.sys [x]
S0 KSecPkg;KSecPkg;c:\windows\System32\Drivers\ksecpkg.sys;c:\windows\SYSNATIVE\Drivers\ksecpkg.sys [x]
S0 msahci;msahci;c:\windows\system32\drivers\msahci.sys;c:\windows\SYSNATIVE\drivers\msahci.sys [x]
S0 msisadrv;msisadrv;c:\windows\system32\drivers\msisadrv.sys;c:\windows\SYSNATIVE\drivers\msisadrv.sys [x]
S0 pcw;Performance Counters for Windows Driver;c:\windows\System32\drivers\pcw.sys;c:\windows\SYSNATIVE\drivers\pcw.sys [x]
S0 rdyboost;ReadyBoost;c:\windows\System32\drivers\rdyboost.sys;c:\windows\SYSNATIVE\drivers\rdyboost.sys [x]
S0 spldr;Security Processor Loader Driver; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 storflt;Diskový ovladač filtru akcelerace sběrnice virtuálního počítače;c:\windows\system32\drivers\vmstorfl.sys;c:\windows\SYSNATIVE\drivers\vmstorfl.sys [x]
S0 vdrvroot;Ovladač rozpoznávacího modulu virtuální jednotky společnosti Microsoft;c:\windows\system32\drivers\vdrvroot.sys;c:\windows\SYSNATIVE\drivers\vdrvroot.sys [x]
S0 volmgr;Ovladač správce svazků;c:\windows\system32\drivers\volmgr.sys;c:\windows\SYSNATIVE\drivers\volmgr.sys [x]
S0 volmgrx;Správce dynamických svazků;c:\windows\System32\drivers\volmgrx.sys;c:\windows\SYSNATIVE\drivers\volmgrx.sys [x]
S0 Wdf01000;Služba Architektura ovladačů v režimu jádra;c:\windows\system32\drivers\Wdf01000.sys;c:\windows\SYSNATIVE\drivers\Wdf01000.sys [x]
S1 blbdrive;blbdrive;c:\windows\system32\DRIVERS\blbdrive.sys;c:\windows\SYSNATIVE\DRIVERS\blbdrive.sys [x]
S1 CSC;Ovladač souborů pro režim offline;c:\windows\system32\drivers\csc.sys;c:\windows\SYSNATIVE\drivers\csc.sys [x]
S1 DfsC;DFS Namespace Client Driver;c:\windows\system32\Drivers\dfsc.sys;c:\windows\SYSNATIVE\Drivers\dfsc.sys [x]
S1 discache;System Attribute Cache;c:\windows\system32\drivers\discache.sys;c:\windows\SYSNATIVE\drivers\discache.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 nsiproxy;NSI proxy service driver.;c:\windows\system32\drivers\nsiproxy.sys;c:\windows\SYSNATIVE\drivers\nsiproxy.sys [x]
S1 RDPENCDD;RDP Encoder Mirror Driver;c:\windows\system32\drivers\rdpencdd.sys;c:\windows\SYSNATIVE\drivers\rdpencdd.sys [x]
S1 RDPREFMP;Reflector Display Driver used to gain access to graphics data;c:\windows\system32\drivers\rdprefmp.sys;c:\windows\SYSNATIVE\drivers\rdprefmp.sys [x]
S1 tdx;Ovladač pro podporu zastaralého rozhraní TDI NetIO;c:\windows\system32\DRIVERS\tdx.sys;c:\windows\SYSNATIVE\DRIVERS\tdx.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys;c:\windows\SYSNATIVE\DRIVERS\vwififlt.sys [x]
S1 Wanarpv6;Ovladač pro vzdálený přístup IPv6 ARP;c:\windows\system32\DRIVERS\wanarp.sys;c:\windows\SYSNATIVE\DRIVERS\wanarp.sys [x]
S1 WfpLwf;WFP Lightweight Filter;c:\windows\system32\DRIVERS\wfplwf.sys;c:\windows\SYSNATIVE\DRIVERS\wfplwf.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Apple Mobile Device;Apple Mobile Device;c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 AudioEndpointBuilder;Koncové vytváření služby Windows Audio;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 BFE;Služba BFE (Base Filtering Engine);c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 CscService;Offline soubory;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DPS;Služba DPS (Diagnostic Policy Service);c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 epfw;epfw;c:\windows\system32\DRIVERS\epfw.sys;c:\windows\SYSNATIVE\DRIVERS\epfw.sys [x]
S2 FDResPub;Publikování prostředků rozpoznávání funkcí;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 gpsvc;Klient zásad skupiny;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IKEEXT;Služba IKE and AuthIP IPsec Keying Modules;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 iphlpsvc;Pomocná služba protokolu IP;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;c:\windows\system32\DRIVERS\lltdio.sys;c:\windows\SYSNATIVE\DRIVERS\lltdio.sys [x]
S2 luafv;Virtualizace souborů nástroje Řízení uživatelských účtů;c:\windows\system32\drivers\luafv.sys;c:\windows\SYSNATIVE\drivers\luafv.sys [x]
S2 MpsSvc;Brána Windows Firewall;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 NlaSvc;Sledování umístění v síti (NLA);c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 nsi;Služba rozhraní síťového úložiště;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 PcaSvc;Program Compatibility Assistant Service;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 PEAUTH;PEAUTH;c:\windows\system32\drivers\peauth.sys;c:\windows\SYSNATIVE\drivers\peauth.sys [x]
S2 Power;Napájení;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ProfSvc;Služba Profil uživatele;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 RpcEptMapper;Mapovač koncových bodů protokolu RPC;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 rspndr;Link-Layer Topology Discovery Responder;c:\windows\system32\DRIVERS\rspndr.sys;c:\windows\SYSNATIVE\DRIVERS\rspndr.sys [x]
S2 STacSV;Audio Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [x]
S2 SysMain;Superfetch;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 tcpipreg;TCP/IP Registry Compatibility;c:\windows\system32\drivers\tcpipreg.sys;c:\windows\SYSNATIVE\drivers\tcpipreg.sys [x]
S2 UxSms;Správce relací správce oken plochy;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 WinDefend;Windows Defender;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Wlansvc;Automatická konfigurace sítě WLAN;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 WSearch;Windows Search;c:\windows\system32\SearchIndexer.exe;c:\windows\SYSNATIVE\SearchIndexer.exe [x]
S3 1394ohci;Hostitelský řadič pro rozhraní OHCI standardu 1394;c:\windows\system32\DRIVERS\1394ohci.sys;c:\windows\SYSNATIVE\DRIVERS\1394ohci.sys [x]
S3 Accelerometer;HP Mobile Data Protection Sensor;c:\windows\system32\DRIVERS\Accelerometer.sys;c:\windows\SYSNATIVE\DRIVERS\Accelerometer.sys [x]
S3 Appinfo;Informace o aplikaci;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S3 atikmdag;atikmdag;c:\windows\system32\DRIVERS\atikmdag.sys;c:\windows\SYSNATIVE\DRIVERS\atikmdag.sys [x]
S3 BCM43XX;Broadcom 802.11 – ovladač síťového adaptéru;c:\windows\system32\DRIVERS\bcmwl664.sys;c:\windows\SYSNATIVE\DRIVERS\bcmwl664.sys [x]
S3 bowser;Ovladač podpory prohlížeče;c:\windows\system32\DRIVERS\bowser.sys;c:\windows\SYSNATIVE\DRIVERS\bowser.sys [x]
S3 BthEnum;Ovladač pro Bluetooth Request Block;c:\windows\system32\drivers\BthEnum.sys;c:\windows\SYSNATIVE\drivers\BthEnum.sys [x]
S3 BthPan;Zařízení Bluetooth (síť PAN);c:\windows\system32\DRIVERS\bthpan.sys;c:\windows\SYSNATIVE\DRIVERS\bthpan.sys [x]
S3 bthserv;Služba pro podporu technologie Bluetooth;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth;c:\windows\System32\Drivers\BTHUSB.sys;c:\windows\SYSNATIVE\Drivers\BTHUSB.sys [x]
S3 CompositeBus;Ovladač rozpoznávacího modulu složené sběrnice;c:\windows\system32\DRIVERS\CompositeBus.sys;c:\windows\SYSNATIVE\DRIVERS\CompositeBus.sys [x]
S3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys;c:\windows\SYSNATIVE\drivers\dxgkrnl.sys [x]
S3 fdPHost;Hostitel poskytovatele rozpoznávání funkce;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio;c:\windows\system32\drivers\HdAudio.sys;c:\windows\SYSNATIVE\drivers\HdAudio.sys [x]
S3 HomeGroupListener;Naslouchací proces domácí skupiny;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S3 HomeGroupProvider;Zprostředkovatel domácích skupin;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S3 KeyIso;Izolace klíče CNG;c:\windows\system32\lsass.exe;c:\windows\SYSNATIVE\lsass.exe [x]
S3 monitor;Služba ovladače funkce třídy monitorů Microsoft;c:\windows\system32\DRIVERS\monitor.sys;c:\windows\SYSNATIVE\DRIVERS\monitor.sys [x]
S3 mpsdrv;Ovladač ověření brány Windows Firewall;c:\windows\system32\drivers\mpsdrv.sys;c:\windows\SYSNATIVE\drivers\mpsdrv.sys [x]
S3 mrxsmb10;Mini-přesměrovač SMB 1.x;c:\windows\system32\DRIVERS\mrxsmb10.sys;c:\windows\SYSNATIVE\DRIVERS\mrxsmb10.sys [x]
S3 mrxsmb20;Mini-přesměrovač SMB 2.0;c:\windows\system32\DRIVERS\mrxsmb20.sys;c:\windows\SYSNATIVE\DRIVERS\mrxsmb20.sys [x]
S3 NativeWifiP;NativeWiFi Filter;c:\windows\system32\DRIVERS\nwifi.sys;c:\windows\SYSNATIVE\DRIVERS\nwifi.sys [x]
S3 netprofm;Služba seznamu sítí;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S3 p2pimsvc;Správce identit sítě rovnocenných počítačů;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S3 p2psvc;Seskupování v sítích peer-to-peer;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S3 PNRPsvc;Protokol PNRP (Peer Name Resolution Protocol);c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S3 RasAgileVpn;WAN Miniport (IKEv2);c:\windows\system32\DRIVERS\AgileVpn.sys;c:\windows\SYSNATIVE\DRIVERS\AgileVpn.sys [x]
S3 rdpbus;Remote Desktop Device Redirector Bus Driver;c:\windows\system32\DRIVERS\rdpbus.sys;c:\windows\SYSNATIVE\DRIVERS\rdpbus.sys [x]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI);c:\windows\system32\DRIVERS\rfcomm.sys;c:\windows\SYSNATIVE\DRIVERS\rfcomm.sys [x]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 sdbus;sdbus;c:\windows\system32\DRIVERS\sdbus.sys;c:\windows\SYSNATIVE\DRIVERS\sdbus.sys [x]
S3 sffdisk;Ovladač třídy úložiště SFF;c:\windows\system32\DRIVERS\sffdisk.sys;c:\windows\SYSNATIVE\DRIVERS\sffdisk.sys [x]
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus;c:\windows\system32\DRIVERS\sffp_sd.sys;c:\windows\SYSNATIVE\DRIVERS\sffp_sd.sys [x]
S3 srv2;Ovladač pro server SMB 2.xxx;c:\windows\system32\DRIVERS\srv2.sys;c:\windows\SYSNATIVE\DRIVERS\srv2.sys [x]
S3 srvnet;srvnet;c:\windows\system32\DRIVERS\srvnet.sys;c:\windows\SYSNATIVE\DRIVERS\srvnet.sys [x]
S3 STHDA;IDT High Definition Audio CODEC;c:\windows\system32\DRIVERS\stwrt64.sys;c:\windows\SYSNATIVE\DRIVERS\stwrt64.sys [x]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port;c:\windows\system32\DRIVERS\serscan.sys;c:\windows\SYSNATIVE\DRIVERS\serscan.sys [x]
S3 SynTP;Synaptics TouchPad Driver;c:\windows\system32\DRIVERS\SynTP.sys;c:\windows\SYSNATIVE\DRIVERS\SynTP.sys [x]
S3 tunnel;Microsoft Tunnel Miniport Adapter Driver;c:\windows\system32\DRIVERS\tunnel.sys;c:\windows\SYSNATIVE\DRIVERS\tunnel.sys [x]
S3 umbus;Ovladač sběrnice UMBus Enumerator;c:\windows\system32\DRIVERS\umbus.sys;c:\windows\SYSNATIVE\DRIVERS\umbus.sys [x]
S3 usbvideo;Zobrazovací zařízení USB (WDM);c:\windows\System32\Drivers\usbvideo.sys;c:\windows\SYSNATIVE\Drivers\usbvideo.sys [x]
S3 vwifibus;Ovladač sběrnice Virtual WiFi;c:\windows\system32\DRIVERS\vwifibus.sys;c:\windows\SYSNATIVE\DRIVERS\vwifibus.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys;c:\windows\SYSNATIVE\DRIVERS\vwifimp.sys [x]
S3 wcncsvc;Technologie Windows Connect Now – Registrátor konfigurací;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S3 WdiServiceHost;Hostitel diagnostické služby;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S3 WmiAcpi;Microsoft Windows Management Interface for ACPI;c:\windows\system32\DRIVERS\wmiacpi.sys;c:\windows\SYSNATIVE\DRIVERS\wmiacpi.sys [x]
S3 WPDBusEnum;Služba Výčet přenosných zařízení;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-12 15:30 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-01-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-02 15:23]
.
2015-01-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051801142-3162394248-1979058010-1000Core.job
- c:\users\Ladislav\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-10-15 16:54]
.
2015-01-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051801142-3162394248-1979058010-1000UA.job
- c:\users\Ladislav\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-10-15 16:54]
.
2015-01-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-15 17:07]
.
2015-01-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8a57dad22eae.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-15 17:07]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5618456]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-07-21 450048]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.100.100
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Qmlvc2hvY2tJbmZpbml0ZQ==_is1 - c:\program files (x86)\Bioshock InfiniteEP2\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-01-05 19:27:23
ComboFix-quarantined-files.txt 2015-01-05 18:27
ComboFix2.txt 2014-11-02 18:14
.
Před spuštěním: Volných bajtů: 91 164 872 704
Po spuštění: Volných bajtů: 91 100 397 568
.
- - End Of File - - 5FD54CEBD638318AF7C31ED9CA6FCEC0
A36C5E4F47E84449FF07ED3517B43A31
Prosím o kontrolu
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Kód: Vybrat vše
ClearJavaCache::
KillAll::
File::
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051801142-3162394248-1979058010-1000Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051801142-3162394248-1979058010-1000UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8a57dad22eae.job
Folder::
c:\program files (x86)\Google\Update
c:\program files (x86)\Skype\Updater
c:\users\Ladislav\AppData\Local\Facebook\Update
c:\program files (x86)\Google\Update
Driver::
gupdate
SkypeUpdate
gupdatem
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu
ComboFix 15-01-05.01 - Ladislav 06.01.2015 13:16:42.5.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3069.1922 [GMT 1:00]
Spuštěný z: c:\users\Ladislav\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Ladislav\Desktop\CFScript.txt
AV: ESET Smart Security 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
FILE ::
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051801142-3162394248-1979058010-1000Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051801142-3162394248-1979058010-1000UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8a57dad22eae.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.25.11\goopdate.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.25.11\psmachine.dll
c:\program files (x86)\Google\Update\1.3.25.11\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.25.11\psuser.dll
c:\program files (x86)\Google\Update\1.3.25.11\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.11\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\39.0.2171.95\39.0.2171.95_39.0.2171.71_chrome_updater.exe
c:\program files (x86)\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\7.1.2.2041\GoogleEarth-Win-Bundle-7.1.2.2041.1.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\users\Ladislav\AppData\Local\Facebook\Update
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\FacebookCrashHandler.exe
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdate.exe
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdateHelper.msi
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ar.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bg.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bn.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ca.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_cs.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_da.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_de.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_el.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en-GB.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es-419.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_et.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fa.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fi.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fil.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fr.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_gu.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hi.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hr.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hu.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_id.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_is.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_it.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_iw.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ja.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_kn.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ko.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lt.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lv.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ml.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_mr.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ms.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_nl.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_no.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_or.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pl.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-BR.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-PT.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ro.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ru.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sk.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sl.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sr.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sv.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ta.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_te.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_th.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_tr.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_uk.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ur.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_vi.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-CN.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-TW.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\FacebookUpdate.exe
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051801142-3162394248-1979058010-1000Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051801142-3162394248-1979058010-1000UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8a57dad22eae.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-12-06 do 2015-01-06 )))))))))))))))))))))))))))))))
.
.
2015-01-06 12:23 . 2015-01-06 12:23 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-01-06 12:23 . 2015-01-06 12:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-06 09:43 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{37250C58-0CFF-4AF6-96F9-0A2094FF82D7}\mpengine.dll
2014-12-23 10:50 . 2014-12-23 10:50 -------- d-----w- c:\users\Ladislav\AppData\Local\Apple
2014-12-21 13:06 . 2015-01-05 18:38 -------- d-----w- c:\users\Ladislav\AppData\Local\CrashDumps
2014-12-18 17:43 . 2014-12-18 17:27 24064 ----a-w- c:\windows\zoek-delete.exe
2014-12-18 17:43 . 2015-01-06 12:26 -------- d-----w- c:\users\Ladislav\AppData\Local\Temp
2014-12-18 17:27 . 2014-12-18 17:41 -------- d-----w- C:\zoek_backup
2014-12-18 13:28 . 2014-12-18 13:28 -------- d-----w- c:\users\Ladislav\AppData\Roaming\BadFlyInteractive
2014-12-18 13:28 . 2014-12-18 13:28 -------- d-----w- c:\users\Ladislav\AppData\Roaming\Steam
2014-12-18 13:23 . 2014-12-18 13:28 -------- d-----w- c:\program files (x86)\Dead Effect
2014-12-18 11:34 . 2014-12-13 05:09 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-18 11:34 . 2014-12-13 03:33 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-16 15:51 . 2014-12-20 11:39 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-12-14 11:29 . 2014-12-21 13:23 -------- d-----w- c:\program files (x86)\Bioshock Infinite
2014-12-13 20:59 . 2010-05-26 10:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
2014-12-13 20:59 . 2010-05-26 10:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll
2014-12-13 20:59 . 2010-05-26 10:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll
2014-12-13 20:59 . 2010-05-26 10:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll
2014-12-13 20:59 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
2014-12-13 20:59 . 2010-05-26 10:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2014-12-13 20:59 . 2007-04-04 17:54 107368 ----a-w- c:\windows\system32\xinput1_3.dll
2014-12-13 20:59 . 2007-04-04 17:53 81768 ----a-w- c:\windows\SysWow64\xinput1_3.dll
2014-12-11 10:37 . 2014-12-11 10:37 -------- d-----w- c:\windows\system32\appraiser
2014-12-11 09:59 . 2014-10-18 02:05 4121600 ----a-w- c:\windows\system32\mf.dll
2014-12-11 09:59 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2014-12-10 07:20 . 2014-12-04 02:50 192000 ----a-w- c:\windows\system32\aepic.dll
2014-12-10 07:20 . 2014-12-04 02:44 1083392 ----a-w- c:\windows\system32\aeinv.dll
2014-12-10 07:20 . 2014-12-01 23:28 1232040 ----a-w- c:\windows\system32\aitstatic.exe
2014-12-10 07:20 . 2014-12-04 02:50 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-10 07:20 . 2014-12-04 02:50 741376 ----a-w- c:\windows\system32\invagent.dll
2014-12-10 07:20 . 2014-12-04 02:50 396800 ----a-w- c:\windows\system32\devinv.dll
2014-12-10 07:20 . 2014-12-04 02:50 227328 ----a-w- c:\windows\system32\aepdu.dll
2014-12-10 07:19 . 2014-10-03 02:12 310272 ----a-w- c:\windows\system32\WsmWmiPl.dll
2014-12-10 07:19 . 2014-10-03 02:12 2020352 ----a-w- c:\windows\system32\WsmSvc.dll
2014-12-10 07:19 . 2014-10-03 02:11 266240 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2014-12-10 07:19 . 2014-10-03 01:45 1177088 ----a-w- c:\windows\SysWow64\WsmSvc.dll
2014-12-10 07:19 . 2014-10-03 02:12 346624 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2014-12-10 07:19 . 2014-10-03 02:12 181248 ----a-w- c:\windows\system32\WsmAuto.dll
2014-12-10 07:19 . 2014-10-03 01:45 248832 ----a-w- c:\windows\SysWow64\WSManMigrationPlugin.dll
2014-12-10 07:19 . 2014-10-03 01:45 214016 ----a-w- c:\windows\SysWow64\WsmWmiPl.dll
2014-12-10 07:19 . 2014-10-03 01:45 145920 ----a-w- c:\windows\SysWow64\WsmAuto.dll
2014-12-10 07:19 . 2014-10-03 01:44 198656 ----a-w- c:\windows\SysWow64\WSManHTTPConfig.exe
2014-12-10 07:13 . 2014-10-30 02:03 165888 ----a-w- c:\windows\system32\charmap.exe
2014-12-10 07:13 . 2014-10-30 01:45 155136 ----a-w- c:\windows\SysWow64\charmap.exe
2014-12-10 07:10 . 2014-11-08 03:16 2048 ----a-w- c:\windows\system32\tzres.dll
2014-12-10 07:10 . 2014-11-08 02:45 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-12-08 20:30 . 2014-12-08 20:30 151552 ----a-w- c:\windows\SysWow64\nvRegDev.dll
2014-12-08 20:30 . 2014-12-08 20:30 53248 ----a-w- c:\windows\SysWow64\nvTextureToolsUtil.dll
2014-12-08 20:30 . 2014-12-08 20:30 40960 ----a-w- c:\windows\SysWow64\nvISWOW64.dll
2014-12-08 19:45 . 2014-12-08 19:45 -------- d-----w- c:\program files (x86)\Steam
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-16 15:12 . 2014-06-12 14:06 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-11 10:08 . 2014-05-15 14:35 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-12-10 15:23 . 2014-06-02 18:45 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-10 15:23 . 2014-06-02 18:45 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-24 13:04 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-11-21 05:14 . 2014-06-12 14:05 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-21 05:14 . 2014-06-12 14:05 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-21 05:14 . 2014-06-12 14:05 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-19 03:26 . 2014-11-19 03:26 1614504 ----a-w- c:\windows\system32\FM20.DLL
2014-11-11 03:08 . 2014-11-19 10:38 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 10:38 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-11-19 10:38 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-19 10:38 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-10-30 02:03 . 2014-12-10 07:13 165888 ----a-w- c:\windows\system32\charmap.exe
2014-10-25 01:57 . 2014-11-12 10:04 77824 ----a-w- c:\windows\system32\packager.dll
2014-10-25 01:32 . 2014-11-12 10:04 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-10-18 02:05 . 2014-11-12 10:04 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-12 10:04 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-10-14 02:16 . 2014-11-12 10:06 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 02:13 . 2014-11-12 10:06 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 02:13 . 2014-11-12 10:04 3241984 ----a-w- c:\windows\system32\msi.dll
2014-10-14 02:12 . 2014-11-12 10:06 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 02:09 . 2014-11-12 10:06 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 02:07 . 2014-11-12 10:06 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-14 01:50 . 2014-11-12 10:06 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-10-14 01:50 . 2014-11-12 10:04 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-10-14 01:49 . 2014-11-12 10:06 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-10-14 01:47 . 2014-11-12 10:06 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-10-14 01:46 . 2014-11-12 10:06 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-10-10 00:57 . 2014-11-12 10:04 3198976 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-11-21 7063832]
"Zoner Photo Studio Autoupdate"="c:\program files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE" [2014-03-13 779776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-12 15:30 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-01-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-02 15:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5618456]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-07-21 450048]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.100.100
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\DllHost.exe
.
**************************************************************************
.
Celkový čas: 2015-01-06 13:31:57 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-01-06 12:31
ComboFix2.txt 2014-11-02 18:14
.
Před spuštěním: Volných bajtů: 90 676 854 784
Po spuštění: Volných bajtů: 90 550 063 104
.
- - End Of File - - 0B744D288BCEB035041991378014764B
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3069.1922 [GMT 1:00]
Spuštěný z: c:\users\Ladislav\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Ladislav\Desktop\CFScript.txt
AV: ESET Smart Security 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
FILE ::
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051801142-3162394248-1979058010-1000Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051801142-3162394248-1979058010-1000UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8a57dad22eae.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.25.11\goopdate.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.25.11\psmachine.dll
c:\program files (x86)\Google\Update\1.3.25.11\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.25.11\psuser.dll
c:\program files (x86)\Google\Update\1.3.25.11\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.11\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\39.0.2171.95\39.0.2171.95_39.0.2171.71_chrome_updater.exe
c:\program files (x86)\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\7.1.2.2041\GoogleEarth-Win-Bundle-7.1.2.2041.1.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\users\Ladislav\AppData\Local\Facebook\Update
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\FacebookCrashHandler.exe
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdate.exe
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdateHelper.msi
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ar.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bg.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bn.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ca.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_cs.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_da.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_de.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_el.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en-GB.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es-419.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_et.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fa.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fi.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fil.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fr.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_gu.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hi.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hr.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hu.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_id.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_is.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_it.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_iw.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ja.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_kn.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ko.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lt.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lv.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ml.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_mr.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ms.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_nl.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_no.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_or.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pl.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-BR.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-PT.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ro.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ru.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sk.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sl.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sr.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sv.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ta.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_te.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_th.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_tr.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_uk.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ur.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_vi.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-CN.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-TW.dll
c:\users\Ladislav\AppData\Local\Facebook\Update\FacebookUpdate.exe
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051801142-3162394248-1979058010-1000Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3051801142-3162394248-1979058010-1000UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8a57dad22eae.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-12-06 do 2015-01-06 )))))))))))))))))))))))))))))))
.
.
2015-01-06 12:23 . 2015-01-06 12:23 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-01-06 12:23 . 2015-01-06 12:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-06 09:43 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{37250C58-0CFF-4AF6-96F9-0A2094FF82D7}\mpengine.dll
2014-12-23 10:50 . 2014-12-23 10:50 -------- d-----w- c:\users\Ladislav\AppData\Local\Apple
2014-12-21 13:06 . 2015-01-05 18:38 -------- d-----w- c:\users\Ladislav\AppData\Local\CrashDumps
2014-12-18 17:43 . 2014-12-18 17:27 24064 ----a-w- c:\windows\zoek-delete.exe
2014-12-18 17:43 . 2015-01-06 12:26 -------- d-----w- c:\users\Ladislav\AppData\Local\Temp
2014-12-18 17:27 . 2014-12-18 17:41 -------- d-----w- C:\zoek_backup
2014-12-18 13:28 . 2014-12-18 13:28 -------- d-----w- c:\users\Ladislav\AppData\Roaming\BadFlyInteractive
2014-12-18 13:28 . 2014-12-18 13:28 -------- d-----w- c:\users\Ladislav\AppData\Roaming\Steam
2014-12-18 13:23 . 2014-12-18 13:28 -------- d-----w- c:\program files (x86)\Dead Effect
2014-12-18 11:34 . 2014-12-13 05:09 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-18 11:34 . 2014-12-13 03:33 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-16 15:51 . 2014-12-20 11:39 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-12-14 11:29 . 2014-12-21 13:23 -------- d-----w- c:\program files (x86)\Bioshock Infinite
2014-12-13 20:59 . 2010-05-26 10:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
2014-12-13 20:59 . 2010-05-26 10:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll
2014-12-13 20:59 . 2010-05-26 10:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll
2014-12-13 20:59 . 2010-05-26 10:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll
2014-12-13 20:59 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
2014-12-13 20:59 . 2010-05-26 10:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2014-12-13 20:59 . 2007-04-04 17:54 107368 ----a-w- c:\windows\system32\xinput1_3.dll
2014-12-13 20:59 . 2007-04-04 17:53 81768 ----a-w- c:\windows\SysWow64\xinput1_3.dll
2014-12-11 10:37 . 2014-12-11 10:37 -------- d-----w- c:\windows\system32\appraiser
2014-12-11 09:59 . 2014-10-18 02:05 4121600 ----a-w- c:\windows\system32\mf.dll
2014-12-11 09:59 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2014-12-10 07:20 . 2014-12-04 02:50 192000 ----a-w- c:\windows\system32\aepic.dll
2014-12-10 07:20 . 2014-12-04 02:44 1083392 ----a-w- c:\windows\system32\aeinv.dll
2014-12-10 07:20 . 2014-12-01 23:28 1232040 ----a-w- c:\windows\system32\aitstatic.exe
2014-12-10 07:20 . 2014-12-04 02:50 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-10 07:20 . 2014-12-04 02:50 741376 ----a-w- c:\windows\system32\invagent.dll
2014-12-10 07:20 . 2014-12-04 02:50 396800 ----a-w- c:\windows\system32\devinv.dll
2014-12-10 07:20 . 2014-12-04 02:50 227328 ----a-w- c:\windows\system32\aepdu.dll
2014-12-10 07:19 . 2014-10-03 02:12 310272 ----a-w- c:\windows\system32\WsmWmiPl.dll
2014-12-10 07:19 . 2014-10-03 02:12 2020352 ----a-w- c:\windows\system32\WsmSvc.dll
2014-12-10 07:19 . 2014-10-03 02:11 266240 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2014-12-10 07:19 . 2014-10-03 01:45 1177088 ----a-w- c:\windows\SysWow64\WsmSvc.dll
2014-12-10 07:19 . 2014-10-03 02:12 346624 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2014-12-10 07:19 . 2014-10-03 02:12 181248 ----a-w- c:\windows\system32\WsmAuto.dll
2014-12-10 07:19 . 2014-10-03 01:45 248832 ----a-w- c:\windows\SysWow64\WSManMigrationPlugin.dll
2014-12-10 07:19 . 2014-10-03 01:45 214016 ----a-w- c:\windows\SysWow64\WsmWmiPl.dll
2014-12-10 07:19 . 2014-10-03 01:45 145920 ----a-w- c:\windows\SysWow64\WsmAuto.dll
2014-12-10 07:19 . 2014-10-03 01:44 198656 ----a-w- c:\windows\SysWow64\WSManHTTPConfig.exe
2014-12-10 07:13 . 2014-10-30 02:03 165888 ----a-w- c:\windows\system32\charmap.exe
2014-12-10 07:13 . 2014-10-30 01:45 155136 ----a-w- c:\windows\SysWow64\charmap.exe
2014-12-10 07:10 . 2014-11-08 03:16 2048 ----a-w- c:\windows\system32\tzres.dll
2014-12-10 07:10 . 2014-11-08 02:45 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-12-08 20:30 . 2014-12-08 20:30 151552 ----a-w- c:\windows\SysWow64\nvRegDev.dll
2014-12-08 20:30 . 2014-12-08 20:30 53248 ----a-w- c:\windows\SysWow64\nvTextureToolsUtil.dll
2014-12-08 20:30 . 2014-12-08 20:30 40960 ----a-w- c:\windows\SysWow64\nvISWOW64.dll
2014-12-08 19:45 . 2014-12-08 19:45 -------- d-----w- c:\program files (x86)\Steam
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-16 15:12 . 2014-06-12 14:06 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-11 10:08 . 2014-05-15 14:35 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-12-10 15:23 . 2014-06-02 18:45 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-10 15:23 . 2014-06-02 18:45 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-24 13:04 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-11-21 05:14 . 2014-06-12 14:05 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-21 05:14 . 2014-06-12 14:05 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-21 05:14 . 2014-06-12 14:05 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-19 03:26 . 2014-11-19 03:26 1614504 ----a-w- c:\windows\system32\FM20.DLL
2014-11-11 03:08 . 2014-11-19 10:38 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 10:38 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-11-19 10:38 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-19 10:38 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-10-30 02:03 . 2014-12-10 07:13 165888 ----a-w- c:\windows\system32\charmap.exe
2014-10-25 01:57 . 2014-11-12 10:04 77824 ----a-w- c:\windows\system32\packager.dll
2014-10-25 01:32 . 2014-11-12 10:04 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-10-18 02:05 . 2014-11-12 10:04 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-12 10:04 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-10-14 02:16 . 2014-11-12 10:06 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 02:13 . 2014-11-12 10:06 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 02:13 . 2014-11-12 10:04 3241984 ----a-w- c:\windows\system32\msi.dll
2014-10-14 02:12 . 2014-11-12 10:06 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 02:09 . 2014-11-12 10:06 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 02:07 . 2014-11-12 10:06 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-14 01:50 . 2014-11-12 10:06 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-10-14 01:50 . 2014-11-12 10:04 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-10-14 01:49 . 2014-11-12 10:06 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-10-14 01:47 . 2014-11-12 10:06 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-10-14 01:46 . 2014-11-12 10:06 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-10-10 00:57 . 2014-11-12 10:04 3198976 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-11-21 7063832]
"Zoner Photo Studio Autoupdate"="c:\program files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE" [2014-03-13 779776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-12 15:30 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-01-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-02 15:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5618456]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-07-21 450048]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.100.100
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\DllHost.exe
.
**************************************************************************
.
Celkový čas: 2015-01-06 13:31:57 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-01-06 12:31
ComboFix2.txt 2014-11-02 18:14
.
Před spuštěním: Volných bajtů: 90 676 854 784
Po spuštění: Volných bajtů: 90 550 063 104
.
- - End Of File - - 0B744D288BCEB035041991378014764B
A36C5E4F47E84449FF07ED3517B43A31
Re: Prosím o kontrolu
ComboFix 15-01-05.01 - Ladislav 06.01.2015 13:38:42.6.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3069.1272 [GMT 1:00]
Spuštěný z: c:\users\Ladislav\Desktop\ComboFix.exe
AV: ESET Smart Security 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-12-06 do 2015-01-06 )))))))))))))))))))))))))))))))
.
.
2015-01-06 12:44 . 2015-01-06 12:44 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-01-06 12:44 . 2015-01-06 12:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-06 09:43 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{37250C58-0CFF-4AF6-96F9-0A2094FF82D7}\mpengine.dll
2014-12-23 10:50 . 2014-12-23 10:50 -------- d-----w- c:\users\Ladislav\AppData\Local\Apple
2014-12-21 13:06 . 2015-01-05 18:38 -------- d-----w- c:\users\Ladislav\AppData\Local\CrashDumps
2014-12-18 17:43 . 2014-12-18 17:27 24064 ----a-w- c:\windows\zoek-delete.exe
2014-12-18 17:43 . 2015-01-06 12:44 -------- d-----w- c:\users\Ladislav\AppData\Local\Temp
2014-12-18 17:27 . 2014-12-18 17:41 -------- d-----w- C:\zoek_backup
2014-12-18 13:28 . 2014-12-18 13:28 -------- d-----w- c:\users\Ladislav\AppData\Roaming\BadFlyInteractive
2014-12-18 13:28 . 2014-12-18 13:28 -------- d-----w- c:\users\Ladislav\AppData\Roaming\Steam
2014-12-18 13:23 . 2014-12-18 13:28 -------- d-----w- c:\program files (x86)\Dead Effect
2014-12-18 11:34 . 2014-12-13 05:09 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-18 11:34 . 2014-12-13 03:33 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-16 15:51 . 2014-12-20 11:39 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-12-14 11:29 . 2014-12-21 13:23 -------- d-----w- c:\program files (x86)\Bioshock Infinite
2014-12-13 20:59 . 2010-05-26 10:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
2014-12-13 20:59 . 2010-05-26 10:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll
2014-12-13 20:59 . 2010-05-26 10:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll
2014-12-13 20:59 . 2010-05-26 10:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll
2014-12-13 20:59 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
2014-12-13 20:59 . 2010-05-26 10:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2014-12-13 20:59 . 2007-04-04 17:54 107368 ----a-w- c:\windows\system32\xinput1_3.dll
2014-12-13 20:59 . 2007-04-04 17:53 81768 ----a-w- c:\windows\SysWow64\xinput1_3.dll
2014-12-11 10:37 . 2014-12-11 10:37 -------- d-----w- c:\windows\system32\appraiser
2014-12-11 09:59 . 2014-10-18 02:05 4121600 ----a-w- c:\windows\system32\mf.dll
2014-12-11 09:59 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2014-12-10 07:20 . 2014-12-04 02:50 192000 ----a-w- c:\windows\system32\aepic.dll
2014-12-10 07:20 . 2014-12-04 02:44 1083392 ----a-w- c:\windows\system32\aeinv.dll
2014-12-10 07:20 . 2014-12-01 23:28 1232040 ----a-w- c:\windows\system32\aitstatic.exe
2014-12-10 07:20 . 2014-12-04 02:50 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-10 07:20 . 2014-12-04 02:50 741376 ----a-w- c:\windows\system32\invagent.dll
2014-12-10 07:20 . 2014-12-04 02:50 396800 ----a-w- c:\windows\system32\devinv.dll
2014-12-10 07:20 . 2014-12-04 02:50 227328 ----a-w- c:\windows\system32\aepdu.dll
2014-12-10 07:19 . 2014-10-03 02:12 310272 ----a-w- c:\windows\system32\WsmWmiPl.dll
2014-12-10 07:19 . 2014-10-03 02:12 2020352 ----a-w- c:\windows\system32\WsmSvc.dll
2014-12-10 07:19 . 2014-10-03 02:11 266240 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2014-12-10 07:19 . 2014-10-03 01:45 1177088 ----a-w- c:\windows\SysWow64\WsmSvc.dll
2014-12-10 07:19 . 2014-10-03 02:12 346624 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2014-12-10 07:19 . 2014-10-03 02:12 181248 ----a-w- c:\windows\system32\WsmAuto.dll
2014-12-10 07:19 . 2014-10-03 01:45 248832 ----a-w- c:\windows\SysWow64\WSManMigrationPlugin.dll
2014-12-10 07:19 . 2014-10-03 01:45 214016 ----a-w- c:\windows\SysWow64\WsmWmiPl.dll
2014-12-10 07:19 . 2014-10-03 01:45 145920 ----a-w- c:\windows\SysWow64\WsmAuto.dll
2014-12-10 07:19 . 2014-10-03 01:44 198656 ----a-w- c:\windows\SysWow64\WSManHTTPConfig.exe
2014-12-10 07:13 . 2014-10-30 02:03 165888 ----a-w- c:\windows\system32\charmap.exe
2014-12-10 07:13 . 2014-10-30 01:45 155136 ----a-w- c:\windows\SysWow64\charmap.exe
2014-12-10 07:10 . 2014-11-08 03:16 2048 ----a-w- c:\windows\system32\tzres.dll
2014-12-10 07:10 . 2014-11-08 02:45 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-12-08 20:30 . 2014-12-08 20:30 151552 ----a-w- c:\windows\SysWow64\nvRegDev.dll
2014-12-08 20:30 . 2014-12-08 20:30 53248 ----a-w- c:\windows\SysWow64\nvTextureToolsUtil.dll
2014-12-08 20:30 . 2014-12-08 20:30 40960 ----a-w- c:\windows\SysWow64\nvISWOW64.dll
2014-12-08 19:45 . 2014-12-08 19:45 -------- d-----w- c:\program files (x86)\Steam
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-16 15:12 . 2014-06-12 14:06 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-11 10:08 . 2014-05-15 14:35 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-12-10 15:23 . 2014-06-02 18:45 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-10 15:23 . 2014-06-02 18:45 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-24 13:04 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-11-21 05:14 . 2014-06-12 14:05 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-21 05:14 . 2014-06-12 14:05 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-21 05:14 . 2014-06-12 14:05 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-19 03:26 . 2014-11-19 03:26 1614504 ----a-w- c:\windows\system32\FM20.DLL
2014-11-11 03:08 . 2014-11-19 10:38 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 10:38 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-11-19 10:38 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-19 10:38 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-10-30 02:03 . 2014-12-10 07:13 165888 ----a-w- c:\windows\system32\charmap.exe
2014-10-25 01:57 . 2014-11-12 10:04 77824 ----a-w- c:\windows\system32\packager.dll
2014-10-25 01:32 . 2014-11-12 10:04 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-10-18 02:05 . 2014-11-12 10:04 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-12 10:04 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-10-14 02:16 . 2014-11-12 10:06 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 02:13 . 2014-11-12 10:06 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 02:13 . 2014-11-12 10:04 3241984 ----a-w- c:\windows\system32\msi.dll
2014-10-14 02:12 . 2014-11-12 10:06 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 02:09 . 2014-11-12 10:06 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 02:07 . 2014-11-12 10:06 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-14 01:50 . 2014-11-12 10:06 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-10-14 01:50 . 2014-11-12 10:04 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-10-14 01:49 . 2014-11-12 10:06 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-10-14 01:47 . 2014-11-12 10:06 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-10-14 01:46 . 2014-11-12 10:06 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-10-10 00:57 . 2014-11-12 10:04 3198976 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-11-21 7063832]
"Zoner Photo Studio Autoupdate"="c:\program files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE" [2014-03-13 779776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-12 15:30 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-01-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-02 15:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5618456]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-07-21 450048]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.100.100
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2015-01-06 13:46:37
ComboFix-quarantined-files.txt 2015-01-06 12:46
ComboFix2.txt 2015-01-06 12:31
ComboFix3.txt 2014-11-02 18:14
.
Před spuštěním: Volných bajtů: 90 572 541 952
Po spuštění: Volných bajtů: 90 139 058 176
.
- - End Of File - - 8297C5EA0A52443B593218CC87427761
A36C5E4F47E84449FF07ED3517B43A31
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-01-06 13:51:45
-----------------------------
13:51:45.879 OS Version: Windows x64 6.1.7601 Service Pack 1
13:51:45.879 Number of processors: 2 586 0x170A
13:51:45.879 ComputerName: LADISLAV-PC UserName: Ladislav
13:51:47.642 Initialize success
13:51:47.829 VM: initialized successfully
13:51:47.829 VM: Intel CPU virtualization not supported
13:51:58.906 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:51:58.922 Disk 0 Vendor: ST9320320AS HP07 Size: 305245MB BusType: 11
13:51:58.937 Disk 1 \Device\Harddisk1\SR0 -> \Device\SdBus-0
13:51:58.937 Disk 1 Vendor: ( Size: 15268MB BusType: 12
13:51:58.937 Disk 0 MBR read successfully
13:51:58.937 Disk 0 MBR scan
13:51:58.953 Disk 0 Windows 7 default MBR code
13:51:58.953 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 294885 MB offset 2048
13:51:58.953 Disk 0 Boot: NTFS code=2
13:51:59.015 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10356 MB offset 603926528
13:51:59.078 Disk 0 scanning C:\Windows\system32\drivers
13:52:09.514 Service scanning
13:52:26.503 Modules scanning
13:52:26.518 Disk 0 trace - called modules:
13:52:26.534 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys >>UNKNOWN [0xfffffa800248f2c0]<<sptd.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
13:52:26.549 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8003420060]
13:52:26.549 3 CLASSPNP.SYS[fffff880015d143f] -> nt!IofCallDriver -> [0xfffffa800341f900]
13:52:26.565 5 hpdskflt.sys[fffff880014a3189] -> nt!IofCallDriver -> [0xfffffa80032ac520]
13:52:26.565 7 ACPI.sys[fffff8800115c7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800329e1f0]
13:52:26.581 \Driver\atapi[0xfffffa800326ace0] -> IRP_MJ_CREATE -> 0xfffffa800248f2c0
13:52:26.581 Disk 0 statistics 93212/0/0 @ 5,43 MB/s
13:52:26.581 Scan finished successfully
13:53:17.683 Disk 0 MBR has been saved successfully to "C:\Users\Ladislav\Desktop\MBR.dat"
13:53:17.698 The log file has been saved successfully to "C:\Users\Ladislav\Desktop\aswMBR.txt"
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3069.1272 [GMT 1:00]
Spuštěný z: c:\users\Ladislav\Desktop\ComboFix.exe
AV: ESET Smart Security 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-12-06 do 2015-01-06 )))))))))))))))))))))))))))))))
.
.
2015-01-06 12:44 . 2015-01-06 12:44 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-01-06 12:44 . 2015-01-06 12:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-06 09:43 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{37250C58-0CFF-4AF6-96F9-0A2094FF82D7}\mpengine.dll
2014-12-23 10:50 . 2014-12-23 10:50 -------- d-----w- c:\users\Ladislav\AppData\Local\Apple
2014-12-21 13:06 . 2015-01-05 18:38 -------- d-----w- c:\users\Ladislav\AppData\Local\CrashDumps
2014-12-18 17:43 . 2014-12-18 17:27 24064 ----a-w- c:\windows\zoek-delete.exe
2014-12-18 17:43 . 2015-01-06 12:44 -------- d-----w- c:\users\Ladislav\AppData\Local\Temp
2014-12-18 17:27 . 2014-12-18 17:41 -------- d-----w- C:\zoek_backup
2014-12-18 13:28 . 2014-12-18 13:28 -------- d-----w- c:\users\Ladislav\AppData\Roaming\BadFlyInteractive
2014-12-18 13:28 . 2014-12-18 13:28 -------- d-----w- c:\users\Ladislav\AppData\Roaming\Steam
2014-12-18 13:23 . 2014-12-18 13:28 -------- d-----w- c:\program files (x86)\Dead Effect
2014-12-18 11:34 . 2014-12-13 05:09 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-18 11:34 . 2014-12-13 03:33 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-16 15:51 . 2014-12-20 11:39 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-12-14 11:29 . 2014-12-21 13:23 -------- d-----w- c:\program files (x86)\Bioshock Infinite
2014-12-13 20:59 . 2010-05-26 10:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
2014-12-13 20:59 . 2010-05-26 10:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll
2014-12-13 20:59 . 2010-05-26 10:41 511328 ----a-w- c:\windows\system32\d3dx10_43.dll
2014-12-13 20:59 . 2010-05-26 10:41 470880 ----a-w- c:\windows\SysWow64\d3dx10_43.dll
2014-12-13 20:59 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
2014-12-13 20:59 . 2010-05-26 10:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2014-12-13 20:59 . 2007-04-04 17:54 107368 ----a-w- c:\windows\system32\xinput1_3.dll
2014-12-13 20:59 . 2007-04-04 17:53 81768 ----a-w- c:\windows\SysWow64\xinput1_3.dll
2014-12-11 10:37 . 2014-12-11 10:37 -------- d-----w- c:\windows\system32\appraiser
2014-12-11 09:59 . 2014-10-18 02:05 4121600 ----a-w- c:\windows\system32\mf.dll
2014-12-11 09:59 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2014-12-10 07:20 . 2014-12-04 02:50 192000 ----a-w- c:\windows\system32\aepic.dll
2014-12-10 07:20 . 2014-12-04 02:44 1083392 ----a-w- c:\windows\system32\aeinv.dll
2014-12-10 07:20 . 2014-12-01 23:28 1232040 ----a-w- c:\windows\system32\aitstatic.exe
2014-12-10 07:20 . 2014-12-04 02:50 413184 ----a-w- c:\windows\system32\generaltel.dll
2014-12-10 07:20 . 2014-12-04 02:50 741376 ----a-w- c:\windows\system32\invagent.dll
2014-12-10 07:20 . 2014-12-04 02:50 396800 ----a-w- c:\windows\system32\devinv.dll
2014-12-10 07:20 . 2014-12-04 02:50 227328 ----a-w- c:\windows\system32\aepdu.dll
2014-12-10 07:19 . 2014-10-03 02:12 310272 ----a-w- c:\windows\system32\WsmWmiPl.dll
2014-12-10 07:19 . 2014-10-03 02:12 2020352 ----a-w- c:\windows\system32\WsmSvc.dll
2014-12-10 07:19 . 2014-10-03 02:11 266240 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2014-12-10 07:19 . 2014-10-03 01:45 1177088 ----a-w- c:\windows\SysWow64\WsmSvc.dll
2014-12-10 07:19 . 2014-10-03 02:12 346624 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2014-12-10 07:19 . 2014-10-03 02:12 181248 ----a-w- c:\windows\system32\WsmAuto.dll
2014-12-10 07:19 . 2014-10-03 01:45 248832 ----a-w- c:\windows\SysWow64\WSManMigrationPlugin.dll
2014-12-10 07:19 . 2014-10-03 01:45 214016 ----a-w- c:\windows\SysWow64\WsmWmiPl.dll
2014-12-10 07:19 . 2014-10-03 01:45 145920 ----a-w- c:\windows\SysWow64\WsmAuto.dll
2014-12-10 07:19 . 2014-10-03 01:44 198656 ----a-w- c:\windows\SysWow64\WSManHTTPConfig.exe
2014-12-10 07:13 . 2014-10-30 02:03 165888 ----a-w- c:\windows\system32\charmap.exe
2014-12-10 07:13 . 2014-10-30 01:45 155136 ----a-w- c:\windows\SysWow64\charmap.exe
2014-12-10 07:10 . 2014-11-08 03:16 2048 ----a-w- c:\windows\system32\tzres.dll
2014-12-10 07:10 . 2014-11-08 02:45 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-12-08 20:30 . 2014-12-08 20:30 151552 ----a-w- c:\windows\SysWow64\nvRegDev.dll
2014-12-08 20:30 . 2014-12-08 20:30 53248 ----a-w- c:\windows\SysWow64\nvTextureToolsUtil.dll
2014-12-08 20:30 . 2014-12-08 20:30 40960 ----a-w- c:\windows\SysWow64\nvISWOW64.dll
2014-12-08 19:45 . 2014-12-08 19:45 -------- d-----w- c:\program files (x86)\Steam
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-16 15:12 . 2014-06-12 14:06 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-11 10:08 . 2014-05-15 14:35 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-12-10 15:23 . 2014-06-02 18:45 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-10 15:23 . 2014-06-02 18:45 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-24 13:04 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-11-21 05:14 . 2014-06-12 14:05 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-21 05:14 . 2014-06-12 14:05 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-21 05:14 . 2014-06-12 14:05 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-19 03:26 . 2014-11-19 03:26 1614504 ----a-w- c:\windows\system32\FM20.DLL
2014-11-11 03:08 . 2014-11-19 10:38 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 10:38 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-11-19 10:38 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-19 10:38 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-10-30 02:03 . 2014-12-10 07:13 165888 ----a-w- c:\windows\system32\charmap.exe
2014-10-25 01:57 . 2014-11-12 10:04 77824 ----a-w- c:\windows\system32\packager.dll
2014-10-25 01:32 . 2014-11-12 10:04 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-10-18 02:05 . 2014-11-12 10:04 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-12 10:04 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-10-14 02:16 . 2014-11-12 10:06 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 02:13 . 2014-11-12 10:06 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 02:13 . 2014-11-12 10:04 3241984 ----a-w- c:\windows\system32\msi.dll
2014-10-14 02:12 . 2014-11-12 10:06 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 02:09 . 2014-11-12 10:06 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 02:07 . 2014-11-12 10:06 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-14 01:50 . 2014-11-12 10:06 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-10-14 01:50 . 2014-11-12 10:04 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-10-14 01:49 . 2014-11-12 10:06 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-10-14 01:47 . 2014-11-12 10:06 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-10-14 01:46 . 2014-11-12 10:06 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-10-10 00:57 . 2014-11-12 10:04 3198976 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-11-21 7063832]
"Zoner Photo Studio Autoupdate"="c:\program files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE" [2014-03-13 779776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-12 15:30 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-01-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-02 15:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5618456]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-07-21 450048]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.100.100
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2015-01-06 13:46:37
ComboFix-quarantined-files.txt 2015-01-06 12:46
ComboFix2.txt 2015-01-06 12:31
ComboFix3.txt 2014-11-02 18:14
.
Před spuštěním: Volných bajtů: 90 572 541 952
Po spuštění: Volných bajtů: 90 139 058 176
.
- - End Of File - - 8297C5EA0A52443B593218CC87427761
A36C5E4F47E84449FF07ED3517B43A31
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-01-06 13:51:45
-----------------------------
13:51:45.879 OS Version: Windows x64 6.1.7601 Service Pack 1
13:51:45.879 Number of processors: 2 586 0x170A
13:51:45.879 ComputerName: LADISLAV-PC UserName: Ladislav
13:51:47.642 Initialize success
13:51:47.829 VM: initialized successfully
13:51:47.829 VM: Intel CPU virtualization not supported
13:51:58.906 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:51:58.922 Disk 0 Vendor: ST9320320AS HP07 Size: 305245MB BusType: 11
13:51:58.937 Disk 1 \Device\Harddisk1\SR0 -> \Device\SdBus-0
13:51:58.937 Disk 1 Vendor: ( Size: 15268MB BusType: 12
13:51:58.937 Disk 0 MBR read successfully
13:51:58.937 Disk 0 MBR scan
13:51:58.953 Disk 0 Windows 7 default MBR code
13:51:58.953 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 294885 MB offset 2048
13:51:58.953 Disk 0 Boot: NTFS code=2
13:51:59.015 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10356 MB offset 603926528
13:51:59.078 Disk 0 scanning C:\Windows\system32\drivers
13:52:09.514 Service scanning
13:52:26.503 Modules scanning
13:52:26.518 Disk 0 trace - called modules:
13:52:26.534 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys >>UNKNOWN [0xfffffa800248f2c0]<<sptd.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
13:52:26.549 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8003420060]
13:52:26.549 3 CLASSPNP.SYS[fffff880015d143f] -> nt!IofCallDriver -> [0xfffffa800341f900]
13:52:26.565 5 hpdskflt.sys[fffff880014a3189] -> nt!IofCallDriver -> [0xfffffa80032ac520]
13:52:26.565 7 ACPI.sys[fffff8800115c7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800329e1f0]
13:52:26.581 \Driver\atapi[0xfffffa800326ace0] -> IRP_MJ_CREATE -> 0xfffffa800248f2c0
13:52:26.581 Disk 0 statistics 93212/0/0 @ 5,43 MB/s
13:52:26.581 Scan finished successfully
13:53:17.683 Disk 0 MBR has been saved successfully to "C:\Users\Ladislav\Desktop\MBR.dat"
13:53:17.698 The log file has been saved successfully to "C:\Users\Ladislav\Desktop\aswMBR.txt"
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
+ Nový log z HJT
Jak se chová PC?
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
+ Nový log z HJT
Jak se chová PC?
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: Prosím o kontrolu
Už je to lepší, ale ramky se pořád pohybují kolem 30-40%
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:38:16, on 6.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
C:\Users\Ladislav\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6925 bytes
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:38:16, on 6.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
C:\Users\Ladislav\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6925 bytes
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu
A předtím si je měl nakolika? Já mám na 36% a je to normální (3,5GB)-
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 123 hostů