ComboFix 15-11-17.01 - Filip 30.11.2015 19:00:38.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4040.2053 [GMT 1:00]
Spuštěný z: c:\users\Filip\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Filip\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Filip\AppData\Local\Temp\cpuz134\cpuz134_x64.sys"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.28.15\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.28.15\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.28.15\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.28.15\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.28.15\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.28.15\GoogleUpdateWebPlugin.exe
c:\program files (x86)\Google\Update\1.3.28.15\goopdate.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.28.15\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.28.15\psmachine.dll
c:\program files (x86)\Google\Update\1.3.28.15\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.28.15\psuser.dll
c:\program files (x86)\Google\Update\1.3.28.15\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\46.0.2490.86\46.0.2490.86_46.0.2490.80_chrome_updater.exe
c:\program files (x86)\Google\Update\Download\{75CDE0AF-816C-479E-97D4-927D87FEA5A3}\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.6904.2028\GoogleToolbarInstaller_updater_signed.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Google\Update\Install\{083F6584-C284-46EF-A7A6-19AA9EDA8B56}\46.0.2490.80_46.0.2490.71_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{2DF623CD-10EA-4389-8320-CE292C630C30}\45.0.2454.101_chrome_installer.exe
c:\program files (x86)\Google\Update\Install\{3396E26E-6A36-404C-9D31-0CD8A8F15E20}\46.0.2490.71_45.0.2454.101_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{3FDC2BE6-CCB6-4D0A-9025-594B84E96840}\46.0.2490.86_46.0.2490.80_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{595327BE-9711-4904-AA33-24CB93B365F8}\45.0.2454.101_chrome_installer.exe
c:\program files (x86)\Google\Update\Install\{8E3097A3-6D76-4101-9697-A997BB479ECD}\45.0.2454.101_chrome_installer.exe
c:\program files (x86)\Google\Update\Install\{C4CD91E0-E8AE-47FD-8F6A-901A2A1E3440}\46.0.2490.71_chrome_installer.exe
c:\program files (x86)\Google\Update\Install\{CEB7D249-04C0-4F58-B836-C84463965578}\46.0.2490.71_chrome_installer.exe
c:\program files (x86)\Google\Update\Install\{DE7476F4-5A85-4DDB-9711-74719AC6FD33}\GoogleToolbarInstaller_updater_signed.exe
c:\program files (x86)\Google\Update\Install\{FC2C69AE-6E59-4D0F-A3EC-FEC387000D84}\45.0.2454.101_chrome_installer.exe
c:\users\Filip\WINDOWS
c:\users\Filip\WINDOWS\crc32.crc
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
Nakažená kopie c:\windows\SysWow64\userinit.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\combofix\HarddiskVolumeShadowCopy7_!Windows!SysWOW64!userinit.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_CPUZ134
-------\Service_cpuz134
-------\Service_myqityze
-------\Service_zixusoju
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-10-28 do 2015-11-30 )))))))))))))))))))))))))))))))
.
.
2015-11-30 18:14 . 2015-11-30 18:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-11-27 13:57 . 2015-10-29 09:28 11138400 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{26019F06-15FB-49B0-8A09-05E6EF322822}\mpengine.dll
2015-11-17 14:00 . 2015-11-17 14:00 -------- d-----w- c:\users\Filip\AppData\Local\VirtualStore
2015-11-17 13:55 . 2015-11-17 13:30 24064 ----a-w- c:\windows\zoek-delete.exe
2015-11-17 13:55 . 2015-11-30 18:20 -------- d-----w- c:\users\Filip\AppData\Local\Temp
2015-11-17 13:30 . 2015-11-17 13:51 -------- d-----w- C:\zoek_backup
2015-11-16 13:20 . 2015-11-16 13:20 -------- d-----w- c:\users\Filip\AppData\Local\Apple Computer
2015-11-16 13:20 . 2015-11-16 13:22 -------- d-----w- c:\users\Filip\AppData\Roaming\Apple Computer
2015-11-16 13:16 . 2015-11-16 13:16 -------- d-----w- c:\program files (x86)\iTunes
2015-11-16 13:16 . 2015-11-16 13:16 -------- d-----w- c:\program files\iPod
2015-11-16 13:16 . 2015-11-16 13:19 -------- d-----w- c:\program files\iTunes
2015-11-16 13:16 . 2015-11-16 13:16 -------- d-----w- c:\programdata\Apple Computer
2015-11-16 13:13 . 2015-11-16 13:13 -------- d-----w- c:\users\Filip\AppData\Local\Apple
2015-11-16 13:13 . 2015-11-16 13:13 -------- d-----w- c:\program files (x86)\Apple Software Update
2015-11-16 13:12 . 2015-11-16 13:12 -------- d-----w- c:\program files\Bonjour
2015-11-16 13:12 . 2015-11-16 13:12 -------- d-----w- c:\program files (x86)\Bonjour
2015-11-16 13:10 . 2015-11-16 13:16 -------- d-----w- c:\program files\Common Files\Apple
2015-11-16 13:08 . 2015-11-16 13:13 -------- d-----w- c:\programdata\Apple
2015-11-16 13:08 . 2015-11-16 13:12 -------- d-----w- c:\program files (x86)\Common Files\Apple
2015-11-15 13:42 . 2015-11-17 12:51 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-11-15 13:42 . 2015-11-15 14:16 -------- d-----w- c:\programdata\RogueKiller
2015-11-14 19:11 . 2015-11-15 12:56 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-11-14 19:10 . 2015-10-05 08:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-11-14 19:10 . 2015-10-05 08:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-11-14 19:10 . 2015-11-14 19:10 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-11-14 19:10 . 2015-11-14 19:10 -------- d-----w- c:\programdata\Malwarebytes
2015-11-14 19:10 . 2015-10-05 08:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-11-14 19:05 . 2015-11-15 12:08 -------- d-----w- C:\AdwCleaner
2015-11-14 18:55 . 2015-11-14 18:55 -------- d-----w- c:\users\Filip\AppData\Local\VS Revo Group
2015-11-14 18:55 . 2015-11-14 18:55 -------- d-----w- c:\programdata\VS Revo Group
2015-11-14 18:55 . 2009-12-30 10:21 31800 ----a-w- c:\windows\system32\drivers\revoflt.sys
2015-11-14 18:55 . 2015-11-14 18:55 -------- d-----w- c:\program files\VS Revo Group
2015-11-14 17:43 . 2015-11-14 17:43 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-11-14 17:40 . 2015-11-14 17:40 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-11-14 17:40 . 2015-10-21 17:10 110176 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-64.dll
2015-11-14 17:40 . 2015-11-14 17:40 -------- d-----w- c:\program files (x86)\Java
2015-11-14 02:07 . 2004-01-11 23:00 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2015-11-14 02:07 . 2003-03-19 02:14 499712 ----a-w- c:\windows\SysWow64\MSVCP71.DLL
2015-11-14 00:23 . 2015-11-28 00:02 -------- d-----w- C:\Simba
2015-11-13 21:52 . 2015-11-13 21:52 -------- d-----w- c:\users\Filip\AppData\Roaming\NVIDIA
2015-11-13 21:39 . 2015-11-13 21:39 -------- d-----w- c:\users\Filip\AppData\Local\NVIDIA Corporation
2015-11-13 21:39 . 2015-11-13 21:39 -------- d-----w- c:\users\Filip\AppData\Local\NVIDIA
2015-11-13 21:38 . 2015-11-05 17:13 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-11-13 21:38 . 2015-11-05 17:13 1710752 ----a-w- c:\windows\system32\nvspcap64.dll
2015-11-13 21:38 . 2015-11-05 17:13 1423304 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-11-13 21:38 . 2015-11-05 17:13 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-11-13 21:32 . 2015-11-13 21:32 -------- d-----w- c:\windows\SysWow64\NV
2015-11-13 21:32 . 2015-11-13 21:32 -------- d-----w- c:\windows\system32\NV
2015-11-13 21:24 . 2015-11-13 21:24 -------- d-----w- C:\NVIDIA
2015-11-13 20:44 . 2010-06-02 03:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2015-11-13 20:44 . 2010-06-02 03:55 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll
2015-11-13 20:44 . 2010-06-02 03:55 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll
2015-11-13 20:44 . 2010-06-02 03:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll
2015-11-13 20:42 . 2008-10-15 05:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll
2015-11-13 20:41 . 2007-03-12 15:42 4494184 ----a-w- c:\windows\system32\d3dx9_33.dll
2015-11-13 20:40 . 2006-03-31 11:41 3927248 ----a-w- c:\windows\system32\d3dx9_30.dll
2015-11-12 06:31 . 2015-11-03 17:55 3211264 ----a-w- c:\windows\system32\win32k.sys
2015-11-11 05:34 . 2015-10-29 17:49 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2015-11-11 05:33 . 2015-11-03 22:10 814280 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2015-11-11 05:30 . 2015-10-20 01:12 5570496 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-11-11 05:29 . 2015-10-13 16:40 118272 ----a-w- c:\windows\system32\drivers\tdx.sys
2015-11-11 05:29 . 2015-10-13 16:41 497664 ----a-w- c:\windows\system32\drivers\afd.sys
2015-11-11 05:12 . 2015-10-13 04:57 950720 ----a-w- c:\windows\system32\drivers\ndis.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-11-13 16:48 . 2015-10-19 18:27 12710 ----a-w- c:\windows\system32\Native.exe
2015-11-11 08:17 . 2015-09-27 11:56 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-11-11 08:17 . 2015-09-27 11:56 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-11-06 22:11 . 2015-09-27 10:09 449992 ----a-w- c:\windows\system32\drivers\aswsp.sys
2015-11-06 22:11 . 2015-09-27 10:09 1059656 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2015-11-05 17:13 . 2011-10-18 12:02 177600 ----a-w- c:\windows\system32\nvinitx.dll
2015-11-05 17:13 . 2011-10-18 12:02 155792 ----a-w- c:\windows\SysWow64\nvinit.dll
2015-11-05 15:13 . 2011-05-02 19:35 6358648 ----a-w- c:\windows\system32\nvcpl.dll
2015-11-05 15:13 . 2011-05-02 19:35 2983032 ----a-w- c:\windows\system32\nvsvc64.dll
2015-11-05 15:13 . 2011-05-02 19:36 938616 ----a-w- c:\windows\system32\nvvsvc.exe
2015-11-05 15:13 . 2011-05-02 19:36 114296 ----a-w- c:\windows\SysWow64\oemdspif.dll
2015-11-05 15:13 . 2011-05-02 19:36 62584 ----a-w- c:\windows\system32\nvshext.dll
2015-11-05 15:13 . 2011-05-02 19:36 385328 ----a-w- c:\windows\system32\nvmctray.dll
2015-11-05 15:13 . 2011-05-02 19:36 74872 ----a-w- c:\windows\system32\nv3dappshextr.dll
2015-11-05 15:13 . 2011-05-02 19:36 523568 ----a-w- c:\windows\system32\nv3dappshext.dll
2015-11-05 15:13 . 2011-05-02 19:36 2554488 ----a-w- c:\windows\system32\nvsvcr.dll
2015-10-29 17:50 . 2015-11-11 05:34 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50 . 2015-11-11 05:34 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50 . 2015-11-11 05:34 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50 . 2015-11-11 05:34 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:49 . 2015-11-11 05:34 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
2015-10-29 17:49 . 2015-11-11 05:34 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-10-29 17:49 . 2015-11-11 05:34 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-10-29 17:49 . 2015-11-11 05:34 211968 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2015-10-29 17:39 . 2015-11-11 05:34 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-10-28 07:42 . 2011-05-02 19:36 6027430 ----a-w- c:\windows\system32\nvcoproc.bin
2015-10-21 17:10 . 2015-09-27 21:28 110176 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2015-10-20 01:05 . 2015-11-11 05:30 344064 ----a-w- c:\windows\system32\schannel.dll
2015-10-20 00:45 . 2015-11-11 05:30 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2015-10-20 00:45 . 2015-11-11 05:30 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-10-01 18:06 . 2015-10-13 19:02 692672 ----a-w- c:\windows\system32\winload.efi
2015-10-01 18:04 . 2015-10-13 19:02 616360 ----a-w- c:\windows\system32\winresume.efi
2015-10-01 18:00 . 2015-10-13 19:02 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-10-01 18:00 . 2015-10-13 19:02 59392 ----a-w- c:\windows\system32\appidapi.dll
2015-10-01 18:00 . 2015-10-13 19:02 32768 ----a-w- c:\windows\system32\appidsvc.dll
2015-10-01 18:00 . 2015-10-13 19:02 147456 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-10-01 18:00 . 2015-10-13 19:02 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2015-10-01 17:50 . 2015-10-13 19:02 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2015-10-01 17:00 . 2015-10-13 19:02 61440 ----a-w- c:\windows\system32\drivers\appid.sys
2015-09-29 10:04 . 2015-09-29 10:04 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2015-09-29 10:04 . 2015-09-29 10:04 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2015-09-29 10:04 . 2015-09-29 10:04 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2015-09-29 10:04 . 2015-09-29 10:04 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2015-09-29 10:04 . 2015-09-29 10:04 235008 ----a-w- c:\windows\system32\elshyph.dll
2015-09-29 10:04 . 2015-09-29 10:04 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2015-09-29 10:04 . 2015-09-29 10:04 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2015-09-29 10:04 . 2015-09-29 10:04 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2015-09-29 10:04 . 2015-09-29 10:04 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2015-09-29 10:04 . 2015-09-29 10:04 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2015-09-29 10:04 . 2015-09-29 10:04 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2015-09-29 10:04 . 2015-09-29 10:04 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2015-09-29 10:04 . 2015-09-29 10:04 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2015-09-29 10:04 . 2015-09-29 10:04 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2015-09-29 10:04 . 2015-09-29 10:04 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2015-09-29 10:04 . 2015-09-29 10:04 942592 ----a-w- c:\windows\system32\jsIntl.dll
2015-09-29 10:04 . 2015-09-29 10:04 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2015-09-29 10:04 . 2015-09-29 10:04 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2015-09-29 10:04 . 2015-09-29 10:04 77312 ----a-w- c:\windows\system32\tdc.ocx
2015-09-29 10:04 . 2015-09-29 10:04 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2015-09-29 10:04 . 2015-09-29 10:04 48640 ----a-w- c:\windows\system32\mshtmler.dll
2015-09-29 10:04 . 2015-09-29 10:04 247808 ----a-w- c:\windows\system32\msls31.dll
2015-09-29 10:04 . 2015-09-29 10:04 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2015-09-29 10:04 . 2015-09-29 10:04 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2015-09-29 10:04 . 2015-09-29 10:04 105984 ----a-w- c:\windows\system32\iesysprep.dll
2015-09-29 10:04 . 2015-09-29 10:04 81408 ----a-w- c:\windows\system32\icardie.dll
2015-09-29 10:04 . 2015-09-29 10:04 62464 ----a-w- c:\windows\system32\pngfilt.dll
2015-09-29 10:04 . 2015-09-29 10:04 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2015-09-29 10:04 . 2015-09-29 10:04 30208 ----a-w- c:\windows\system32\licmgr10.dll
2015-09-29 10:04 . 2015-09-29 10:04 235520 ----a-w- c:\windows\system32\url.dll
2015-09-29 10:04 . 2015-09-29 10:04 167424 ----a-w- c:\windows\system32\iexpress.exe
2015-09-29 10:04 . 2015-09-29 10:04 143872 ----a-w- c:\windows\system32\wextract.exe
2015-09-29 10:04 . 2015-09-29 10:04 13824 ----a-w- c:\windows\system32\mshta.exe
2015-09-29 10:04 . 2015-09-29 10:04 101376 ----a-w- c:\windows\system32\inseng.dll
2015-09-29 10:03 . 2015-09-29 10:03 48128 ----a-w- c:\windows\system32\imgutil.dll
2015-09-29 10:03 . 2015-09-29 10:03 135680 ----a-w- c:\windows\system32\iepeers.dll
2015-09-28 21:09 . 2015-09-28 21:09 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-09-28 21:09 . 2015-09-28 21:09 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-09-28 21:09 . 2015-09-28 21:09 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-09-28 21:09 . 2015-09-28 21:09 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-09-28 21:09 . 2015-09-28 21:09 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-09-28 21:09 . 2015-09-28 21:09 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-09-28 21:09 . 2015-09-28 21:09 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-09-28 21:09 . 2015-09-28 21:09 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-09-28 21:09 . 2015-09-28 21:09 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-09-28 21:09 . 2015-09-28 21:09 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-09-28 21:09 . 2015-09-28 21:09 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2015-09-28 21:09 . 2015-09-28 21:09 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-09-28 21:09 . 2015-09-28 21:09 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-09-28 21:09 . 2015-09-28 21:09 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-09-28 21:09 . 2015-09-28 21:09 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-09-28 21:09 . 2015-09-28 21:09 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-09-28 21:09 . 2015-09-28 21:09 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2015-09-28 21:09 . 2015-09-28 21:09 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-09-28 21:09 . 2015-09-28 21:09 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-09-28 21:09 . 2015-09-28 21:09 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2015-09-28 21:09 . 2015-09-28 21:09 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2015-09-28 21:09 . 2015-09-28 21:09 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2015-09-28 21:09 . 2015-09-28 21:09 363008 ----a-w- c:\windows\system32\dxgi.dll
2015-09-28 21:09 . 2015-09-28 21:09 296960 ----a-w- c:\windows\system32\d3d10core.dll
2015-09-28 21:09 . 2015-09-28 21:09 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RoboForm"="c:\program files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2015-09-27 100200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-12 283160]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-28 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-28 228448]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2011-10-18 329056]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-11-06 6133520]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-10-06 596528]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2011-5-12 1211168]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S1 winioex;winioex;c:\windows\system32\drivers\winioex.sys;c:\windows\SYSNATIVE\drivers\winioex.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 avast! Firewall;Avast Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DraftSight API Service;DraftSight API Service;c:\program files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe;c:\program files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 LGCoreTemp;Logitech CPU Core Tempurature;c:\program files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys;c:\program files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [x]
S2 LogiRegistryService;Logitech Gaming Registry Service;c:\program files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe;c:\program files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
S3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys;c:\windows\SYSNATIVE\DRIVERS\btwdpan.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 DelayMan;ACPI DelayMan Filter Service;c:\windows\system32\DRIVERS\delayman.sys;c:\windows\SYSNATIVE\DRIVERS\delayman.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 JmUsbCcgp;JMicron USB Composite Device Lower Filter Driver;c:\windows\system32\DRIVERS\jmccgp.sys;c:\windows\SYSNATIVE\DRIVERS\jmccgp.sys [x]
S3 JmUsbVideo;JMicron 31x Upper Filter Driver;c:\windows\system32\Drivers\jmcam.sys;c:\windows\SYSNATIVE\Drivers\jmcam.sys [x]
S3 JmUsbVideo2;JMicron 31x Lower Filter Driver;c:\windows\system32\Drivers\jmcam_lo.sys;c:\windows\SYSNATIVE\Drivers\jmcam_lo.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 LGBusEnum;Logitech Gaming Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGJoyXlCore;Logitech Translation Layer Driver (LGS);c:\windows\system32\drivers\LGJoyXlCore.sys;c:\windows\SYSNATIVE\drivers\LGJoyXlCore.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys;c:\windows\SYSNATIVE\DRIVERS\WDKMD.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-11-11 15:08 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\46.0.2490.86\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-11-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-27 08:17]
.
2015-11-29 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 4b63fc7f-ce21-444c-9705-1458e001ff02.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
2015-11-30 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task e7e0b488-e5e0-4919-8f13-1d5b76c4b7f9.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-09-27 10:08 780616 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2011-10-18 12:45 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-28 11786344]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2011-10-18 789920]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2011-10-18 206176]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2011-10-18 9753024]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2011-10-18 5908928]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2015-09-19 15003256]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2015-06-01 183216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2015-06-01 411056]
"Persistence"="c:\windows\system32\igfxpers.exe" [2015-06-01 453552]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-11-05 2655520]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-11-05 1710752]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-10-16 170256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Customize Menu - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html
IE: Fill Forms - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: Save Forms - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html
IE: Show avast! EasyPass Toolbar - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\vlz4iwuw.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_245_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_245_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2015-11-30 19:25:26 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-11-30 18:25
ComboFix2.txt 2015-11-17 14:26
.
Před spuštěním: Volných bajtů: 572 335 153 152
Po spuštění: Volných bajtů: 571 876 147 200
.
- - End Of File - - 990ABD843CDB35A222903F65F30ABED8
Prosím o kontrolu
-
fulldragons
- Level 1.5
- Příspěvky: 100
- Registrován: listopad 14
- Pohlaví:
- Stav:
Offline
-
fulldragons
- Level 1.5
- Příspěvky: 100
- Registrován: listopad 14
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu
c:\windows\system32\Native.exe
c:\windows\system32\drivers\winioex.sys
ani jeden soubor to nenašlo
c:\windows\system32\drivers\winioex.sys
ani jeden soubor to nenašlo
Naposledy upravil(a) fulldragons dne 30 lis 2015 19:40, celkem upraveno 2 x.
-
fulldragons
- Level 1.5
- Příspěvky: 100
- Registrován: listopad 14
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu
dd
Naposledy upravil(a) fulldragons dne 30 lis 2015 19:33, celkem upraveno 1 x.
-
fulldragons
- Level 1.5
- Příspěvky: 100
- Registrován: listopad 14
- Pohlaví:
- Stav:
Offline
-
fulldragons
- Level 1.5
- Příspěvky: 100
- Registrován: listopad 14
- Pohlaví:
- Stav:
Offline
-
jerabina
- člen Security týmu
-
Level 6
- Příspěvky: 3647
- Registrován: březen 13
- Bydliště: Litoměřice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu
Proč píšeš tyto nesmyslné příspěvky?
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Co problémy? + nový log z HJT
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Co problémy? + nový log z HJT
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
-
fulldragons
- Level 1.5
- Příspěvky: 100
- Registrován: listopad 14
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu
Asw
aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2015-11-30 19:41:20
-----------------------------
19:41:20.998 OS Version: Windows x64 6.1.7601 Service Pack 1
19:41:20.998 Number of processors: 4 586 0x2A07
19:41:20.998 ComputerName: FILIP-NOTEBOOK UserName: Filip
19:41:24.384 Initialize success
19:41:24.384 VM: initialized successfully
19:41:24.384 VM: Intel CPU BiosDisabled
19:41:26.209 AVAST engine defs: 15113000
19:41:44.239 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:41:44.239 Disk 0 Vendor: WDC_WD75 03.0 Size: 715404MB BusType: 3
19:41:44.395 Disk 0 MBR read successfully
19:41:44.395 Disk 0 MBR scan
19:41:44.410 Disk 0 Windows 7 default MBR code
19:41:44.410 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048
19:41:44.426 Disk 0 default boot code
19:41:44.442 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 670402 MB offset 411648
19:41:44.457 Disk 0 Partition - 00 0F Extended LBA 29693 MB offset 1373394944
19:41:44.473 Disk 0 Partition 3 00 12 Compaq diag NTFS 15108 MB offset 1434206208
19:41:44.551 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 29692 MB offset 1373396992
19:41:44.613 Disk 0 scanning C:\windows\system32\drivers
19:41:55.315 Service scanning
19:42:22.365 Modules scanning
19:42:22.365 Disk 0 trace - called modules:
19:42:22.740 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
19:42:22.755 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800674a060]
19:42:22.755 3 CLASSPNP.SYS[fffff88001a5f43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004c2e050]
19:42:26.172 AVAST engine scan C:\windows
19:42:29.198 AVAST engine scan C:\windows\system32
19:45:25.683 AVAST engine scan C:\windows\system32\drivers
19:45:39.380 AVAST engine scan C:\Users\Filip
19:50:40.633 Disk 0 MBR has been saved successfully to "C:\Users\Filip\Desktop\MBR.dat"
19:50:40.633 The log file has been saved successfully to "C:\Users\Filip\Desktop\aswMBR.txt"
za příspšvky se omlouvám, neudělal jsem to schválně, nešel mi chvíli internet, spíše se mi zaseknul a vícekrát jsem kliknul na odeslat
aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2015-11-30 19:41:20
-----------------------------
19:41:20.998 OS Version: Windows x64 6.1.7601 Service Pack 1
19:41:20.998 Number of processors: 4 586 0x2A07
19:41:20.998 ComputerName: FILIP-NOTEBOOK UserName: Filip
19:41:24.384 Initialize success
19:41:24.384 VM: initialized successfully
19:41:24.384 VM: Intel CPU BiosDisabled
19:41:26.209 AVAST engine defs: 15113000
19:41:44.239 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:41:44.239 Disk 0 Vendor: WDC_WD75 03.0 Size: 715404MB BusType: 3
19:41:44.395 Disk 0 MBR read successfully
19:41:44.395 Disk 0 MBR scan
19:41:44.410 Disk 0 Windows 7 default MBR code
19:41:44.410 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048
19:41:44.426 Disk 0 default boot code
19:41:44.442 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 670402 MB offset 411648
19:41:44.457 Disk 0 Partition - 00 0F Extended LBA 29693 MB offset 1373394944
19:41:44.473 Disk 0 Partition 3 00 12 Compaq diag NTFS 15108 MB offset 1434206208
19:41:44.551 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 29692 MB offset 1373396992
19:41:44.613 Disk 0 scanning C:\windows\system32\drivers
19:41:55.315 Service scanning
19:42:22.365 Modules scanning
19:42:22.365 Disk 0 trace - called modules:
19:42:22.740 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
19:42:22.755 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800674a060]
19:42:22.755 3 CLASSPNP.SYS[fffff88001a5f43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004c2e050]
19:42:26.172 AVAST engine scan C:\windows
19:42:29.198 AVAST engine scan C:\windows\system32
19:45:25.683 AVAST engine scan C:\windows\system32\drivers
19:45:39.380 AVAST engine scan C:\Users\Filip
19:50:40.633 Disk 0 MBR has been saved successfully to "C:\Users\Filip\Desktop\MBR.dat"
19:50:40.633 The log file has been saved successfully to "C:\Users\Filip\Desktop\aswMBR.txt"
za příspšvky se omlouvám, neudělal jsem to schválně, nešel mi chvíli internet, spíše se mi zaseknul a vícekrát jsem kliknul na odeslat
-
fulldragons
- Level 1.5
- Příspěvky: 100
- Registrován: listopad 14
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu
HJT -
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:14:09, on 30.11.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18098)
FIREFOX: 41.0.2 (x86 cs)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Filip\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Customize Menu - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Save Forms - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html
O8 - Extra context menu item: Show avast! EasyPass Toolbar - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Show avast! EasyPass Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\nvinit.dll,C:\windows\SysWOW64\nvinit.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DraftSight API Service - Dassault Systemes - C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Logitech Gaming Registry Service (LogiRegistryService) - Logitech Inc. - C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14269 bytes
Problémy - Google Chrome se seká, to dříve nedělal, jiank jsem nic jiného zatím nenašel
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:14:09, on 30.11.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18098)
FIREFOX: 41.0.2 (x86 cs)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Filip\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Customize Menu - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Save Forms - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html
O8 - Extra context menu item: Show avast! EasyPass Toolbar - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Show avast! EasyPass Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\nvinit.dll C:\Windows\SysWOW64\nvinit.dll,C:\windows\SysWOW64\nvinit.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DraftSight API Service - Dassault Systemes - C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Logitech Gaming Registry Service (LogiRegistryService) - Logitech Inc. - C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14269 bytes
Problémy - Google Chrome se seká, to dříve nedělal, jiank jsem nic jiného zatím nenašel
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Zkoušel si několikrát restartovat?
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Návod
Kód: Vybrat vše
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cabZkoušel si několikrát restartovat?
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 70 hostů