Prosim o kontrolu logu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Zamčeno
bill.da
Level 2.5
Level 2.5
Příspěvky: 358
Registrován: říjen 09
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod bill.da » 03 led 2016 14:42

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by top on ne 03.01.2016 at 14:17:57,35.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\top\Desktop\zoek\zoek.scr [Scan all users] [Script inserted]

==== System Restore Info ======================

3.1.2016 14:19:21 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Batch Command(s) Run By Tool======================


Katalog Winsock byl ŁspŘçnŘ resetov n.
K dokonźenˇ resetov nˇ je nutn‚ restartovat poźˇtaź.


==== Deleting Files \ Folders ======================

C:\Users\top\AppData\LocalLow\MyAshampoo deleted
C:\PROGRA~2\MyAshampoo deleted
C:\PROGRA~2\Lavasoft\Web Companion deleted
C:\Users\top\AppData\Roaming\Lavasoft\Web Companion deleted
C:\Users\top\AppData\Roaming\FreeVideoConverter deleted
C:\Users\top\AppData\Roaming\Thinstall deleted
C:\PROGRA~3\Lavasoft\Web Companion deleted
C:\PROGRA~3\DriverGenius deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\top\AppData\Local\Thinstall deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\LavasoftTcpService deleted
C:\Users\top\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Video Converter.lnk deleted

==== Orphaned Tasks deleted from Registry ======================

ESET Windows 10 upgrade - Refresh settings deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"fe_7.0@nokia.com"="C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_7.0" [28.10.2015 17:29]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{FDA97B37-1CD5-41B6-A6D0-0C072255BF1E}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{1F1BDB41-82DD-4D2E-8BFA-7B8EA7BFB1B8} - http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_5
HKCU\SearchScopes\{2A59445B-BF62-4183-82B7-B8E320545969} - https://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
HKCU\SearchScopes\{FDA97B37-1CD5-41B6-A6D0-0C072255BF1E} - http://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_5

==== Reset Google Chrome ======================

Nothing found to reset

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\top\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\top\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=148 folders=59 413236896 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\top\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\top\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ne 03.01.2016 at 14:40:53,84 ======================
Nahoru
Reklama
Top
bill.da
Level 2.5
Level 2.5
Příspěvky: 358
Registrován: říjen 09
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod bill.da » 03 led 2016 15:04

ComboFix 16-01-01.01 - top 03.01.2016 14:46:46.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4096.2053 [GMT 1:00]
Spuštěný z: c:\users\top\Desktop\ComboFix.exe
AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Nakažená kopie c:\windows\SysWow64\userinit.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\erdnt\cache86\userinit.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-12-03 do 2016-01-03 )))))))))))))))))))))))))))))))
.
.
2016-01-03 13:53 . 2016-01-03 13:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-01-03 13:39 . 2014-02-13 22:59 24064 ----a-w- c:\windows\zoek-delete.exe
2016-01-03 13:39 . 2016-01-03 13:55 -------- d-----w- c:\users\top\AppData\Local\Temp
2016-01-03 13:05 . 2016-01-03 13:36 -------- d-----w- C:\zoek_backup
2016-01-03 09:28 . 2016-01-03 12:11 36608 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-01-03 09:28 . 2016-01-03 09:42 -------- d-----w- c:\programdata\RogueKiller
2016-01-02 21:58 . 2016-01-02 21:58 -------- d-----w- C:\ShadowPlay
2016-01-02 17:22 . 2016-01-02 17:22 -------- d-----w- c:\users\top\AppData\Local\Apple
2016-01-02 17:14 . 2016-01-02 17:14 -------- d-----w- c:\users\top\AppData\Local\CEF
2016-01-02 17:14 . 2016-01-02 17:14 -------- d-----w- c:\users\top\AppData\Local\Adobe
2016-01-02 16:56 . 2016-01-03 09:07 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-01-02 16:55 . 2016-01-02 16:55 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-01-02 16:55 . 2015-10-05 08:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-01-02 16:55 . 2015-10-05 08:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-01-02 16:55 . 2015-10-05 08:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-01-02 16:35 . 2016-01-03 09:01 -------- d-----w- C:\AdwCleaner
2016-01-02 11:03 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2016-01-02 11:03 . 2015-02-04 02:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2016-01-01 19:14 . 2016-01-01 19:14 -------- d-----w- c:\users\top\AppData\Roaming\Ashampoo
2016-01-01 19:13 . 2016-01-01 19:13 -------- d-----w- c:\programdata\ashampoo
2016-01-01 16:01 . 2016-01-01 16:01 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-12-31 17:36 . 2016-01-02 22:11 796864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-12-31 17:36 . 2016-01-02 22:11 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-12-31 17:06 . 2015-12-31 17:06 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-12-31 17:05 . 2015-12-31 17:05 110176 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2015-12-31 15:23 . 2015-12-31 15:23 -------- d-----w- c:\programdata\Malwarebytes
2015-12-31 10:38 . 2015-12-31 10:38 -------- d-----w- c:\program files (x86)\Eidos
2015-12-31 09:38 . 2015-12-31 09:38 -------- d-----w- c:\program files (x86)\EA GAMES
2015-12-31 09:37 . 2004-09-30 15:19 172032 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iuser.dll
2015-12-31 09:37 . 2004-09-30 15:39 733184 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iKernel.dll
2015-12-31 09:37 . 2004-09-30 15:24 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\DotNetInstaller.exe
2015-12-31 09:37 . 2004-09-30 15:20 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\ctor.dll
2015-12-31 09:37 . 2004-09-30 15:20 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iscript.dll
2015-12-31 09:37 . 2015-12-31 09:37 303236 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\setup.dll
2015-12-31 09:37 . 2015-12-31 09:37 180356 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iGdi.dll
2015-12-29 23:01 . 2015-12-29 23:01 -------- d-----w- c:\users\top\AppData\Local\PunkBuster
2015-12-29 22:42 . 2015-12-29 22:57 -------- d-----w- c:\program files (x86)\Far Cry 3
2015-12-29 17:22 . 2015-12-29 17:22 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2015-12-28 20:58 . 2016-01-01 15:00 -------- d-----w- c:\users\top\AppData\Local\PrivaZer
2015-12-28 20:58 . 2016-01-01 14:39 -------- d-----w- c:\program files (x86)\PrivaZer
2015-12-28 20:58 . 2015-12-28 20:58 -------- d-----w- c:\programdata\privazer
2015-12-27 09:33 . 2015-12-16 14:39 103032 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-12-27 09:32 . 2015-12-16 14:53 75056 ----a-w- c:\windows\system32\nv3dappshextr.dll
2015-12-27 09:32 . 2015-12-16 14:53 523384 ----a-w- c:\windows\system32\nv3dappshext.dll
2015-12-27 09:15 . 2015-12-31 17:32 -------- d-----w- c:\windows\system32\appmgmt
2015-12-25 17:26 . 2015-12-25 17:26 -------- d-----w- C:\searchplugins
2015-12-25 17:26 . 2016-01-03 13:36 -------- d-----w- c:\users\top\AppData\Roaming\Lavasoft
2015-12-25 17:25 . 2015-12-25 17:25 425744 ----a-w- c:\windows\system32\LavasoftTcpService64.dll
2015-12-25 17:25 . 2016-01-03 13:36 -------- d-----w- c:\program files (x86)\Lavasoft
2015-12-25 17:24 . 2016-01-03 13:36 -------- d-----w- c:\programdata\Lavasoft
2015-12-25 17:23 . 2015-12-30 07:44 -------- d-----w- c:\users\top\AppData\Roaming\uTorrent
2015-12-23 22:23 . 2015-12-23 22:23 -------- d-----w- c:\users\top\AppData\Roaming\Stardock
2015-12-23 17:50 . 2015-12-23 22:25 -------- d-----w- c:\programdata\Stardock
2015-12-23 17:50 . 2015-12-23 22:23 -------- d-----w- c:\users\top\AppData\Local\Stardock
2015-12-20 13:27 . 2015-12-20 13:27 -------- d-----w- c:\users\top\AppData\Local\FUJIFILM
2015-12-20 13:26 . 2015-12-20 13:26 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2015-12-20 13:26 . 2015-12-20 13:26 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2015-12-20 13:26 . 2015-12-20 13:26 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2015-12-20 13:26 . 2015-12-20 13:26 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2015-12-20 13:26 . 2015-12-20 13:26 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2015-12-20 13:26 . 2015-12-20 13:26 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2015-12-20 13:26 . 2015-12-20 13:26 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2015-12-20 13:25 . 2015-12-20 13:26 -------- d-----w- c:\program files (x86)\QuickTime
2015-12-20 13:25 . 2015-12-20 13:25 -------- d-----w- c:\programdata\Apple Computer
2015-12-20 13:25 . 2015-12-20 13:25 -------- d-----w- c:\program files (x86)\Common Files\Apple
2015-12-20 13:25 . 2015-12-20 13:25 -------- d-----w- c:\programdata\Apple
2015-12-20 13:25 . 2015-12-20 13:25 -------- d-----w- c:\program files (x86)\Apple Software Update
2015-12-20 13:24 . 2015-12-20 13:24 -------- d-----w- c:\users\top\AppData\Roaming\FUJIFILM
2015-12-18 12:06 . 2015-12-29 23:01 -------- d-----w- c:\programdata\Orbit
2015-12-18 12:06 . 2015-12-18 12:06 -------- d-----w- c:\programdata\Steam
2015-12-18 12:02 . 2015-12-18 12:02 -------- d-----w- c:\users\top\AppData\Roaming\Majkumi
2015-12-18 12:00 . 2005-02-05 18:45 3544272 ----a-w- c:\windows\system32\d3dx9_24.dll
2015-12-18 11:49 . 2016-01-01 16:57 -------- d-----w- c:\program files (x86)\Ubisoft
2015-12-18 06:35 . 2015-12-18 06:35 -------- d-----w- c:\users\top\AppData\Roaming\java
2015-12-18 06:34 . 2015-12-31 15:56 -------- d-----w- c:\users\top\AppData\Roaming\.minecraft
2015-12-10 20:23 . 2015-12-10 20:23 -------- d-----w- c:\program files (x86)\Common Files\Skype
2015-12-10 20:23 . 2015-12-10 20:23 -------- d-----r- c:\program files (x86)\Skype
2015-12-09 18:20 . 2015-11-03 19:04 241664 ----a-w- c:\windows\system32\els.dll
2015-12-09 18:20 . 2015-11-03 18:55 179712 ----a-w- c:\windows\SysWow64\els.dll
2015-12-07 16:12 . 2015-12-07 16:12 22200 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS
2015-12-06 16:53 . 2015-12-06 16:55 -------- d-----w- c:\users\top\AppData\Roaming\FreshDiagnose
2015-12-06 16:20 . 2015-12-06 16:20 -------- d-----w- c:\users\top\AppData\Local\Futuremark_Corporation
2015-12-06 16:19 . 2015-12-06 16:19 -------- d-----w- c:\users\top\AppData\Local\IsolatedStorage
2015-12-05 17:22 . 2015-11-24 23:10 1905272 ----a-w- c:\windows\system32\nvdispco6435906.dll
2015-12-05 17:22 . 2015-11-24 23:10 1564792 ----a-w- c:\windows\system32\nvdispgenco6435906.dll
2015-12-05 17:15 . 2015-12-09 01:51 111520 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-12-16 17:34 . 2015-09-28 18:50 3637352 ----a-w- c:\windows\system32\nvapi64.dll
2015-12-16 17:34 . 2015-09-28 18:50 3211760 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-12-16 17:34 . 2010-08-09 05:05 207152 ----a-w- c:\windows\system32\OpenCL.dll
2015-12-16 17:34 . 2010-08-09 05:05 194680 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-12-16 17:34 . 2010-08-09 05:05 18716176 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-12-16 17:34 . 2010-08-09 05:05 16981976 ----a-w- c:\windows\system32\nvd3dumx.dll
2015-12-16 17:34 . 2010-08-09 05:05 14005408 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-12-16 14:53 . 2010-08-08 21:12 6359672 ----a-w- c:\windows\system32\nvcpl.dll
2015-12-16 14:53 . 2010-08-08 21:12 2985080 ----a-w- c:\windows\system32\nvsvc64.dll
2015-12-16 14:53 . 2010-08-08 21:12 62768 ----a-w- c:\windows\system32\nvshext.dll
2015-12-16 14:53 . 2010-08-08 21:12 385328 ----a-w- c:\windows\system32\nvmctray.dll
2015-12-16 14:53 . 2010-08-08 21:12 2554488 ----a-w- c:\windows\system32\nvsvcr.dll
2015-12-16 14:53 . 2010-08-08 21:12 1256240 ----a-w- c:\windows\system32\nvvsvc.exe
2015-12-16 14:49 . 2015-09-28 18:57 6090019 ----a-w- c:\windows\system32\nvcoproc.bin
2015-12-09 18:45 . 2015-09-10 18:56 140158008 ----a-w- c:\windows\system32\MRT.exe
2015-12-09 01:51 . 2015-09-28 18:59 1530240 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-12-09 01:51 . 2015-09-28 18:59 1316184 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-12-09 01:51 . 2015-09-28 18:59 1846016 ----a-w- c:\windows\system32\nvspcap64.dll
2015-12-09 01:51 . 2015-09-28 18:59 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-11-05 17:13 . 2015-11-09 17:57 39240 ----a-w- c:\windows\system32\nvhdap64.dll
2015-11-05 17:13 . 2015-11-09 17:57 205456 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2015-11-05 17:13 . 2015-11-09 17:57 1905272 ----a-w- c:\windows\system32\nvdispco6435891.dll
2015-11-05 17:13 . 2015-11-09 17:57 1564792 ----a-w- c:\windows\system32\nvdispgenco6435891.dll
2015-11-05 17:13 . 2015-09-28 18:50 1572496 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2015-11-04 17:00 . 2015-11-20 16:41 729088 ----a-w- c:\windows\system32\xvidcore.dll
2015-11-04 17:00 . 2015-11-20 16:41 655872 ----a-w- c:\windows\SysWow64\xvidcore.dll
2015-11-04 17:00 . 2015-11-20 16:41 254976 ----a-w- c:\windows\system32\xvidvfw.dll
2015-11-04 17:00 . 2015-11-20 16:41 240128 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2015-10-24 17:00 . 2015-11-20 16:41 126976 ----a-w- c:\windows\system32\ff_vfw.dll
2015-10-24 17:00 . 2015-11-20 16:41 112128 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2015-10-20 01:12 . 2015-11-11 13:41 5570496 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-10-20 01:12 . 2015-11-11 13:41 154560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2015-10-20 01:12 . 2015-11-11 13:41 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-10-20 01:09 . 2015-11-11 13:41 1730496 ----a-w- c:\windows\system32\ntdll.dll
2015-10-20 01:06 . 2015-11-11 13:41 243712 ----a-w- c:\windows\system32\wow64.dll
2015-10-20 01:06 . 2015-11-11 13:41 215040 ----a-w- c:\windows\system32\winsrv.dll
2015-10-20 01:06 . 2015-11-11 13:41 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-10-20 01:06 . 2015-11-11 13:41 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2015-10-20 01:05 . 2015-11-11 13:41 210944 ----a-w- c:\windows\system32\wdigest.dll
2015-10-20 01:05 . 2015-11-11 13:41 86528 ----a-w- c:\windows\system32\TSpkg.dll
2015-10-20 01:05 . 2015-11-11 13:41 503808 ----a-w- c:\windows\system32\srcore.dll
2015-10-20 01:05 . 2015-11-11 13:41 136192 ----a-w- c:\windows\system32\sspicli.dll
2015-10-20 01:05 . 2015-11-11 13:41 50176 ----a-w- c:\windows\system32\srclient.dll
2015-10-20 01:05 . 2015-11-11 13:41 29184 ----a-w- c:\windows\system32\sspisrv.dll
2015-10-20 01:05 . 2015-11-11 13:41 28160 ----a-w- c:\windows\system32\secur32.dll
2015-10-20 01:05 . 2015-11-11 13:41 344064 ----a-w- c:\windows\system32\schannel.dll
2015-10-20 01:05 . 2015-11-11 13:41 1216512 ----a-w- c:\windows\system32\rpcrt4.dll
2015-10-20 01:05 . 2015-11-11 13:41 312320 ----a-w- c:\windows\system32\ncrypt.dll
2015-10-20 01:05 . 2015-11-11 13:41 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2015-10-20 01:05 . 2015-11-11 13:41 315392 ----a-w- c:\windows\system32\msv1_0.dll
2015-10-20 01:05 . 2015-11-11 13:41 729600 ----a-w- c:\windows\system32\kerberos.dll
2015-10-20 01:05 . 2015-11-11 13:41 1461760 ----a-w- c:\windows\system32\lsasrv.dll
2015-10-20 01:05 . 2015-11-11 13:41 1164800 ----a-w- c:\windows\system32\kernel32.dll
2015-10-20 01:05 . 2015-11-11 13:41 424960 ----a-w- c:\windows\system32\KernelBase.dll
2015-10-20 01:05 . 2015-11-11 13:41 44032 ----a-w- c:\windows\system32\cryptbase.dll
2015-10-20 01:05 . 2015-11-11 13:41 43520 ----a-w- c:\windows\system32\csrsrv.dll
2015-10-20 01:05 . 2015-11-11 13:41 22016 ----a-w- c:\windows\system32\credssp.dll
2015-10-20 01:05 . 2015-11-11 13:41 112640 ----a-w- c:\windows\system32\smss.exe
2015-10-20 01:05 . 2015-11-11 13:41 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-10-20 01:04 . 2015-11-11 13:41 31232 ----a-w- c:\windows\system32\lsass.exe
2015-10-20 01:04 . 2015-11-11 13:41 338432 ----a-w- c:\windows\system32\conhost.exe
2015-10-20 01:04 . 2015-11-11 13:41 64000 ----a-w- c:\windows\system32\auditpol.exe
2015-10-20 01:00 . 2015-11-11 13:41 60416 ----a-w- c:\windows\system32\msobjs.dll
2015-10-20 00:59 . 2015-11-11 13:41 146432 ----a-w- c:\windows\system32\msaudite.dll
2015-10-20 00:53 . 2015-11-11 13:41 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-10-20 00:53 . 2015-11-11 13:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 686080 ----a-w- c:\windows\system32\adtschema.dll
2015-10-20 00:52 . 2015-11-11 13:41 3991488 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-10-20 00:52 . 2015-11-11 13:41 3935680 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-10-20 00:48 . 2015-11-11 13:41 1311768 ----a-w- c:\windows\SysWow64\ntdll.dll
2015-10-20 00:45 . 2015-11-11 13:41 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2015-10-20 00:45 . 2015-11-11 13:41 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2015-10-20 00:45 . 2015-11-11 13:41 43008 ----a-w- c:\windows\SysWow64\srclient.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-12-08 50749056]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Lite Automount"="c:\program files\DAEMON Tools Lite\DTAgent.exe" [2015-06-18 4468056]
"cz.seznam.software.autoupdate"="c:\users\top\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\top\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2015-05-26 103080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-10-06 597040]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-12-08 50749056]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 7ByteIo;7ByteIo;c:\program files (x86)\Hot CPU Tester Pro 4 LE\SysInfoX64.sys;c:\program files (x86)\Hot CPU Tester Pro 4 LE\SysInfoX64.sys [x]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\DRIVERS\tdrpm258.sys;c:\windows\SYSNATIVE\DRIVERS\tdrpm258.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2016-01-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-31 22:11]
.
2016-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-09-12 16:59]
.
2016-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-09-12 16:59]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-08 4030008]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-10-24 13662936]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-12-09 2771576]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-12-09 1846016]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: localhost
Trusted Zone: webcompanion.com
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-MyAshampoo Toolbar - c:\progra~2\MYASHA~1\UNINST~1.EXE
AddRemove-{7f51bdb9-ee21-49ee-94d6-90afc321780e} - c:\programdata\Package Cache\{7f51bdb9-ee21-49ee-94d6-90afc321780e}\vcredist_x64.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_270_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_270_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_270_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_270_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.20"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\users\top\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
.
**************************************************************************
.
Celkový čas: 2016-01-03 14:59:19 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-01-03 13:59
.
Před spuštěním: Volných bajtů: 46 820 106 240
Po spuštění: Volných bajtů: 46 372 671 488
.
- - End Of File - - 8932C46068DD76FFC63CB8C751496DB9
413FC2A0C716421B3158746D63736515
Nahoru
Uživatelský avatar
jerabina
člen Security týmu
Level 6
Level 6
Příspěvky: 3647
Registrován: březen 13
Bydliště: Litoměřice
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod jerabina » 03 led 2016 15:17

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::

Folder::
c:\programdata\RogueKiller
c:\programdata\Lavasoft
c:\program files (x86)\Lavasoft
c:\users\top\AppData\Roaming\Lavasoft
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Google\Update

File::
c:\windows\system32\LavasoftTcpService64.dll
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\progra~2\MYASHA~1\UNINST~1.EXE
c:\programdata\Package Cache\{7f51bdb9-ee21-49ee-94d6-90afc321780e}\vcredist_x64.exe
 c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"=-
"cz.seznam.software.autoupdate"=-
"cz.seznam.software.szndesktop"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

Driver::
SkypeUpdate

DDS::
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: localhost
Trusted Zone: webcompanion.com

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_270_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_270_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_270_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_270_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.20"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť:
Obrázek
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu, klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod

Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Nahoru
bill.da
Level 2.5
Level 2.5
Příspěvky: 358
Registrován: říjen 09
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod bill.da » 03 led 2016 15:59

ComboFix 16-01-01.01 - top 03.01.2016 15:47:04.3.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4096.2740 [GMT 1:00]
Spuštěný z: c:\users\top\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\top\Desktop\CFScript.txt
AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\progra~2\MYASHA~1\UNINST~1.EXE"
"c:\programdata\Package Cache\{7f51bdb9-ee21-49ee-94d6-90afc321780e}\vcredist_x64.exe"
"c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe"
"c:\windows\system32\LavasoftTcpService64.dll"
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.29.1\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.29.1\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.29.1\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.29.1\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.29.1\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.29.1\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.29.1\GoogleUpdateWebPlugin.exe
c:\program files (x86)\Google\Update\1.3.29.1\goopdate.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.29.1\psmachine.dll
c:\program files (x86)\Google\Update\1.3.29.1\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.29.1\psuser.dll
c:\program files (x86)\Google\Update\1.3.29.1\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.29.1\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\0.0.0.0\googletoolbarinstaller_en_signed.exe
c:\program files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.7210.1528\GoogleToolbarInstaller_updater_signed.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Lavasoft
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\programdata\Lavasoft
c:\programdata\RogueKiller
c:\programdata\RogueKiller\config.ini
c:\programdata\RogueKiller\Logs\RKreport_DEL_01032016_132235.json
c:\programdata\RogueKiller\Logs\RKreport_DEL_01032016_132312.json
c:\programdata\RogueKiller\Logs\RKreport_DEL_01032016_132339.json
c:\programdata\RogueKiller\Logs\RKreport_DEL_01032016_132340.json
c:\programdata\RogueKiller\Logs\RKreport_DEL_01032016_132354.json
c:\programdata\RogueKiller\Logs\RKreport_DEL_01032016_132411.json
c:\programdata\RogueKiller\Logs\RKreport_DEL_01032016_132420.json
c:\programdata\RogueKiller\Logs\RKreport_SCN_01032016_121718.json
c:\programdata\RogueKiller\Logs\RKreport_SCN_01032016_132224.json
c:\programdata\RogueKiller\Logs\RKreport_SCN_01032016_140134.json
c:\programdata\RogueKiller\vt.cache
c:\users\top\AppData\Roaming\Lavasoft
c:\windows\system32\LavasoftTcpService64.dll
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-12-03 do 2016-01-03 )))))))))))))))))))))))))))))))
.
.
2016-01-03 14:53 . 2016-01-03 14:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-01-03 13:39 . 2014-02-13 22:59 24064 ----a-w- c:\windows\zoek-delete.exe
2016-01-03 13:39 . 2016-01-03 14:55 -------- d-----w- c:\users\top\AppData\Local\Temp
2016-01-03 13:05 . 2016-01-03 13:36 -------- d-----w- C:\zoek_backup
2016-01-03 09:28 . 2016-01-03 12:11 36608 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-01-02 21:58 . 2016-01-02 21:58 -------- d-----w- C:\ShadowPlay
2016-01-02 17:22 . 2016-01-02 17:22 -------- d-----w- c:\users\top\AppData\Local\Apple
2016-01-02 17:14 . 2016-01-02 17:14 -------- d-----w- c:\users\top\AppData\Local\CEF
2016-01-02 17:14 . 2016-01-02 17:14 -------- d-----w- c:\users\top\AppData\Local\Adobe
2016-01-02 16:56 . 2016-01-03 09:07 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-01-02 16:55 . 2016-01-02 16:55 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-01-02 16:55 . 2015-10-05 08:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-01-02 16:55 . 2015-10-05 08:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-01-02 16:55 . 2015-10-05 08:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-01-02 16:35 . 2016-01-03 09:01 -------- d-----w- C:\AdwCleaner
2016-01-02 11:03 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2016-01-02 11:03 . 2015-02-04 02:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2016-01-01 19:14 . 2016-01-01 19:14 -------- d-----w- c:\users\top\AppData\Roaming\Ashampoo
2016-01-01 19:13 . 2016-01-01 19:13 -------- d-----w- c:\programdata\ashampoo
2016-01-01 16:01 . 2016-01-01 16:01 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-12-31 17:36 . 2016-01-02 22:11 796864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-12-31 17:36 . 2016-01-02 22:11 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-12-31 17:06 . 2015-12-31 17:06 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-12-31 17:05 . 2015-12-31 17:05 110176 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2015-12-31 15:23 . 2015-12-31 15:23 -------- d-----w- c:\programdata\Malwarebytes
2015-12-31 10:38 . 2015-12-31 10:38 -------- d-----w- c:\program files (x86)\Eidos
2015-12-31 09:38 . 2015-12-31 09:38 -------- d-----w- c:\program files (x86)\EA GAMES
2015-12-31 09:37 . 2004-09-30 15:19 172032 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iuser.dll
2015-12-31 09:37 . 2004-09-30 15:39 733184 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iKernel.dll
2015-12-31 09:37 . 2004-09-30 15:24 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\DotNetInstaller.exe
2015-12-31 09:37 . 2004-09-30 15:20 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\ctor.dll
2015-12-31 09:37 . 2004-09-30 15:20 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iscript.dll
2015-12-31 09:37 . 2015-12-31 09:37 303236 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\setup.dll
2015-12-31 09:37 . 2015-12-31 09:37 180356 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iGdi.dll
2015-12-29 23:01 . 2015-12-29 23:01 -------- d-----w- c:\users\top\AppData\Local\PunkBuster
2015-12-29 22:42 . 2015-12-29 22:57 -------- d-----w- c:\program files (x86)\Far Cry 3
2015-12-29 17:22 . 2015-12-29 17:22 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2015-12-28 20:58 . 2016-01-01 15:00 -------- d-----w- c:\users\top\AppData\Local\PrivaZer
2015-12-28 20:58 . 2016-01-01 14:39 -------- d-----w- c:\program files (x86)\PrivaZer
2015-12-28 20:58 . 2015-12-28 20:58 -------- d-----w- c:\programdata\privazer
2015-12-27 09:33 . 2015-12-16 14:39 103032 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-12-27 09:32 . 2015-12-16 14:53 75056 ----a-w- c:\windows\system32\nv3dappshextr.dll
2015-12-27 09:32 . 2015-12-16 14:53 523384 ----a-w- c:\windows\system32\nv3dappshext.dll
2015-12-27 09:15 . 2015-12-31 17:32 -------- d-----w- c:\windows\system32\appmgmt
2015-12-25 17:26 . 2015-12-25 17:26 -------- d-----w- C:\searchplugins
2015-12-25 17:23 . 2015-12-30 07:44 -------- d-----w- c:\users\top\AppData\Roaming\uTorrent
2015-12-23 22:23 . 2015-12-23 22:23 -------- d-----w- c:\users\top\AppData\Roaming\Stardock
2015-12-23 17:50 . 2015-12-23 22:25 -------- d-----w- c:\programdata\Stardock
2015-12-23 17:50 . 2015-12-23 22:23 -------- d-----w- c:\users\top\AppData\Local\Stardock
2015-12-20 13:27 . 2015-12-20 13:27 -------- d-----w- c:\users\top\AppData\Local\FUJIFILM
2015-12-20 13:26 . 2015-12-20 13:26 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2015-12-20 13:26 . 2015-12-20 13:26 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2015-12-20 13:26 . 2015-12-20 13:26 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2015-12-20 13:26 . 2015-12-20 13:26 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2015-12-20 13:26 . 2015-12-20 13:26 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2015-12-20 13:26 . 2015-12-20 13:26 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2015-12-20 13:26 . 2015-12-20 13:26 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2015-12-20 13:25 . 2015-12-20 13:26 -------- d-----w- c:\program files (x86)\QuickTime
2015-12-20 13:25 . 2015-12-20 13:25 -------- d-----w- c:\programdata\Apple Computer
2015-12-20 13:25 . 2015-12-20 13:25 -------- d-----w- c:\program files (x86)\Common Files\Apple
2015-12-20 13:25 . 2015-12-20 13:25 -------- d-----w- c:\programdata\Apple
2015-12-20 13:25 . 2015-12-20 13:25 -------- d-----w- c:\program files (x86)\Apple Software Update
2015-12-20 13:24 . 2015-12-20 13:24 -------- d-----w- c:\users\top\AppData\Roaming\FUJIFILM
2015-12-18 12:06 . 2015-12-29 23:01 -------- d-----w- c:\programdata\Orbit
2015-12-18 12:06 . 2015-12-18 12:06 -------- d-----w- c:\programdata\Steam
2015-12-18 12:02 . 2015-12-18 12:02 -------- d-----w- c:\users\top\AppData\Roaming\Majkumi
2015-12-18 12:00 . 2005-02-05 18:45 3544272 ----a-w- c:\windows\system32\d3dx9_24.dll
2015-12-18 11:49 . 2016-01-01 16:57 -------- d-----w- c:\program files (x86)\Ubisoft
2015-12-18 06:35 . 2015-12-18 06:35 -------- d-----w- c:\users\top\AppData\Roaming\java
2015-12-18 06:34 . 2015-12-31 15:56 -------- d-----w- c:\users\top\AppData\Roaming\.minecraft
2015-12-10 20:23 . 2015-12-10 20:23 -------- d-----w- c:\program files (x86)\Common Files\Skype
2015-12-10 20:23 . 2016-01-03 14:52 -------- d-----r- c:\program files (x86)\Skype
2015-12-09 18:20 . 2015-11-03 19:04 241664 ----a-w- c:\windows\system32\els.dll
2015-12-09 18:20 . 2015-11-03 18:55 179712 ----a-w- c:\windows\SysWow64\els.dll
2015-12-07 16:12 . 2015-12-07 16:12 22200 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS
2015-12-06 16:53 . 2015-12-06 16:55 -------- d-----w- c:\users\top\AppData\Roaming\FreshDiagnose
2015-12-06 16:20 . 2015-12-06 16:20 -------- d-----w- c:\users\top\AppData\Local\Futuremark_Corporation
2015-12-06 16:19 . 2015-12-06 16:19 -------- d-----w- c:\users\top\AppData\Local\IsolatedStorage
2015-12-05 17:22 . 2015-11-24 23:10 1905272 ----a-w- c:\windows\system32\nvdispco6435906.dll
2015-12-05 17:22 . 2015-11-24 23:10 1564792 ----a-w- c:\windows\system32\nvdispgenco6435906.dll
2015-12-05 17:15 . 2015-12-09 01:51 111520 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-12-16 17:34 . 2015-09-28 18:50 3637352 ----a-w- c:\windows\system32\nvapi64.dll
2015-12-16 17:34 . 2015-09-28 18:50 3211760 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-12-16 17:34 . 2010-08-09 05:05 207152 ----a-w- c:\windows\system32\OpenCL.dll
2015-12-16 17:34 . 2010-08-09 05:05 194680 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-12-16 17:34 . 2010-08-09 05:05 18716176 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-12-16 17:34 . 2010-08-09 05:05 16981976 ----a-w- c:\windows\system32\nvd3dumx.dll
2015-12-16 17:34 . 2010-08-09 05:05 14005408 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-12-16 14:53 . 2010-08-08 21:12 6359672 ----a-w- c:\windows\system32\nvcpl.dll
2015-12-16 14:53 . 2010-08-08 21:12 2985080 ----a-w- c:\windows\system32\nvsvc64.dll
2015-12-16 14:53 . 2010-08-08 21:12 62768 ----a-w- c:\windows\system32\nvshext.dll
2015-12-16 14:53 . 2010-08-08 21:12 385328 ----a-w- c:\windows\system32\nvmctray.dll
2015-12-16 14:53 . 2010-08-08 21:12 2554488 ----a-w- c:\windows\system32\nvsvcr.dll
2015-12-16 14:53 . 2010-08-08 21:12 1256240 ----a-w- c:\windows\system32\nvvsvc.exe
2015-12-16 14:49 . 2015-09-28 18:57 6090019 ----a-w- c:\windows\system32\nvcoproc.bin
2015-12-09 18:45 . 2015-09-10 18:56 140158008 ----a-w- c:\windows\system32\MRT.exe
2015-12-09 01:51 . 2015-09-28 18:59 1530240 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-12-09 01:51 . 2015-09-28 18:59 1316184 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-12-09 01:51 . 2015-09-28 18:59 1846016 ----a-w- c:\windows\system32\nvspcap64.dll
2015-12-09 01:51 . 2015-09-28 18:59 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-11-05 17:13 . 2015-11-09 17:57 39240 ----a-w- c:\windows\system32\nvhdap64.dll
2015-11-05 17:13 . 2015-11-09 17:57 205456 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2015-11-05 17:13 . 2015-11-09 17:57 1905272 ----a-w- c:\windows\system32\nvdispco6435891.dll
2015-11-05 17:13 . 2015-11-09 17:57 1564792 ----a-w- c:\windows\system32\nvdispgenco6435891.dll
2015-11-05 17:13 . 2015-09-28 18:50 1572496 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2015-11-04 17:00 . 2015-11-20 16:41 729088 ----a-w- c:\windows\system32\xvidcore.dll
2015-11-04 17:00 . 2015-11-20 16:41 655872 ----a-w- c:\windows\SysWow64\xvidcore.dll
2015-11-04 17:00 . 2015-11-20 16:41 254976 ----a-w- c:\windows\system32\xvidvfw.dll
2015-11-04 17:00 . 2015-11-20 16:41 240128 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2015-10-24 17:00 . 2015-11-20 16:41 126976 ----a-w- c:\windows\system32\ff_vfw.dll
2015-10-24 17:00 . 2015-11-20 16:41 112128 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2015-10-20 01:12 . 2015-11-11 13:41 5570496 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-10-20 01:12 . 2015-11-11 13:41 154560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2015-10-20 01:12 . 2015-11-11 13:41 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-10-20 01:09 . 2015-11-11 13:41 1730496 ----a-w- c:\windows\system32\ntdll.dll
2015-10-20 01:06 . 2015-11-11 13:41 243712 ----a-w- c:\windows\system32\wow64.dll
2015-10-20 01:06 . 2015-11-11 13:41 215040 ----a-w- c:\windows\system32\winsrv.dll
2015-10-20 01:06 . 2015-11-11 13:41 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-10-20 01:06 . 2015-11-11 13:41 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2015-10-20 01:05 . 2015-11-11 13:41 210944 ----a-w- c:\windows\system32\wdigest.dll
2015-10-20 01:05 . 2015-11-11 13:41 86528 ----a-w- c:\windows\system32\TSpkg.dll
2015-10-20 01:05 . 2015-11-11 13:41 503808 ----a-w- c:\windows\system32\srcore.dll
2015-10-20 01:05 . 2015-11-11 13:41 136192 ----a-w- c:\windows\system32\sspicli.dll
2015-10-20 01:05 . 2015-11-11 13:41 50176 ----a-w- c:\windows\system32\srclient.dll
2015-10-20 01:05 . 2015-11-11 13:41 29184 ----a-w- c:\windows\system32\sspisrv.dll
2015-10-20 01:05 . 2015-11-11 13:41 28160 ----a-w- c:\windows\system32\secur32.dll
2015-10-20 01:05 . 2015-11-11 13:41 344064 ----a-w- c:\windows\system32\schannel.dll
2015-10-20 01:05 . 2015-11-11 13:41 1216512 ----a-w- c:\windows\system32\rpcrt4.dll
2015-10-20 01:05 . 2015-11-11 13:41 312320 ----a-w- c:\windows\system32\ncrypt.dll
2015-10-20 01:05 . 2015-11-11 13:41 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2015-10-20 01:05 . 2015-11-11 13:41 315392 ----a-w- c:\windows\system32\msv1_0.dll
2015-10-20 01:05 . 2015-11-11 13:41 729600 ----a-w- c:\windows\system32\kerberos.dll
2015-10-20 01:05 . 2015-11-11 13:41 1461760 ----a-w- c:\windows\system32\lsasrv.dll
2015-10-20 01:05 . 2015-11-11 13:41 1164800 ----a-w- c:\windows\system32\kernel32.dll
2015-10-20 01:05 . 2015-11-11 13:41 424960 ----a-w- c:\windows\system32\KernelBase.dll
2015-10-20 01:05 . 2015-11-11 13:41 44032 ----a-w- c:\windows\system32\cryptbase.dll
2015-10-20 01:05 . 2015-11-11 13:41 43520 ----a-w- c:\windows\system32\csrsrv.dll
2015-10-20 01:05 . 2015-11-11 13:41 22016 ----a-w- c:\windows\system32\credssp.dll
2015-10-20 01:05 . 2015-11-11 13:41 112640 ----a-w- c:\windows\system32\smss.exe
2015-10-20 01:05 . 2015-11-11 13:41 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-10-20 01:04 . 2015-11-11 13:41 31232 ----a-w- c:\windows\system32\lsass.exe
2015-10-20 01:04 . 2015-11-11 13:41 338432 ----a-w- c:\windows\system32\conhost.exe
2015-10-20 01:04 . 2015-11-11 13:41 64000 ----a-w- c:\windows\system32\auditpol.exe
2015-10-20 01:00 . 2015-11-11 13:41 60416 ----a-w- c:\windows\system32\msobjs.dll
2015-10-20 00:59 . 2015-11-11 13:41 146432 ----a-w- c:\windows\system32\msaudite.dll
2015-10-20 00:53 . 2015-11-11 13:41 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-10-20 00:53 . 2015-11-11 13:41 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-20 00:53 . 2015-11-11 13:41 686080 ----a-w- c:\windows\system32\adtschema.dll
2015-10-20 00:52 . 2015-11-11 13:41 3991488 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-10-20 00:52 . 2015-11-11 13:41 3935680 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-10-20 00:48 . 2015-11-11 13:41 1311768 ----a-w- c:\windows\SysWow64\ntdll.dll
2015-10-20 00:45 . 2015-11-11 13:41 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2015-10-20 00:45 . 2015-11-11 13:41 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2015-10-20 00:45 . 2015-11-11 13:41 43008 ----a-w- c:\windows\SysWow64\srclient.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-12-08 50749056]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-12-08 50749056]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 7ByteIo;7ByteIo;c:\program files (x86)\Hot CPU Tester Pro 4 LE\SysInfoX64.sys;c:\program files (x86)\Hot CPU Tester Pro 4 LE\SysInfoX64.sys [x]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\DRIVERS\tdrpm258.sys;c:\windows\SYSNATIVE\DRIVERS\tdrpm258.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-08 4030008]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-10-24 13662936]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-12-09 2771576]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-12-09 1846016]
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-MyAshampoo Toolbar - c:\progra~2\MYASHA~1\UNINST~1.EXE
AddRemove-{7f51bdb9-ee21-49ee-94d6-90afc321780e} - c:\programdata\Package Cache\{7f51bdb9-ee21-49ee-94d6-90afc321780e}\vcredist_x64.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_270_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_270_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
.
**************************************************************************
.
Celkový čas: 2016-01-03 15:58:51 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-01-03 14:58
ComboFix2.txt 2016-01-03 13:59
.
Před spuštěním: Volných bajtů: 46 603 612 160
Po spuštění: Volných bajtů: 46 103 662 592
.
- - End Of File - - F541732D08B88B100C62600CE9C2B334
413FC2A0C716421B3158746D63736515
Nahoru
bill.da
Level 2.5
Level 2.5
Příspěvky: 358
Registrován: říjen 09
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod bill.da » 03 led 2016 16:02

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2016-01-03 16:01:13
-----------------------------
16:01:13.098 OS Version: Windows x64 6.1.7601 Service Pack 1
16:01:13.098 Number of processors: 2 586 0x6B02
16:01:13.098 ComputerName: TOP-PC UserName: top
16:01:13.661 Initialize success
16:01:13.739 VM: initialized successfully
16:01:13.739 VM: Amd CPU virtualization not supported
16:01:20.248 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
16:01:20.248 Disk 0 Vendor: WDC_WD800JB-00JJC0 05.01C05 Size: 76318MB BusType: 3
16:01:20.263 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\00000067
16:01:20.263 Disk 1 Vendor: SAMSUNG_ CT10 Size: 381553MB BusType: 3
16:01:20.466 Disk 1 MBR read successfully
16:01:20.466 Disk 1 MBR scan
16:01:20.466 Disk 1 Windows 7 default MBR code
16:01:20.482 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 129147 MB offset 63
16:01:20.498 Disk 1 Boot: NTFS code=2
16:01:20.498 Disk 1 Partition - 00 0F Extended LBA 252404 MB offset 264494160
16:01:20.513 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 252404 MB offset 264494223
16:01:20.544 Disk 1 scanning C:\Windows\system32\drivers
16:01:27.357 Service scanning
16:01:42.701 Modules scanning
16:01:42.701 Disk 1 trace - called modules:
16:01:42.732 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
16:01:42.732 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa80048d8060]
16:01:42.748 3 CLASSPNP.SYS[fffff880011cd43f] -> nt!IofCallDriver -> [0xfffffa800438a4e0]
16:01:42.748 5 ACPI.sys[fffff88000efe7a1] -> nt!IofCallDriver -> \Device\00000067[0xfffffa8004389060]
16:01:42.763 Disk 1 statistics 100859/0/0 @ 7,92 MB/s
16:01:42.779 Scan finished successfully
16:01:52.279 Disk 1 MBR has been saved successfully to "C:\Users\top\Desktop\MBR.dat"
16:01:52.279 The log file has been saved successfully to "C:\Users\top\Desktop\aswMBR.txt"
Nahoru
Uživatelský avatar
jerabina
člen Security týmu
Level 6
Level 6
Příspěvky: 3647
Registrován: březen 13
Bydliště: Litoměřice
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod jerabina » 03 led 2016 16:26

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Co problémy? + nový log z HJT
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod

Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Nahoru
bill.da
Level 2.5
Level 2.5
Příspěvky: 358
Registrován: říjen 09
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod bill.da » 03 led 2016 17:00

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:59:12, on 3.1.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\top\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Users\top\Desktop\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-18\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Plán2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7068 bytes
Nahoru
bill.da
Level 2.5
Level 2.5
Příspěvky: 358
Registrován: říjen 09
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod bill.da » 03 led 2016 17:07

problémy uz ted dobry pc jede jako za mlada ale ten program OTC jsem ho spustil vyzval me na restat po restartu jsem tam ten program na plose nemel proste se stratil to tak ma delat?
Nahoru
Uživatelský avatar
jerabina
člen Security týmu
Level 6
Level 6
Příspěvky: 3647
Registrován: březen 13
Bydliště: Litoměřice
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu

Příspěvekod jerabina » 03 led 2016 17:41

To je v pořádku :-)

Zavři ostatní programy/prohlížeče, odpoj se od internetu a v HJT fixni:
NÁVOD

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll



Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt

Pokud nejsou problémy, je to vše a můžeš dát vyřešeno - zelenou "fajfku" ;)
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod

Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Nahoru
bill.da
Level 2.5
Level 2.5
Příspěvky: 358
Registrován: říjen 09
Pohlaví: Muž
Stav:
Offline

Re: Prosim o kontrolu logu  Vyřešeno

Příspěvekod bill.da » 03 led 2016 18:29

# DelFix v1.011 - Logfile created 03/01/2016 at 18:26:20
# Updated 18/08/2015 by Xplode
# Username : top - TOP-PC
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\AdwCleaner
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Cleaning system restore ...

Deleted : RP #39 [Instalační služba modulů systému Windows | 01/01/2016 15:58:50]
Deleted : RP #40 [Instalační služba modulů systému Windows | 01/01/2016 15:59:17]
Deleted : RP #41 [Windows Update | 01/02/2016 11:46:35]
Deleted : RP #42 [zoek.exe restore point | 01/03/2016 13:05:46]
Deleted : RP #43 [zoek.exe restore point | 01/03/2016 13:19:00]

New restore point created !

########## - EOF - ##########
diky moc jste borci zedelate takovouhle praci
Nahoru
Zamčeno

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 117 hostů