Kontrola - spouštění v sandboxu

Příspěvekod **Martab** » 16 led 2016 11:02

Nevím o kterém programu se bavíš, ale COMODO mi funguje bez problémů, ale problém se s kombinaci COMODa a ComboFixu.

Reklama

richchie · Příspěvekod **richchie** » 16 led 2016 11:07

Já ti neřeknu proč se tak programy chovají a vyzkoušet to nemůžu-w8.1 a v desítkách to bude podobné.Nebude se chovat korektně.(combofix)

Příspěvekod **Martab** » 16 led 2016 11:11

Jasně, já ale taky netuším, co s tím, ať COMODO "odstřelím" jakkoli, tak ComboFix furt něco hlásí, netuším čím to je ani jak to opravit. Uvidíme co kluci, třeba budou vědět co s tím...

Příspěvekod **Orcus** » 16 led 2016 11:38

OK, řešení se jedno nabízí. Odinstaluj Comodo než provedeš Combofix. :-)

Příspěvekod **Martab** » 16 led 2016 11:39

Zkoušel jsem ho vyházet z registrů, a nepomohlo, zkusím komplet odinstalaci a uvidím...

Příspěvekod **Orcus** » 16 led 2016 11:42

Hele pokud je odnstalovaný a nebeží tam rezidentní jádro, tak ten CF můžeme provést. Registry by na chod CF neměly mít vliv.

Příspěvekod **Martab** » 16 led 2016 11:46

Teď ho odinstalovávám, tak uvidíme, víc už udělat nejde... tak dám vědět.

Příspěvekod **Martab** » 16 led 2016 11:49

Tak po odinstalaci, promazání registrů a ve stavu nouze už nic nehlásí, tak snad OK, nechám ho projet a hodím sem log.

Příspěvekod **Martab** » 16 led 2016 11:59

ComboFix 16-01-07.01 - Lenovo 16.01.2016 11:49:17.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3892.2368 [GMT 1:00]
Spuštěný z: c:\users\Lenovo\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.pol
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-12-16 do 2016-01-16 )))))))))))))))))))))))))))))))
.
.
2016-01-16 10:52 . 2016-01-16 10:52 -------- dc----w- c:\users\Default\AppData\Local\temp
2016-01-16 10:43 . 2016-01-16 10:43 3429056 -c--a-w- c:\programdata\cisD27B.exe
2016-01-16 10:43 . 2016-01-16 10:43 3429056 -c--a-w- c:\programdata\cis3F60.exe
2016-01-15 14:33 . 2016-01-15 18:27 -------- dc----w- c:\programdata\RogueKiller
2016-01-15 10:14 . 2016-01-15 10:14 -------- dc----w- c:\programdata\Malwarebytes
2016-01-11 12:36 . 2016-01-11 12:36 -------- dc----w- c:\program files (x86)\Common Files\Skype
2015-12-19 19:07 . 2015-12-19 19:07 -------- dc----w- c:\program files (x86)\Comodo
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-12-15 18:37 . 2015-12-15 18:37 77656 -c--a-w- c:\windows\system32\XAPOFX1_5.dll
2015-12-15 18:37 . 2015-12-15 18:37 74072 -c--a-w- c:\windows\SysWow64\XAPOFX1_5.dll
2015-12-15 18:37 . 2015-12-15 18:37 527192 -c--a-w- c:\windows\SysWow64\XAudio2_7.dll
2015-12-15 18:37 . 2015-12-15 18:37 518488 -c--a-w- c:\windows\system32\XAudio2_7.dll
2015-12-15 18:37 . 2015-12-15 18:37 239960 -c--a-w- c:\windows\SysWow64\xactengine3_7.dll
2015-12-15 18:37 . 2015-12-15 18:37 176984 -c--a-w- c:\windows\system32\xactengine3_7.dll
2015-12-15 18:37 . 2015-12-15 18:37 2526056 -c--a-w- c:\windows\system32\D3DCompiler_43.dll
2015-12-15 18:37 . 2015-12-15 18:37 2106216 -c--a-w- c:\windows\SysWow64\D3DCompiler_43.dll
2015-12-15 18:37 . 2015-12-15 18:37 1907552 -c--a-w- c:\windows\system32\d3dcsx_43.dll
2015-12-15 18:37 . 2015-12-15 18:37 1868128 -c--a-w- c:\windows\SysWow64\d3dcsx_43.dll
2015-12-15 18:37 . 2015-12-15 18:37 276832 -c--a-w- c:\windows\system32\d3dx11_43.dll
2015-12-15 18:37 . 2015-12-15 18:37 248672 -c--a-w- c:\windows\SysWow64\d3dx11_43.dll
2015-12-15 18:37 . 2015-12-15 18:37 511328 -c--a-w- c:\windows\system32\d3dx10_43.dll
2015-12-15 18:37 . 2015-12-15 18:37 470880 -c--a-w- c:\windows\SysWow64\d3dx10_43.dll
2015-12-15 18:37 . 2015-12-15 18:37 2401112 -c--a-w- c:\windows\system32\D3DX9_43.dll
2015-12-15 18:37 . 2015-12-15 18:37 1998168 -c--a-w- c:\windows\SysWow64\D3DX9_43.dll
2015-12-15 18:37 . 2015-12-15 18:37 78680 -c--a-w- c:\windows\system32\XAPOFX1_4.dll
2015-12-15 18:37 . 2015-12-15 18:37 74072 -c--a-w- c:\windows\SysWow64\XAPOFX1_4.dll
2015-12-15 18:37 . 2015-12-15 18:37 530776 -c--a-w- c:\windows\system32\XAudio2_6.dll
2015-12-15 18:37 . 2015-12-15 18:37 528216 -c--a-w- c:\windows\SysWow64\XAudio2_6.dll
2015-12-15 18:36 . 2015-12-15 18:36 176984 -c--a-w- c:\windows\system32\xactengine3_6.dll
2015-12-15 18:36 . 2015-12-15 18:36 238936 -c--a-w- c:\windows\SysWow64\xactengine3_6.dll
2015-12-15 18:36 . 2015-12-15 18:36 24920 -c--a-w- c:\windows\system32\X3DAudio1_7.dll
2015-12-15 18:36 . 2015-12-15 18:36 22360 -c--a-w- c:\windows\SysWow64\X3DAudio1_7.dll
2015-12-14 10:36 . 2015-09-27 07:02 796864 -c--a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-12-14 10:36 . 2015-09-27 07:02 142528 -c--a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-12-06 12:06 . 2015-12-06 12:05 98816 ----a-w- c:\windows\system32\wudriver.dll
2015-12-06 12:06 . 2015-12-06 12:05 93696 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-12-06 12:06 . 2015-12-06 12:05 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-12-06 12:06 . 2015-12-06 12:05 709632 ----a-w- c:\windows\system32\wuapi.dll
2015-12-06 12:06 . 2015-12-06 12:05 573440 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-12-06 12:06 . 2015-12-06 12:05 37888 ----a-w- c:\windows\system32\wups2.dll
2015-12-06 12:06 . 2015-12-06 12:05 37888 ----a-w- c:\windows\system32\wuapp.exe
2015-12-06 12:06 . 2015-12-06 12:05 36864 ----a-w- c:\windows\system32\wups.dll
2015-12-06 12:06 . 2015-12-06 12:05 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-12-06 12:06 . 2015-12-06 12:05 3170304 ----a-w- c:\windows\system32\wucltux.dll
2015-12-06 12:06 . 2015-12-06 12:05 30208 ----a-w- c:\windows\SysWow64\wups.dll
2015-12-06 12:06 . 2015-12-06 12:05 2609152 ----a-w- c:\windows\system32\wuaueng.dll
2015-12-06 12:06 . 2015-12-06 12:05 192512 ----a-w- c:\windows\system32\wuwebv.dll
2015-12-06 12:06 . 2015-12-06 12:05 174080 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-12-06 12:06 . 2015-12-06 12:05 140288 ----a-w- c:\windows\system32\wuauclt.exe
2015-12-06 12:06 . 2015-12-06 12:05 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-12-06 12:05 . 2009-07-13 23:38 30208 -c--a-w- c:\windows\system32\drivers\monitor.sys
2015-11-20 10:27 . 2015-11-20 10:26 7168 ----a-w- c:\windows\system32\kbdgeoqw.dll
2015-11-20 10:27 . 2015-11-20 10:26 7168 ----a-w- c:\windows\system32\KBDAZEL.DLL
2015-11-20 10:27 . 2015-11-20 10:26 7168 ----a-w- c:\windows\system32\KBDAZE.DLL
2015-11-20 10:27 . 2015-11-20 10:26 69120 ----a-w- c:\windows\SysWow64\nlsbres.dll
2015-11-20 10:27 . 2015-11-20 10:26 69120 ----a-w- c:\windows\system32\nlsbres.dll
2015-11-20 10:27 . 2015-11-20 10:26 6656 ----a-w- c:\windows\SysWow64\kbdgeoqw.dll
2015-11-20 10:27 . 2015-11-20 10:26 6656 ----a-w- c:\windows\SysWow64\KBDAZEL.DLL
2015-11-20 10:27 . 2015-11-20 10:26 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2015-11-20 10:27 . 2015-11-20 10:26 6656 ----a-w- c:\windows\system32\shimeng.dll
2015-11-20 10:27 . 2015-11-20 10:26 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
2015-11-20 10:27 . 2015-11-20 10:26 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2015-11-20 10:27 . 2015-11-20 10:26 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-11-20 10:27 . 2015-11-20 10:26 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2015-11-20 10:27 . 2015-11-20 10:26 342016 ----a-w- c:\windows\system32\apphelp.dll
2015-11-20 10:27 . 2015-11-20 10:26 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-11-20 10:27 . 2015-11-20 10:26 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2015-11-20 10:27 . 2015-11-20 10:26 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-11-20 10:27 . 2015-11-20 10:26 23552 ----a-w- c:\windows\system32\sdbinst.exe
2015-11-20 10:27 . 2015-11-20 10:26 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-11-20 10:27 . 2015-11-20 10:26 211968 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2015-11-20 10:27 . 2015-11-20 10:26 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2015-11-20 10:27 . 2015-11-20 10:26 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2015-11-20 10:27 . 2015-11-20 10:26 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-11-20 10:27 . 2015-11-20 10:26 878080 ----a-w- c:\windows\system32\advapi32.dll
2015-11-20 10:27 . 2015-11-20 10:26 859648 ----a-w- c:\windows\system32\tdh.dll
2015-11-20 10:27 . 2015-11-20 10:26 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2015-11-20 10:27 . 2015-11-20 10:26 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2015-11-20 10:27 . 2015-11-20 10:26 3211264 ----a-w- c:\windows\system32\win32k.sys
2015-11-11 16:24 . 2015-09-25 18:33 145617392 -c--a-w- c:\windows\system32\MRT.exe
2015-11-11 16:20 . 2015-11-11 16:12 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 16:20 . 2015-11-11 16:12 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2015-11-11 16:20 . 2015-11-11 16:12 2052608 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2015-11-11 16:20 . 2015-11-11 16:12 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2015-11-11 16:20 . 2015-11-11 16:12 54784 ----a-w- c:\windows\system32\jsproxy.dll
2015-11-11 16:20 . 2015-11-11 16:12 616960 ----a-w- c:\windows\system32\ieui.dll
2015-11-11 16:20 . 2015-11-11 16:12 14457856 ----a-w- c:\windows\system32\ieframe.dll
2015-11-11 16:20 . 2015-11-11 16:12 817664 ----a-w- c:\windows\system32\jscript.dll
2015-11-11 16:20 . 2015-11-11 16:12 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2015-11-11 16:20 . 2015-11-11 16:12 2487808 ----a-w- c:\windows\system32\wininet.dll
2015-11-11 16:20 . 2015-11-11 16:12 25818624 ----a-w- c:\windows\system32\mshtml.dll
2015-11-11 16:20 . 2015-11-11 16:12 720896 ----a-w- c:\windows\system32\ie4uinit.exe
2015-11-11 16:20 . 2015-11-11 16:12 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2015-11-11 16:20 . 2015-11-11 16:12 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2015-11-11 16:20 . 2015-11-11 16:12 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2015-11-11 16:20 . 2015-11-11 16:12 34304 ----a-w- c:\windows\system32\iernonce.dll
2015-11-11 16:20 . 2015-11-11 16:12 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2015-11-11 16:20 . 2015-11-11 16:12 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2015-11-11 16:20 . 2015-11-11 16:12 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2015-11-11 16:20 . 2015-11-11 16:12 504832 ----a-w- c:\windows\SysWow64\vbscript.dll
2015-11-11 16:20 . 2015-11-11 16:12 390344 ----a-w- c:\windows\system32\iedkcs32.dll
2015-11-11 16:20 . 2015-11-11 16:12 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2015-11-11 16:20 . 2015-11-11 16:12 1547264 ----a-w- c:\windows\system32\urlmon.dll
2015-11-11 16:20 . 2015-11-11 16:12 152064 ----a-w- c:\windows\system32\occache.dll
2015-11-11 16:20 . 2015-11-11 16:12 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2015-11-11 16:20 . 2015-11-11 16:12 801280 ----a-w- c:\windows\system32\msfeeds.dll
2015-11-11 16:20 . 2015-11-11 16:12 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2015-11-11 16:20 . 2015-11-11 16:12 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtPending]
@="{056D528D-CE28-4194-9BA3-BA2E9197FF8C}"
[HKEY_CLASSES_ROOT\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C}]
2014-05-01 14:15 463360 ----a-w- c:\programdata\MEGAsync\ShellExtX32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtSynced]
@="{05B38830-F4E9-4329-978B-1DD28605D202}"
[HKEY_CLASSES_ROOT\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202}]
2014-05-01 14:15 463360 ----a-w- c:\programdata\MEGAsync\ShellExtX32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtSyncing]
@="{0596C850-7BDD-4C9D-AFDF-873BE6890637}"
[HKEY_CLASSES_ROOT\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637}]
2014-05-01 14:15 463360 ----a-w- c:\programdata\MEGAsync\ShellExtX32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PWMTRV"="c:\program files (x86)\ThinkPad\Utilities\PWMTR64V.DLL" [2015-09-25 6417648]
.
c:\users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MEGAsync.lnk - c:\programdata\MEGAsync\MEGAsync.exe [2015-9-3 4357064]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cpuz136;cpuz136;c:\users\Lenovo\AppData\Local\Temp\cpuz136\cpuz136_x64.sys;c:\users\Lenovo\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]
R3 cpuz138;cpuz138;c:\users\Lenovo\AppData\Local\Temp\CPU-ZPortableTemp\cpuz138\cpuz138_x64.sys;c:\users\Lenovo\AppData\Local\Temp\CPU-ZPortableTemp\cpuz138\cpuz138_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 DozeSvc;Lenovo Doze Mode Service;c:\program files (x86)\ThinkPad\Utilities\DZSVC64.EXE;c:\program files (x86)\ThinkPad\Utilities\DZSVC64.EXE [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [x]
S0 DzHDD64;DzHDD64;c:\windows\System32\DRIVERS\DzHDD64.sys;c:\windows\SYSNATIVE\DRIVERS\DzHDD64.sys [x]
S1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys;c:\windows\SYSNATIVE\DRIVERS\CFRMD.sys [x]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiifx64.sys;c:\windows\SYSNATIVE\DRIVERS\smiifx64.sys [x]
S2 CLPSLauncher;COMODO LPS Launcher;c:\program files (x86)\Common Files\COMODO\launcher_service.exe;c:\program files (x86)\Common Files\COMODO\launcher_service.exe [x]
S2 GeekBuddyRSP;GeekBuddyRSP Server;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [x]
S2 ChromodoUpdater;COMODO Chromodo Update Service;c:\program files (x86)\Comodo\Chromodo\chromodo_updater.exe;c:\program files (x86)\Comodo\Chromodo\chromodo_updater.exe [x]
S2 QDLService2kLenovo;Qualcomm Gobi 2000 Download Service (Lenovo);c:\program files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe;c:\program files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe [x]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [x]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [x]
S2 TVicPort64;TVicPort64; [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1k62x64.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 Power Manager DBC Service;Power Manager Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [x]
S3 qcfilterlno2k;Gobi 2000 USB Composite Device Filter Driver(05C6-9205);c:\windows\system32\DRIVERS\qcfilterlno2k.sys;c:\windows\SYSNATIVE\DRIVERS\qcfilterlno2k.sys [x]
S3 qcusbnetlno2k;Gobi 2000 USB-NDIS miniport(05C6-9205);c:\windows\system32\DRIVERS\qcusbnetlno2k.sys;c:\windows\SYSNATIVE\DRIVERS\qcusbnetlno2k.sys [x]
S3 qcusbserlno2k;Gobi 2000 USB Device for Legacy Serial Communication(05C6-9205);c:\windows\system32\DRIVERS\qcusbserlno2k.sys;c:\windows\SYSNATIVE\DRIVERS\qcusbserlno2k.sys [x]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2015-12-19 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe [2015-12-14 10:36]
.
2016-01-16 c:\windows\Tasks\MATLAB R2015a Startup Accelerator.job
- c:\program files\MATLAB\R2015aSP1\bin\win64\MATLABStartupAccelerator.exe [2015-12-15 18:01]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtPending]
@="{056D528D-CE28-4194-9BA3-BA2E9197FF8C}"
[HKEY_CLASSES_ROOT\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C}]
2014-05-01 14:13 470016 ----a-w- c:\programdata\MEGAsync\ShellExtX64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtSynced]
@="{05B38830-F4E9-4329-978B-1DD28605D202}"
[HKEY_CLASSES_ROOT\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202}]
2014-05-01 14:13 470016 ----a-w- c:\programdata\MEGAsync\ShellExtX64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtSyncing]
@="{0596C850-7BDD-4C9D-AFDF-873BE6890637}"
[HKEY_CLASSES_ROOT\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637}]
2014-05-01 14:13 470016 ----a-w- c:\programdata\MEGAsync\ShellExtX64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TPFanControl"="c:\program files\TPFanControl\TPFanControl.exe" [2015-09-25 154624]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2015-09-26 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2015-09-26 392984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2015-09-26 417560]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2016-01-16 11:54:19
ComboFix-quarantined-files.txt 2016-01-16 10:54
.
Před spuštěním: Volných bajtů: 60 533 227 520
Po spuštění: Volných bajtů: 60 211 007 488
.
- - End Of File - - 05E3F3B4487587F1867DB7EDDE85872C

Příspěvekod **jaro3** » 17 led 2016 09:58

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
File::
c:\programdata\cisD27B.exe
c:\programdata\cis3F60.exe

Folder::
c:\program files (x86)\Comodo
c:\program files (x86)\Skype\Updater

Driver::
SkypeUpdate


RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Příspěvekod **Martab** » 17 led 2016 10:25

ComboFix
ComboFix 16-01-07.01 - Lenovo 17.01.2016 10:14:41.3.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3892.2744 [GMT 1:00]
Spuštěný z: c:\users\Lenovo\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Lenovo\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\programdata\cis3F60.exe"
"c:\programdata\cisD27B.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Comodo
c:\program files (x86)\Comodo\Chromodo\45.0.2454.93.manifest
c:\program files (x86)\Comodo\Chromodo\d3dcompiler_47.dll
c:\program files (x86)\Comodo\Chromodo\extensions\adsanitizer.crx
c:\program files (x86)\Comodo\Chromodo\extensions\drag_drop.crx
c:\program files (x86)\Comodo\Chromodo\extensions\flash_download_helper.crx
c:\program files (x86)\Comodo\Chromodo\extensions\https_enforcement.crx
c:\program files (x86)\Comodo\Chromodo\extensions\media_downloader.crx
c:\program files (x86)\Comodo\Chromodo\extensions\share_page.crx
c:\program files (x86)\Comodo\Chromodo\extensions\web_inspector.crx
c:\program files (x86)\Comodo\Chromodo\chrome_100_percent.pak
c:\program files (x86)\Comodo\Chromodo\chrome_200_percent.pak
c:\program files (x86)\Comodo\Chromodo\chrome_elf.dll
c:\program files (x86)\Comodo\Chromodo\chromodo.exe
c:\program files (x86)\Comodo\Chromodo\chromodo_child.dll
c:\program files (x86)\Comodo\Chromodo\chromodo_s.dll
c:\program files (x86)\Comodo\Chromodo\chromodo_updater.exe
c:\program files (x86)\Comodo\Chromodo\icudtl.dat
c:\program files (x86)\Comodo\Chromodo\libEGL.dll
c:\program files (x86)\Comodo\Chromodo\libGLESv2.dll
c:\program files (x86)\Comodo\Chromodo\locales\am.pak
c:\program files (x86)\Comodo\Chromodo\locales\ar.pak
c:\program files (x86)\Comodo\Chromodo\locales\bg.pak
c:\program files (x86)\Comodo\Chromodo\locales\bn.pak
c:\program files (x86)\Comodo\Chromodo\locales\ca.pak
c:\program files (x86)\Comodo\Chromodo\locales\cs.pak
c:\program files (x86)\Comodo\Chromodo\locales\da.pak
c:\program files (x86)\Comodo\Chromodo\locales\de.pak
c:\program files (x86)\Comodo\Chromodo\locales\el.pak
c:\program files (x86)\Comodo\Chromodo\locales\en-GB.pak
c:\program files (x86)\Comodo\Chromodo\locales\en-US.pak
c:\program files (x86)\Comodo\Chromodo\locales\es-419.pak
c:\program files (x86)\Comodo\Chromodo\locales\es.pak
c:\program files (x86)\Comodo\Chromodo\locales\et.pak
c:\program files (x86)\Comodo\Chromodo\locales\fa.pak
c:\program files (x86)\Comodo\Chromodo\locales\fi.pak
c:\program files (x86)\Comodo\Chromodo\locales\fil.pak
c:\program files (x86)\Comodo\Chromodo\locales\fr.pak
c:\program files (x86)\Comodo\Chromodo\locales\gu.pak
c:\program files (x86)\Comodo\Chromodo\locales\he.pak
c:\program files (x86)\Comodo\Chromodo\locales\hi.pak
c:\program files (x86)\Comodo\Chromodo\locales\hr.pak
c:\program files (x86)\Comodo\Chromodo\locales\hu.pak
c:\program files (x86)\Comodo\Chromodo\locales\id.pak
c:\program files (x86)\Comodo\Chromodo\locales\it.pak
c:\program files (x86)\Comodo\Chromodo\locales\ja.pak
c:\program files (x86)\Comodo\Chromodo\locales\kn.pak
c:\program files (x86)\Comodo\Chromodo\locales\ko.pak
c:\program files (x86)\Comodo\Chromodo\locales\lt.pak
c:\program files (x86)\Comodo\Chromodo\locales\lv.pak
c:\program files (x86)\Comodo\Chromodo\locales\ml.pak
c:\program files (x86)\Comodo\Chromodo\locales\mr.pak
c:\program files (x86)\Comodo\Chromodo\locales\nb.pak
c:\program files (x86)\Comodo\Chromodo\locales\nl.pak
c:\program files (x86)\Comodo\Chromodo\locales\pl.pak
c:\program files (x86)\Comodo\Chromodo\locales\pt-BR.pak
c:\program files (x86)\Comodo\Chromodo\locales\pt-PT.pak
c:\program files (x86)\Comodo\Chromodo\locales\ro.pak
c:\program files (x86)\Comodo\Chromodo\locales\ru.pak
c:\program files (x86)\Comodo\Chromodo\locales\sk.pak
c:\program files (x86)\Comodo\Chromodo\locales\sl.pak
c:\program files (x86)\Comodo\Chromodo\locales\sr.pak
c:\program files (x86)\Comodo\Chromodo\locales\sv.pak
c:\program files (x86)\Comodo\Chromodo\locales\sw.pak
c:\program files (x86)\Comodo\Chromodo\locales\ta.pak
c:\program files (x86)\Comodo\Chromodo\locales\te.pak
c:\program files (x86)\Comodo\Chromodo\locales\th.pak
c:\program files (x86)\Comodo\Chromodo\locales\tr.pak
c:\program files (x86)\Comodo\Chromodo\locales\uk.pak
c:\program files (x86)\Comodo\Chromodo\locales\vi.pak
c:\program files (x86)\Comodo\Chromodo\locales\zh-CN.pak
c:\program files (x86)\Comodo\Chromodo\locales\zh-TW.pak
c:\program files (x86)\Comodo\Chromodo\master_preferences
c:\program files (x86)\Comodo\Chromodo\natives_blob.bin
c:\program files (x86)\Comodo\Chromodo\RBSkin_Perion.skf
c:\program files (x86)\Comodo\Chromodo\resources.pak
c:\program files (x86)\Comodo\Chromodo\restart_helper.exe
c:\program files (x86)\Comodo\Chromodo\snapshot_blob.bin
c:\program files (x86)\Comodo\Chromodo\uninstall.exe
c:\program files (x86)\Comodo\Chromodo\virtual_mode_helper.exe
c:\program files (x86)\Comodo\Chromodo\wow_helper.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\programdata\cis3F60.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_ChromodoUpdater
-------\Service_ChromodoUpdater
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-12-17 do 2016-01-17 )))))))))))))))))))))))))))))))
.
.
2016-01-15 14:33 . 2016-01-15 18:27 -------- dc----w- c:\programdata\RogueKiller
2016-01-15 10:14 . 2016-01-15 10:14 -------- dc----w- c:\programdata\Malwarebytes
2016-01-11 12:36 . 2016-01-11 12:36 -------- dc----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-12-15 18:37 . 2015-12-15 18:37 77656 -c--a-w- c:\windows\system32\XAPOFX1_5.dll
2015-12-15 18:37 . 2015-12-15 18:37 74072 -c--a-w- c:\windows\SysWow64\XAPOFX1_5.dll
2015-12-15 18:37 . 2015-12-15 18:37 527192 -c--a-w- c:\windows\SysWow64\XAudio2_7.dll
2015-12-15 18:37 . 2015-12-15 18:37 518488 -c--a-w- c:\windows\system32\XAudio2_7.dll
2015-12-15 18:37 . 2015-12-15 18:37 239960 -c--a-w- c:\windows\SysWow64\xactengine3_7.dll
2015-12-15 18:37 . 2015-12-15 18:37 176984 -c--a-w- c:\windows\system32\xactengine3_7.dll
2015-12-15 18:37 . 2015-12-15 18:37 2526056 -c--a-w- c:\windows\system32\D3DCompiler_43.dll
2015-12-15 18:37 . 2015-12-15 18:37 2106216 -c--a-w- c:\windows\SysWow64\D3DCompiler_43.dll
2015-12-15 18:37 . 2015-12-15 18:37 1907552 -c--a-w- c:\windows\system32\d3dcsx_43.dll
2015-12-15 18:37 . 2015-12-15 18:37 1868128 -c--a-w- c:\windows\SysWow64\d3dcsx_43.dll
2015-12-15 18:37 . 2015-12-15 18:37 276832 -c--a-w- c:\windows\system32\d3dx11_43.dll
2015-12-15 18:37 . 2015-12-15 18:37 248672 -c--a-w- c:\windows\SysWow64\d3dx11_43.dll
2015-12-15 18:37 . 2015-12-15 18:37 511328 -c--a-w- c:\windows\system32\d3dx10_43.dll
2015-12-15 18:37 . 2015-12-15 18:37 470880 -c--a-w- c:\windows\SysWow64\d3dx10_43.dll
2015-12-15 18:37 . 2015-12-15 18:37 2401112 -c--a-w- c:\windows\system32\D3DX9_43.dll
2015-12-15 18:37 . 2015-12-15 18:37 1998168 -c--a-w- c:\windows\SysWow64\D3DX9_43.dll
2015-12-15 18:37 . 2015-12-15 18:37 78680 -c--a-w- c:\windows\system32\XAPOFX1_4.dll
2015-12-15 18:37 . 2015-12-15 18:37 74072 -c--a-w- c:\windows\SysWow64\XAPOFX1_4.dll
2015-12-15 18:37 . 2015-12-15 18:37 530776 -c--a-w- c:\windows\system32\XAudio2_6.dll
2015-12-15 18:37 . 2015-12-15 18:37 528216 -c--a-w- c:\windows\SysWow64\XAudio2_6.dll
2015-12-15 18:36 . 2015-12-15 18:36 176984 -c--a-w- c:\windows\system32\xactengine3_6.dll
2015-12-15 18:36 . 2015-12-15 18:36 238936 -c--a-w- c:\windows\SysWow64\xactengine3_6.dll
2015-12-15 18:36 . 2015-12-15 18:36 24920 -c--a-w- c:\windows\system32\X3DAudio1_7.dll
2015-12-15 18:36 . 2015-12-15 18:36 22360 -c--a-w- c:\windows\SysWow64\X3DAudio1_7.dll
2015-12-14 10:36 . 2015-09-27 07:02 796864 -c--a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-12-14 10:36 . 2015-09-27 07:02 142528 -c--a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-12-06 12:06 . 2015-12-06 12:05 98816 ----a-w- c:\windows\system32\wudriver.dll
2015-12-06 12:06 . 2015-12-06 12:05 93696 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-12-06 12:06 . 2015-12-06 12:05 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-12-06 12:06 . 2015-12-06 12:05 709632 ----a-w- c:\windows\system32\wuapi.dll
2015-12-06 12:06 . 2015-12-06 12:05 573440 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-12-06 12:06 . 2015-12-06 12:05 37888 ----a-w- c:\windows\system32\wups2.dll
2015-12-06 12:06 . 2015-12-06 12:05 37888 ----a-w- c:\windows\system32\wuapp.exe
2015-12-06 12:06 . 2015-12-06 12:05 36864 ----a-w- c:\windows\system32\wups.dll
2015-12-06 12:06 . 2015-12-06 12:05 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-12-06 12:06 . 2015-12-06 12:05 3170304 ----a-w- c:\windows\system32\wucltux.dll
2015-12-06 12:06 . 2015-12-06 12:05 30208 ----a-w- c:\windows\SysWow64\wups.dll
2015-12-06 12:06 . 2015-12-06 12:05 2609152 ----a-w- c:\windows\system32\wuaueng.dll
2015-12-06 12:06 . 2015-12-06 12:05 192512 ----a-w- c:\windows\system32\wuwebv.dll
2015-12-06 12:06 . 2015-12-06 12:05 174080 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-12-06 12:06 . 2015-12-06 12:05 140288 ----a-w- c:\windows\system32\wuauclt.exe
2015-12-06 12:06 . 2015-12-06 12:05 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-12-06 12:05 . 2009-07-13 23:38 30208 -c--a-w- c:\windows\system32\drivers\monitor.sys
2015-11-20 10:27 . 2015-11-20 10:26 7168 ----a-w- c:\windows\system32\kbdgeoqw.dll
2015-11-20 10:27 . 2015-11-20 10:26 7168 ----a-w- c:\windows\system32\KBDAZEL.DLL
2015-11-20 10:27 . 2015-11-20 10:26 7168 ----a-w- c:\windows\system32\KBDAZE.DLL
2015-11-20 10:27 . 2015-11-20 10:26 69120 ----a-w- c:\windows\SysWow64\nlsbres.dll
2015-11-20 10:27 . 2015-11-20 10:26 69120 ----a-w- c:\windows\system32\nlsbres.dll
2015-11-20 10:27 . 2015-11-20 10:26 6656 ----a-w- c:\windows\SysWow64\kbdgeoqw.dll
2015-11-20 10:27 . 2015-11-20 10:26 6656 ----a-w- c:\windows\SysWow64\KBDAZEL.DLL
2015-11-20 10:27 . 2015-11-20 10:26 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2015-11-20 10:27 . 2015-11-20 10:26 6656 ----a-w- c:\windows\system32\shimeng.dll
2015-11-20 10:27 . 2015-11-20 10:26 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
2015-11-20 10:27 . 2015-11-20 10:26 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2015-11-20 10:27 . 2015-11-20 10:26 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-11-20 10:27 . 2015-11-20 10:26 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2015-11-20 10:27 . 2015-11-20 10:26 342016 ----a-w- c:\windows\system32\apphelp.dll
2015-11-20 10:27 . 2015-11-20 10:26 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-11-20 10:27 . 2015-11-20 10:26 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2015-11-20 10:27 . 2015-11-20 10:26 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-11-20 10:27 . 2015-11-20 10:26 23552 ----a-w- c:\windows\system32\sdbinst.exe
2015-11-20 10:27 . 2015-11-20 10:26 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-11-20 10:27 . 2015-11-20 10:26 211968 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2015-11-20 10:27 . 2015-11-20 10:26 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2015-11-20 10:27 . 2015-11-20 10:26 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2015-11-20 10:27 . 2015-11-20 10:26 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-11-20 10:27 . 2015-11-20 10:26 878080 ----a-w- c:\windows\system32\advapi32.dll
2015-11-20 10:27 . 2015-11-20 10:26 859648 ----a-w- c:\windows\system32\tdh.dll
2015-11-20 10:27 . 2015-11-20 10:26 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2015-11-20 10:27 . 2015-11-20 10:26 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2015-11-20 10:27 . 2015-11-20 10:26 3211264 ----a-w- c:\windows\system32\win32k.sys
2015-11-11 16:24 . 2015-09-25 18:33 145617392 -c--a-w- c:\windows\system32\MRT.exe
2015-11-11 16:20 . 2015-11-11 16:12 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 16:20 . 2015-11-11 16:12 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2015-11-11 16:20 . 2015-11-11 16:12 2052608 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2015-11-11 16:20 . 2015-11-11 16:12 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2015-11-11 16:20 . 2015-11-11 16:12 54784 ----a-w- c:\windows\system32\jsproxy.dll
2015-11-11 16:20 . 2015-11-11 16:12 616960 ----a-w- c:\windows\system32\ieui.dll
2015-11-11 16:20 . 2015-11-11 16:12 14457856 ----a-w- c:\windows\system32\ieframe.dll
2015-11-11 16:20 . 2015-11-11 16:12 817664 ----a-w- c:\windows\system32\jscript.dll
2015-11-11 16:20 . 2015-11-11 16:12 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2015-11-11 16:20 . 2015-11-11 16:12 2487808 ----a-w- c:\windows\system32\wininet.dll
2015-11-11 16:20 . 2015-11-11 16:12 25818624 ----a-w- c:\windows\system32\mshtml.dll
2015-11-11 16:20 . 2015-11-11 16:12 720896 ----a-w- c:\windows\system32\ie4uinit.exe
2015-11-11 16:20 . 2015-11-11 16:12 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2015-11-11 16:20 . 2015-11-11 16:12 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2015-11-11 16:20 . 2015-11-11 16:12 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2015-11-11 16:20 . 2015-11-11 16:12 34304 ----a-w- c:\windows\system32\iernonce.dll
2015-11-11 16:20 . 2015-11-11 16:12 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2015-11-11 16:20 . 2015-11-11 16:12 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2015-11-11 16:20 . 2015-11-11 16:12 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2015-11-11 16:20 . 2015-11-11 16:12 504832 ----a-w- c:\windows\SysWow64\vbscript.dll
2015-11-11 16:20 . 2015-11-11 16:12 390344 ----a-w- c:\windows\system32\iedkcs32.dll
2015-11-11 16:20 . 2015-11-11 16:12 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2015-11-11 16:20 . 2015-11-11 16:12 1547264 ----a-w- c:\windows\system32\urlmon.dll
2015-11-11 16:20 . 2015-11-11 16:12 152064 ----a-w- c:\windows\system32\occache.dll
2015-11-11 16:20 . 2015-11-11 16:12 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2015-11-11 16:20 . 2015-11-11 16:12 801280 ----a-w- c:\windows\system32\msfeeds.dll
2015-11-11 16:20 . 2015-11-11 16:12 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2015-11-11 16:20 . 2015-11-11 16:12 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtPending]
@="{056D528D-CE28-4194-9BA3-BA2E9197FF8C}"
[HKEY_CLASSES_ROOT\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C}]
2014-05-01 14:15 463360 ----a-w- c:\programdata\MEGAsync\ShellExtX32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtSynced]
@="{05B38830-F4E9-4329-978B-1DD28605D202}"
[HKEY_CLASSES_ROOT\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202}]
2014-05-01 14:15 463360 ----a-w- c:\programdata\MEGAsync\ShellExtX32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtSyncing]
@="{0596C850-7BDD-4C9D-AFDF-873BE6890637}"
[HKEY_CLASSES_ROOT\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637}]
2014-05-01 14:15 463360 ----a-w- c:\programdata\MEGAsync\ShellExtX32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PWMTRV"="c:\program files (x86)\ThinkPad\Utilities\PWMTR64V.DLL" [2015-09-25 6417648]
.
c:\users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MEGAsync.lnk - c:\programdata\MEGAsync\MEGAsync.exe [2015-9-3 4357064]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 cpuz136;cpuz136;c:\users\Lenovo\AppData\Local\Temp\cpuz136\cpuz136_x64.sys;c:\users\Lenovo\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]
R3 cpuz138;cpuz138;c:\users\Lenovo\AppData\Local\Temp\CPU-ZPortableTemp\cpuz138\cpuz138_x64.sys;c:\users\Lenovo\AppData\Local\Temp\CPU-ZPortableTemp\cpuz138\cpuz138_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 DozeSvc;Lenovo Doze Mode Service;c:\program files (x86)\ThinkPad\Utilities\DZSVC64.EXE;c:\program files (x86)\ThinkPad\Utilities\DZSVC64.EXE [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 Power Manager DBC Service;Power Manager Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [x]
R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [x]
S0 DzHDD64;DzHDD64;c:\windows\System32\DRIVERS\DzHDD64.sys;c:\windows\SYSNATIVE\DRIVERS\DzHDD64.sys [x]
S1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys;c:\windows\SYSNATIVE\DRIVERS\CFRMD.sys [x]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiifx64.sys;c:\windows\SYSNATIVE\DRIVERS\smiifx64.sys [x]
S2 CLPSLauncher;COMODO LPS Launcher;c:\program files (x86)\Common Files\COMODO\launcher_service.exe;c:\program files (x86)\Common Files\COMODO\launcher_service.exe [x]
S2 GeekBuddyRSP;GeekBuddyRSP Server;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [x]
S2 QDLService2kLenovo;Qualcomm Gobi 2000 Download Service (Lenovo);c:\program files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe;c:\program files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe [x]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [x]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [x]
S2 TVicPort64;TVicPort64; [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1k62x64.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 qcfilterlno2k;Gobi 2000 USB Composite Device Filter Driver(05C6-9205);c:\windows\system32\DRIVERS\qcfilterlno2k.sys;c:\windows\SYSNATIVE\DRIVERS\qcfilterlno2k.sys [x]
S3 qcusbnetlno2k;Gobi 2000 USB-NDIS miniport(05C6-9205);c:\windows\system32\DRIVERS\qcusbnetlno2k.sys;c:\windows\SYSNATIVE\DRIVERS\qcusbnetlno2k.sys [x]
S3 qcusbserlno2k;Gobi 2000 USB Device for Legacy Serial Communication(05C6-9205);c:\windows\system32\DRIVERS\qcusbserlno2k.sys;c:\windows\SYSNATIVE\DRIVERS\qcusbserlno2k.sys [x]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2016-01-16 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe [2015-12-14 10:36]
.
2016-01-17 c:\windows\Tasks\MATLAB R2015a Startup Accelerator.job
- c:\program files\MATLAB\R2015aSP1\bin\win64\MATLABStartupAccelerator.exe [2015-12-15 18:01]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtPending]
@="{056D528D-CE28-4194-9BA3-BA2E9197FF8C}"
[HKEY_CLASSES_ROOT\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C}]
2014-05-01 14:13 470016 ----a-w- c:\programdata\MEGAsync\ShellExtX64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtSynced]
@="{05B38830-F4E9-4329-978B-1DD28605D202}"
[HKEY_CLASSES_ROOT\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202}]
2014-05-01 14:13 470016 ----a-w- c:\programdata\MEGAsync\ShellExtX64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtSyncing]
@="{0596C850-7BDD-4C9D-AFDF-873BE6890637}"
[HKEY_CLASSES_ROOT\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637}]
2014-05-01 14:13 470016 ----a-w- c:\programdata\MEGAsync\ShellExtX64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TPFanControl"="c:\program files\TPFanControl\TPFanControl.exe" [2015-09-25 154624]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2015-09-26 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2015-09-26 392984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2015-09-26 417560]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Chromodo - c:\program files (x86)\Comodo\Chromodo\uninstall.exe
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\LENOVO\HOTKEY\tposdsvc.exe
c:\program files\Lenovo\HOTKEY\TPONSCR.exe
c:\program files\Lenovo\Zoom\TpScrex.exe
.
**************************************************************************
.
Celkový čas: 2016-01-17 10:21:09 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-01-17 09:21
.
Před spuštěním: Volných bajtů: 60 794 736 640
Po spuštění: Volných bajtů: 60 264 976 384
.
- - End Of File - - 99D9C61A497FCE6F90409E580BA17675

Příspěvekod **Martab** » 17 led 2016 10:29

HJT
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:26:16, on 17.1.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18098)

Boot mode: Normal

Running processes:
C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\TPFanControl\TPFanControl.exe
C:\ProgramData\MEGAsync\MEGAsync.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe
C:\Users\Lenovo\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [PWMTRV] rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
O4 - Startup: MEGAsync.lnk = C:\ProgramData\MEGAsync\MEGAsync.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: GeekBuddyRSP Server (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Power Manager Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
O23 - Service: Qualcomm Gobi 2000 Download Service (Lenovo) (QDLService2kLenovo) - QUALCOMM, Inc. - C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Stínová kopie svazku (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 7206 bytes

Kontrola - spouštění v sandboxu Vyřešeno

Re: Kontrola - spouštění v sandboxu

Re: Kontrola - spouštění v sandboxu

Re: Kontrola - spouštění v sandboxu

Re: Kontrola - spouštění v sandboxu

Re: Kontrola - spouštění v sandboxu

Re: Kontrola - spouštění v sandboxu

Re: Kontrola - spouštění v sandboxu

Re: Kontrola - spouštění v sandboxu

Re: Kontrola - spouštění v sandboxu

Re: Kontrola - spouštění v sandboxu

Re: Kontrola - spouštění v sandboxu

Re: Kontrola - spouštění v sandboxu

Kdo je online