ComboFix 16-03-14.01 - Lady 17.03.2016 7:36.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3988.2690 [GMT 1:00]
Spuštěný z: c:\users\Lady\Desktop\ComboFix.exe
AV: ESET Smart Security 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\test.txt
c:\users\Lady\Favorites\záložky_05.03.16.html
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-02-17 do 2016-03-17 )))))))))))))))))))))))))))))))
.
.
2016-03-17 06:42 . 2016-03-17 06:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-03-16 06:38 . 2016-03-16 06:24 24064 ----a-w- c:\windows\zoek-delete.exe
2016-03-16 06:38 . 2016-03-17 06:42 -------- d-----w- c:\users\Lady\AppData\Local\Temp
2016-03-16 06:24 . 2016-03-16 06:36 -------- d-----w- C:\zoek_backup
2016-03-15 07:11 . 2016-03-16 05:57 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-03-15 07:10 . 2016-03-15 07:11 -------- d-----w- c:\programdata\RogueKiller
2016-03-14 16:45 . 2016-03-14 17:29 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-03-14 16:44 . 2015-10-05 08:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-03-14 16:44 . 2015-10-05 08:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-03-14 16:44 . 2015-10-05 08:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-03-14 16:44 . 2016-03-14 16:44 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-03-14 16:44 . 2016-03-14 16:44 -------- d-----w- c:\programdata\Malwarebytes
2016-03-14 16:20 . 2016-03-14 16:33 -------- d-----w- c:\program files (x86)\AdwCleaner
2016-03-14 12:36 . 2016-03-14 12:36 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2016-03-14 12:36 . 2016-03-14 12:36 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2016-03-14 08:47 . 2016-03-14 08:47 -------- d-----w- c:\program files (x86)\Microsoft Works
2016-03-14 08:41 . 2016-03-14 08:41 -------- d-----r- C:\MSOCache
2016-03-11 15:09 . 2016-03-11 15:09 -------- d-----w- c:\program files (x86)\ESET
2016-03-09 12:39 . 2016-03-02 14:59 11249080 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6DCAF3D9-1ECB-41AD-BB68-37F4953A6C17}\mpengine.dll
2016-03-09 12:32 . 2016-02-12 18:52 98816 ----a-w- c:\windows\system32\wudriver.dll
2016-03-09 12:22 . 2016-02-09 09:57 14634496 ----a-w- c:\windows\system32\wmp.dll
2016-03-09 12:21 . 2016-02-09 09:55 30720 ----a-w- c:\windows\system32\seclogon.dll
2016-03-09 12:21 . 2016-02-19 19:02 38336 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-03-09 12:21 . 2016-02-11 14:07 689152 ----a-w- c:\windows\system32\generaltel.dll
2016-03-09 12:21 . 2016-02-05 14:07 499200 ----a-w- c:\windows\system32\devinv.dll
2016-03-09 12:21 . 2016-02-19 18:54 1168896 ----a-w- c:\windows\system32\aeinv.dll
2016-03-09 12:21 . 2016-02-19 14:07 1373184 ----a-w- c:\windows\system32\appraiser.dll
2016-03-09 12:21 . 2016-02-05 14:07 696832 ----a-w- c:\windows\system32\invagent.dll
2016-03-09 12:21 . 2016-02-05 14:07 76800 ----a-w- c:\windows\system32\acmigration.dll
2016-03-08 11:05 . 2016-03-08 11:05 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2016-03-06 17:25 . 2016-03-06 17:25 -------- d-----w- c:\program files\CCleaner
2016-03-06 16:31 . 2015-07-30 13:13 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-03-06 16:31 . 2015-07-30 13:13 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2016-03-06 15:49 . 2016-03-06 15:49 -------- d-s---w- c:\windows\SysWow64\GWX
2016-03-06 14:12 . 2015-10-01 18:06 692672 ----a-w- c:\windows\system32\winload.efi
2016-03-06 14:12 . 2015-10-01 18:00 59392 ----a-w- c:\windows\system32\appidapi.dll
2016-03-06 14:12 . 2015-10-01 18:00 32768 ----a-w- c:\windows\system32\appidsvc.dll
2016-03-06 14:12 . 2015-10-01 18:00 147456 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2016-03-06 14:12 . 2015-10-01 17:50 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2016-03-06 14:12 . 2015-06-03 20:16 619056 ----a-w- c:\windows\system32\winload.exe
2016-03-06 14:12 . 2015-06-03 20:16 532176 ----a-w- c:\windows\system32\winresume.exe
2016-03-06 14:12 . 2015-10-01 18:00 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2016-03-06 14:12 . 2015-10-01 18:00 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2016-03-06 14:12 . 2015-10-01 17:00 61440 ----a-w- c:\windows\system32\drivers\appid.sys
2016-03-06 14:12 . 2015-06-03 20:21 457400 ----a-w- c:\windows\system32\ci.dll
2016-03-06 14:07 . 2015-12-08 19:07 624640 ----a-w- c:\windows\system32\qedit.dll
2016-03-06 14:07 . 2015-12-08 21:53 509952 ----a-w- c:\windows\SysWow64\qedit.dll
2016-03-06 13:49 . 2015-08-27 18:18 1887232 ----a-w- c:\windows\system32\msxml3.dll
2016-03-06 13:49 . 2015-08-27 18:18 2004480 ----a-w- c:\windows\system32\msxml6.dll
2016-03-06 13:49 . 2015-08-27 18:13 2048 ----a-w- c:\windows\system32\msxml6r.dll
2016-03-06 13:49 . 2015-08-27 18:13 2048 ----a-w- c:\windows\system32\msxml3r.dll
2016-03-06 13:49 . 2015-08-27 17:58 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
2016-03-06 13:49 . 2015-08-27 17:58 1241088 ----a-w- c:\windows\SysWow64\msxml3.dll
2016-03-06 13:49 . 2015-08-27 17:51 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2016-03-06 13:49 . 2015-08-27 17:51 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2016-03-06 13:48 . 2016-01-22 06:19 14179840 ----a-w- c:\windows\system32\shell32.dll
2016-03-06 13:48 . 2016-01-22 05:19 3231232 ----a-w- c:\windows\explorer.exe
2016-03-06 13:48 . 2016-01-22 06:15 1866752 ----a-w- c:\windows\system32\ExplorerFrame.dll
2016-03-06 13:48 . 2016-01-22 06:12 1940992 ----a-w- c:\windows\system32\authui.dll
2016-03-06 13:48 . 2016-01-22 06:00 1498624 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2016-03-06 13:48 . 2016-01-22 05:59 1805824 ----a-w- c:\windows\SysWow64\authui.dll
2016-03-06 13:48 . 2016-01-22 05:12 2973184 ----a-w- c:\windows\SysWow64\explorer.exe
2016-03-06 13:21 . 2015-05-25 18:19 113664 ----a-w- c:\windows\system32\sechost.dll
2016-03-06 13:21 . 2015-05-25 18:18 47104 ----a-w- c:\windows\system32\typeperf.exe
2016-03-06 13:21 . 2015-05-25 18:18 404992 ----a-w- c:\windows\system32\tracerpt.exe
2016-03-06 13:21 . 2015-05-25 18:18 43008 ----a-w- c:\windows\system32\relog.exe
2016-03-06 13:21 . 2015-05-25 18:18 104448 ----a-w- c:\windows\system32\logman.exe
2016-03-06 13:21 . 2015-05-25 18:18 19456 ----a-w- c:\windows\system32\diskperf.exe
2016-03-06 13:21 . 2015-05-25 18:01 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2016-03-06 13:21 . 2015-05-25 18:00 40448 ----a-w- c:\windows\SysWow64\typeperf.exe
2016-03-06 13:21 . 2015-05-25 18:00 364544 ----a-w- c:\windows\SysWow64\tracerpt.exe
2016-03-06 13:21 . 2015-05-25 18:00 37888 ----a-w- c:\windows\SysWow64\relog.exe
2016-03-06 13:21 . 2015-05-25 18:00 82944 ----a-w- c:\windows\SysWow64\logman.exe
2016-03-06 13:21 . 2015-05-25 18:00 17408 ----a-w- c:\windows\SysWow64\diskperf.exe
2016-03-06 13:19 . 2015-07-23 00:02 1390592 ----a-w- c:\windows\system32\diagtrack.dll
2016-03-06 13:19 . 2015-07-22 16:48 41984 ----a-w- c:\windows\system32\UtcResources.dll
2016-03-06 13:19 . 2015-07-23 00:02 879104 ----a-w- c:\windows\system32\tdh.dll
2016-03-06 13:19 . 2015-07-22 17:53 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2016-03-06 13:17 . 2015-04-24 18:17 633856 ----a-w- c:\windows\system32\comctl32.dll
2016-03-06 13:16 . 2015-06-25 10:06 115136 ----a-w- c:\windows\system32\consent.exe
2016-03-06 13:15 . 2015-02-18 07:06 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2016-03-06 12:57 . 2015-12-08 21:52 312320 ----a-w- c:\windows\SysWow64\gdi32.dll
2016-03-06 12:57 . 2015-12-08 19:07 405504 ----a-w- c:\windows\system32\gdi32.dll
2016-03-06 12:52 . 2015-03-04 04:55 367552 ----a-w- c:\windows\system32\clfs.sys
2016-03-06 12:52 . 2015-03-04 04:41 79360 ----a-w- c:\windows\system32\clfsw32.dll
2016-03-06 12:52 . 2015-03-04 04:10 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2016-03-06 12:51 . 2015-11-03 19:04 241664 ----a-w- c:\windows\system32\els.dll
2016-03-06 12:51 . 2015-11-03 18:55 179712 ----a-w- c:\windows\SysWow64\els.dll
2016-03-06 12:51 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2016-03-06 12:51 . 2015-02-04 02:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2016-03-06 12:40 . 2009-09-04 16:44 517960 ----a-w- c:\windows\system32\XAudio2_5.dll
2016-03-06 12:39 . 2006-03-31 11:41 3927248 ----a-w- c:\windows\system32\d3dx9_30.dll
2016-03-06 12:34 . 2016-03-06 12:34 4161536 ----a-w- c:\windows\system32\drivers\athrx.sys
2016-03-06 12:34 . 2016-03-06 12:34 600776 ----a-w- c:\windows\system32\drivers\btfilter.sys
2016-03-06 12:34 . 2016-03-06 12:34 458960 ----a-w- c:\windows\system32\drivers\k57nd60a.sys
2016-03-06 12:33 . 2016-03-06 12:33 180480 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
2016-02-25 19:47 . 2016-03-06 08:56 -------- d-----w- C:\AdwCleaner
2016-02-16 12:18 . 2016-01-06 18:41 1415168 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\InkObj.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-03-09 12:34 . 2015-02-06 08:33 143659408 ----a-w- c:\windows\system32\MRT.exe
2016-02-11 18:48 . 2016-03-09 12:33 344064 ----a-w- c:\windows\system32\schannel.dll
2016-02-11 18:37 . 2016-03-09 12:33 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-02-11 18:30 . 2016-03-09 12:33 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-02-08 20:03 . 2016-03-09 12:33 230400 ----a-w- c:\windows\SysWow64\webcheck.dll
2016-02-08 17:37 . 2016-03-09 12:33 262144 ----a-w- c:\windows\system32\webcheck.dll
2016-02-04 22:13 . 2016-02-04 22:13 875720 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2016-02-04 22:13 . 2016-02-04 22:13 536776 ----a-w- c:\windows\SysWow64\msvcp120_clr0400.dll
2016-02-04 22:03 . 2016-02-04 22:03 869568 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2016-02-04 22:03 . 2016-02-04 22:03 678600 ----a-w- c:\windows\system32\msvcp120_clr0400.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-12-12 7394584]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE" [2015-07-12 563416]
"CCleaner"="c:\program files\CCleaner\CCleaner64.exe" [2014-12-12 7394584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdmp.sys [x]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiSDa.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 t_mouse.sys;HID-compliand device;c:\windows\system32\DRIVERS\t_mouse.sys;c:\windows\SYSNATIVE\DRIVERS\t_mouse.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-03-15 06:04 1106072 ----a-w- c:\program files (x86)\Google\Chrome\Application\49.0.2623.87\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2016-03-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-06 12:41]
.
2016-03-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-02-06 15:52]
.
2016-03-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-02-06 15:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2014-10-01 5595336]
"MouseDriver"="TiltWheelMouse.exe" [2012-12-19 241152]
"Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe" [2015-02-06 7138816]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 212.111.0.10 8.8.8.8
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
AddRemove-Driver Booster_is1 - c:\program files (x86)\IObit\Driver Booster\unins000.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_306_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_306_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_306_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_306_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_306.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.20"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_306.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_306.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_306.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2016-03-17 07:45:01
ComboFix-quarantined-files.txt 2016-03-17 06:45
.
Před spuštěním: Volných bajtů: 218 000 564 224
Po spuštění: Volných bajtů: 217 572 478 976
.
- - End Of File - - 6455F3241DBCBAE0D265F758DA3935F0
A36C5E4F47E84449FF07ED3517B43A31
Prosím o kontrolu logu Vyřešeno
Re: Prosím o kontrolu logu
Ještě k problému.
Neprojeví se hned, asi tak po sedmi minutách +- potom už se drží celou dobu.
Poprvé se projevil asi před půl rokem, možná čtyřmi měsíci, nejsem si jistý, a hlavně nebyl tak otravný jako teď, systém běží na NTB asi rok.
Ccleaner mám nainstalovaný, spouští se po každém zapnutí NTB.
Díky Pavel
Neprojeví se hned, asi tak po sedmi minutách +- potom už se drží celou dobu.
Poprvé se projevil asi před půl rokem, možná čtyřmi měsíci, nejsem si jistý, a hlavně nebyl tak otravný jako teď, systém běží na NTB asi rok.
Ccleaner mám nainstalovaný, spouští se po každém zapnutí NTB.
Díky Pavel
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43288
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
c:\users\Lady\Favorites\záložky_05.03.16.html
Combofix Ti smazal nějaké záložky , chceš je vrátit?
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Combofix Ti smazal nějaké záložky , chceš je vrátit?
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Kód: Vybrat vše
ClearJavaCache::
KillAll::
File::
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
Folder::
c:\program files (x86)\Google\Update
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_306_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_306_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_306_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_306_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_306.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.20"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_306.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_306.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_306.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu
ComboFix 16-03-18.01 - Lady 19.03.2016 8:12.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3988.2728 [GMT 1:00]
Spuštěný z: c:\users\Lady\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Lady\Desktop\CFScript.txt
AV: ESET Smart Security 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdateWebPlugin.exe
c:\program files (x86)\Google\Update\1.3.29.5\goopdate.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.29.5\psmachine.dll
c:\program files (x86)\Google\Update\1.3.29.5\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.29.5\psuser.dll
c:\program files (x86)\Google\Update\1.3.29.5\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.29.5\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\49.0.2623.87\49.0.2623.87_48.0.2564.116_chrome_updater.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-02-19 do 2016-03-19 )))))))))))))))))))))))))))))))
.
.
2016-03-16 06:38 . 2016-03-16 06:24 24064 ----a-w- c:\windows\zoek-delete.exe
2016-03-16 06:38 . 2016-03-19 07:32 -------- d-----w- c:\users\Lady\AppData\Local\Temp
2016-03-16 06:24 . 2016-03-16 06:36 -------- d-----w- C:\zoek_backup
2016-03-15 07:11 . 2016-03-16 05:57 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-03-15 07:10 . 2016-03-15 07:11 -------- d-----w- c:\programdata\RogueKiller
2016-03-14 16:45 . 2016-03-14 17:29 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-03-14 16:44 . 2015-10-05 08:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-03-14 16:44 . 2015-10-05 08:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-03-14 16:44 . 2015-10-05 08:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-03-14 16:44 . 2016-03-14 16:44 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-03-14 16:44 . 2016-03-14 16:44 -------- d-----w- c:\programdata\Malwarebytes
2016-03-14 16:20 . 2016-03-14 16:33 -------- d-----w- c:\program files (x86)\AdwCleaner
2016-03-14 12:36 . 2016-03-14 12:36 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2016-03-14 12:36 . 2016-03-14 12:36 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2016-03-14 08:47 . 2016-03-14 08:47 -------- d-----w- c:\program files (x86)\Microsoft Works
2016-03-14 08:41 . 2016-03-14 08:41 -------- d-----r- C:\MSOCache
2016-03-11 15:09 . 2016-03-11 15:09 -------- d-----w- c:\program files (x86)\ESET
2016-03-09 12:39 . 2016-03-02 14:59 11249080 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6DCAF3D9-1ECB-41AD-BB68-37F4953A6C17}\mpengine.dll
2016-03-09 12:32 . 2016-02-12 18:52 98816 ----a-w- c:\windows\system32\wudriver.dll
2016-03-09 12:22 . 2016-02-09 09:57 14634496 ----a-w- c:\windows\system32\wmp.dll
2016-03-09 12:21 . 2016-02-09 09:55 30720 ----a-w- c:\windows\system32\seclogon.dll
2016-03-09 12:21 . 2016-02-19 19:02 38336 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-03-09 12:21 . 2016-02-11 14:07 689152 ----a-w- c:\windows\system32\generaltel.dll
2016-03-09 12:21 . 2016-02-05 14:07 499200 ----a-w- c:\windows\system32\devinv.dll
2016-03-09 12:21 . 2016-02-19 18:54 1168896 ----a-w- c:\windows\system32\aeinv.dll
2016-03-09 12:21 . 2016-02-19 14:07 1373184 ----a-w- c:\windows\system32\appraiser.dll
2016-03-09 12:21 . 2016-02-05 14:07 696832 ----a-w- c:\windows\system32\invagent.dll
2016-03-09 12:21 . 2016-02-05 14:07 76800 ----a-w- c:\windows\system32\acmigration.dll
2016-03-08 11:05 . 2016-03-08 11:05 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2016-03-06 17:25 . 2016-03-06 17:25 -------- d-----w- c:\program files\CCleaner
2016-03-06 16:31 . 2015-07-30 13:13 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-03-06 16:31 . 2015-07-30 13:13 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2016-03-06 15:49 . 2016-03-06 15:49 -------- d-s---w- c:\windows\SysWow64\GWX
2016-03-06 14:12 . 2015-10-01 18:06 692672 ----a-w- c:\windows\system32\winload.efi
2016-03-06 14:12 . 2015-10-01 18:00 59392 ----a-w- c:\windows\system32\appidapi.dll
2016-03-06 14:12 . 2015-10-01 18:00 32768 ----a-w- c:\windows\system32\appidsvc.dll
2016-03-06 14:12 . 2015-10-01 18:00 147456 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2016-03-06 14:12 . 2015-10-01 17:50 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2016-03-06 14:12 . 2015-06-03 20:16 619056 ----a-w- c:\windows\system32\winload.exe
2016-03-06 14:12 . 2015-06-03 20:16 532176 ----a-w- c:\windows\system32\winresume.exe
2016-03-06 14:12 . 2015-10-01 18:00 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2016-03-06 14:12 . 2015-10-01 18:00 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2016-03-06 14:12 . 2015-10-01 17:00 61440 ----a-w- c:\windows\system32\drivers\appid.sys
2016-03-06 14:12 . 2015-06-03 20:21 457400 ----a-w- c:\windows\system32\ci.dll
2016-03-06 14:07 . 2015-12-08 19:07 624640 ----a-w- c:\windows\system32\qedit.dll
2016-03-06 14:07 . 2015-12-08 21:53 509952 ----a-w- c:\windows\SysWow64\qedit.dll
2016-03-06 13:49 . 2015-08-27 18:18 1887232 ----a-w- c:\windows\system32\msxml3.dll
2016-03-06 13:49 . 2015-08-27 18:18 2004480 ----a-w- c:\windows\system32\msxml6.dll
2016-03-06 13:49 . 2015-08-27 18:13 2048 ----a-w- c:\windows\system32\msxml6r.dll
2016-03-06 13:49 . 2015-08-27 18:13 2048 ----a-w- c:\windows\system32\msxml3r.dll
2016-03-06 13:49 . 2015-08-27 17:58 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
2016-03-06 13:49 . 2015-08-27 17:58 1241088 ----a-w- c:\windows\SysWow64\msxml3.dll
2016-03-06 13:49 . 2015-08-27 17:51 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2016-03-06 13:49 . 2015-08-27 17:51 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2016-03-06 13:48 . 2016-01-22 06:19 14179840 ----a-w- c:\windows\system32\shell32.dll
2016-03-06 13:48 . 2016-01-22 05:19 3231232 ----a-w- c:\windows\explorer.exe
2016-03-06 13:48 . 2016-01-22 06:15 1866752 ----a-w- c:\windows\system32\ExplorerFrame.dll
2016-03-06 13:48 . 2016-01-22 06:12 1940992 ----a-w- c:\windows\system32\authui.dll
2016-03-06 13:48 . 2016-01-22 06:00 1498624 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2016-03-06 13:48 . 2016-01-22 05:59 1805824 ----a-w- c:\windows\SysWow64\authui.dll
2016-03-06 13:48 . 2016-01-22 05:12 2973184 ----a-w- c:\windows\SysWow64\explorer.exe
2016-03-06 13:21 . 2015-05-25 18:19 113664 ----a-w- c:\windows\system32\sechost.dll
2016-03-06 13:21 . 2015-05-25 18:18 47104 ----a-w- c:\windows\system32\typeperf.exe
2016-03-06 13:21 . 2015-05-25 18:18 404992 ----a-w- c:\windows\system32\tracerpt.exe
2016-03-06 13:21 . 2015-05-25 18:18 43008 ----a-w- c:\windows\system32\relog.exe
2016-03-06 13:21 . 2015-05-25 18:18 104448 ----a-w- c:\windows\system32\logman.exe
2016-03-06 13:21 . 2015-05-25 18:18 19456 ----a-w- c:\windows\system32\diskperf.exe
2016-03-06 13:21 . 2015-05-25 18:01 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2016-03-06 13:21 . 2015-05-25 18:00 40448 ----a-w- c:\windows\SysWow64\typeperf.exe
2016-03-06 13:21 . 2015-05-25 18:00 364544 ----a-w- c:\windows\SysWow64\tracerpt.exe
2016-03-06 13:21 . 2015-05-25 18:00 37888 ----a-w- c:\windows\SysWow64\relog.exe
2016-03-06 13:21 . 2015-05-25 18:00 82944 ----a-w- c:\windows\SysWow64\logman.exe
2016-03-06 13:21 . 2015-05-25 18:00 17408 ----a-w- c:\windows\SysWow64\diskperf.exe
2016-03-06 13:19 . 2015-07-23 00:02 1390592 ----a-w- c:\windows\system32\diagtrack.dll
2016-03-06 13:19 . 2015-07-22 16:48 41984 ----a-w- c:\windows\system32\UtcResources.dll
2016-03-06 13:19 . 2015-07-23 00:02 879104 ----a-w- c:\windows\system32\tdh.dll
2016-03-06 13:19 . 2015-07-22 17:53 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2016-03-06 13:17 . 2015-04-24 18:17 633856 ----a-w- c:\windows\system32\comctl32.dll
2016-03-06 13:16 . 2015-06-25 10:06 115136 ----a-w- c:\windows\system32\consent.exe
2016-03-06 13:15 . 2015-02-18 07:06 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2016-03-06 12:57 . 2015-12-08 21:52 312320 ----a-w- c:\windows\SysWow64\gdi32.dll
2016-03-06 12:57 . 2015-12-08 19:07 405504 ----a-w- c:\windows\system32\gdi32.dll
2016-03-06 12:52 . 2015-03-04 04:55 367552 ----a-w- c:\windows\system32\clfs.sys
2016-03-06 12:52 . 2015-03-04 04:41 79360 ----a-w- c:\windows\system32\clfsw32.dll
2016-03-06 12:52 . 2015-03-04 04:10 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2016-03-06 12:51 . 2015-11-03 19:04 241664 ----a-w- c:\windows\system32\els.dll
2016-03-06 12:51 . 2015-11-03 18:55 179712 ----a-w- c:\windows\SysWow64\els.dll
2016-03-06 12:51 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2016-03-06 12:51 . 2015-02-04 02:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2016-03-06 12:40 . 2009-09-04 16:44 517960 ----a-w- c:\windows\system32\XAudio2_5.dll
2016-03-06 12:39 . 2006-03-31 11:41 3927248 ----a-w- c:\windows\system32\d3dx9_30.dll
2016-03-06 12:34 . 2016-03-06 12:34 4161536 ----a-w- c:\windows\system32\drivers\athrx.sys
2016-03-06 12:34 . 2016-03-06 12:34 600776 ----a-w- c:\windows\system32\drivers\btfilter.sys
2016-03-06 12:34 . 2016-03-06 12:34 458960 ----a-w- c:\windows\system32\drivers\k57nd60a.sys
2016-03-06 12:33 . 2016-03-06 12:33 180480 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
2016-02-25 19:47 . 2016-03-06 08:56 -------- d-----w- C:\AdwCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-03-09 12:34 . 2015-02-06 08:33 143659408 ----a-w- c:\windows\system32\MRT.exe
2016-02-11 18:48 . 2016-03-09 12:33 344064 ----a-w- c:\windows\system32\schannel.dll
2016-02-11 18:37 . 2016-03-09 12:33 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-02-11 18:30 . 2016-03-09 12:33 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-02-08 20:03 . 2016-03-09 12:33 230400 ----a-w- c:\windows\SysWow64\webcheck.dll
2016-02-08 17:37 . 2016-03-09 12:33 262144 ----a-w- c:\windows\system32\webcheck.dll
2016-02-04 22:13 . 2016-02-04 22:13 875720 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2016-02-04 22:13 . 2016-02-04 22:13 536776 ----a-w- c:\windows\SysWow64\msvcp120_clr0400.dll
2016-02-04 22:03 . 2016-02-04 22:03 869568 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2016-02-04 22:03 . 2016-02-04 22:03 678600 ----a-w- c:\windows\system32\msvcp120_clr0400.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-12-12 7394584]
"CCleaner"="c:\program files\CCleaner\CCleaner64.exe" [2014-12-12 7394584]
"Zoner Photo Studio Autoupdate"="c:\program files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE" [2015-07-12 563416]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdmp.sys [x]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiSDa.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 t_mouse.sys;HID-compliand device;c:\windows\system32\DRIVERS\t_mouse.sys;c:\windows\SYSNATIVE\DRIVERS\t_mouse.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-03-15 06:04 1106072 ----a-w- c:\program files (x86)\Google\Chrome\Application\49.0.2623.87\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2014-10-01 5595336]
"MouseDriver"="TiltWheelMouse.exe" [2012-12-19 241152]
"Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe" [2015-02-06 7138816]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 212.111.0.10 8.8.8.8
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Driver Booster_is1 - c:\program files (x86)\IObit\Driver Booster\unins000.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_306_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_306_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\SysWOW64\DllHost.exe
.
**************************************************************************
.
Celkový čas: 2016-03-19 08:44:40 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-03-19 07:44
ComboFix2.txt 2016-03-17 06:45
.
Před spuštěním: Volných bajtů: 223 773 016 064
Po spuštění: Volných bajtů: 223 493 668 864
.
- - End Of File - - 82ECB0CA9A6BD1765F1BDD009C26C4BB
A36C5E4F47E84449FF07ED3517B43A31
aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2016-03-19 08:58:11
-----------------------------
08:58:11.501 OS Version: Windows x64 6.1.7601 Service Pack 1
08:58:11.501 Number of processors: 4 586 0x3A09
08:58:11.501 ComputerName: LADY-PC UserName: Lady
08:58:13.841 Initialize success
08:58:13.919 VM: initialized successfully
08:58:13.935 VM: Intel CPU supported
08:58:27.269 VM: supported disk I/O ataport.SYS
08:58:33.292 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
08:58:33.292 Disk 0 Vendor: WDC_WD5000LPVX-22V0TT0 01.01A01 Size: 476940MB BusType: 11
08:58:33.448 VM: Disk 0 MBR read successfully
08:58:33.448 Disk 0 MBR scan
08:58:33.464 Disk 0 Windows 7 default MBR code
08:58:33.464 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
08:58:33.479 Disk 0 Boot: NTFS code=2
08:58:33.479 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
08:58:33.495 Disk 0 scanning C:\Windows\system32\drivers
08:58:40.452 Service scanning
08:58:48.533 Service ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys **LOCKED** 5
08:58:49.360 Service epfw C:\Windows\system32\DRIVERS\epfw.sys **LOCKED** 5
08:58:49.391 Service EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys **LOCKED** 5
08:58:49.438 Service epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys **LOCKED** 5
08:59:22.978 Modules scanning
08:59:22.978 Disk 0 trace - called modules:
08:59:22.994
08:59:22.994 Disk 0 statistics 106411/0/18 @ 8,05 MB/s
08:59:23.009 Scan finished successfully
09:01:08.621 Disk 0 MBR has been saved successfully to "C:\Users\Lady\Desktop\MBR.dat"
09:01:08.653 The log file has been saved successfully to "C:\Users\Lady\Desktop\aswMBR.txt"
Problém přetrvává....
Pokud je problém v systému :
Bylo by řešením přejít na Win 10 ?
Pokusit se přeinstalovat Win 7 ?
Obnovení z bitové kopie nepřineslo žádný efekt.
Díky za Váš čas Pavel
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3988.2728 [GMT 1:00]
Spuštěný z: c:\users\Lady\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Lady\Desktop\CFScript.txt
AV: ESET Smart Security 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdateWebPlugin.exe
c:\program files (x86)\Google\Update\1.3.29.5\goopdate.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.29.5\psmachine.dll
c:\program files (x86)\Google\Update\1.3.29.5\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.29.5\psuser.dll
c:\program files (x86)\Google\Update\1.3.29.5\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.29.5\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\49.0.2623.87\49.0.2623.87_48.0.2564.116_chrome_updater.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-02-19 do 2016-03-19 )))))))))))))))))))))))))))))))
.
.
2016-03-16 06:38 . 2016-03-16 06:24 24064 ----a-w- c:\windows\zoek-delete.exe
2016-03-16 06:38 . 2016-03-19 07:32 -------- d-----w- c:\users\Lady\AppData\Local\Temp
2016-03-16 06:24 . 2016-03-16 06:36 -------- d-----w- C:\zoek_backup
2016-03-15 07:11 . 2016-03-16 05:57 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-03-15 07:10 . 2016-03-15 07:11 -------- d-----w- c:\programdata\RogueKiller
2016-03-14 16:45 . 2016-03-14 17:29 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-03-14 16:44 . 2015-10-05 08:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-03-14 16:44 . 2015-10-05 08:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-03-14 16:44 . 2015-10-05 08:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-03-14 16:44 . 2016-03-14 16:44 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-03-14 16:44 . 2016-03-14 16:44 -------- d-----w- c:\programdata\Malwarebytes
2016-03-14 16:20 . 2016-03-14 16:33 -------- d-----w- c:\program files (x86)\AdwCleaner
2016-03-14 12:36 . 2016-03-14 12:36 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2016-03-14 12:36 . 2016-03-14 12:36 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2016-03-14 08:47 . 2016-03-14 08:47 -------- d-----w- c:\program files (x86)\Microsoft Works
2016-03-14 08:41 . 2016-03-14 08:41 -------- d-----r- C:\MSOCache
2016-03-11 15:09 . 2016-03-11 15:09 -------- d-----w- c:\program files (x86)\ESET
2016-03-09 12:39 . 2016-03-02 14:59 11249080 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6DCAF3D9-1ECB-41AD-BB68-37F4953A6C17}\mpengine.dll
2016-03-09 12:32 . 2016-02-12 18:52 98816 ----a-w- c:\windows\system32\wudriver.dll
2016-03-09 12:22 . 2016-02-09 09:57 14634496 ----a-w- c:\windows\system32\wmp.dll
2016-03-09 12:21 . 2016-02-09 09:55 30720 ----a-w- c:\windows\system32\seclogon.dll
2016-03-09 12:21 . 2016-02-19 19:02 38336 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-03-09 12:21 . 2016-02-11 14:07 689152 ----a-w- c:\windows\system32\generaltel.dll
2016-03-09 12:21 . 2016-02-05 14:07 499200 ----a-w- c:\windows\system32\devinv.dll
2016-03-09 12:21 . 2016-02-19 18:54 1168896 ----a-w- c:\windows\system32\aeinv.dll
2016-03-09 12:21 . 2016-02-19 14:07 1373184 ----a-w- c:\windows\system32\appraiser.dll
2016-03-09 12:21 . 2016-02-05 14:07 696832 ----a-w- c:\windows\system32\invagent.dll
2016-03-09 12:21 . 2016-02-05 14:07 76800 ----a-w- c:\windows\system32\acmigration.dll
2016-03-08 11:05 . 2016-03-08 11:05 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2016-03-06 17:25 . 2016-03-06 17:25 -------- d-----w- c:\program files\CCleaner
2016-03-06 16:31 . 2015-07-30 13:13 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-03-06 16:31 . 2015-07-30 13:13 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2016-03-06 15:49 . 2016-03-06 15:49 -------- d-s---w- c:\windows\SysWow64\GWX
2016-03-06 14:12 . 2015-10-01 18:06 692672 ----a-w- c:\windows\system32\winload.efi
2016-03-06 14:12 . 2015-10-01 18:00 59392 ----a-w- c:\windows\system32\appidapi.dll
2016-03-06 14:12 . 2015-10-01 18:00 32768 ----a-w- c:\windows\system32\appidsvc.dll
2016-03-06 14:12 . 2015-10-01 18:00 147456 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2016-03-06 14:12 . 2015-10-01 17:50 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2016-03-06 14:12 . 2015-06-03 20:16 619056 ----a-w- c:\windows\system32\winload.exe
2016-03-06 14:12 . 2015-06-03 20:16 532176 ----a-w- c:\windows\system32\winresume.exe
2016-03-06 14:12 . 2015-10-01 18:00 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2016-03-06 14:12 . 2015-10-01 18:00 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2016-03-06 14:12 . 2015-10-01 17:00 61440 ----a-w- c:\windows\system32\drivers\appid.sys
2016-03-06 14:12 . 2015-06-03 20:21 457400 ----a-w- c:\windows\system32\ci.dll
2016-03-06 14:07 . 2015-12-08 19:07 624640 ----a-w- c:\windows\system32\qedit.dll
2016-03-06 14:07 . 2015-12-08 21:53 509952 ----a-w- c:\windows\SysWow64\qedit.dll
2016-03-06 13:49 . 2015-08-27 18:18 1887232 ----a-w- c:\windows\system32\msxml3.dll
2016-03-06 13:49 . 2015-08-27 18:18 2004480 ----a-w- c:\windows\system32\msxml6.dll
2016-03-06 13:49 . 2015-08-27 18:13 2048 ----a-w- c:\windows\system32\msxml6r.dll
2016-03-06 13:49 . 2015-08-27 18:13 2048 ----a-w- c:\windows\system32\msxml3r.dll
2016-03-06 13:49 . 2015-08-27 17:58 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
2016-03-06 13:49 . 2015-08-27 17:58 1241088 ----a-w- c:\windows\SysWow64\msxml3.dll
2016-03-06 13:49 . 2015-08-27 17:51 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2016-03-06 13:49 . 2015-08-27 17:51 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2016-03-06 13:48 . 2016-01-22 06:19 14179840 ----a-w- c:\windows\system32\shell32.dll
2016-03-06 13:48 . 2016-01-22 05:19 3231232 ----a-w- c:\windows\explorer.exe
2016-03-06 13:48 . 2016-01-22 06:15 1866752 ----a-w- c:\windows\system32\ExplorerFrame.dll
2016-03-06 13:48 . 2016-01-22 06:12 1940992 ----a-w- c:\windows\system32\authui.dll
2016-03-06 13:48 . 2016-01-22 06:00 1498624 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2016-03-06 13:48 . 2016-01-22 05:59 1805824 ----a-w- c:\windows\SysWow64\authui.dll
2016-03-06 13:48 . 2016-01-22 05:12 2973184 ----a-w- c:\windows\SysWow64\explorer.exe
2016-03-06 13:21 . 2015-05-25 18:19 113664 ----a-w- c:\windows\system32\sechost.dll
2016-03-06 13:21 . 2015-05-25 18:18 47104 ----a-w- c:\windows\system32\typeperf.exe
2016-03-06 13:21 . 2015-05-25 18:18 404992 ----a-w- c:\windows\system32\tracerpt.exe
2016-03-06 13:21 . 2015-05-25 18:18 43008 ----a-w- c:\windows\system32\relog.exe
2016-03-06 13:21 . 2015-05-25 18:18 104448 ----a-w- c:\windows\system32\logman.exe
2016-03-06 13:21 . 2015-05-25 18:18 19456 ----a-w- c:\windows\system32\diskperf.exe
2016-03-06 13:21 . 2015-05-25 18:01 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2016-03-06 13:21 . 2015-05-25 18:00 40448 ----a-w- c:\windows\SysWow64\typeperf.exe
2016-03-06 13:21 . 2015-05-25 18:00 364544 ----a-w- c:\windows\SysWow64\tracerpt.exe
2016-03-06 13:21 . 2015-05-25 18:00 37888 ----a-w- c:\windows\SysWow64\relog.exe
2016-03-06 13:21 . 2015-05-25 18:00 82944 ----a-w- c:\windows\SysWow64\logman.exe
2016-03-06 13:21 . 2015-05-25 18:00 17408 ----a-w- c:\windows\SysWow64\diskperf.exe
2016-03-06 13:19 . 2015-07-23 00:02 1390592 ----a-w- c:\windows\system32\diagtrack.dll
2016-03-06 13:19 . 2015-07-22 16:48 41984 ----a-w- c:\windows\system32\UtcResources.dll
2016-03-06 13:19 . 2015-07-23 00:02 879104 ----a-w- c:\windows\system32\tdh.dll
2016-03-06 13:19 . 2015-07-22 17:53 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2016-03-06 13:17 . 2015-04-24 18:17 633856 ----a-w- c:\windows\system32\comctl32.dll
2016-03-06 13:16 . 2015-06-25 10:06 115136 ----a-w- c:\windows\system32\consent.exe
2016-03-06 13:15 . 2015-02-18 07:06 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2016-03-06 12:57 . 2015-12-08 21:52 312320 ----a-w- c:\windows\SysWow64\gdi32.dll
2016-03-06 12:57 . 2015-12-08 19:07 405504 ----a-w- c:\windows\system32\gdi32.dll
2016-03-06 12:52 . 2015-03-04 04:55 367552 ----a-w- c:\windows\system32\clfs.sys
2016-03-06 12:52 . 2015-03-04 04:41 79360 ----a-w- c:\windows\system32\clfsw32.dll
2016-03-06 12:52 . 2015-03-04 04:10 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2016-03-06 12:51 . 2015-11-03 19:04 241664 ----a-w- c:\windows\system32\els.dll
2016-03-06 12:51 . 2015-11-03 18:55 179712 ----a-w- c:\windows\SysWow64\els.dll
2016-03-06 12:51 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2016-03-06 12:51 . 2015-02-04 02:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2016-03-06 12:40 . 2009-09-04 16:44 517960 ----a-w- c:\windows\system32\XAudio2_5.dll
2016-03-06 12:39 . 2006-03-31 11:41 3927248 ----a-w- c:\windows\system32\d3dx9_30.dll
2016-03-06 12:34 . 2016-03-06 12:34 4161536 ----a-w- c:\windows\system32\drivers\athrx.sys
2016-03-06 12:34 . 2016-03-06 12:34 600776 ----a-w- c:\windows\system32\drivers\btfilter.sys
2016-03-06 12:34 . 2016-03-06 12:34 458960 ----a-w- c:\windows\system32\drivers\k57nd60a.sys
2016-03-06 12:33 . 2016-03-06 12:33 180480 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
2016-02-25 19:47 . 2016-03-06 08:56 -------- d-----w- C:\AdwCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-03-09 12:34 . 2015-02-06 08:33 143659408 ----a-w- c:\windows\system32\MRT.exe
2016-02-11 18:48 . 2016-03-09 12:33 344064 ----a-w- c:\windows\system32\schannel.dll
2016-02-11 18:37 . 2016-03-09 12:33 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-02-11 18:30 . 2016-03-09 12:33 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-02-08 20:03 . 2016-03-09 12:33 230400 ----a-w- c:\windows\SysWow64\webcheck.dll
2016-02-08 17:37 . 2016-03-09 12:33 262144 ----a-w- c:\windows\system32\webcheck.dll
2016-02-04 22:13 . 2016-02-04 22:13 875720 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2016-02-04 22:13 . 2016-02-04 22:13 536776 ----a-w- c:\windows\SysWow64\msvcp120_clr0400.dll
2016-02-04 22:03 . 2016-02-04 22:03 869568 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2016-02-04 22:03 . 2016-02-04 22:03 678600 ----a-w- c:\windows\system32\msvcp120_clr0400.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-12-12 7394584]
"CCleaner"="c:\program files\CCleaner\CCleaner64.exe" [2014-12-12 7394584]
"Zoner Photo Studio Autoupdate"="c:\program files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE" [2015-07-12 563416]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdmp.sys [x]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiSDa.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 t_mouse.sys;HID-compliand device;c:\windows\system32\DRIVERS\t_mouse.sys;c:\windows\SYSNATIVE\DRIVERS\t_mouse.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-03-15 06:04 1106072 ----a-w- c:\program files (x86)\Google\Chrome\Application\49.0.2623.87\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2014-10-01 5595336]
"MouseDriver"="TiltWheelMouse.exe" [2012-12-19 241152]
"Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe" [2015-02-06 7138816]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 212.111.0.10 8.8.8.8
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Driver Booster_is1 - c:\program files (x86)\IObit\Driver Booster\unins000.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_306_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_306_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\SysWOW64\DllHost.exe
.
**************************************************************************
.
Celkový čas: 2016-03-19 08:44:40 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-03-19 07:44
ComboFix2.txt 2016-03-17 06:45
.
Před spuštěním: Volných bajtů: 223 773 016 064
Po spuštění: Volných bajtů: 223 493 668 864
.
- - End Of File - - 82ECB0CA9A6BD1765F1BDD009C26C4BB
A36C5E4F47E84449FF07ED3517B43A31
aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2016-03-19 08:58:11
-----------------------------
08:58:11.501 OS Version: Windows x64 6.1.7601 Service Pack 1
08:58:11.501 Number of processors: 4 586 0x3A09
08:58:11.501 ComputerName: LADY-PC UserName: Lady
08:58:13.841 Initialize success
08:58:13.919 VM: initialized successfully
08:58:13.935 VM: Intel CPU supported
08:58:27.269 VM: supported disk I/O ataport.SYS
08:58:33.292 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
08:58:33.292 Disk 0 Vendor: WDC_WD5000LPVX-22V0TT0 01.01A01 Size: 476940MB BusType: 11
08:58:33.448 VM: Disk 0 MBR read successfully
08:58:33.448 Disk 0 MBR scan
08:58:33.464 Disk 0 Windows 7 default MBR code
08:58:33.464 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
08:58:33.479 Disk 0 Boot: NTFS code=2
08:58:33.479 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
08:58:33.495 Disk 0 scanning C:\Windows\system32\drivers
08:58:40.452 Service scanning
08:58:48.533 Service ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys **LOCKED** 5
08:58:49.360 Service epfw C:\Windows\system32\DRIVERS\epfw.sys **LOCKED** 5
08:58:49.391 Service EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys **LOCKED** 5
08:58:49.438 Service epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys **LOCKED** 5
08:59:22.978 Modules scanning
08:59:22.978 Disk 0 trace - called modules:
08:59:22.994
08:59:22.994 Disk 0 statistics 106411/0/18 @ 8,05 MB/s
08:59:23.009 Scan finished successfully
09:01:08.621 Disk 0 MBR has been saved successfully to "C:\Users\Lady\Desktop\MBR.dat"
09:01:08.653 The log file has been saved successfully to "C:\Users\Lady\Desktop\aswMBR.txt"
Problém přetrvává....
Pokud je problém v systému :
Bylo by řešením přejít na Win 10 ?
Pokusit se přeinstalovat Win 7 ?
Obnovení z bitové kopie nepřineslo žádný efekt.
Díky za Váš čas Pavel
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43288
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Vlož nový log z HJT + popiš problémy.
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Vlož nový log z HJT + popiš problémy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:46:53, on 19.3.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal
Running processes:
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Users\Lady\Desktop\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6107 bytes
V podstatě setrvalý stav.
Při sledování videa v plném rozlišení vyskakuje do obrazu hlavní panel, resp. vypadne okno prohlížeče (tzn. nefungují klávesové zkratky). Jedná se o pravidelné intervaly, když jsem to stopoval vycházelo to asi 12/4/2/4 sec. oproti době kdy jsme začali provádět očistu NTB jsou intervaly subjektivně delší. Po několika minutách naskočí místo okna přehrávače jiné okno otevřené toho času na pozadí.
Při klidovém režimu, i při vypnutém wifi, dochází k aktivitě, která je shodná s vyskakování panelu do okna přehrávače (první část nahrávky) před čištěním bylo ještě slyšet protáčení HDD vždy v intervalu výše uvedeném, což se teď neděje. Celkově působí NTB zpomaleně, především po zapnutí, po pár minutách šlape v normě.
Díky, Pavel
Scan saved at 12:46:53, on 19.3.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal
Running processes:
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Users\Lady\Desktop\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6107 bytes
V podstatě setrvalý stav.
Při sledování videa v plném rozlišení vyskakuje do obrazu hlavní panel, resp. vypadne okno prohlížeče (tzn. nefungují klávesové zkratky). Jedná se o pravidelné intervaly, když jsem to stopoval vycházelo to asi 12/4/2/4 sec. oproti době kdy jsme začali provádět očistu NTB jsou intervaly subjektivně delší. Po několika minutách naskočí místo okna přehrávače jiné okno otevřené toho času na pozadí.
Při klidovém režimu, i při vypnutém wifi, dochází k aktivitě, která je shodná s vyskakování panelu do okna přehrávače (první část nahrávky) před čištěním bylo ještě slyšet protáčení HDD vždy v intervalu výše uvedeném, což se teď neděje. Celkově působí NTB zpomaleně, především po zapnutí, po pár minutách šlape v normě.
Díky, Pavel
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43288
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Stáhni si Memtest:
Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..
Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..
Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu
----------------------------------------------------------------------------
CrystalDiskInfo 6.7.0 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Professional SP1 [6.1 Build 7601] (x64)
Date : 2016/03/24 7:47:05
-- Controller Map ----------------------------------------------------------
+ Intel(R) 7 Series/C216 Chipset Family SATA AHCI Controller - 1E03 [ATA]
+ ATA Channel 0 (0)
- WDC WD5000LPVX-22V0TT0 ATA Device
+ ATA Channel 2 (2)
- MATSHITA DVD-RAM UJ8E1 ATA Device
-- Disk List ---------------------------------------------------------------
(1) WDC WD5000LPVX-22V0TT0 : 500,1 GB [0/0/0, pd1] - wd
----------------------------------------------------------------------------
(1) WDC WD5000LPVX-22V0TT0
----------------------------------------------------------------------------
Model : WDC WD5000LPVX-22V0TT0
Firmware : 01.01A01
Serial Number : ***************
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 8192 KB
Queue Depth : 32 # of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ----
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 1516 hod.
Power On Count : 1243 krát
Temperature : 26 C (78 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 149 147 _21 0000000005E4 Čas na roztočení ploten
04 _95 _95 __0 000000001463 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _98 _98 __0 0000000005EC Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 0000000004DB Počet cyklů zapnutí zařízení
BF _82 _82 __0 000000000012 Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 000000000006 Počet vypnutí disku
C1 196 196 __0 000000002F35 Počet cyklů načítání/vymazání
C2 117 103 __0 00000000001A Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 4E38
020: 0000 4000 0000 3031 2E30 3141 3031 5744 4320 5744
030: 3530 3030 4C50 5658 2D32 3256 3054 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F FF0E 0006 004C 0040
080: 03FE 0000 746B 7D69 6123 7469 BC49 6123 407F 0031
090: 0031 0060 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 6003 0000 5001 4EE6
110: AF0F F769 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 A7A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 95 93 E4 05 00 00 00 00 00 04 32 00 5F 5F 63
020: 14 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 62 62 EC 05 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 63 63 DB 04 00 00 00 00 00 BF 32
070: 00 52 52 12 00 00 00 00 00 00 C0 32 00 C8 C8 06
080: 00 00 00 00 00 00 C1 32 00 C4 C4 35 2F 00 00 00
090: 00 00 C2 22 00 75 67 1A 00 00 00 00 00 00 C4 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C5 32 00 C8 C8 00
0B0: 00 00 00 00 00 00 C6 30 00 64 FD 00 00 00 00 00
0C0: 00 00 C7 32 00 C8 C8 00 00 00 00 00 00 00 C8 08
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 DC 23 01 7B
170: 03 00 01 00 02 69 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 29
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BF 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 DE
CrystalDiskInfo 6.7.0 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Professional SP1 [6.1 Build 7601] (x64)
Date : 2016/03/24 7:47:05
-- Controller Map ----------------------------------------------------------
+ Intel(R) 7 Series/C216 Chipset Family SATA AHCI Controller - 1E03 [ATA]
+ ATA Channel 0 (0)
- WDC WD5000LPVX-22V0TT0 ATA Device
+ ATA Channel 2 (2)
- MATSHITA DVD-RAM UJ8E1 ATA Device
-- Disk List ---------------------------------------------------------------
(1) WDC WD5000LPVX-22V0TT0 : 500,1 GB [0/0/0, pd1] - wd
----------------------------------------------------------------------------
(1) WDC WD5000LPVX-22V0TT0
----------------------------------------------------------------------------
Model : WDC WD5000LPVX-22V0TT0
Firmware : 01.01A01
Serial Number : ***************
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 8192 KB
Queue Depth : 32 # of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ----
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 1516 hod.
Power On Count : 1243 krát
Temperature : 26 C (78 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 149 147 _21 0000000005E4 Čas na roztočení ploten
04 _95 _95 __0 000000001463 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _98 _98 __0 0000000005EC Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 0000000004DB Počet cyklů zapnutí zařízení
BF _82 _82 __0 000000000012 Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 000000000006 Počet vypnutí disku
C1 196 196 __0 000000002F35 Počet cyklů načítání/vymazání
C2 117 103 __0 00000000001A Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 4E38
020: 0000 4000 0000 3031 2E30 3141 3031 5744 4320 5744
030: 3530 3030 4C50 5658 2D32 3256 3054 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F FF0E 0006 004C 0040
080: 03FE 0000 746B 7D69 6123 7469 BC49 6123 407F 0031
090: 0031 0060 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 6003 0000 5001 4EE6
110: AF0F F769 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 A7A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 95 93 E4 05 00 00 00 00 00 04 32 00 5F 5F 63
020: 14 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 62 62 EC 05 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 63 63 DB 04 00 00 00 00 00 BF 32
070: 00 52 52 12 00 00 00 00 00 00 C0 32 00 C8 C8 06
080: 00 00 00 00 00 00 C1 32 00 C4 C4 35 2F 00 00 00
090: 00 00 C2 22 00 75 67 1A 00 00 00 00 00 00 C4 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C5 32 00 C8 C8 00
0B0: 00 00 00 00 00 00 C6 30 00 64 FD 00 00 00 00 00
0C0: 00 00 C7 32 00 C8 C8 00 00 00 00 00 00 00 C8 08
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 DC 23 01 7B
170: 03 00 01 00 02 69 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 29
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BF 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 DE
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43288
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
0000000005E4 Čas na roztočení ploten
ještě jednou CDI.
Co Memtest?
ještě jednou CDI.
Co Memtest?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu
Memtes 0%
----------------------------------------------------------------------------
CrystalDiskInfo 6.7.0 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Professional SP1 [6.1 Build 7601] (x64)
Date : 2016/03/24 12:27:15
-- Controller Map ----------------------------------------------------------
+ Intel(R) 7 Series/C216 Chipset Family SATA AHCI Controller - 1E03 [ATA]
+ ATA Channel 0 (0)
- WDC WD5000LPVX-22V0TT0 ATA Device
+ ATA Channel 2 (2)
- MATSHITA DVD-RAM UJ8E1 ATA Device
-- Disk List ---------------------------------------------------------------
(1) WDC WD5000LPVX-22V0TT0 : 500,1 GB [0/0/0, pd1] - wd
----------------------------------------------------------------------------
(1) WDC WD5000LPVX-22V0TT0
----------------------------------------------------------------------------
Model : WDC WD5000LPVX-22V0TT0
Firmware : 01.01A01
Serial Number : ***************
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 8192 KB
Queue Depth : 32 # of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ----
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 1518 hod.
Power On Count : 1244 krát
Temperature : 23 C (73 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 150 147 _21 0000000005C3 Čas na roztočení ploten
04 _95 _95 __0 000000001464 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _98 _98 __0 0000000005EE Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 0000000004DC Počet cyklů zapnutí zařízení
BF _82 _82 __0 000000000012 Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 000000000006 Počet vypnutí disku
C1 196 196 __0 000000002F37 Počet cyklů načítání/vymazání
C2 120 103 __0 000000000017 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 4E38
020: 0000 4000 0000 3031 2E30 3141 3031 5744 4320 5744
030: 3530 3030 4C50 5658 2D32 3256 3054 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0107 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F FF0E 0006 004C 0040
080: 03FE 0000 746B 7D69 6123 7469 BC49 6123 007F 0031
090: 0031 0060 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 6003 0000 5001 4EE6
110: AF0F F769 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 E6A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 96 93 C3 05 00 00 00 00 00 04 32 00 5F 5F 64
020: 14 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 62 62 EE 05 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 63 63 DC 04 00 00 00 00 00 BF 32
070: 00 52 52 12 00 00 00 00 00 00 C0 32 00 C8 C8 06
080: 00 00 00 00 00 00 C1 32 00 C4 C4 37 2F 00 00 00
090: 00 00 C2 22 00 78 67 17 00 00 00 00 00 00 C4 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C5 32 00 C8 C8 00
0B0: 00 00 00 00 00 00 C6 30 00 64 FD 00 00 00 00 00
0C0: 00 00 C7 32 00 C8 C8 00 00 00 00 00 00 00 C8 08
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 DC 23 01 7B
170: 03 00 01 00 02 69 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 43
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BF 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 DE
----------------------------------------------------------------------------
CrystalDiskInfo 6.7.0 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Professional SP1 [6.1 Build 7601] (x64)
Date : 2016/03/24 12:27:15
-- Controller Map ----------------------------------------------------------
+ Intel(R) 7 Series/C216 Chipset Family SATA AHCI Controller - 1E03 [ATA]
+ ATA Channel 0 (0)
- WDC WD5000LPVX-22V0TT0 ATA Device
+ ATA Channel 2 (2)
- MATSHITA DVD-RAM UJ8E1 ATA Device
-- Disk List ---------------------------------------------------------------
(1) WDC WD5000LPVX-22V0TT0 : 500,1 GB [0/0/0, pd1] - wd
----------------------------------------------------------------------------
(1) WDC WD5000LPVX-22V0TT0
----------------------------------------------------------------------------
Model : WDC WD5000LPVX-22V0TT0
Firmware : 01.01A01
Serial Number : ***************
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 8192 KB
Queue Depth : 32 # of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ----
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 1518 hod.
Power On Count : 1244 krát
Temperature : 23 C (73 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 150 147 _21 0000000005C3 Čas na roztočení ploten
04 _95 _95 __0 000000001464 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _98 _98 __0 0000000005EE Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 0000000004DC Počet cyklů zapnutí zařízení
BF _82 _82 __0 000000000012 Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 000000000006 Počet vypnutí disku
C1 196 196 __0 000000002F37 Počet cyklů načítání/vymazání
C2 120 103 __0 000000000017 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 4E38
020: 0000 4000 0000 3031 2E30 3141 3031 5744 4320 5744
030: 3530 3030 4C50 5658 2D32 3256 3054 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0107 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F FF0E 0006 004C 0040
080: 03FE 0000 746B 7D69 6123 7469 BC49 6123 007F 0031
090: 0031 0060 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 6003 0000 5001 4EE6
110: AF0F F769 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 E6A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 96 93 C3 05 00 00 00 00 00 04 32 00 5F 5F 64
020: 14 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 62 62 EE 05 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 63 63 DC 04 00 00 00 00 00 BF 32
070: 00 52 52 12 00 00 00 00 00 00 C0 32 00 C8 C8 06
080: 00 00 00 00 00 00 C1 32 00 C4 C4 37 2F 00 00 00
090: 00 00 C2 22 00 78 67 17 00 00 00 00 00 00 C4 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C5 32 00 C8 C8 00
0B0: 00 00 00 00 00 00 C6 30 00 64 FD 00 00 00 00 00
0C0: 00 00 C7 32 00 C8 C8 00 00 00 00 00 00 00 C8 08
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 DC 23 01 7B
170: 03 00 01 00 02 69 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 43
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BF 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 DE
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43288
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Ten údaj se mění , možné problémy s motorkem , jeho řízením ap.
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu
OTL Extras logfile created on: 25.3.2016 7:46:00 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lady\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18230)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,89 Gb Total Physical Memory | 2,66 Gb Available Physical Memory | 68,38% Memory free
7,79 Gb Paging File | 6,46 Gb Available in Paging File | 82,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 211,02 Gb Free Space | 45,32% Space Free | Partition Type: NTFS
Computer Name: LADY-PC | User Name: Lady | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4D3446EE-C86F-4FC1-85A8-E2FF4696DA8B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{DD681B85-8DE7-41F3-A666-D2E03B6473AE}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1C02D5F5-501D-4808-AFAA-8636BC86376F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{4583E627-11DE-4EF5-B657-0E9454A6BA70}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{72B40C66-B006-4E80-9005-3CD076EDCA0E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{8CF8ABBC-C909-43E5-AF09-D4F4AE9C9E38}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{A7242370-B0B5-4E19-BE98-FE9EB8C8B61A}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{C220497F-0794-4BA2-AF82-2A40DA836C4D}" = dir=in | app=c:\program files\zoner\photo studio 17\program32\mediaserver.exe |
"{FADAC775-EC35-48ED-817F-DAE3FEF93D90}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{443D1D0A-17E5-4F61-8074-8801BDB430CC}" = ESET Smart Security
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.2 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{C48AF3CF-C632-3C19-838E-7DAB7283D46A}" = Microsoft .NET Framework 4.5.2 (CSY)
"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom NetLink Controller
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"Broadcom Wireless Utility" = Broadcom Wireless Utility
"CCleaner" = CCleaner
"ZonerPhotoStudio17_CZ_is1" = Zoner Photo Studio 17
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1" = Foxit Cloud
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"Adobe Flash Player ActiveX" = Adobe Flash Player 20 ActiveX
"CrystalDiskInfo_is1" = CrystalDiskInfo 6.7.0
"Driver Booster_is1" = Driver Booster 3.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"Foxit Reader_is1" = Foxit Reader
"Google Chrome" = Google Chrome
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.2.0.1024
"VLC media player" = VLC media player
"Winamp" = Winamp
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 25.3.2016 2:55:32 | Computer Name = Lady-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WLTRAY.EXE, verze: 5.100.82.120, časové
razítko: 0x4ee1ab19 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.19160, časové
razítko: 0x56bcd74c Kód výjimky: 0xc015000f Posun chyby: 0x000000000006a08a ID chybujícího
procesu: 0x7e8 Čas spuštění chybující aplikace: 0x01d1866339e3c4a1 Cesta k chybující
aplikaci: C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE Cesta
k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy: 90cf0789-f256-11e5-8d4b-b8763f30234a
Error - 25.3.2016 2:55:39 | Computer Name = Lady-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WLTRAY.EXE, verze: 5.100.82.120, časové
razítko: 0x4ee1ab19 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.19160,
časové razítko: 0x56bcd73c Kód výjimky: 0xe0434f4d Posun chyby: 0x000000000000965d
ID
chybujícího procesu: 0xe50 Čas spuštění chybující aplikace: 0x01d1866348ac9094 Cesta
k chybující aplikaci: C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
Cesta
k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll ID zprávy: 951d24a8-f256-11e5-8d4b-b8763f30234a
Error - 25.3.2016 2:55:57 | Computer Name = Lady-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WLTRAY.EXE, verze: 5.100.82.120, časové
razítko: 0x4ee1ab19 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.19160, časové
razítko: 0x56bcd74c Kód výjimky: 0xc015000f Posun chyby: 0x000000000006a08a ID chybujícího
procesu: 0xe50 Čas spuštění chybující aplikace: 0x01d1866348ac9094 Cesta k chybující
aplikaci: C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE Cesta
k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy: 9fb6c560-f256-11e5-8d4b-b8763f30234a
Error - 25.3.2016 2:56:05 | Computer Name = Lady-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WLTRAY.EXE, verze: 5.100.82.120, časové
razítko: 0x4ee1ab19 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.19160,
časové razítko: 0x56bcd73c Kód výjimky: 0xe0434f4d Posun chyby: 0x000000000000965d
ID
chybujícího procesu: 0xdbc Čas spuštění chybující aplikace: 0x01d18663576e3867 Cesta
k chybující aplikaci: C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
Cesta
k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll ID zprávy: a470006b-f256-11e5-8d4b-b8763f30234a
Error - 25.3.2016 2:56:23 | Computer Name = Lady-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WLTRAY.EXE, verze: 5.100.82.120, časové
razítko: 0x4ee1ab19 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.19160, časové
razítko: 0x56bcd74c Kód výjimky: 0xc015000f Posun chyby: 0x000000000006a08a ID chybujícího
procesu: 0xdbc Čas spuštění chybující aplikace: 0x01d18663576e3867 Cesta k chybující
aplikaci: C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE Cesta
k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy: af1f0d86-f256-11e5-8d4b-b8763f30234a
Error - 25.3.2016 2:56:30 | Computer Name = Lady-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WLTRAY.EXE, verze: 5.100.82.120, časové
razítko: 0x4ee1ab19 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.19160,
časové razítko: 0x56bcd73c Kód výjimky: 0xe0434f4d Posun chyby: 0x000000000000965d
ID
chybujícího procesu: 0x5e0 Čas spuštění chybující aplikace: 0x01d1866366c3758b Cesta
k chybující aplikaci: C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
Cesta
k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll ID zprávy: b35c8103-f256-11e5-8d4b-b8763f30234a
Error - 25.3.2016 2:56:48 | Computer Name = Lady-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WLTRAY.EXE, verze: 5.100.82.120, časové
razítko: 0x4ee1ab19 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.19160, časové
razítko: 0x56bcd74c Kód výjimky: 0xc015000f Posun chyby: 0x000000000006a08a ID chybujícího
procesu: 0x5e0 Čas spuštění chybující aplikace: 0x01d1866366c3758b Cesta k chybující
aplikaci: C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE Cesta
k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy: be1c37c0-f256-11e5-8d4b-b8763f30234a
Error - 25.3.2016 2:56:56 | Computer Name = Lady-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WLTRAY.EXE, verze: 5.100.82.120, časové
razítko: 0x4ee1ab19 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.19160,
časové razítko: 0x56bcd73c Kód výjimky: 0xe0434f4d Posun chyby: 0x000000000000965d
ID
chybujícího procesu: 0xd18 Čas spuštění chybující aplikace: 0x01d1866375aff623 Cesta
k chybující aplikaci: C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
Cesta
k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll ID zprávy: c2b8e248-f256-11e5-8d4b-b8763f30234a
Error - 25.3.2016 2:57:14 | Computer Name = Lady-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WLTRAY.EXE, verze: 5.100.82.120, časové
razítko: 0x4ee1ab19 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.19160, časové
razítko: 0x56bcd74c Kód výjimky: 0xc015000f Posun chyby: 0x000000000006a08a ID chybujícího
procesu: 0xd18 Čas spuštění chybující aplikace: 0x01d1866375aff623 Cesta k chybující
aplikaci: C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE Cesta
k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy: cd9eaf09-f256-11e5-8d4b-b8763f30234a
Error - 25.3.2016 2:57:21 | Computer Name = Lady-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WLTRAY.EXE, verze: 5.100.82.120, časové
razítko: 0x4ee1ab19 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.19160,
časové razítko: 0x56bcd73c Kód výjimky: 0xe0434f4d Posun chyby: 0x000000000000965d
ID
chybujícího procesu: 0xa44 Čas spuštění chybující aplikace: 0x01d18663850c5767 Cesta
k chybující aplikaci: C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
Cesta
k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll ID zprávy: d1cdda44-f256-11e5-8d4b-b8763f30234a
[ System Events ]
Error - 29.1.2016 12:24:25 | Computer Name = Lady-PC | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 30.1.2016 13:20:29 | Computer Name = Lady-PC | Source = Service Control Manager | ID = 7000
Description = Služba Foxit Cloud Safe Update Service neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 31.1.2016 13:44:32 | Computer Name = Lady-PC | Source = NetBT | ID = 4321
Description = Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou
192.168.0.100. Počítač s IP adresou 192.168.0.103 nepovolil získání názvu tímto počítačem.
Error - 1.2.2016 6:01:01 | Computer Name = Lady-PC | Source = Service Control Manager | ID = 7000
Description = Služba Foxit Cloud Safe Update Service neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 1.2.2016 6:08:52 | Computer Name = Lady-PC | Source = Service Control Manager | ID = 7000
Description = Služba Foxit Cloud Safe Update Service neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 1.2.2016 7:04:07 | Computer Name = Lady-PC | Source = bowser | ID = 8003
Description =
Error - 1.2.2016 7:28:09 | Computer Name = Lady-PC | Source = bowser | ID = 8003
Description =
Error - 1.2.2016 7:57:15 | Computer Name = Lady-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.
Error - 2.2.2016 15:05:52 | Computer Name = Lady-PC | Source = Service Control Manager | ID = 7000
Description = Služba Foxit Cloud Safe Update Service neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 3.2.2016 3:35:11 | Computer Name = Lady-PC | Source = Service Control Manager | ID = 7000
Description = Služba Foxit Cloud Safe Update Service neuspěla při spuštění v důsledku
následující chyby: %%2
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lady\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18230)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,89 Gb Total Physical Memory | 2,66 Gb Available Physical Memory | 68,38% Memory free
7,79 Gb Paging File | 6,46 Gb Available in Paging File | 82,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 211,02 Gb Free Space | 45,32% Space Free | Partition Type: NTFS
Computer Name: LADY-PC | User Name: Lady | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4D3446EE-C86F-4FC1-85A8-E2FF4696DA8B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{DD681B85-8DE7-41F3-A666-D2E03B6473AE}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1C02D5F5-501D-4808-AFAA-8636BC86376F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{4583E627-11DE-4EF5-B657-0E9454A6BA70}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{72B40C66-B006-4E80-9005-3CD076EDCA0E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{8CF8ABBC-C909-43E5-AF09-D4F4AE9C9E38}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{A7242370-B0B5-4E19-BE98-FE9EB8C8B61A}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{C220497F-0794-4BA2-AF82-2A40DA836C4D}" = dir=in | app=c:\program files\zoner\photo studio 17\program32\mediaserver.exe |
"{FADAC775-EC35-48ED-817F-DAE3FEF93D90}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{443D1D0A-17E5-4F61-8074-8801BDB430CC}" = ESET Smart Security
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.2 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{C48AF3CF-C632-3C19-838E-7DAB7283D46A}" = Microsoft .NET Framework 4.5.2 (CSY)
"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom NetLink Controller
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"Broadcom Wireless Utility" = Broadcom Wireless Utility
"CCleaner" = CCleaner
"ZonerPhotoStudio17_CZ_is1" = Zoner Photo Studio 17
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1" = Foxit Cloud
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"Adobe Flash Player ActiveX" = Adobe Flash Player 20 ActiveX
"CrystalDiskInfo_is1" = CrystalDiskInfo 6.7.0
"Driver Booster_is1" = Driver Booster 3.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"Foxit Reader_is1" = Foxit Reader
"Google Chrome" = Google Chrome
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.2.0.1024
"VLC media player" = VLC media player
"Winamp" = Winamp
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 25.3.2016 2:55:32 | Computer Name = Lady-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WLTRAY.EXE, verze: 5.100.82.120, časové
razítko: 0x4ee1ab19 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.19160, časové
razítko: 0x56bcd74c Kód výjimky: 0xc015000f Posun chyby: 0x000000000006a08a ID chybujícího
procesu: 0x7e8 Čas spuštění chybující aplikace: 0x01d1866339e3c4a1 Cesta k chybující
aplikaci: C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE Cesta
k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy: 90cf0789-f256-11e5-8d4b-b8763f30234a
Error - 25.3.2016 2:55:39 | Computer Name = Lady-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WLTRAY.EXE, verze: 5.100.82.120, časové
razítko: 0x4ee1ab19 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.19160,
časové razítko: 0x56bcd73c Kód výjimky: 0xe0434f4d Posun chyby: 0x000000000000965d
ID
chybujícího procesu: 0xe50 Čas spuštění chybující aplikace: 0x01d1866348ac9094 Cesta
k chybující aplikaci: C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
Cesta
k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll ID zprávy: 951d24a8-f256-11e5-8d4b-b8763f30234a
Error - 25.3.2016 2:55:57 | Computer Name = Lady-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WLTRAY.EXE, verze: 5.100.82.120, časové
razítko: 0x4ee1ab19 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.19160, časové
razítko: 0x56bcd74c Kód výjimky: 0xc015000f Posun chyby: 0x000000000006a08a ID chybujícího
procesu: 0xe50 Čas spuštění chybující aplikace: 0x01d1866348ac9094 Cesta k chybující
aplikaci: C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE Cesta
k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy: 9fb6c560-f256-11e5-8d4b-b8763f30234a
Error - 25.3.2016 2:56:05 | Computer Name = Lady-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WLTRAY.EXE, verze: 5.100.82.120, časové
razítko: 0x4ee1ab19 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.19160,
časové razítko: 0x56bcd73c Kód výjimky: 0xe0434f4d Posun chyby: 0x000000000000965d
ID
chybujícího procesu: 0xdbc Čas spuštění chybující aplikace: 0x01d18663576e3867 Cesta
k chybující aplikaci: C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
Cesta
k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll ID zprávy: a470006b-f256-11e5-8d4b-b8763f30234a
Error - 25.3.2016 2:56:23 | Computer Name = Lady-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WLTRAY.EXE, verze: 5.100.82.120, časové
razítko: 0x4ee1ab19 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.19160, časové
razítko: 0x56bcd74c Kód výjimky: 0xc015000f Posun chyby: 0x000000000006a08a ID chybujícího
procesu: 0xdbc Čas spuštění chybující aplikace: 0x01d18663576e3867 Cesta k chybující
aplikaci: C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE Cesta
k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy: af1f0d86-f256-11e5-8d4b-b8763f30234a
Error - 25.3.2016 2:56:30 | Computer Name = Lady-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WLTRAY.EXE, verze: 5.100.82.120, časové
razítko: 0x4ee1ab19 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.19160,
časové razítko: 0x56bcd73c Kód výjimky: 0xe0434f4d Posun chyby: 0x000000000000965d
ID
chybujícího procesu: 0x5e0 Čas spuštění chybující aplikace: 0x01d1866366c3758b Cesta
k chybující aplikaci: C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
Cesta
k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll ID zprávy: b35c8103-f256-11e5-8d4b-b8763f30234a
Error - 25.3.2016 2:56:48 | Computer Name = Lady-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WLTRAY.EXE, verze: 5.100.82.120, časové
razítko: 0x4ee1ab19 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.19160, časové
razítko: 0x56bcd74c Kód výjimky: 0xc015000f Posun chyby: 0x000000000006a08a ID chybujícího
procesu: 0x5e0 Čas spuštění chybující aplikace: 0x01d1866366c3758b Cesta k chybující
aplikaci: C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE Cesta
k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy: be1c37c0-f256-11e5-8d4b-b8763f30234a
Error - 25.3.2016 2:56:56 | Computer Name = Lady-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WLTRAY.EXE, verze: 5.100.82.120, časové
razítko: 0x4ee1ab19 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.19160,
časové razítko: 0x56bcd73c Kód výjimky: 0xe0434f4d Posun chyby: 0x000000000000965d
ID
chybujícího procesu: 0xd18 Čas spuštění chybující aplikace: 0x01d1866375aff623 Cesta
k chybující aplikaci: C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
Cesta
k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll ID zprávy: c2b8e248-f256-11e5-8d4b-b8763f30234a
Error - 25.3.2016 2:57:14 | Computer Name = Lady-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WLTRAY.EXE, verze: 5.100.82.120, časové
razítko: 0x4ee1ab19 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.19160, časové
razítko: 0x56bcd74c Kód výjimky: 0xc015000f Posun chyby: 0x000000000006a08a ID chybujícího
procesu: 0xd18 Čas spuštění chybující aplikace: 0x01d1866375aff623 Cesta k chybující
aplikaci: C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE Cesta
k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll ID zprávy: cd9eaf09-f256-11e5-8d4b-b8763f30234a
Error - 25.3.2016 2:57:21 | Computer Name = Lady-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WLTRAY.EXE, verze: 5.100.82.120, časové
razítko: 0x4ee1ab19 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.19160,
časové razítko: 0x56bcd73c Kód výjimky: 0xe0434f4d Posun chyby: 0x000000000000965d
ID
chybujícího procesu: 0xa44 Čas spuštění chybující aplikace: 0x01d18663850c5767 Cesta
k chybující aplikaci: C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
Cesta
k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll ID zprávy: d1cdda44-f256-11e5-8d4b-b8763f30234a
[ System Events ]
Error - 29.1.2016 12:24:25 | Computer Name = Lady-PC | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 30.1.2016 13:20:29 | Computer Name = Lady-PC | Source = Service Control Manager | ID = 7000
Description = Služba Foxit Cloud Safe Update Service neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 31.1.2016 13:44:32 | Computer Name = Lady-PC | Source = NetBT | ID = 4321
Description = Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou
192.168.0.100. Počítač s IP adresou 192.168.0.103 nepovolil získání názvu tímto počítačem.
Error - 1.2.2016 6:01:01 | Computer Name = Lady-PC | Source = Service Control Manager | ID = 7000
Description = Služba Foxit Cloud Safe Update Service neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 1.2.2016 6:08:52 | Computer Name = Lady-PC | Source = Service Control Manager | ID = 7000
Description = Služba Foxit Cloud Safe Update Service neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 1.2.2016 7:04:07 | Computer Name = Lady-PC | Source = bowser | ID = 8003
Description =
Error - 1.2.2016 7:28:09 | Computer Name = Lady-PC | Source = bowser | ID = 8003
Description =
Error - 1.2.2016 7:57:15 | Computer Name = Lady-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.
Error - 2.2.2016 15:05:52 | Computer Name = Lady-PC | Source = Service Control Manager | ID = 7000
Description = Služba Foxit Cloud Safe Update Service neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 3.2.2016 3:35:11 | Computer Name = Lady-PC | Source = Service Control Manager | ID = 7000
Description = Služba Foxit Cloud Safe Update Service neuspěla při spuštění v důsledku
následující chyby: %%2
< End of report >
Kdo je online
Uživatelé prohlížející si toto fórum: Karrex a 13 hostů