Ahoj potřeboval bych zkontrolovat tento log z mého pc
HiJackThis
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:20:24, on 20.9.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Admin\Downloads\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT3045277
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
R3 - URLSearchHook: (no name) - {b54561db-0bbb-41b4-a814-df8301fe0a8e} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: EgisPBIE - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\EgisTec BioExcess\EgisPBIE.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110813212806.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [VitaKeyTSR] C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe /run
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [PLTSR] "C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe"
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Service - Egis Technology Inc. - C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe
O23 - Service: EgisTec Service Help - Egis Technology Inc. - C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13082 bytes
Log z hijakcthis a mbob
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Log z hijakcthis a mbob
Odinstaluj McAfee
Fixni:
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Fixni:
Kód: Vybrat vše
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT3045277
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
R3 - URLSearchHook: (no name) - {b54561db-0bbb-41b4-a814-df8301fe0a8e} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110813212806.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkeyStáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Re: Log z hijakcthis a mbob
Nastal takový problém. Píšu z druhého počítače, na tom novém lenovu, kdyžž chci cokoli zapnout tak počítač zamrzne musím restartovat, takže se to nedá prohledat ani antivirem. Jak to mám udělat?
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Log z hijakcthis a mbob
Funguje nouzový režim?
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Re: Log z hijakcthis a mbob
Jo ten jede.
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Log z hijakcthis a mbob
Tak to dělej tam
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Re: Log z hijakcthis a mbob
No jo, ale nejde se mi tam připojit na internet, háže to chybu jak tam mám ten program dostat, jenom včera jsem stihnul stáhnout ten druhý program
Re: Log z hijakcthis a mbob
napsalo to že žádný malware nebyl nalezen, a pak tam bylo infikované soubory atd. a všude byla nula
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Log z hijakcthis a mbob
Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Re: Log z hijakcthis a mbob
ComboFix 11-09-21.01 - Admin 21.09.2011 15:38:27.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4010.2273 [GMT 2:00]
Spuštěný z: E:\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: McAfee Anti-Virus a Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: McAfee Anti-Virus a Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\s.bat
c:\windows\version.txt
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-21 do 2011-09-21 )))))))))))))))))))))))))))))))
.
.
2011-09-21 13:45 . 2011-09-21 13:45 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-09-21 13:45 . 2011-09-21 13:45 -------- d-----w- c:\users\Monika\AppData\Local\temp
2011-09-21 09:13 . 2011-09-21 09:13 -------- d-----w- c:\users\Admin\AppData\Local\ElevatedDiagnostics
2011-09-21 06:09 . 2011-09-21 06:09 -------- d-----w- C:\found.001
2011-09-20 17:25 . 2011-09-20 17:25 -------- d-----w- c:\users\Admin\AppData\Roaming\Malwarebytes
2011-09-20 17:25 . 2011-09-20 17:25 -------- d-----w- c:\programdata\Malwarebytes
2011-09-19 09:50 . 2011-09-19 11:55 -------- d-----w- c:\users\Admin\AppData\Local\Diagnostics
2011-09-18 18:24 . 2011-09-06 20:38 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-18 18:24 . 2011-09-06 20:38 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-18 18:24 . 2011-09-06 20:36 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-18 18:24 . 2011-09-06 20:36 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-18 18:24 . 2011-09-06 20:36 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-09-18 18:24 . 2011-09-06 20:45 254400 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-18 18:24 . 2011-09-06 20:36 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-09-18 18:24 . 2011-09-06 20:45 41184 ----a-w- c:\windows\avastSS.scr
2011-09-18 18:24 . 2011-09-06 20:45 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-09-18 18:24 . 2011-09-21 23:25 -------- d-----w- c:\programdata\AVAST Software
2011-09-18 18:24 . 2011-09-21 23:25 -------- d-----w- c:\program files\AVAST Software
2011-09-14 10:17 . 2011-09-18 18:49 -------- d-----w- c:\programdata\VirtualizedApplications
2011-09-14 06:25 . 2011-09-14 06:25 -------- d-----w- c:\users\Admin\AppData\Local\SoftGrid Client
2011-09-14 06:24 . 2011-09-16 11:41 -------- d-----w- c:\users\Admin\AppData\Roaming\SoftGrid Client
2011-09-14 06:23 . 2011-09-16 06:21 -------- d-----w- c:\program files (x86)\Microsoft Application Virtualization Client
2011-09-14 06:22 . 2011-09-14 06:25 -------- d-----w- c:\users\Admin\AppData\Roaming\TP
2011-09-13 15:26 . 2011-09-13 15:26 -------- d-----w- C:\found.000
2011-09-13 08:18 . 2011-09-13 08:18 -------- d-----w- c:\program files (x86)\Common Files\DivX Shared
2011-09-13 08:18 . 2011-09-13 08:18 -------- d-----w- c:\program files (x86)\DivX
2011-09-13 05:07 . 2011-09-21 23:25 -------- d-----w- c:\users\Admin\AppData\Roaming\Skype
2011-09-13 05:05 . 2011-09-13 05:05 -------- d-----r- c:\program files (x86)\Skype
2011-09-13 05:05 . 2011-09-13 05:05 -------- d-----w- c:\programdata\Skype
2011-09-11 07:32 . 2011-09-11 07:32 -------- d-----w- c:\users\Admin\AppData\Roaming\The Creative Assembly
2011-09-11 07:31 . 2008-10-27 08:04 518480 ----a-w- c:\windows\system32\XAudio2_3.dll
2011-09-11 07:31 . 2008-10-27 08:04 514384 ----a-w- c:\windows\SysWow64\XAudio2_3.dll
2011-09-11 07:31 . 2008-10-27 08:04 74576 ----a-w- c:\windows\system32\XAPOFX1_2.dll
2011-09-11 07:31 . 2008-10-27 08:04 70992 ----a-w- c:\windows\SysWow64\XAPOFX1_2.dll
2011-09-11 07:31 . 2008-10-27 08:04 235856 ----a-w- c:\windows\SysWow64\xactengine3_3.dll
2011-09-11 07:31 . 2008-10-27 08:04 175440 ----a-w- c:\windows\system32\xactengine3_3.dll
2011-09-11 07:31 . 2008-10-27 08:04 25936 ----a-w- c:\windows\system32\X3DAudio1_5.dll
2011-09-11 07:31 . 2008-10-27 08:04 23376 ----a-w- c:\windows\SysWow64\X3DAudio1_5.dll
2011-09-10 07:00 . 2011-09-10 07:05 -------- d-----w- c:\program files (x86)\CPU Speed Pro
2011-08-30 10:31 . 2011-08-30 10:31 -------- d-----w- c:\users\Monika\AppData\Local\EgisTec
2011-08-28 07:12 . 2011-09-11 09:43 -------- d-----w- c:\program files (x86)\Common Files\Steam
2011-08-28 07:12 . 2011-09-21 13:27 -------- d-----w- c:\program files (x86)\Steam
2011-08-24 09:39 . 2011-07-09 05:26 2048 ----a-w- c:\windows\system32\tzres.dll
2011-08-24 09:39 . 2011-07-09 04:29 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-13 13:01 . 2010-06-24 11:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-08-03 11:50 . 2011-08-14 09:21 67176 ----a-w- c:\windows\system32\OpenCL.dll
2011-08-03 11:50 . 2011-08-14 09:21 57960 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-08-03 11:50 . 2011-08-14 09:20 8355944 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-08-03 11:50 . 2011-08-14 09:20 706664 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2011-08-03 11:50 . 2011-08-14 09:20 6613096 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2011-08-03 11:50 . 2011-08-14 09:20 369256 ----a-w- c:\windows\system32\nvoptimusmft.dll
2011-08-03 11:50 . 2011-08-14 09:20 328808 ----a-w- c:\windows\SysWow64\nvoptimusmft.dll
2011-08-03 11:50 . 2011-08-14 09:20 27240 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2011-08-03 11:50 . 2011-08-14 09:20 22470248 ----a-w- c:\windows\system32\nvoglv64.dll
2011-08-03 11:50 . 2011-08-14 09:20 362600 ----a-w- c:\windows\system32\nvdecodemft.dll
2011-08-03 11:50 . 2011-08-14 09:20 300136 ----a-w- c:\windows\SysWow64\nvdecodemft.dll
2011-08-03 11:50 . 2011-08-14 09:20 16595560 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2011-08-03 11:50 . 2011-08-14 09:20 1519720 ----a-w- c:\windows\system32\nvdispco64.dll
2011-08-03 11:50 . 2011-08-14 09:20 1453160 ----a-w- c:\windows\system32\nvgenco64.dll
2011-08-03 11:50 . 2011-08-14 09:20 12909672 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-08-03 11:50 . 2011-08-14 09:20 2532456 ----a-w- c:\windows\system32\nvcuvid.dll
2011-08-03 11:50 . 2011-08-14 09:20 2391656 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2011-08-03 11:50 . 2011-08-14 09:20 2222184 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-08-03 11:50 . 2011-08-14 09:20 2090088 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2011-08-03 11:50 . 2011-08-14 09:20 15064168 ----a-w- c:\windows\system32\nvd3dumx.dll
2011-08-03 11:50 . 2011-08-14 09:20 12636776 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2011-08-03 11:50 . 2011-08-14 09:20 7254632 ----a-w- c:\windows\system32\nvcuda.dll
2011-08-03 11:50 . 2011-08-14 09:20 5404776 ----a-w- c:\windows\SysWow64\nvcuda.dll
2011-08-03 11:50 . 2011-08-14 09:20 17193576 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2011-08-03 11:50 . 2011-08-14 09:20 24692840 ----a-w- c:\windows\system32\nvcompiler.dll
2011-08-03 11:50 . 2011-08-14 09:20 2412136 ----a-w- c:\windows\SysWow64\nvapi.dll
2011-08-03 11:50 . 2011-04-27 12:38 846952 ----a-w- c:\windows\system32\nvumdshimx.dll
2011-08-03 11:50 . 2011-04-27 12:38 240232 ----a-w- c:\windows\system32\nvinitx.dll
2011-08-03 11:50 . 2011-04-27 12:38 201320 ----a-w- c:\windows\SysWow64\nvinit.dll
2011-08-03 11:50 . 2011-04-27 12:38 2758760 ----a-w- c:\windows\system32\nvapi64.dll
2011-08-03 11:50 . 2011-02-09 16:15 1816324 ----a-w- c:\windows\system32\nvcoproc.bin
2011-08-03 11:50 . 2011-02-09 16:15 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-08-03 11:50 . 2011-02-09 16:15 980072 ----a-w- c:\windows\system32\nvvsvc.exe
2011-08-03 11:50 . 2011-02-09 16:15 816232 ----a-w- c:\windows\system32\nv3dappshext.dll
2011-08-03 11:50 . 2011-02-09 16:15 61544 ----a-w- c:\windows\system32\nvshext.dll
2011-08-03 11:50 . 2011-02-09 16:15 53864 ----a-w- c:\windows\system32\nv3dappshextr.dll
2011-08-03 11:50 . 2011-02-09 16:15 327272 ----a-w- c:\windows\SysWow64\oemdspif.dll
2011-08-03 11:50 . 2011-02-09 16:15 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-08-03 11:50 . 2011-02-09 16:15 836200 ----a-w- c:\windows\system32\easyUpdatusAPIU64.dll
2011-08-03 11:50 . 2011-02-09 16:15 6136936 ----a-w- c:\windows\system32\nvcpl.dll
2011-08-03 11:50 . 2011-02-09 16:15 3021416 ----a-w- c:\windows\system32\nvsvc64.dll
2011-07-22 05:22 . 2011-08-14 06:30 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-22 04:54 . 2011-08-14 06:30 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-07-16 05:41 . 2011-08-14 06:30 362496 ----a-w- c:\windows\system32\wow64win.dll
2011-07-16 05:41 . 2011-08-14 06:30 243200 ----a-w- c:\windows\system32\wow64.dll
2011-07-16 05:41 . 2011-08-14 06:30 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2011-07-16 05:39 . 2011-08-14 06:30 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2011-07-16 05:37 . 2011-08-14 06:30 421888 ----a-w- c:\windows\system32\KernelBase.dll
2011-07-16 05:21 . 2011-08-14 06:30 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-16 04:29 . 2011-08-14 06:30 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2011-07-16 04:26 . 2011-08-14 06:30 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-07-16 04:25 . 2011-08-14 06:30 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2011-07-16 04:24 . 2011-08-14 06:30 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2011-07-16 04:24 . 2011-08-14 06:30 272384 ----a-w- c:\windows\SysWow64\KernelBase.dll
2011-07-16 04:15 . 2011-08-14 06:30 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RGSC"="c:\program files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2008-11-14 305064]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-08-28 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-11-05 407920]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-11-05 202096]
"VitaKeyTSR"="c:\program files (x86)\EgisTec BioExcess\EgisTSR.exe" [2010-12-13 383344]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-06-28 1486392]
"PLTSR"="c:\program files (x86)\EgisTec Port Locker\EgisPLTSR.exe" [2010-10-22 364400]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2010-12-24 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2010-12-24 224352]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2011-2-15 1136928]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer6"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-27 136176]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-27 136176]
R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2010-08-09 220528]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys [x]
S1 EgisTecFF;EgisTecFF;c:\windows\system32\DRIVERS\EgisTecFF.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
S2 EgisTec Service Help;EgisTec Service Help;c:\program files (x86)\EgisTec Port Locker\Egishlpsvc.exe [2010-10-22 327024]
S2 EgisTec Service;EgisTec Service;c:\program files (x86)\EgisTec BioExcess\EgisService.exe [2010-12-13 703856]
S2 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-12-13 650096]
S2 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys);c:\windows\system32\Drivers\FPSensor.sys [x]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-04-14 245352]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [x]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\usbvideo.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - mfeavfk01
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-27 13:18]
.
2011-09-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-27 13:18]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-11 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-11 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-11 418328]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-04 11772520]
"TpShocks"="c:\windows\System32\TpShocks.exe" [2010-03-15 231328]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2011-04-27 9769888]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2011-04-27 5908928]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2011-04-27 114688]
"combofix"="c:\combofix\CF12214.3XE" [2010-11-21 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource= ... =CT3045277
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://lenovo.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{b54561db-0bbb-41b4-a814-df8301fe0a8e} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-uTorrent - c:\program files (x86)\uTorrent\uTorrent.exe
Toolbar-Locked - (no file)
WebBrowser-{B54561DB-0BBB-41B4-A814-DF8301FE0A8E} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1033080087-3791443075-2501254619-1005\Software\SecuROM\License information*]
"datasecu"=hex:9e,cf,ff,83,09,65,d6,e3,4c,36,1b,28,5a,d3,33,eb,3a,d6,d2,e5,21,
63,03,ac,d4,0d,b2,b2,db,76,44,e6,ef,8e,02,19,8c,21,a7,dc,f5,8b,86,8d,d1,72,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\SysWOW64\rundll32.exe
.
**************************************************************************
.
Celkový čas: 2011-09-21 15:51:34 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-09-21 13:51
.
Před spuštěním: Volných bajtů: 353 334 484 992
Po spuštění: Volných bajtů: 353 158 574 080
.
- - End Of File - - D3BD4BB7690D69049D3A56C533B36A37
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4010.2273 [GMT 2:00]
Spuštěný z: E:\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: McAfee Anti-Virus a Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: McAfee Anti-Virus a Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\s.bat
c:\windows\version.txt
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-21 do 2011-09-21 )))))))))))))))))))))))))))))))
.
.
2011-09-21 13:45 . 2011-09-21 13:45 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-09-21 13:45 . 2011-09-21 13:45 -------- d-----w- c:\users\Monika\AppData\Local\temp
2011-09-21 09:13 . 2011-09-21 09:13 -------- d-----w- c:\users\Admin\AppData\Local\ElevatedDiagnostics
2011-09-21 06:09 . 2011-09-21 06:09 -------- d-----w- C:\found.001
2011-09-20 17:25 . 2011-09-20 17:25 -------- d-----w- c:\users\Admin\AppData\Roaming\Malwarebytes
2011-09-20 17:25 . 2011-09-20 17:25 -------- d-----w- c:\programdata\Malwarebytes
2011-09-19 09:50 . 2011-09-19 11:55 -------- d-----w- c:\users\Admin\AppData\Local\Diagnostics
2011-09-18 18:24 . 2011-09-06 20:38 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-18 18:24 . 2011-09-06 20:38 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-18 18:24 . 2011-09-06 20:36 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-18 18:24 . 2011-09-06 20:36 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-18 18:24 . 2011-09-06 20:36 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-09-18 18:24 . 2011-09-06 20:45 254400 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-18 18:24 . 2011-09-06 20:36 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-09-18 18:24 . 2011-09-06 20:45 41184 ----a-w- c:\windows\avastSS.scr
2011-09-18 18:24 . 2011-09-06 20:45 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-09-18 18:24 . 2011-09-21 23:25 -------- d-----w- c:\programdata\AVAST Software
2011-09-18 18:24 . 2011-09-21 23:25 -------- d-----w- c:\program files\AVAST Software
2011-09-14 10:17 . 2011-09-18 18:49 -------- d-----w- c:\programdata\VirtualizedApplications
2011-09-14 06:25 . 2011-09-14 06:25 -------- d-----w- c:\users\Admin\AppData\Local\SoftGrid Client
2011-09-14 06:24 . 2011-09-16 11:41 -------- d-----w- c:\users\Admin\AppData\Roaming\SoftGrid Client
2011-09-14 06:23 . 2011-09-16 06:21 -------- d-----w- c:\program files (x86)\Microsoft Application Virtualization Client
2011-09-14 06:22 . 2011-09-14 06:25 -------- d-----w- c:\users\Admin\AppData\Roaming\TP
2011-09-13 15:26 . 2011-09-13 15:26 -------- d-----w- C:\found.000
2011-09-13 08:18 . 2011-09-13 08:18 -------- d-----w- c:\program files (x86)\Common Files\DivX Shared
2011-09-13 08:18 . 2011-09-13 08:18 -------- d-----w- c:\program files (x86)\DivX
2011-09-13 05:07 . 2011-09-21 23:25 -------- d-----w- c:\users\Admin\AppData\Roaming\Skype
2011-09-13 05:05 . 2011-09-13 05:05 -------- d-----r- c:\program files (x86)\Skype
2011-09-13 05:05 . 2011-09-13 05:05 -------- d-----w- c:\programdata\Skype
2011-09-11 07:32 . 2011-09-11 07:32 -------- d-----w- c:\users\Admin\AppData\Roaming\The Creative Assembly
2011-09-11 07:31 . 2008-10-27 08:04 518480 ----a-w- c:\windows\system32\XAudio2_3.dll
2011-09-11 07:31 . 2008-10-27 08:04 514384 ----a-w- c:\windows\SysWow64\XAudio2_3.dll
2011-09-11 07:31 . 2008-10-27 08:04 74576 ----a-w- c:\windows\system32\XAPOFX1_2.dll
2011-09-11 07:31 . 2008-10-27 08:04 70992 ----a-w- c:\windows\SysWow64\XAPOFX1_2.dll
2011-09-11 07:31 . 2008-10-27 08:04 235856 ----a-w- c:\windows\SysWow64\xactengine3_3.dll
2011-09-11 07:31 . 2008-10-27 08:04 175440 ----a-w- c:\windows\system32\xactengine3_3.dll
2011-09-11 07:31 . 2008-10-27 08:04 25936 ----a-w- c:\windows\system32\X3DAudio1_5.dll
2011-09-11 07:31 . 2008-10-27 08:04 23376 ----a-w- c:\windows\SysWow64\X3DAudio1_5.dll
2011-09-10 07:00 . 2011-09-10 07:05 -------- d-----w- c:\program files (x86)\CPU Speed Pro
2011-08-30 10:31 . 2011-08-30 10:31 -------- d-----w- c:\users\Monika\AppData\Local\EgisTec
2011-08-28 07:12 . 2011-09-11 09:43 -------- d-----w- c:\program files (x86)\Common Files\Steam
2011-08-28 07:12 . 2011-09-21 13:27 -------- d-----w- c:\program files (x86)\Steam
2011-08-24 09:39 . 2011-07-09 05:26 2048 ----a-w- c:\windows\system32\tzres.dll
2011-08-24 09:39 . 2011-07-09 04:29 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-13 13:01 . 2010-06-24 11:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-08-03 11:50 . 2011-08-14 09:21 67176 ----a-w- c:\windows\system32\OpenCL.dll
2011-08-03 11:50 . 2011-08-14 09:21 57960 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-08-03 11:50 . 2011-08-14 09:20 8355944 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-08-03 11:50 . 2011-08-14 09:20 706664 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2011-08-03 11:50 . 2011-08-14 09:20 6613096 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2011-08-03 11:50 . 2011-08-14 09:20 369256 ----a-w- c:\windows\system32\nvoptimusmft.dll
2011-08-03 11:50 . 2011-08-14 09:20 328808 ----a-w- c:\windows\SysWow64\nvoptimusmft.dll
2011-08-03 11:50 . 2011-08-14 09:20 27240 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2011-08-03 11:50 . 2011-08-14 09:20 22470248 ----a-w- c:\windows\system32\nvoglv64.dll
2011-08-03 11:50 . 2011-08-14 09:20 362600 ----a-w- c:\windows\system32\nvdecodemft.dll
2011-08-03 11:50 . 2011-08-14 09:20 300136 ----a-w- c:\windows\SysWow64\nvdecodemft.dll
2011-08-03 11:50 . 2011-08-14 09:20 16595560 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2011-08-03 11:50 . 2011-08-14 09:20 1519720 ----a-w- c:\windows\system32\nvdispco64.dll
2011-08-03 11:50 . 2011-08-14 09:20 1453160 ----a-w- c:\windows\system32\nvgenco64.dll
2011-08-03 11:50 . 2011-08-14 09:20 12909672 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-08-03 11:50 . 2011-08-14 09:20 2532456 ----a-w- c:\windows\system32\nvcuvid.dll
2011-08-03 11:50 . 2011-08-14 09:20 2391656 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2011-08-03 11:50 . 2011-08-14 09:20 2222184 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-08-03 11:50 . 2011-08-14 09:20 2090088 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2011-08-03 11:50 . 2011-08-14 09:20 15064168 ----a-w- c:\windows\system32\nvd3dumx.dll
2011-08-03 11:50 . 2011-08-14 09:20 12636776 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2011-08-03 11:50 . 2011-08-14 09:20 7254632 ----a-w- c:\windows\system32\nvcuda.dll
2011-08-03 11:50 . 2011-08-14 09:20 5404776 ----a-w- c:\windows\SysWow64\nvcuda.dll
2011-08-03 11:50 . 2011-08-14 09:20 17193576 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2011-08-03 11:50 . 2011-08-14 09:20 24692840 ----a-w- c:\windows\system32\nvcompiler.dll
2011-08-03 11:50 . 2011-08-14 09:20 2412136 ----a-w- c:\windows\SysWow64\nvapi.dll
2011-08-03 11:50 . 2011-04-27 12:38 846952 ----a-w- c:\windows\system32\nvumdshimx.dll
2011-08-03 11:50 . 2011-04-27 12:38 240232 ----a-w- c:\windows\system32\nvinitx.dll
2011-08-03 11:50 . 2011-04-27 12:38 201320 ----a-w- c:\windows\SysWow64\nvinit.dll
2011-08-03 11:50 . 2011-04-27 12:38 2758760 ----a-w- c:\windows\system32\nvapi64.dll
2011-08-03 11:50 . 2011-02-09 16:15 1816324 ----a-w- c:\windows\system32\nvcoproc.bin
2011-08-03 11:50 . 2011-02-09 16:15 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-08-03 11:50 . 2011-02-09 16:15 980072 ----a-w- c:\windows\system32\nvvsvc.exe
2011-08-03 11:50 . 2011-02-09 16:15 816232 ----a-w- c:\windows\system32\nv3dappshext.dll
2011-08-03 11:50 . 2011-02-09 16:15 61544 ----a-w- c:\windows\system32\nvshext.dll
2011-08-03 11:50 . 2011-02-09 16:15 53864 ----a-w- c:\windows\system32\nv3dappshextr.dll
2011-08-03 11:50 . 2011-02-09 16:15 327272 ----a-w- c:\windows\SysWow64\oemdspif.dll
2011-08-03 11:50 . 2011-02-09 16:15 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-08-03 11:50 . 2011-02-09 16:15 836200 ----a-w- c:\windows\system32\easyUpdatusAPIU64.dll
2011-08-03 11:50 . 2011-02-09 16:15 6136936 ----a-w- c:\windows\system32\nvcpl.dll
2011-08-03 11:50 . 2011-02-09 16:15 3021416 ----a-w- c:\windows\system32\nvsvc64.dll
2011-07-22 05:22 . 2011-08-14 06:30 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-22 04:54 . 2011-08-14 06:30 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-07-16 05:41 . 2011-08-14 06:30 362496 ----a-w- c:\windows\system32\wow64win.dll
2011-07-16 05:41 . 2011-08-14 06:30 243200 ----a-w- c:\windows\system32\wow64.dll
2011-07-16 05:41 . 2011-08-14 06:30 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2011-07-16 05:39 . 2011-08-14 06:30 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2011-07-16 05:37 . 2011-08-14 06:30 421888 ----a-w- c:\windows\system32\KernelBase.dll
2011-07-16 05:21 . 2011-08-14 06:30 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-16 05:21 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-16 04:29 . 2011-08-14 06:30 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2011-07-16 04:26 . 2011-08-14 06:30 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-07-16 04:25 . 2011-08-14 06:30 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2011-07-16 04:24 . 2011-08-14 06:30 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2011-07-16 04:24 . 2011-08-14 06:30 272384 ----a-w- c:\windows\SysWow64\KernelBase.dll
2011-07-16 04:15 . 2011-08-14 06:30 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2011-07-16 04:15 . 2011-08-14 06:30 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RGSC"="c:\program files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2008-11-14 305064]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-08-28 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-11-05 407920]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-11-05 202096]
"VitaKeyTSR"="c:\program files (x86)\EgisTec BioExcess\EgisTSR.exe" [2010-12-13 383344]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-06-28 1486392]
"PLTSR"="c:\program files (x86)\EgisTec Port Locker\EgisPLTSR.exe" [2010-10-22 364400]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2010-12-24 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2010-12-24 224352]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2011-2-15 1136928]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer6"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-27 136176]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-27 136176]
R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2010-08-09 220528]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys [x]
S1 EgisTecFF;EgisTecFF;c:\windows\system32\DRIVERS\EgisTecFF.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
S2 EgisTec Service Help;EgisTec Service Help;c:\program files (x86)\EgisTec Port Locker\Egishlpsvc.exe [2010-10-22 327024]
S2 EgisTec Service;EgisTec Service;c:\program files (x86)\EgisTec BioExcess\EgisService.exe [2010-12-13 703856]
S2 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-12-13 650096]
S2 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys);c:\windows\system32\Drivers\FPSensor.sys [x]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-04-14 245352]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [x]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\usbvideo.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - mfeavfk01
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-27 13:18]
.
2011-09-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-27 13:18]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-11 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-11 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-11 418328]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-04 11772520]
"TpShocks"="c:\windows\System32\TpShocks.exe" [2010-03-15 231328]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2011-04-27 9769888]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2011-04-27 5908928]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2011-04-27 114688]
"combofix"="c:\combofix\CF12214.3XE" [2010-11-21 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource= ... =CT3045277
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://lenovo.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{b54561db-0bbb-41b4-a814-df8301fe0a8e} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-uTorrent - c:\program files (x86)\uTorrent\uTorrent.exe
Toolbar-Locked - (no file)
WebBrowser-{B54561DB-0BBB-41B4-A814-DF8301FE0A8E} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1033080087-3791443075-2501254619-1005\Software\SecuROM\License information*]
"datasecu"=hex:9e,cf,ff,83,09,65,d6,e3,4c,36,1b,28,5a,d3,33,eb,3a,d6,d2,e5,21,
63,03,ac,d4,0d,b2,b2,db,76,44,e6,ef,8e,02,19,8c,21,a7,dc,f5,8b,86,8d,d1,72,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\SysWOW64\rundll32.exe
.
**************************************************************************
.
Celkový čas: 2011-09-21 15:51:34 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-09-21 13:51
.
Před spuštěním: Volných bajtů: 353 334 484 992
Po spuštění: Volných bajtů: 353 158 574 080
.
- - End Of File - - D3BD4BB7690D69049D3A56C533B36A37
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Log z hijakcthis a mbob
žbeky:
Odinstaluj McAfee
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Log z hijakcthis a mbob
A až ho odinstaluješ, tak udělej nový CF log
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Seznam[Bot] a 126 hostů