Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.
prosim o kontrolu logu Vyřešeno
- memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: prosim o kontrolu logu
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: prosim o kontrolu logu
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.3 (09.27.2013:1)
OS: Windows 7 Ultimate x86
Ran by top on ne 29.09.2013 at 14:58:32,04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 29.09.2013 at 15:01:57,86
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.3 (09.27.2013:1)
OS: Windows 7 Ultimate x86
Ran by top on ne 29.09.2013 at 14:58:32,04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 29.09.2013 at 15:01:57,86
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: prosim o kontrolu logu
ComboFix 13-09-28.02 - top 29.09.2013 15:10:55.3.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.2048.1269 [GMT 2:00]
Spuštěný z: c:\users\top\Desktop\ComboFix.exe
AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-28 do 2013-09-29 )))))))))))))))))))))))))))))))
.
.
2013-09-29 13:17 . 2013-09-29 13:17 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-09-29 13:17 . 2013-09-29 13:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-29 08:56 . 2013-09-29 08:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-09-29 08:56 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-29 07:49 . 2013-09-29 07:49 -------- d-----w- c:\windows\ERUNT
2013-09-29 07:41 . 2013-09-29 09:12 -------- d-----w- C:\AdwCleaner
2013-09-29 07:02 . 2013-09-29 07:02 -------- d-----w- c:\users\top\AppData\Roaming\Malwarebytes
2013-09-29 07:02 . 2013-09-29 07:02 -------- d-----w- c:\programdata\Malwarebytes
2013-09-27 21:11 . 2013-09-27 21:11 -------- d-----w- c:\program files\Microsoft Synchronization Services
2013-09-27 21:11 . 2013-09-27 21:11 -------- d-----w- c:\windows\PCHEALTH
2013-09-27 21:11 . 2013-09-27 21:11 -------- d-----w- c:\program files\Microsoft Sync Framework
2013-09-27 21:11 . 2013-09-27 21:11 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-09-27 21:09 . 2013-09-27 21:09 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2013-09-27 21:09 . 2013-09-27 21:09 -------- d-----w- c:\program files\Microsoft Analysis Services
2013-09-25 20:11 . 2013-09-25 20:11 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2013-09-25 20:11 . 2013-09-25 20:11 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2013-09-25 20:11 . 2013-09-25 20:11 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2013-09-25 20:11 . 2013-09-25 20:11 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2013-09-25 20:11 . 2013-09-25 20:11 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2013-09-17 18:46 . 2013-09-17 18:46 770648 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2013-09-17 17:17 . 2013-09-17 17:17 -------- d-----w- c:\programdata\Oracle
2013-09-17 17:17 . 2013-09-17 17:17 -------- d-----w- c:\program files\Common Files\Java
2013-09-17 17:16 . 2013-09-17 17:16 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-09-16 15:15 . 2013-08-05 01:56 133056 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-09-08 10:14 . 2013-09-08 10:14 -------- d-----w- c:\users\top\AppData\Roaming\Shape games
2013-09-08 10:13 . 2013-09-08 10:13 -------- d-----w- c:\program files\Záhadná kuchařka
2013-09-05 14:04 . 2013-09-05 14:04 209272 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2013-09-04 11:28 . 2013-09-04 11:28 -------- d-----w- c:\program files\Steam
2013-09-04 11:26 . 2013-09-05 11:33 -------- d-----w- c:\users\top\AppData\Local\SniperV2
2013-09-04 11:14 . 2013-09-04 11:14 -------- d-----w- c:\program files\Rebellion
2013-09-03 15:33 . 2013-08-19 22:47 7166848 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4B63DB42-50D9-4CA2-AF89-BE3966813A09}\mpengine.dll
2013-09-03 15:33 . 2013-08-07 02:22 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-09-03 15:13 . 2013-09-03 15:13 -------- d-----w- c:\users\top\AppData\Local\ESET
2013-09-03 15:10 . 2013-09-03 15:10 -------- d-----w- c:\program files\ESET
2013-09-01 20:07 . 2008-10-15 04:22 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2013-09-01 20:07 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2013-09-01 20:07 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2013-09-01 19:59 . 2013-09-01 20:09 -------- d-----w- c:\program files\FTruck2013
2013-09-01 13:55 . 2013-09-01 13:55 -------- d-----w- c:\users\top\AppData\Local\PunkBuster
2013-09-01 13:47 . 2013-09-01 14:22 138464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2013-09-01 13:47 . 2013-09-01 13:47 22328 ----a-w- c:\users\top\AppData\Roaming\PnkBstrK.sys
2013-09-01 13:47 . 2013-09-01 14:22 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2013-09-01 13:47 . 2013-09-01 13:47 682280 ----a-w- c:\windows\system32\pbsvc.exe
2013-09-01 13:47 . 2013-09-01 13:47 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2013-09-01 07:56 . 2013-09-22 13:41 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-09-01 07:55 . 2013-09-01 07:55 -------- d-----w- c:\program files\Apple Software Update
2013-09-01 07:54 . 2013-09-22 13:41 -------- d-----w- c:\program files\Common Files\Apple
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-20 05:13 . 2013-03-23 15:46 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-20 05:13 . 2013-03-23 15:46 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-17 17:16 . 2013-02-11 16:16 868264 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-09-17 17:16 . 2013-02-11 16:16 790440 ----a-w- c:\windows\system32\deployJava1.dll
2013-08-27 10:38 . 2013-08-27 10:38 1355776 ----a-w- c:\windows\system32\msvbvm50.dll
2013-08-22 13:38 . 2013-08-22 13:38 1505280 ----a-w- c:\windows\system32\d3d11.dll
2013-07-25 08:57 . 2013-08-22 10:25 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-19 01:41 . 2013-08-22 10:23 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-09 05:03 . 2013-08-22 10:25 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-07-09 05:03 . 2013-08-22 10:25 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-09 04:53 . 2013-08-22 10:25 1289096 ----a-w- c:\windows\system32\ntdll.dll
2013-07-09 04:52 . 2013-08-22 10:25 175104 ----a-w- c:\windows\system32\wintrust.dll
2013-07-09 04:50 . 2013-08-22 10:25 652800 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 04:46 . 2013-08-22 10:25 1166848 ----a-w- c:\windows\system32\crypt32.dll
2013-07-09 04:46 . 2013-08-22 10:25 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-09 04:46 . 2013-08-22 10:25 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-06 05:05 . 2013-08-22 10:25 1293760 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18706176]
"Seznam Postak"="c:\program files\Seznam.cz\bin\postak.exe" [2012-01-10 491040]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-01-08 3674320]
"cz.seznam.software.autoupdate"="c:\users\top\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\top\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-08 3076144]
"QuickTime Plugin Install"="c:\program files\QuickTime\Plugins\DeleteMe1.exe" [2013-09-25 86016]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"QuickTime Plugin Install"=c:\program files\QuickTime\Plugins\DeleteMe1.exe
"Služba Acronis Scheduler2"="c:\program files\Common Files\Acronis\Plán2\schedhlp.exe"
"TrueImageMonitor.exe"=c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe
.
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-02-10 1343400]
R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 50624]
S0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\DRIVERS\tdrpm258.sys [2013-05-19 911680]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-02-10 242240]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 118104]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 33656]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [2013-05-19 2480048]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 163424]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2011-09-08 974944]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [2012-09-19 1699168]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2013-05-19 160288]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [2012-09-18 10088]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-23 05:13]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.10.10.10 10.10.10.1
FF - ProfilePath - c:\users\top\AppData\Roaming\Mozilla\Firefox\Profiles\9tbqhjlw.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: 2013-08-27 13:31; 7go@7go.com; c:\users\top\AppData\Roaming\Mozilla\Extensions\7go@7go.com
FF - ExtSQL: 2013-08-27 13:31; speedanalysis02@SpeedAnalysis.com; c:\users\top\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
FF - ExtSQL: 2013-09-18 06:14; {ea614400-e918-4741-9a97-7a972ff7c30b}; c:\users\top\AppData\Roaming\Mozilla\Firefox\Profiles\9tbqhjlw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - ExtSQL: 2013-09-19 20:19; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\top\AppData\Roaming\Mozilla\Firefox\Profiles\9tbqhjlw.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: !HIDDEN! 2013-08-27 13:31; 7go@7go.com; c:\users\top\AppData\Roaming\Mozilla\Extensions\7go@7go.com
FF - ExtSQL: !HIDDEN! 2013-08-27 13:31; speedanalysis02@SpeedAnalysis.com; c:\users\top\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-09-29 15:20:35
ComboFix-quarantined-files.txt 2013-09-29 13:20
ComboFix2.txt 2011-04-06 14:33
ComboFix3.txt 2011-04-06 14:07
ComboFix4.txt 2011-04-05 18:53
.
Před spuštěním: 4 570 390 528
Po spuštění: 5 160 296 448
.
- - End Of File - - FD22540E31262944DF99DA52F0642592
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.2048.1269 [GMT 2:00]
Spuštěný z: c:\users\top\Desktop\ComboFix.exe
AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-28 do 2013-09-29 )))))))))))))))))))))))))))))))
.
.
2013-09-29 13:17 . 2013-09-29 13:17 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-09-29 13:17 . 2013-09-29 13:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-29 08:56 . 2013-09-29 08:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-09-29 08:56 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-29 07:49 . 2013-09-29 07:49 -------- d-----w- c:\windows\ERUNT
2013-09-29 07:41 . 2013-09-29 09:12 -------- d-----w- C:\AdwCleaner
2013-09-29 07:02 . 2013-09-29 07:02 -------- d-----w- c:\users\top\AppData\Roaming\Malwarebytes
2013-09-29 07:02 . 2013-09-29 07:02 -------- d-----w- c:\programdata\Malwarebytes
2013-09-27 21:11 . 2013-09-27 21:11 -------- d-----w- c:\program files\Microsoft Synchronization Services
2013-09-27 21:11 . 2013-09-27 21:11 -------- d-----w- c:\windows\PCHEALTH
2013-09-27 21:11 . 2013-09-27 21:11 -------- d-----w- c:\program files\Microsoft Sync Framework
2013-09-27 21:11 . 2013-09-27 21:11 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-09-27 21:09 . 2013-09-27 21:09 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2013-09-27 21:09 . 2013-09-27 21:09 -------- d-----w- c:\program files\Microsoft Analysis Services
2013-09-25 20:11 . 2013-09-25 20:11 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2013-09-25 20:11 . 2013-09-25 20:11 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2013-09-25 20:11 . 2013-09-25 20:11 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2013-09-25 20:11 . 2013-09-25 20:11 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2013-09-25 20:11 . 2013-09-25 20:11 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2013-09-17 18:46 . 2013-09-17 18:46 770648 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2013-09-17 17:17 . 2013-09-17 17:17 -------- d-----w- c:\programdata\Oracle
2013-09-17 17:17 . 2013-09-17 17:17 -------- d-----w- c:\program files\Common Files\Java
2013-09-17 17:16 . 2013-09-17 17:16 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-09-16 15:15 . 2013-08-05 01:56 133056 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-09-08 10:14 . 2013-09-08 10:14 -------- d-----w- c:\users\top\AppData\Roaming\Shape games
2013-09-08 10:13 . 2013-09-08 10:13 -------- d-----w- c:\program files\Záhadná kuchařka
2013-09-05 14:04 . 2013-09-05 14:04 209272 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2013-09-04 11:28 . 2013-09-04 11:28 -------- d-----w- c:\program files\Steam
2013-09-04 11:26 . 2013-09-05 11:33 -------- d-----w- c:\users\top\AppData\Local\SniperV2
2013-09-04 11:14 . 2013-09-04 11:14 -------- d-----w- c:\program files\Rebellion
2013-09-03 15:33 . 2013-08-19 22:47 7166848 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4B63DB42-50D9-4CA2-AF89-BE3966813A09}\mpengine.dll
2013-09-03 15:33 . 2013-08-07 02:22 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-09-03 15:13 . 2013-09-03 15:13 -------- d-----w- c:\users\top\AppData\Local\ESET
2013-09-03 15:10 . 2013-09-03 15:10 -------- d-----w- c:\program files\ESET
2013-09-01 20:07 . 2008-10-15 04:22 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2013-09-01 20:07 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2013-09-01 20:07 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2013-09-01 19:59 . 2013-09-01 20:09 -------- d-----w- c:\program files\FTruck2013
2013-09-01 13:55 . 2013-09-01 13:55 -------- d-----w- c:\users\top\AppData\Local\PunkBuster
2013-09-01 13:47 . 2013-09-01 14:22 138464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2013-09-01 13:47 . 2013-09-01 13:47 22328 ----a-w- c:\users\top\AppData\Roaming\PnkBstrK.sys
2013-09-01 13:47 . 2013-09-01 14:22 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2013-09-01 13:47 . 2013-09-01 13:47 682280 ----a-w- c:\windows\system32\pbsvc.exe
2013-09-01 13:47 . 2013-09-01 13:47 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2013-09-01 07:56 . 2013-09-22 13:41 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-09-01 07:55 . 2013-09-01 07:55 -------- d-----w- c:\program files\Apple Software Update
2013-09-01 07:54 . 2013-09-22 13:41 -------- d-----w- c:\program files\Common Files\Apple
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-20 05:13 . 2013-03-23 15:46 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-20 05:13 . 2013-03-23 15:46 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-17 17:16 . 2013-02-11 16:16 868264 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-09-17 17:16 . 2013-02-11 16:16 790440 ----a-w- c:\windows\system32\deployJava1.dll
2013-08-27 10:38 . 2013-08-27 10:38 1355776 ----a-w- c:\windows\system32\msvbvm50.dll
2013-08-22 13:38 . 2013-08-22 13:38 1505280 ----a-w- c:\windows\system32\d3d11.dll
2013-07-25 08:57 . 2013-08-22 10:25 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-19 01:41 . 2013-08-22 10:23 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-09 05:03 . 2013-08-22 10:25 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-07-09 05:03 . 2013-08-22 10:25 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-09 04:53 . 2013-08-22 10:25 1289096 ----a-w- c:\windows\system32\ntdll.dll
2013-07-09 04:52 . 2013-08-22 10:25 175104 ----a-w- c:\windows\system32\wintrust.dll
2013-07-09 04:50 . 2013-08-22 10:25 652800 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 04:46 . 2013-08-22 10:25 1166848 ----a-w- c:\windows\system32\crypt32.dll
2013-07-09 04:46 . 2013-08-22 10:25 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-09 04:46 . 2013-08-22 10:25 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-06 05:05 . 2013-08-22 10:25 1293760 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18706176]
"Seznam Postak"="c:\program files\Seznam.cz\bin\postak.exe" [2012-01-10 491040]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-01-08 3674320]
"cz.seznam.software.autoupdate"="c:\users\top\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\top\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-08 3076144]
"QuickTime Plugin Install"="c:\program files\QuickTime\Plugins\DeleteMe1.exe" [2013-09-25 86016]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"QuickTime Plugin Install"=c:\program files\QuickTime\Plugins\DeleteMe1.exe
"Služba Acronis Scheduler2"="c:\program files\Common Files\Acronis\Plán2\schedhlp.exe"
"TrueImageMonitor.exe"=c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe
.
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-02-10 1343400]
R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 50624]
S0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\DRIVERS\tdrpm258.sys [2013-05-19 911680]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-02-10 242240]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 118104]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 33656]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [2013-05-19 2480048]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 163424]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2011-09-08 974944]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [2012-09-19 1699168]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2013-05-19 160288]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [2012-09-18 10088]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-23 05:13]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.10.10.10 10.10.10.1
FF - ProfilePath - c:\users\top\AppData\Roaming\Mozilla\Firefox\Profiles\9tbqhjlw.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: 2013-08-27 13:31; 7go@7go.com; c:\users\top\AppData\Roaming\Mozilla\Extensions\7go@7go.com
FF - ExtSQL: 2013-08-27 13:31; speedanalysis02@SpeedAnalysis.com; c:\users\top\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
FF - ExtSQL: 2013-09-18 06:14; {ea614400-e918-4741-9a97-7a972ff7c30b}; c:\users\top\AppData\Roaming\Mozilla\Firefox\Profiles\9tbqhjlw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - ExtSQL: 2013-09-19 20:19; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\top\AppData\Roaming\Mozilla\Firefox\Profiles\9tbqhjlw.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: !HIDDEN! 2013-08-27 13:31; 7go@7go.com; c:\users\top\AppData\Roaming\Mozilla\Extensions\7go@7go.com
FF - ExtSQL: !HIDDEN! 2013-08-27 13:31; speedanalysis02@SpeedAnalysis.com; c:\users\top\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-09-29 15:20:35
ComboFix-quarantined-files.txt 2013-09-29 13:20
ComboFix2.txt 2011-04-06 14:33
ComboFix3.txt 2011-04-06 14:07
ComboFix4.txt 2011-04-05 18:53
.
Před spuštěním: 4 570 390 528
Po spuštění: 5 160 296 448
.
- - End Of File - - FD22540E31262944DF99DA52F0642592
A36C5E4F47E84449FF07ED3517B43A31
- memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: prosim o kontrolu logu
Máš docela málo volného místa na systémovém disku. Pro bezproblémový chod má být cca 15 % kapacity disku volné. 5 GB je opravdu málo pokud nemáš 60 GB HDD.
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
+ Nový log z HJT
Jak se chová PC?
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
+ Nový log z HJT
Jak se chová PC?
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: prosim o kontrolu logu
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:12:46, on 29.9.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Seznam.cz\bin\postak.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Users\top\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Internet Explorer\IELowutil.exe
C:\Users\top\Desktop\hijackthis_2.0.4.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\bin\core.4.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\bin\postak.exe" -s
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\top\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\top\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
--
End of file - 6128 bytes
Scan saved at 21:12:46, on 29.9.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Seznam.cz\bin\postak.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Users\top\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Internet Explorer\IELowutil.exe
C:\Users\top\Desktop\hijackthis_2.0.4.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\bin\core.4.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\bin\postak.exe" -s
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\top\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\top\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
--
End of file - 6128 bytes
Re: prosim o kontrolu logu
ted jede dobre
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: prosim o kontrolu logu Vyřešeno
Odinstaluj:
Seznam.cz
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Seznam.cz
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Kód: Vybrat vše
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\top\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\top\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 82 hostů