Zdravím , chtěl bych zkontrolovat log . Zdá se mi , že je ntb nějak spomalenej . Děkuji
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:45:07, on 11. 1. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Users\Roman\Documents\stahování\firefoxe\firefox.exe
C:\Users\Roman\Documents\stahování\firefoxe\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Users\Roman\Desktop\hijackthis\hijackthis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\Sony\MSS\3.8.130\McAfeeMSS_IE.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Roman\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Rich Media Player - {FEB703F7-E7B2-4AB0-9566-87658AC70095} - C:\Users\Roman\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Users\Roman\Documents\stahování\DTLite-setup\instalace DTl\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Global Startup: Sony MSS.lnk = C:\Program Files\Sony\MSS\3.8.130\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Roman\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service (ESRV_SVC) - Intel Corporation - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service for Sony (McComponentHostServiceSony) - McAfee, Inc. - C:\Program Files\Sony\MSS\3.8.130\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NetworkSupport - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Intel(R) System Behavior Tracker Collector Service (SampleCollector) - Intel Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: User Energy Server Service (USER_ESRV_SVC) - Intel Corporation - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\VUAgent.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 11372 bytes
Preventivní kontrola logu Vyřešeno
-
PARKR
- Level 3
- Příspěvky: 542
- Registrován: červenec 12
- Bydliště: Severní Morava
- Pohlaví:
- Stav:
Offline
Preventivní kontrola logu
OS Windows 11 Professional (x64) (24H2) / MB ASUS TUF GAMING B650M-PLUS / CPU AMD Ryzen 5 7600/ RAM G.SKILL 32GB KIT DDR5 6000MT/s CL36 AMD EXPO / GPU ASUS DUAL RTX 4060 GAMING OC /
SSD SSD WD Black SN770 NVMe 1TB / PSU Seasonic Core GX-650 ATX 3
SSD SSD WD Black SN770 NVMe 1TB / PSU Seasonic Core GX-650 ATX 3
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Preventivní kontrola logu
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
===================================================
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
====================================================
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
===================================================
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
====================================================
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
-
PARKR
- Level 3
- Příspěvky: 542
- Registrován: červenec 12
- Bydliště: Severní Morava
- Pohlaví:
- Stav:
Offline
Re: Preventivní kontrola logu
Verze: v2014.01.11.03
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16750
Roman :: NUFANKA [administrátor]
12. 1. 2014 12:09:25
mbam-log-2014-01-12 (12-09-25).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 241889
Uplynulý čas: 4 minut, 37 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16750
Roman :: NUFANKA [administrátor]
12. 1. 2014 12:09:25
mbam-log-2014-01-12 (12-09-25).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 241889
Uplynulý čas: 4 minut, 37 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
OS Windows 11 Professional (x64) (24H2) / MB ASUS TUF GAMING B650M-PLUS / CPU AMD Ryzen 5 7600/ RAM G.SKILL 32GB KIT DDR5 6000MT/s CL36 AMD EXPO / GPU ASUS DUAL RTX 4060 GAMING OC /
SSD SSD WD Black SN770 NVMe 1TB / PSU Seasonic Core GX-650 ATX 3
SSD SSD WD Black SN770 NVMe 1TB / PSU Seasonic Core GX-650 ATX 3
-
PARKR
- Level 3
- Příspěvky: 542
- Registrován: červenec 12
- Bydliště: Severní Morava
- Pohlaví:
- Stav:
Offline
Re: Preventivní kontrola logu
# AdwCleaner v3.016 - Report created 12/01/2014 at 12:14:55
# Updated 23/12/2013 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Roman - NUFANKA
# Running from : C:\Users\Roman\Desktop\adwcleaner\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\searchplugins\safeguard-secure-search.xml
Folder Found : C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Found : C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\Extensions\3r5i7u@flflmdrp.net
Folder Found : C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\Extensions\ntflq@rbpcpea.com
Folder Found C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Found C:\Program Files (x86)\siurf and keeop
Folder Found C:\Program Files (x86)\YoutubeAdblocker
Folder Found C:\ProgramData\AVG SafeGuard toolbar
Folder Found C:\ProgramData\siurf and keeop
Folder Found C:\ProgramData\WinterSoft
Folder Found C:\ProgramData\YoutubeAdblocker
Folder Found C:\Users\Roman\AppData\Local\AVG SafeGuard toolbar
Folder Found C:\Users\Roman\AppData\LocalLow\AVG SafeGuard toolbar
Folder Found C:\Users\Roman\AppData\Roaming\SkypEmoticons
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\AVG SafeGuard toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Found : [x64] HKCU\Software\AVG SafeGuard toolbar
Key Found : HKLM\Software\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Found : HKLM\Software\Sk-Enhancer
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16537
-\\ Mozilla Firefox v26.0 (cs)
[ File : C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\prefs.js ]
-\\ Google Chrome v31.0.1650.63
[ File : C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [11677 octets] - [10/11/2013 09:08:32]
AdwCleaner[R1].txt - [11738 octets] - [10/11/2013 15:02:19]
AdwCleaner[R2].txt - [2964 octets] - [12/01/2014 12:14:55]
AdwCleaner[S0].txt - [9391 octets] - [10/11/2013 15:03:08]
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [3084 octets] ##########
# Updated 23/12/2013 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Roman - NUFANKA
# Running from : C:\Users\Roman\Desktop\adwcleaner\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\searchplugins\safeguard-secure-search.xml
Folder Found : C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Found : C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\Extensions\3r5i7u@flflmdrp.net
Folder Found : C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\Extensions\ntflq@rbpcpea.com
Folder Found C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Found C:\Program Files (x86)\siurf and keeop
Folder Found C:\Program Files (x86)\YoutubeAdblocker
Folder Found C:\ProgramData\AVG SafeGuard toolbar
Folder Found C:\ProgramData\siurf and keeop
Folder Found C:\ProgramData\WinterSoft
Folder Found C:\ProgramData\YoutubeAdblocker
Folder Found C:\Users\Roman\AppData\Local\AVG SafeGuard toolbar
Folder Found C:\Users\Roman\AppData\LocalLow\AVG SafeGuard toolbar
Folder Found C:\Users\Roman\AppData\Roaming\SkypEmoticons
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\AVG SafeGuard toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Found : [x64] HKCU\Software\AVG SafeGuard toolbar
Key Found : HKLM\Software\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Found : HKLM\Software\Sk-Enhancer
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16537
-\\ Mozilla Firefox v26.0 (cs)
[ File : C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\prefs.js ]
-\\ Google Chrome v31.0.1650.63
[ File : C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [11677 octets] - [10/11/2013 09:08:32]
AdwCleaner[R1].txt - [11738 octets] - [10/11/2013 15:02:19]
AdwCleaner[R2].txt - [2964 octets] - [12/01/2014 12:14:55]
AdwCleaner[S0].txt - [9391 octets] - [10/11/2013 15:03:08]
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [3084 octets] ##########
OS Windows 11 Professional (x64) (24H2) / MB ASUS TUF GAMING B650M-PLUS / CPU AMD Ryzen 5 7600/ RAM G.SKILL 32GB KIT DDR5 6000MT/s CL36 AMD EXPO / GPU ASUS DUAL RTX 4060 GAMING OC /
SSD SSD WD Black SN770 NVMe 1TB / PSU Seasonic Core GX-650 ATX 3
SSD SSD WD Black SN770 NVMe 1TB / PSU Seasonic Core GX-650 ATX 3
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Preventivní kontrola logu
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Stáhni si Junkware Removal Tool by Thisisu
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Stáhni si Junkware Removal Tool by Thisisu
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
PARKR
- Level 3
- Příspěvky: 542
- Registrován: červenec 12
- Bydliště: Severní Morava
- Pohlaví:
- Stav:
Offline
Re: Preventivní kontrola logu
# AdwCleaner v3.016 - Report created 13/01/2014 at 12:17:26
# Updated 23/12/2013 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Roman - NUFANKA
# Running from : C:\Users\Roman\Desktop\adwcleaner\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\WinterSoft
Folder Deleted : C:\ProgramData\YoutubeAdblocker
Folder Deleted : C:\ProgramData\siurf and keeop
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\YoutubeAdblocker
Folder Deleted : C:\Program Files (x86)\siurf and keeop
Folder Deleted : C:\Users\Roman\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Roman\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Roman\AppData\Roaming\SkypEmoticons
Folder Deleted : C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\Extensions\3r5i7u@flflmdrp.net
Folder Deleted : C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\Extensions\ntflq@rbpcpea.com
Folder Deleted : C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File Deleted : C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\searchplugins\safeguard-secure-search.xml
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\Sk-Enhancer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16537
-\\ Mozilla Firefox v26.0 (cs)
[ File : C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\prefs.js ]
-\\ Google Chrome v31.0.1650.63
[ File : C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [11677 octets] - [10/11/2013 09:08:32]
AdwCleaner[R1].txt - [11738 octets] - [10/11/2013 15:02:19]
AdwCleaner[R2].txt - [3168 octets] - [12/01/2014 12:14:55]
AdwCleaner[R3].txt - [3228 octets] - [12/01/2014 12:18:47]
AdwCleaner[R4].txt - [3288 octets] - [13/01/2014 12:16:27]
AdwCleaner[S0].txt - [9391 octets] - [10/11/2013 15:03:08]
AdwCleaner[S1].txt - [3226 octets] - [13/01/2014 12:17:26]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3286 octets] ##########
# Updated 23/12/2013 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Roman - NUFANKA
# Running from : C:\Users\Roman\Desktop\adwcleaner\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\WinterSoft
Folder Deleted : C:\ProgramData\YoutubeAdblocker
Folder Deleted : C:\ProgramData\siurf and keeop
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\YoutubeAdblocker
Folder Deleted : C:\Program Files (x86)\siurf and keeop
Folder Deleted : C:\Users\Roman\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Roman\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Roman\AppData\Roaming\SkypEmoticons
Folder Deleted : C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\Extensions\3r5i7u@flflmdrp.net
Folder Deleted : C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\Extensions\ntflq@rbpcpea.com
Folder Deleted : C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File Deleted : C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\searchplugins\safeguard-secure-search.xml
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\Sk-Enhancer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16537
-\\ Mozilla Firefox v26.0 (cs)
[ File : C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\prefs.js ]
-\\ Google Chrome v31.0.1650.63
[ File : C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [11677 octets] - [10/11/2013 09:08:32]
AdwCleaner[R1].txt - [11738 octets] - [10/11/2013 15:02:19]
AdwCleaner[R2].txt - [3168 octets] - [12/01/2014 12:14:55]
AdwCleaner[R3].txt - [3228 octets] - [12/01/2014 12:18:47]
AdwCleaner[R4].txt - [3288 octets] - [13/01/2014 12:16:27]
AdwCleaner[S0].txt - [9391 octets] - [10/11/2013 15:03:08]
AdwCleaner[S1].txt - [3226 octets] - [13/01/2014 12:17:26]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3286 octets] ##########
OS Windows 11 Professional (x64) (24H2) / MB ASUS TUF GAMING B650M-PLUS / CPU AMD Ryzen 5 7600/ RAM G.SKILL 32GB KIT DDR5 6000MT/s CL36 AMD EXPO / GPU ASUS DUAL RTX 4060 GAMING OC /
SSD SSD WD Black SN770 NVMe 1TB / PSU Seasonic Core GX-650 ATX 3
SSD SSD WD Black SN770 NVMe 1TB / PSU Seasonic Core GX-650 ATX 3
-
PARKR
- Level 3
- Příspěvky: 542
- Registrován: červenec 12
- Bydliště: Severní Morava
- Pohlaví:
- Stav:
Offline
Re: Preventivní kontrola logu
tento log se mi moc nezdá . Nic tam není
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 8 x64
Ran by Roman on po 13. 01. 2014 at 12:22:47,96
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 13. 01. 2014 at 12:29:07,43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 8 x64
Ran by Roman on po 13. 01. 2014 at 12:22:47,96
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 13. 01. 2014 at 12:29:07,43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Naposledy upravil(a) PARKR dne 13 led 2014 12:47, celkem upraveno 1 x.
OS Windows 11 Professional (x64) (24H2) / MB ASUS TUF GAMING B650M-PLUS / CPU AMD Ryzen 5 7600/ RAM G.SKILL 32GB KIT DDR5 6000MT/s CL36 AMD EXPO / GPU ASUS DUAL RTX 4060 GAMING OC /
SSD SSD WD Black SN770 NVMe 1TB / PSU Seasonic Core GX-650 ATX 3
SSD SSD WD Black SN770 NVMe 1TB / PSU Seasonic Core GX-650 ATX 3
-
PARKR
- Level 3
- Příspěvky: 542
- Registrován: červenec 12
- Bydliště: Severní Morava
- Pohlaví:
- Stav:
Offline
Re: Preventivní kontrola logu
RogueKiller V8.8.0 _x64_ [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 8 (6.2.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Roman [Práva správce]
Mód : Kontrola -- Datum : 01/13/2014 12:35:05
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK6459GSXP +++++
--- User ---
[MBR] a2e014a1b0a3a71b4333b1a6225b5bb1
[BSP] 8ebddc4c47a6437c53919186dd1532e1 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_S_01132014_123505.txt >>
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 8 (6.2.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Roman [Práva správce]
Mód : Kontrola -- Datum : 01/13/2014 12:35:05
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK6459GSXP +++++
--- User ---
[MBR] a2e014a1b0a3a71b4333b1a6225b5bb1
[BSP] 8ebddc4c47a6437c53919186dd1532e1 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_S_01132014_123505.txt >>
OS Windows 11 Professional (x64) (24H2) / MB ASUS TUF GAMING B650M-PLUS / CPU AMD Ryzen 5 7600/ RAM G.SKILL 32GB KIT DDR5 6000MT/s CL36 AMD EXPO / GPU ASUS DUAL RTX 4060 GAMING OC /
SSD SSD WD Black SN770 NVMe 1TB / PSU Seasonic Core GX-650 ATX 3
SSD SSD WD Black SN770 NVMe 1TB / PSU Seasonic Core GX-650 ATX 3
-
Damned
- Tvůrce článků
-
Master Level 9
- Příspěvky: 8353
- Registrován: prosinec 06
- Bydliště: Rokycany
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Preventivní kontrola logu
Zavři všechny programy a prohlížeče.
Odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller (Pro Windows Vista nebo WIN7 klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Skenování dokončí práci...
- Počkej, dokud status box zobrazuje "Scan" "
- Klikni na "Vymazat"
- Počkej, dokud status box zobrazuje "Smazání - Finished"
- Klikni na "Zprávy", zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [1].txt na ploše.
- Zavři RogueKiller
********************************************************************************************************************************************************************************
Stáhni si DelFix a uloži si ho na Plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce).
V hlavním menu zaškrtni tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci
Poté se otevře zpráva (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je uložena zde:
C: \ DelFix.txt
********************************************************************************************************************************************************************************
Potom:
Vypni rezidentní štít antiviru.
Stáhni si ComboFix (by sUBs) nebo ComboFix (subs) a ulož si ho na Plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller (Pro Windows Vista nebo WIN7 klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Skenování dokončí práci...
- Počkej, dokud status box zobrazuje "Scan" "
- Klikni na "Vymazat"
- Počkej, dokud status box zobrazuje "Smazání - Finished"
- Klikni na "Zprávy", zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [1].txt na ploše.
- Zavři RogueKiller
********************************************************************************************************************************************************************************
Stáhni si DelFix a uloži si ho na Plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce).
V hlavním menu zaškrtni tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci
Poté se otevře zpráva (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je uložena zde:
C: \ DelFix.txt
********************************************************************************************************************************************************************************
Potom:
Vypni rezidentní štít antiviru.
Stáhni si ComboFix (by sUBs) nebo ComboFix (subs) a ulož si ho na Plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
-
PARKR
- Level 3
- Příspěvky: 542
- Registrován: červenec 12
- Bydliště: Severní Morava
- Pohlaví:
- Stav:
Offline
Re: Preventivní kontrola logu
RogueKiller V8.8.0 _x64_ [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 8 (6.2.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Roman [Práva správce]
Mód : Odebrat -- Datum : 01/13/2014 13:38:03
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK6459GSXP +++++
--- User ---
[MBR] a2e014a1b0a3a71b4333b1a6225b5bb1
[BSP] 8ebddc4c47a6437c53919186dd1532e1 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_D_01132014_133803.txt >>
RKreport[0]_S_01132014_123505.txt;RKreport[0]_S_01132014_133752.txt
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 8 (6.2.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Roman [Práva správce]
Mód : Odebrat -- Datum : 01/13/2014 13:38:03
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK6459GSXP +++++
--- User ---
[MBR] a2e014a1b0a3a71b4333b1a6225b5bb1
[BSP] 8ebddc4c47a6437c53919186dd1532e1 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_D_01132014_133803.txt >>
RKreport[0]_S_01132014_123505.txt;RKreport[0]_S_01132014_133752.txt
OS Windows 11 Professional (x64) (24H2) / MB ASUS TUF GAMING B650M-PLUS / CPU AMD Ryzen 5 7600/ RAM G.SKILL 32GB KIT DDR5 6000MT/s CL36 AMD EXPO / GPU ASUS DUAL RTX 4060 GAMING OC /
SSD SSD WD Black SN770 NVMe 1TB / PSU Seasonic Core GX-650 ATX 3
SSD SSD WD Black SN770 NVMe 1TB / PSU Seasonic Core GX-650 ATX 3
-
PARKR
- Level 3
- Příspěvky: 542
- Registrován: červenec 12
- Bydliště: Severní Morava
- Pohlaví:
- Stav:
Offline
Re: Preventivní kontrola logu
# DelFix v10.6 - Logfile created 13/01/2014 at 13:41:31
# Updated 11/11/2013 by Xplode
# Username : Roman - NUFANKA
# Operating System : Windows 8 (64 bits)
~ Removing disinfection tools ...
Deleted : C:\Qoobox
Deleted : C:\AdwCleaner
Deleted : C:\Users\Roman\Desktop\RK_Quarantine
Deleted : C:\Program Files (x86)\Trend Micro\Hijackthis
Deleted : C:\Users\Roman\Desktop\JRT.txt
Deleted : C:\Users\Roman\Desktop\hijackthis.log
Deleted : C:\Users\Roman\Desktop\RKreport[0]_D_01132014_133803.txt
Deleted : C:\Users\Roman\Desktop\RKreport[0]_S_01132014_123505.txt
Deleted : C:\Users\Roman\Desktop\RKreport[0]_S_01132014_133752.txt
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
~ Cleaning system restore ...
Deleted : RP #37 [Naplánovaný kontrolní bod | 12/28/2013 11:44:45]
Deleted : RP #38 [Naplánovaný kontrolní bod | 01/05/2014 12:30:30]
Deleted : RP #39 [avast! antivirus system restore point | 01/06/2014 16:57:54]
New restore point created !
########## - EOF - ##########
# Updated 11/11/2013 by Xplode
# Username : Roman - NUFANKA
# Operating System : Windows 8 (64 bits)
~ Removing disinfection tools ...
Deleted : C:\Qoobox
Deleted : C:\AdwCleaner
Deleted : C:\Users\Roman\Desktop\RK_Quarantine
Deleted : C:\Program Files (x86)\Trend Micro\Hijackthis
Deleted : C:\Users\Roman\Desktop\JRT.txt
Deleted : C:\Users\Roman\Desktop\hijackthis.log
Deleted : C:\Users\Roman\Desktop\RKreport[0]_D_01132014_133803.txt
Deleted : C:\Users\Roman\Desktop\RKreport[0]_S_01132014_123505.txt
Deleted : C:\Users\Roman\Desktop\RKreport[0]_S_01132014_133752.txt
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
~ Cleaning system restore ...
Deleted : RP #37 [Naplánovaný kontrolní bod | 12/28/2013 11:44:45]
Deleted : RP #38 [Naplánovaný kontrolní bod | 01/05/2014 12:30:30]
Deleted : RP #39 [avast! antivirus system restore point | 01/06/2014 16:57:54]
New restore point created !
########## - EOF - ##########
OS Windows 11 Professional (x64) (24H2) / MB ASUS TUF GAMING B650M-PLUS / CPU AMD Ryzen 5 7600/ RAM G.SKILL 32GB KIT DDR5 6000MT/s CL36 AMD EXPO / GPU ASUS DUAL RTX 4060 GAMING OC /
SSD SSD WD Black SN770 NVMe 1TB / PSU Seasonic Core GX-650 ATX 3
SSD SSD WD Black SN770 NVMe 1TB / PSU Seasonic Core GX-650 ATX 3
-
PARKR
- Level 3
- Příspěvky: 542
- Registrován: červenec 12
- Bydliště: Severní Morava
- Pohlaví:
- Stav:
Offline
Re: Preventivní kontrola logu
ComboFix 14-01-13.01 - Roman . 01. 2014 13:45:47.1.4 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.8139.6291 [GMT 1:00]
Spuštěný z: c:\users\Roman\Desktop\ComboFix\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Roman\AppData\Roaming\inst.exe
c:\windows\SysWow64\frapsvid.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-13 do 2014-01-13 )))))))))))))))))))))))))))))))
.
.
2014-01-13 12:51 . 2014-01-13 12:51 -------- d-----w- c:\users\Roman\AppData\Local\temp
2014-01-13 11:35 . 2014-01-13 12:37 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys.bak
2014-01-13 11:35 . 2014-01-13 12:37 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys.bak
2014-01-13 11:35 . 2014-01-13 12:37 22528 ----a-w- c:\windows\system32\drivers\ws2ifsl.sys.bak
2014-01-13 11:35 . 2014-01-13 12:37 23280 ----a-w- c:\windows\system32\drivers\WppRecorder.sys.bak
2014-01-13 11:35 . 2014-01-13 12:37 19968 ----a-w- c:\windows\system32\drivers\WpdUpFltr.sys.bak
2014-01-13 11:35 . 2014-01-13 12:37 45056 ----a-w- c:\windows\system32\drivers\wpcfltr.sys.bak
2014-01-13 11:35 . 2014-01-13 12:37 17648 ----a-w- c:\windows\system32\drivers\wmilib.sys.bak
2014-01-13 11:35 . 2014-01-13 12:37 57344 ----a-w- c:\windows\system32\drivers\winusb.sys.bak
2014-01-13 11:35 . 2014-01-13 12:37 17408 ----a-w- c:\windows\system32\drivers\wmiacpi.sys.bak
2014-01-13 11:33 . 2014-01-13 12:36 25928 ----a-w- c:\windows\system32\drivers\mbam.sys.bak
2014-01-06 16:59 . 2014-01-06 16:59 79672 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-01-03 22:57 . 2014-01-03 22:57 -------- d-----w- c:\users\Roman\AppData\Local\Opera Software
2014-01-03 22:57 . 2014-01-03 22:57 -------- d-----w- c:\users\Roman\AppData\Roaming\Opera Software
2014-01-03 22:57 . 2014-01-03 22:57 -------- d-----w- c:\program files (x86)\Opera
2013-12-30 22:05 . 2013-12-30 22:05 -------- d--h--w- c:\windows\msdownld.tmp
2013-12-30 12:03 . 2013-12-30 12:03 -------- d-----w- c:\program files (x86)\IObit
2013-12-30 11:25 . 2013-12-30 11:25 -------- d-----w- c:\program files\IObit
2013-12-30 11:24 . 2013-12-30 11:24 -------- d-----w- c:\programdata\IObit
2013-12-30 11:18 . 2013-12-30 12:02 -------- d-----w- c:\users\Roman\AppData\Local\Razer
2013-12-30 11:17 . 2013-12-30 11:54 -------- d-----w- c:\programdata\Razer
2013-12-30 11:17 . 2013-12-30 11:17 -------- d-----w- c:\program files (x86)\Razer
2013-12-30 10:24 . 2013-12-30 10:30 -------- d-----w- C:\Fraps
2013-12-28 09:20 . 2013-12-28 09:20 236208 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10229.bin
2013-12-24 19:58 . 2013-12-24 19:58 -------- d--h--w- c:\programdata\CanonBJ
2013-12-24 19:58 . 2006-09-13 04:00 80896 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPP7I.DLL
2013-12-24 19:58 . 2006-09-13 04:00 27136 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPD7I.DLL
2013-12-23 15:31 . 2013-12-23 15:31 -------- d-----w- c:\users\Roman\AppData\Roaming\Nero
2013-12-23 15:15 . 2013-12-23 15:23 -------- d-----w- c:\program files (x86)\Nero
2013-12-23 15:15 . 2013-12-23 15:19 -------- d-----w- c:\programdata\Nero
2013-12-23 15:15 . 2013-12-23 15:28 -------- d-----w- c:\program files (x86)\Common Files\Nero
2013-12-18 22:20 . 2013-12-18 22:20 -------- d-----w- c:\programdata\Ashampoo
2013-12-15 09:27 . 2013-11-01 01:45 23350272 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-15 09:27 . 2013-11-01 01:16 22615040 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-12 22:31 . 2013-11-02 14:48 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-01-12 22:19 . 2013-11-02 14:48 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-01-06 16:58 . 2013-08-06 19:19 422216 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-01-06 16:58 . 2013-08-06 19:19 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-01-06 16:58 . 2013-08-06 19:19 1034464 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-01-06 16:58 . 2013-08-06 19:19 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-01-06 16:58 . 2013-08-06 19:18 334136 ----a-w- c:\windows\system32\aswBoot.exe
2014-01-06 16:58 . 2013-08-06 19:18 43152 ----a-w- c:\windows\avastSS.scr
2013-12-18 07:26 . 2013-08-07 11:39 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-13 05:46 . 2013-11-02 14:48 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-12-04 00:53 . 2013-11-14 16:51 78304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-04 00:53 . 2013-11-14 16:51 694240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-03 16:01 . 2013-08-06 19:19 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-12-03 16:01 . 2013-08-06 19:19 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-11-23 06:43 . 2013-12-12 14:40 420864 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-23 05:05 . 2013-12-12 14:40 368640 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-19 10:21 . 2013-12-03 18:59 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-18 20:13 . 2013-11-18 16:27 291296 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-11-09 17:21 . 2013-11-09 17:21 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-11-09 17:21 . 2013-11-09 17:21 312744 ----a-w- c:\windows\system32\javaws.exe
2013-11-09 17:21 . 2013-11-09 17:21 189352 ----a-w- c:\windows\system32\javaw.exe
2013-11-09 17:21 . 2013-11-09 17:21 189352 ----a-w- c:\windows\system32\java.exe
2013-11-09 17:19 . 2013-11-09 17:19 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-07 18:12 . 2013-12-04 15:04 10285968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{41D59592-DC62-4F69-BCAF-67187BF7207C}\mpengine.dll
2013-11-06 23:18 . 2013-12-12 14:40 4036608 ----a-w- c:\windows\system32\win32k.sys
2013-11-06 18:42 . 2013-11-06 18:42 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-11-04 16:22 . 2013-11-04 16:22 46368 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-11-02 09:45 . 2013-11-02 09:45 31136 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2013-11-01 05:38 . 2013-12-12 14:40 312320 ----a-w- c:\windows\system32\msieftp.dll
2013-11-01 03:49 . 2013-12-12 14:40 273408 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-10-25 06:19 . 2013-12-12 14:42 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2013-10-25 06:19 . 2013-12-12 14:42 2241536 ----a-w- c:\windows\system32\wininet.dll
2013-10-25 06:19 . 2013-12-12 14:42 915968 ----a-w- c:\windows\system32\uxtheme.dll
2013-10-25 06:19 . 2013-12-12 14:42 1365504 ----a-w- c:\windows\system32\urlmon.dll
2013-10-25 06:18 . 2013-12-12 14:42 19271168 ----a-w- c:\windows\system32\mshtml.dll
2013-10-25 06:18 . 2013-12-12 14:42 603136 ----a-w- c:\windows\system32\msfeeds.dll
2013-10-25 06:17 . 2013-12-12 14:42 855552 ----a-w- c:\windows\system32\jscript.dll
2013-10-25 06:17 . 2013-12-12 14:42 3959808 ----a-w- c:\windows\system32\jscript9.dll
2013-10-25 06:17 . 2013-12-12 14:42 2648576 ----a-w- c:\windows\system32\iertutil.dll
2013-10-25 06:17 . 2013-12-12 14:42 15404032 ----a-w- c:\windows\system32\ieframe.dll
2013-10-25 04:45 . 2013-12-12 14:42 1767936 ----a-w- c:\windows\SysWow64\wininet.dll
2013-10-25 04:43 . 2013-12-12 14:42 2877952 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-10-19 05:45 . 2013-12-12 14:41 62976 ----a-w- c:\windows\system32\imagehlp.dll
2013-10-19 04:04 . 2013-12-12 14:41 59392 ----a-w- c:\windows\SysWow64\imagehlp.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{FEB703F7-E7B2-4AB0-9566-87658AC70095}]
2013-03-12 08:27 120600 ----a-w- c:\users\Roman\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-08-29 19:45 220632 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-08-29 19:45 220632 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-08-29 19:45 220632 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2014-01-07 1815464]
"Xvid"="c:\program files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 8192]
"DAEMON Tools Lite"="c:\users\Roman\Documents\stahování\DTLite-setup\instalace DTl\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2012-08-17 68776]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2012-07-27 724576]
"Intel AppUp(SM) center"="c:\program files (x86)\Intel\IntelAppStore\bin\ismagent.exe" [2012-06-25 152896]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-10-10 642216]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-06 3764024]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Sony MSS.lnk - c:\program files\Sony\MSS\3.8.130\SSScheduler.exe [2013-9-6 324320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 e1yexpress;Ovladač gigabitových síťových připojení Intel(R);c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 HPMo4DE3;Mouse Suite Driver_4DE3 (WDF Version);c:\windows\System32\drivers\HPMo4DE3.sys;c:\windows\SYSNATIVE\drivers\HPMo4DE3.sys [x]
R3 HPub4DE3;USB Mouse Low Filter Driver_4DE3 (WDF Version);c:\windows\System32\Drivers\HPub4DE3.sys;c:\windows\SYSNATIVE\Drivers\HPub4DE3.sys [x]
R3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;c:\program files\Sony\MSS\3.8.130\McCHSvc.exe;c:\program files\Sony\MSS\3.8.130\McCHSvc.exe [x]
R3 NetworkSupport;NetworkSupport;c:\program files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe;c:\program files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [x]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
R3 SOHDms;VAIO Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [x]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R3 USER_ESRV_SVC;User Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe [x]
R3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 ESRV_SVC;Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1 [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [x]
S2 SampleCollector;Intel(R) System Behavior Tracker Collector Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW86.sys;c:\windows\SYSNATIVE\drivers\AtihdW86.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BTATH_VDP;Bluetooth VDP Driver;c:\windows\system32\drivers\btath_vdp.sys;c:\windows\SYSNATIVE\drivers\btath_vdp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 semav6thermal64ro;semav6thermal64ro;c:\windows\system32\drivers\semav6thermal64ro.sys;c:\windows\SYSNATIVE\drivers\semav6thermal64ro.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 SOWS;Sony Wireless State Device;c:\windows\System32\drivers\sows.sys;c:\windows\SYSNATIVE\drivers\sows.sys [x]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe;c:\program files\Sony\VAIO Update\VUAgent.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 06:04 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-06 19:12]
.
2014-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-10 16:59]
.
2014-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-10 16:59]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-08-29 19:45 244696 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-08-29 19:45 244696 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-08-29 19:45 244696 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-06 16:58 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-08-20 1214608]
"BtPreLoad"="c:\program files (x86)\Bluetooth Suite\BtPreLoad.exe" [2012-08-13 64640]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-MSS - c:\program files (x86)\Sony\MSS\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=10000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfeeEx]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2014-01-13 13:54:18
ComboFix-quarantined-files.txt 2014-01-13 12:54
.
Před spuštěním: 352 546 672 640 bytes free
Po spuštění: 352 480 366 592 bytes free
.
- - End Of File - - D2D566C43BD1E0D3D111A854B9F34BEC
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.8139.6291 [GMT 1:00]
Spuštěný z: c:\users\Roman\Desktop\ComboFix\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Roman\AppData\Roaming\inst.exe
c:\windows\SysWow64\frapsvid.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-13 do 2014-01-13 )))))))))))))))))))))))))))))))
.
.
2014-01-13 12:51 . 2014-01-13 12:51 -------- d-----w- c:\users\Roman\AppData\Local\temp
2014-01-13 11:35 . 2014-01-13 12:37 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys.bak
2014-01-13 11:35 . 2014-01-13 12:37 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys.bak
2014-01-13 11:35 . 2014-01-13 12:37 22528 ----a-w- c:\windows\system32\drivers\ws2ifsl.sys.bak
2014-01-13 11:35 . 2014-01-13 12:37 23280 ----a-w- c:\windows\system32\drivers\WppRecorder.sys.bak
2014-01-13 11:35 . 2014-01-13 12:37 19968 ----a-w- c:\windows\system32\drivers\WpdUpFltr.sys.bak
2014-01-13 11:35 . 2014-01-13 12:37 45056 ----a-w- c:\windows\system32\drivers\wpcfltr.sys.bak
2014-01-13 11:35 . 2014-01-13 12:37 17648 ----a-w- c:\windows\system32\drivers\wmilib.sys.bak
2014-01-13 11:35 . 2014-01-13 12:37 57344 ----a-w- c:\windows\system32\drivers\winusb.sys.bak
2014-01-13 11:35 . 2014-01-13 12:37 17408 ----a-w- c:\windows\system32\drivers\wmiacpi.sys.bak
2014-01-13 11:33 . 2014-01-13 12:36 25928 ----a-w- c:\windows\system32\drivers\mbam.sys.bak
2014-01-06 16:59 . 2014-01-06 16:59 79672 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-01-03 22:57 . 2014-01-03 22:57 -------- d-----w- c:\users\Roman\AppData\Local\Opera Software
2014-01-03 22:57 . 2014-01-03 22:57 -------- d-----w- c:\users\Roman\AppData\Roaming\Opera Software
2014-01-03 22:57 . 2014-01-03 22:57 -------- d-----w- c:\program files (x86)\Opera
2013-12-30 22:05 . 2013-12-30 22:05 -------- d--h--w- c:\windows\msdownld.tmp
2013-12-30 12:03 . 2013-12-30 12:03 -------- d-----w- c:\program files (x86)\IObit
2013-12-30 11:25 . 2013-12-30 11:25 -------- d-----w- c:\program files\IObit
2013-12-30 11:24 . 2013-12-30 11:24 -------- d-----w- c:\programdata\IObit
2013-12-30 11:18 . 2013-12-30 12:02 -------- d-----w- c:\users\Roman\AppData\Local\Razer
2013-12-30 11:17 . 2013-12-30 11:54 -------- d-----w- c:\programdata\Razer
2013-12-30 11:17 . 2013-12-30 11:17 -------- d-----w- c:\program files (x86)\Razer
2013-12-30 10:24 . 2013-12-30 10:30 -------- d-----w- C:\Fraps
2013-12-28 09:20 . 2013-12-28 09:20 236208 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10229.bin
2013-12-24 19:58 . 2013-12-24 19:58 -------- d--h--w- c:\programdata\CanonBJ
2013-12-24 19:58 . 2006-09-13 04:00 80896 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPP7I.DLL
2013-12-24 19:58 . 2006-09-13 04:00 27136 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPD7I.DLL
2013-12-23 15:31 . 2013-12-23 15:31 -------- d-----w- c:\users\Roman\AppData\Roaming\Nero
2013-12-23 15:15 . 2013-12-23 15:23 -------- d-----w- c:\program files (x86)\Nero
2013-12-23 15:15 . 2013-12-23 15:19 -------- d-----w- c:\programdata\Nero
2013-12-23 15:15 . 2013-12-23 15:28 -------- d-----w- c:\program files (x86)\Common Files\Nero
2013-12-18 22:20 . 2013-12-18 22:20 -------- d-----w- c:\programdata\Ashampoo
2013-12-15 09:27 . 2013-11-01 01:45 23350272 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-15 09:27 . 2013-11-01 01:16 22615040 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-12 22:31 . 2013-11-02 14:48 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-01-12 22:19 . 2013-11-02 14:48 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-01-06 16:58 . 2013-08-06 19:19 422216 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-01-06 16:58 . 2013-08-06 19:19 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-01-06 16:58 . 2013-08-06 19:19 1034464 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-01-06 16:58 . 2013-08-06 19:19 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-01-06 16:58 . 2013-08-06 19:18 334136 ----a-w- c:\windows\system32\aswBoot.exe
2014-01-06 16:58 . 2013-08-06 19:18 43152 ----a-w- c:\windows\avastSS.scr
2013-12-18 07:26 . 2013-08-07 11:39 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-13 05:46 . 2013-11-02 14:48 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-12-04 00:53 . 2013-11-14 16:51 78304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-04 00:53 . 2013-11-14 16:51 694240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-03 16:01 . 2013-08-06 19:19 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-12-03 16:01 . 2013-08-06 19:19 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-11-23 06:43 . 2013-12-12 14:40 420864 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-23 05:05 . 2013-12-12 14:40 368640 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-19 10:21 . 2013-12-03 18:59 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-18 20:13 . 2013-11-18 16:27 291296 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-11-09 17:21 . 2013-11-09 17:21 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-11-09 17:21 . 2013-11-09 17:21 312744 ----a-w- c:\windows\system32\javaws.exe
2013-11-09 17:21 . 2013-11-09 17:21 189352 ----a-w- c:\windows\system32\javaw.exe
2013-11-09 17:21 . 2013-11-09 17:21 189352 ----a-w- c:\windows\system32\java.exe
2013-11-09 17:19 . 2013-11-09 17:19 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-07 18:12 . 2013-12-04 15:04 10285968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{41D59592-DC62-4F69-BCAF-67187BF7207C}\mpengine.dll
2013-11-06 23:18 . 2013-12-12 14:40 4036608 ----a-w- c:\windows\system32\win32k.sys
2013-11-06 18:42 . 2013-11-06 18:42 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-11-04 16:22 . 2013-11-04 16:22 46368 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-11-02 09:45 . 2013-11-02 09:45 31136 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2013-11-01 05:38 . 2013-12-12 14:40 312320 ----a-w- c:\windows\system32\msieftp.dll
2013-11-01 03:49 . 2013-12-12 14:40 273408 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-10-25 06:19 . 2013-12-12 14:42 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2013-10-25 06:19 . 2013-12-12 14:42 2241536 ----a-w- c:\windows\system32\wininet.dll
2013-10-25 06:19 . 2013-12-12 14:42 915968 ----a-w- c:\windows\system32\uxtheme.dll
2013-10-25 06:19 . 2013-12-12 14:42 1365504 ----a-w- c:\windows\system32\urlmon.dll
2013-10-25 06:18 . 2013-12-12 14:42 19271168 ----a-w- c:\windows\system32\mshtml.dll
2013-10-25 06:18 . 2013-12-12 14:42 603136 ----a-w- c:\windows\system32\msfeeds.dll
2013-10-25 06:17 . 2013-12-12 14:42 855552 ----a-w- c:\windows\system32\jscript.dll
2013-10-25 06:17 . 2013-12-12 14:42 3959808 ----a-w- c:\windows\system32\jscript9.dll
2013-10-25 06:17 . 2013-12-12 14:42 2648576 ----a-w- c:\windows\system32\iertutil.dll
2013-10-25 06:17 . 2013-12-12 14:42 15404032 ----a-w- c:\windows\system32\ieframe.dll
2013-10-25 04:45 . 2013-12-12 14:42 1767936 ----a-w- c:\windows\SysWow64\wininet.dll
2013-10-25 04:43 . 2013-12-12 14:42 2877952 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-10-19 05:45 . 2013-12-12 14:41 62976 ----a-w- c:\windows\system32\imagehlp.dll
2013-10-19 04:04 . 2013-12-12 14:41 59392 ----a-w- c:\windows\SysWow64\imagehlp.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{FEB703F7-E7B2-4AB0-9566-87658AC70095}]
2013-03-12 08:27 120600 ----a-w- c:\users\Roman\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-08-29 19:45 220632 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-08-29 19:45 220632 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-08-29 19:45 220632 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2014-01-07 1815464]
"Xvid"="c:\program files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 8192]
"DAEMON Tools Lite"="c:\users\Roman\Documents\stahování\DTLite-setup\instalace DTl\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2012-08-17 68776]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2012-07-27 724576]
"Intel AppUp(SM) center"="c:\program files (x86)\Intel\IntelAppStore\bin\ismagent.exe" [2012-06-25 152896]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-10-10 642216]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-06 3764024]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Sony MSS.lnk - c:\program files\Sony\MSS\3.8.130\SSScheduler.exe [2013-9-6 324320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 e1yexpress;Ovladač gigabitových síťových připojení Intel(R);c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 HPMo4DE3;Mouse Suite Driver_4DE3 (WDF Version);c:\windows\System32\drivers\HPMo4DE3.sys;c:\windows\SYSNATIVE\drivers\HPMo4DE3.sys [x]
R3 HPub4DE3;USB Mouse Low Filter Driver_4DE3 (WDF Version);c:\windows\System32\Drivers\HPub4DE3.sys;c:\windows\SYSNATIVE\Drivers\HPub4DE3.sys [x]
R3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;c:\program files\Sony\MSS\3.8.130\McCHSvc.exe;c:\program files\Sony\MSS\3.8.130\McCHSvc.exe [x]
R3 NetworkSupport;NetworkSupport;c:\program files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe;c:\program files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [x]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
R3 SOHDms;VAIO Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [x]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R3 USER_ESRV_SVC;User Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe [x]
R3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 ESRV_SVC;Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1 [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [x]
S2 SampleCollector;Intel(R) System Behavior Tracker Collector Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW86.sys;c:\windows\SYSNATIVE\drivers\AtihdW86.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BTATH_VDP;Bluetooth VDP Driver;c:\windows\system32\drivers\btath_vdp.sys;c:\windows\SYSNATIVE\drivers\btath_vdp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 semav6thermal64ro;semav6thermal64ro;c:\windows\system32\drivers\semav6thermal64ro.sys;c:\windows\SYSNATIVE\drivers\semav6thermal64ro.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 SOWS;Sony Wireless State Device;c:\windows\System32\drivers\sows.sys;c:\windows\SYSNATIVE\drivers\sows.sys [x]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe;c:\program files\Sony\VAIO Update\VUAgent.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 06:04 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-06 19:12]
.
2014-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-10 16:59]
.
2014-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-10 16:59]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-08-29 19:45 244696 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-08-29 19:45 244696 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-08-29 19:45 244696 ----a-w- c:\users\Roman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-06 16:58 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-08-20 1214608]
"BtPreLoad"="c:\program files (x86)\Bluetooth Suite\BtPreLoad.exe" [2012-08-13 64640]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\9l73re75.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-MSS - c:\program files (x86)\Sony\MSS\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=10000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfeeEx]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2014-01-13 13:54:18
ComboFix-quarantined-files.txt 2014-01-13 12:54
.
Před spuštěním: 352 546 672 640 bytes free
Po spuštění: 352 480 366 592 bytes free
.
- - End Of File - - D2D566C43BD1E0D3D111A854B9F34BEC
OS Windows 11 Professional (x64) (24H2) / MB ASUS TUF GAMING B650M-PLUS / CPU AMD Ryzen 5 7600/ RAM G.SKILL 32GB KIT DDR5 6000MT/s CL36 AMD EXPO / GPU ASUS DUAL RTX 4060 GAMING OC /
SSD SSD WD Black SN770 NVMe 1TB / PSU Seasonic Core GX-650 ATX 3
SSD SSD WD Black SN770 NVMe 1TB / PSU Seasonic Core GX-650 ATX 3
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 89 hostů