Prosím o kontrolu logu

Babis · Příspěvekod **Babis** » 27 led 2014 11:32

No jak jsem psal, projel jsem to pak ještě jednou a nic to nenašlo, takže předpokládám, že se všechno smazalo.
A zjistil jsem, že na RK jsem zapomněl, tak ho dodám za chvíli.

Reklama

Babis · Příspěvekod **Babis** » 27 led 2014 12:43

RogueKiller V8.8.3 _x64_ [Jan 24 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Tonda [Práva správce]
Mód : Odebrat -- Datum : 01/27/2014 11:34:34
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS547564A9E384 SCSI Disk Device +++++
--- User ---
[MBR] 0b85484dd14a94b912b287f5186673e9
[BSP] d4065d26e0ae07e47fc70680adf8d2e7 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 300 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 616448 | Size: 587697 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1204219904 | Size: 17359 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1239771136 | Size: 5122 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_01272014_113434.txt >>
RKreport[0]_S_01262014_210640.txt;RKreport[0]_S_01272014_113104.txt

Babis · Příspěvekod **Babis** » 27 led 2014 16:32

A tady ještě ten ComboFix.

ComboFix 14-01-27.02 - Tonda 27.01.2014 16:17:24.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4030.2085 [GMT 1:00]
Spuštěný z: c:\users\Tonda\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\XSxS
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-27 do 2014-01-27 )))))))))))))))))))))))))))))))
.
.
2014-01-26 10:56 . 2014-01-26 19:57 -------- d-----w- C:\AdwCleaner
2014-01-26 10:46 . 2014-01-26 10:46 -------- d-----w- c:\users\Tonda\AppData\Roaming\Malwarebytes
2014-01-26 10:46 . 2014-01-26 10:46 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-01-26 10:46 . 2014-01-26 10:46 -------- d-----w- c:\programdata\Malwarebytes
2014-01-26 10:46 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-01-25 13:20 . 2014-01-25 13:20 -------- d-----w- c:\program files\CCleaner
2014-01-25 12:12 . 2014-01-25 12:12 388096 ----a-r- c:\users\Tonda\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-01-25 12:12 . 2014-01-25 12:12 -------- d-----w- c:\program files (x86)\Trend Micro
2014-01-25 11:48 . 2011-03-03 09:02 4096 ----a-w- c:\windows\SysWow64\sigfile.exe
2014-01-25 11:38 . 2014-01-25 11:38 -------- d-----w- c:\program files (x86)\Common Files\Intel Corporation
2014-01-25 11:30 . 2014-01-25 11:30 -------- d-----w- c:\windows\SysWow64\config\systemprofile\Intel
2014-01-25 11:30 . 2014-01-25 11:30 -------- d-----w- c:\program files\Intel
2014-01-25 11:28 . 2014-01-25 11:28 -------- d-----w- c:\users\Tonda\Intel
2014-01-25 11:16 . 2013-08-13 00:52 440320 ----a-w- c:\windows\system32\athihvs.dll
2014-01-25 11:00 . 2000-01-01 00:00 74336 ----a-w- c:\windows\system32\AESTAR64.dll
2014-01-25 11:00 . 2000-01-01 00:00 442368 ----a-w- c:\windows\system32\AESTEC64.dll
2014-01-25 11:00 . 2000-01-01 00:00 224256 ----a-w- c:\windows\system32\HPToneCtrls64.dll
2014-01-25 11:00 . 2000-01-01 00:00 200288 ----a-w- c:\windows\system32\AESTAC64.dll
2014-01-25 11:00 . 2000-01-01 00:00 90624 ----a-w- c:\windows\system32\AESTCo64.dll
2014-01-25 11:00 . 2000-01-01 00:00 8013312 ----a-w- c:\windows\system32\IDTNHP.dll
2014-01-25 11:00 . 2000-01-01 00:00 8003072 ----a-w- c:\windows\system32\IDTNGUI.exe
2014-01-25 11:00 . 2000-01-01 00:00 6102016 ----a-w- c:\windows\system32\stlang64.dll
2014-01-25 11:00 . 2000-01-01 00:00 253952 ----a-w- c:\windows\system32\IDTNJ.exe
2014-01-25 11:00 . 2000-01-01 00:00 2216448 ----a-w- c:\windows\system32\IDTNX.dll
2014-01-25 11:00 . 2000-01-01 00:00 1821184 ----a-w- c:\windows\system32\IDTNC64.cpl
2014-01-25 11:00 . 2000-01-01 00:00 1664000 ----a-w- c:\windows\sttray64.exe
2014-01-25 10:59 . 2000-01-01 00:00 256000 ----a-w- c:\windows\system32\st646433.dll
2014-01-25 10:55 . 2014-01-25 11:30 -------- d-----w- c:\programdata\Intel
2014-01-25 10:55 . 2012-05-15 06:13 144896 ----a-w- c:\windows\system32\IntelOpenCL64.dll
2014-01-25 10:55 . 2012-05-15 05:20 104448 ----a-w- c:\windows\SysWow64\IntelOpenCL32.dll
2014-01-24 23:08 . 2014-01-24 23:08 -------- d-----w- c:\program files\Common Files\ATI Technologies
2014-01-24 22:57 . 2014-01-25 12:15 16152 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2014-01-24 22:29 . 2014-01-24 22:30 -------- d-----w- C:\da7ce438f5db7a7e52e170
2014-01-24 22:18 . 2014-01-24 22:19 -------- d-----w- C:\5e3c5ef2c4c89e4422ffd654f6a248
2014-01-24 21:58 . 2014-01-24 21:58 99288 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
2014-01-24 21:58 . 2014-01-24 21:58 1795952 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2014-01-24 21:58 . 2014-01-24 21:58 -------- d-----w- C:\DrvInstall
2014-01-24 21:58 . 2014-01-24 21:58 176880 ----a-w- c:\windows\system32\drivers\jmcr.sys
2014-01-24 21:42 . 2013-12-18 20:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-24 20:02 . 2014-01-24 20:02 -------- d-----w- c:\program files\ATI Technologies
2014-01-24 19:51 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-24 19:51 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-24 19:51 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-24 19:51 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-24 19:51 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-24 19:51 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-24 19:51 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-24 19:51 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-01-24 19:51 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
2014-01-24 19:42 . 2014-01-24 23:06 -------- d-----w- c:\programdata\Package Cache
2014-01-24 19:27 . 2014-01-24 22:57 -------- d-----w- c:\users\Tonda\AppData\Local\SlimWare Utilities Inc
2014-01-20 19:32 . 2014-01-20 19:32 -------- d-----w- c:\programdata\Razer
2014-01-12 08:08 . 2014-01-21 03:49 -------- d-----w- c:\windows\system32\drivers\NISx64\1501000.012
2014-01-04 21:19 . 2014-01-20 20:03 -------- d-----w- C:\Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-24 19:31 . 2013-06-03 03:35 86054176 ----a-w- c:\windows\system32\MRT.exe
2014-01-12 08:09 . 2013-06-02 18:09 177752 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-12-15 18:08 . 2013-12-15 18:08 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-15 18:08 . 2013-12-15 18:08 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-15 18:08 . 2013-12-15 18:08 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-15 18:08 . 2013-12-15 18:08 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-15 18:08 . 2013-12-15 18:08 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-12-15 18:08 . 2013-12-15 18:08 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-12-15 18:08 . 2013-12-15 18:08 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-15 18:08 . 2013-12-15 18:08 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-12-15 18:08 . 2013-12-15 18:08 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-12-15 18:08 . 2013-12-15 18:08 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-15 18:08 . 2013-12-15 18:08 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-15 18:08 . 2013-12-15 18:08 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-12-15 18:08 . 2013-12-15 18:08 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-12-15 18:08 . 2013-12-15 18:08 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-12-15 18:08 . 2013-12-15 18:08 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-12-15 18:08 . 2013-12-15 18:08 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-15 18:08 . 2013-12-15 18:08 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-12-15 18:08 . 2013-12-15 18:08 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-12-15 18:08 . 2013-12-15 18:08 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-12-15 18:08 . 2013-12-15 18:08 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-12-15 18:08 . 2013-12-15 18:08 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-12-15 18:08 . 2013-12-15 18:08 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-12-15 18:08 . 2013-12-15 18:08 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-12-15 18:08 . 2013-12-15 18:08 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-12-15 18:08 . 2013-12-15 18:08 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-12-15 18:08 . 2013-12-15 18:08 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-12-15 18:08 . 2013-12-15 18:08 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-12-15 18:08 . 2013-12-15 18:08 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-12-15 18:08 . 2013-12-15 18:08 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-12-15 18:08 . 2013-12-15 18:08 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-12-15 18:08 . 2013-12-15 18:08 247808 ----a-w- c:\windows\system32\msls31.dll
2013-12-15 18:08 . 2013-12-15 18:08 195584 ----a-w- c:\windows\system32\msrating.dll
2013-12-15 18:08 . 2013-12-15 18:08 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-12-15 18:08 . 2013-12-15 18:08 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-12-15 18:08 . 2013-12-15 18:08 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-12-15 18:08 . 2013-12-15 18:08 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-12-15 18:08 . 2013-12-15 18:08 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-15 18:08 . 2013-12-15 18:08 81408 ----a-w- c:\windows\system32\icardie.dll
2013-12-15 18:08 . 2013-12-15 18:08 774144 ----a-w- c:\windows\system32\jscript.dll
2013-12-15 18:08 . 2013-12-15 18:08 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-12-15 18:08 . 2013-12-15 18:08 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-12-15 18:08 . 2013-12-15 18:08 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-12-15 18:08 . 2013-12-15 18:08 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-12-15 18:08 . 2013-12-15 18:08 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-12-15 18:08 . 2013-12-15 18:08 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-12-15 18:08 . 2013-12-15 18:08 413696 ----a-w- c:\windows\system32\html.iec
2013-12-15 18:08 . 2013-12-15 18:08 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-15 18:08 . 2013-12-15 18:08 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-12-15 18:08 . 2013-12-15 18:08 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-12-15 18:08 . 2013-12-15 18:08 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-12-15 18:08 . 2013-12-15 18:08 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-12-15 18:08 . 2013-12-15 18:08 235520 ----a-w- c:\windows\system32\url.dll
2013-12-15 18:08 . 2013-12-15 18:08 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-12-15 18:08 . 2013-12-15 18:08 147968 ----a-w- c:\windows\system32\occache.dll
2013-12-15 18:08 . 2013-12-15 18:08 143872 ----a-w- c:\windows\system32\wextract.exe
2013-12-15 18:08 . 2013-12-15 18:08 13824 ----a-w- c:\windows\system32\mshta.exe
2013-12-15 18:08 . 2013-12-15 18:08 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-12-15 18:08 . 2013-12-15 18:08 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-12-15 18:08 . 2013-12-15 18:08 101376 ----a-w- c:\windows\system32\inseng.dll
2013-12-14 15:25 . 2013-12-14 15:25 884952 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2013-12-14 15:25 . 2013-12-14 15:25 74456 ----a-w- c:\windows\system32\RtNicProp64.dll
2013-12-14 15:25 . 2011-06-10 05:34 108760 ----a-w- c:\windows\system32\RTNUninst64.dll
2013-12-12 15:34 . 2013-10-02 15:11 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-12 15:34 . 2013-10-02 15:11 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-26 11:54 . 2013-12-16 15:45 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-16 15:45 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-16 15:45 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-16 15:45 66048 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-16 15:45 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-16 15:45 2764288 ----a-w- c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-16 15:45 53760 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-16 15:45 33792 ----a-w- c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-16 15:45 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-16 15:45 574976 ----a-w- c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-16 15:45 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-16 15:45 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-16 15:45 708608 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-16 15:45 218624 ----a-w- c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-16 15:45 5769216 ----a-w- c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-16 15:45 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-16 15:45 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-16 15:45 1995264 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-16 15:45 12996608 ----a-w- c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-16 15:45 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-16 15:45 2334208 ----a-w- c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-16 15:45 1395200 ----a-w- c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-16 15:45 817664 ----a-w- c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-16 15:45 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-11 20:53 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 20:53 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-12 02:23 . 2013-12-11 20:53 2048 ----a-w- c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-11 20:53 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-11-11 20:06 . 2013-11-11 20:06 62976 ----a-w- c:\windows\system32\TSWbPrxy.exe
2013-11-11 20:06 . 2013-11-11 20:06 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2013-11-11 20:06 . 2013-11-11 20:06 5773824 ----a-w- c:\windows\system32\mstscax.dll
2013-11-11 20:06 . 2013-11-11 20:06 54272 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2013-11-11 20:06 . 2013-11-11 20:06 4916224 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-11-11 20:06 . 2013-11-11 20:06 46592 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2011-01-28 299576]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2011-02-07 12274688]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2012-09-05 184736]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-08-11 658424]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2013-10-23 377368]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AVerQuick.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2013-6-3 610304]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2011-02-03 22:09 75360 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 SecureUpdateSvc;SecureUpdate;c:\program files (x86)\Secure Speed Dial\IE\SecureUpdate.exe;c:\program files (x86)\Secure Speed Dial\IE\SecureUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 XobniService;XobniService;c:\program files (x86)\Xobni\XobniService.exe;c:\program files (x86)\Xobni\XobniService.exe [x]
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 ATHDFU;Qualcomm Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 CXSONORA;AVerMedia 23885 AvStream Video Capture;c:\windows\system32\drivers\A885VCap64.sys;c:\windows\SYSNATIVE\drivers\A885VCap64.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 MfeEpeOpal;MfeEpeOpal; [x]
S0 MfeEpePc;MfeEpePc; [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1501000.012\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1501000.012\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1501000.012\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1501000.012\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [x]
S1 ccSet_NIS;NIS Settings Manager;c:\windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1501000.012\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140124.001\IDSvia64.sys;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140124.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1501000.012\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1501000.012\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1501000.012\SYMNETS.SYS [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe;c:\program files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-02 15:34]
.
2014-01-06 c:\windows\Tasks\HPCeeScheduleForTONDA-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2014-01-27 c:\windows\Tasks\HPCeeScheduleForTonda.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2014-01-20 17:17 2486592 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2726728]
"BtTray"="c:\program files (x86)\Bluetooth Suite\BtTray.exe" [2012-09-14 764544]
"BtvStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-09-14 127616]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2011-07-15 14904]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 660360]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2000-01-01 172016]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2000-01-01 399856]
"Persistence"="c:\windows\system32\igfxpers.exe" [2000-01-01 442352]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2000-01-01 1664000]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-09-27 36352]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Tonda\AppData\Roaming\Mozilla\Firefox\Profiles\gxzj5pj1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{EF5F59BA-B2AB-48D8-9747-54DF806C73B8} - c:\program files (x86)\Secure Speed Dial\IE\ADBlock\IE\Adblock.dll
Wow6432Node-HKU-Default-Run-Advanced SystemCare 7 - c:\program files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-AccelerateTab_is1 - c:\program files (x86)\Secure Speed Dial\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\21.1.0.18\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
"ImagePath"="\SystemRoot\System32\Drivers\NISx64\1501000.012\SYMNETS.SYS"
"TrustedImagePaths"="c:\program files (x86)\Norton Internet Security\Engine\21.1.0.18;c:\program files (x86)\Norton Internet Security\Engine64\21.1.0.18"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:51,66,7a,6c,4c,1d,38,12,8d,ec,f8,
7b,2b,25,27,06,e7,c4,bc,f0,98,15,0d,de
"{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}"=hex:51,66,7a,6c,4c,1d,38,12,e8,9b,8e,
71,5d,42,f6,01,c5,a0,09,1f,42,98,83,3b
"{3134413B-49B4-425C-98A5-893C1F195601}"=hex:51,66,7a,6c,4c,1d,38,12,55,42,27,
35,86,07,32,07,e7,b3,ca,7c,1a,47,12,15
"{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}"=hex:51,66,7a,6c,4c,1d,38,12,c3,d3,96,
33,cd,f1,98,02,c0,4d,e6,c7,c4,3c,ba,cd
"{48A789BF-F6D6-4930-9C8B-77855A63EDE1}"=hex:51,66,7a,6c,4c,1d,38,12,d1,8a,b4,
4c,e4,b8,5e,0c,e3,9d,34,c5,5f,3d,a9,f5
"{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}"=hex:51,66,7a,6c,4c,1d,38,12,60,d8,39,
64,cd,04,79,07,f5,b7,d6,9a,c1,81,e0,1c
"{6D53EC84-6AAE-4787-AEEE-F4628F01010C}"=hex:51,66,7a,6c,4c,1d,38,12,ea,ef,40,
69,9c,24,e9,02,d1,f8,b7,22,8a,5f,45,18
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}"=hex:51,66,7a,6c,4c,1d,38,12,aa,f5,03,
89,33,40,ba,0e,f9,17,52,ec,1a,81,c5,32
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-01-27 16:30:46 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-01-27 15:30
.
Před spuštěním: Volných bajtů: 502 482 747 392
Po spuštění: Volných bajtů: 501 754 081 280
.
- - End Of File - - 0819C6555E5774F4515D595C66420BB4
A36C5E4F47E84449FF07ED3517B43A31

Příspěvekod **memphisto** » 27 led 2014 19:17

Toto otestuj na Virustotal
c:\windows\SysWow64\sigfile.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Babis · Příspěvekod **Babis** » 27 led 2014 19:30

https://www.virustotal.com/cs/file/ee09 ... 390847288/

Příspěvekod **jaro3** » 27 led 2014 20:04

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\windows\SysWow64\sigfile.exe

Folder::
c:\program files (x86)\Skype\Updater

Driver::
SkypeUpdate

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:51,66,7a,6c,4c,1d,38,12,8d,ec,f8,
 7b,2b,25,27,06,e7,c4,bc,f0,98,15,0d,de
"{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}"=hex:51,66,7a,6c,4c,1d,38,12,e8,9b,8e,
 71,5d,42,f6,01,c5,a0,09,1f,42,98,83,3b
"{3134413B-49B4-425C-98A5-893C1F195601}"=hex:51,66,7a,6c,4c,1d,38,12,55,42,27,
 35,86,07,32,07,e7,b3,ca,7c,1a,47,12,15
"{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}"=hex:51,66,7a,6c,4c,1d,38,12,c3,d3,96,
 33,cd,f1,98,02,c0,4d,e6,c7,c4,3c,ba,cd
"{48A789BF-F6D6-4930-9C8B-77855A63EDE1}"=hex:51,66,7a,6c,4c,1d,38,12,d1,8a,b4,
 4c,e4,b8,5e,0c,e3,9d,34,c5,5f,3d,a9,f5
"{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}"=hex:51,66,7a,6c,4c,1d,38,12,60,d8,39,
 64,cd,04,79,07,f5,b7,d6,9a,c1,81,e0,1c
"{6D53EC84-6AAE-4787-AEEE-F4628F01010C}"=hex:51,66,7a,6c,4c,1d,38,12,ea,ef,40,
 69,9c,24,e9,02,d1,f8,b7,22,8a,5f,45,18
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
 72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
 df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}"=hex:51,66,7a,6c,4c,1d,38,12,aa,f5,03,
 89,33,40,ba,0e,f9,17,52,ec,1a,81,c5,32
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Babis · Příspěvekod **Babis** » 27 led 2014 20:41

Nestalo se, co mělo.. předpokládám dobře..? A aswMBR jsem už dělal.

ComboFix 14-01-27.02 - Tonda 27.01.2014 20:26:23.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4030.2319 [GMT 1:00]
Spuštěný z: c:\users\Tonda\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Tonda\Desktop\CFScript.txt
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\SysWow64\sigfile.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\windows\SysWow64\sigfile.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-27 do 2014-01-27 )))))))))))))))))))))))))))))))
.
.
2014-01-26 10:56 . 2014-01-26 19:57 -------- d-----w- C:\AdwCleaner
2014-01-26 10:46 . 2014-01-26 10:46 -------- d-----w- c:\users\Tonda\AppData\Roaming\Malwarebytes
2014-01-26 10:46 . 2014-01-26 10:46 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-01-26 10:46 . 2014-01-26 10:46 -------- d-----w- c:\programdata\Malwarebytes
2014-01-26 10:46 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-01-25 13:20 . 2014-01-25 13:20 -------- d-----w- c:\program files\CCleaner
2014-01-25 12:12 . 2014-01-25 12:12 388096 ----a-r- c:\users\Tonda\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-01-25 12:12 . 2014-01-25 12:12 -------- d-----w- c:\program files (x86)\Trend Micro
2014-01-25 11:38 . 2014-01-25 11:38 -------- d-----w- c:\program files (x86)\Common Files\Intel Corporation
2014-01-25 11:30 . 2014-01-25 11:30 -------- d-----w- c:\windows\SysWow64\config\systemprofile\Intel
2014-01-25 11:30 . 2014-01-25 11:30 -------- d-----w- c:\program files\Intel
2014-01-25 11:28 . 2014-01-25 11:28 -------- d-----w- c:\users\Tonda\Intel
2014-01-25 11:16 . 2013-08-13 00:52 440320 ----a-w- c:\windows\system32\athihvs.dll
2014-01-25 11:00 . 2000-01-01 00:00 74336 ----a-w- c:\windows\system32\AESTAR64.dll
2014-01-25 11:00 . 2000-01-01 00:00 442368 ----a-w- c:\windows\system32\AESTEC64.dll
2014-01-25 11:00 . 2000-01-01 00:00 224256 ----a-w- c:\windows\system32\HPToneCtrls64.dll
2014-01-25 11:00 . 2000-01-01 00:00 200288 ----a-w- c:\windows\system32\AESTAC64.dll
2014-01-25 11:00 . 2000-01-01 00:00 90624 ----a-w- c:\windows\system32\AESTCo64.dll
2014-01-25 11:00 . 2000-01-01 00:00 8013312 ----a-w- c:\windows\system32\IDTNHP.dll
2014-01-25 11:00 . 2000-01-01 00:00 8003072 ----a-w- c:\windows\system32\IDTNGUI.exe
2014-01-25 11:00 . 2000-01-01 00:00 6102016 ----a-w- c:\windows\system32\stlang64.dll
2014-01-25 11:00 . 2000-01-01 00:00 253952 ----a-w- c:\windows\system32\IDTNJ.exe
2014-01-25 11:00 . 2000-01-01 00:00 2216448 ----a-w- c:\windows\system32\IDTNX.dll
2014-01-25 11:00 . 2000-01-01 00:00 1821184 ----a-w- c:\windows\system32\IDTNC64.cpl
2014-01-25 11:00 . 2000-01-01 00:00 1664000 ----a-w- c:\windows\sttray64.exe
2014-01-25 10:59 . 2000-01-01 00:00 256000 ----a-w- c:\windows\system32\st646433.dll
2014-01-25 10:55 . 2014-01-25 11:30 -------- d-----w- c:\programdata\Intel
2014-01-25 10:55 . 2012-05-15 06:13 144896 ----a-w- c:\windows\system32\IntelOpenCL64.dll
2014-01-25 10:55 . 2012-05-15 05:20 104448 ----a-w- c:\windows\SysWow64\IntelOpenCL32.dll
2014-01-24 23:08 . 2014-01-24 23:08 -------- d-----w- c:\program files\Common Files\ATI Technologies
2014-01-24 22:57 . 2014-01-25 12:15 16152 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2014-01-24 22:29 . 2014-01-24 22:30 -------- d-----w- C:\da7ce438f5db7a7e52e170
2014-01-24 22:18 . 2014-01-24 22:19 -------- d-----w- C:\5e3c5ef2c4c89e4422ffd654f6a248
2014-01-24 21:58 . 2014-01-24 21:58 99288 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
2014-01-24 21:58 . 2014-01-24 21:58 1795952 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2014-01-24 21:58 . 2014-01-24 21:58 -------- d-----w- C:\DrvInstall
2014-01-24 21:58 . 2014-01-24 21:58 176880 ----a-w- c:\windows\system32\drivers\jmcr.sys
2014-01-24 21:42 . 2013-12-18 20:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-24 20:02 . 2014-01-24 20:02 -------- d-----w- c:\program files\ATI Technologies
2014-01-24 19:51 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-24 19:51 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-24 19:51 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-24 19:51 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-24 19:51 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-24 19:51 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-24 19:51 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-24 19:51 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-01-24 19:51 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
2014-01-24 19:42 . 2014-01-24 23:06 -------- d-----w- c:\programdata\Package Cache
2014-01-24 19:27 . 2014-01-24 22:57 -------- d-----w- c:\users\Tonda\AppData\Local\SlimWare Utilities Inc
2014-01-20 19:32 . 2014-01-20 19:32 -------- d-----w- c:\programdata\Razer
2014-01-12 08:08 . 2014-01-21 03:49 -------- d-----w- c:\windows\system32\drivers\NISx64\1501000.012
2014-01-04 21:19 . 2014-01-20 20:03 -------- d-----w- C:\Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-24 19:31 . 2013-06-03 03:35 86054176 ----a-w- c:\windows\system32\MRT.exe
2014-01-12 08:09 . 2013-06-02 18:09 177752 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-12-15 18:08 . 2013-12-15 18:08 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-15 18:08 . 2013-12-15 18:08 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-15 18:08 . 2013-12-15 18:08 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-15 18:08 . 2013-12-15 18:08 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-15 18:08 . 2013-12-15 18:08 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-12-15 18:08 . 2013-12-15 18:08 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-12-15 18:08 . 2013-12-15 18:08 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-15 18:08 . 2013-12-15 18:08 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-12-15 18:08 . 2013-12-15 18:08 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-12-15 18:08 . 2013-12-15 18:08 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-15 18:08 . 2013-12-15 18:08 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-15 18:08 . 2013-12-15 18:08 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-12-15 18:08 . 2013-12-15 18:08 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-12-15 18:08 . 2013-12-15 18:08 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-12-15 18:08 . 2013-12-15 18:08 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-12-15 18:08 . 2013-12-15 18:08 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-15 18:08 . 2013-12-15 18:08 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-12-15 18:08 . 2013-12-15 18:08 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-12-15 18:08 . 2013-12-15 18:08 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-12-15 18:08 . 2013-12-15 18:08 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-12-15 18:08 . 2013-12-15 18:08 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-12-15 18:08 . 2013-12-15 18:08 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-12-15 18:08 . 2013-12-15 18:08 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-12-15 18:08 . 2013-12-15 18:08 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-12-15 18:08 . 2013-12-15 18:08 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-12-15 18:08 . 2013-12-15 18:08 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-12-15 18:08 . 2013-12-15 18:08 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-12-15 18:08 . 2013-12-15 18:08 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-12-15 18:08 . 2013-12-15 18:08 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-12-15 18:08 . 2013-12-15 18:08 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-12-15 18:08 . 2013-12-15 18:08 247808 ----a-w- c:\windows\system32\msls31.dll
2013-12-15 18:08 . 2013-12-15 18:08 195584 ----a-w- c:\windows\system32\msrating.dll
2013-12-15 18:08 . 2013-12-15 18:08 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-12-15 18:08 . 2013-12-15 18:08 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-12-15 18:08 . 2013-12-15 18:08 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-12-15 18:08 . 2013-12-15 18:08 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-12-15 18:08 . 2013-12-15 18:08 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-15 18:08 . 2013-12-15 18:08 81408 ----a-w- c:\windows\system32\icardie.dll
2013-12-15 18:08 . 2013-12-15 18:08 774144 ----a-w- c:\windows\system32\jscript.dll
2013-12-15 18:08 . 2013-12-15 18:08 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-12-15 18:08 . 2013-12-15 18:08 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-12-15 18:08 . 2013-12-15 18:08 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-12-15 18:08 . 2013-12-15 18:08 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-12-15 18:08 . 2013-12-15 18:08 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-12-15 18:08 . 2013-12-15 18:08 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-12-15 18:08 . 2013-12-15 18:08 413696 ----a-w- c:\windows\system32\html.iec
2013-12-15 18:08 . 2013-12-15 18:08 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-15 18:08 . 2013-12-15 18:08 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-12-15 18:08 . 2013-12-15 18:08 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-12-15 18:08 . 2013-12-15 18:08 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-12-15 18:08 . 2013-12-15 18:08 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-12-15 18:08 . 2013-12-15 18:08 235520 ----a-w- c:\windows\system32\url.dll
2013-12-15 18:08 . 2013-12-15 18:08 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-12-15 18:08 . 2013-12-15 18:08 147968 ----a-w- c:\windows\system32\occache.dll
2013-12-15 18:08 . 2013-12-15 18:08 143872 ----a-w- c:\windows\system32\wextract.exe
2013-12-15 18:08 . 2013-12-15 18:08 13824 ----a-w- c:\windows\system32\mshta.exe
2013-12-15 18:08 . 2013-12-15 18:08 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-12-15 18:08 . 2013-12-15 18:08 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-12-15 18:08 . 2013-12-15 18:08 101376 ----a-w- c:\windows\system32\inseng.dll
2013-12-14 15:25 . 2013-12-14 15:25 884952 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2013-12-14 15:25 . 2013-12-14 15:25 74456 ----a-w- c:\windows\system32\RtNicProp64.dll
2013-12-14 15:25 . 2011-06-10 05:34 108760 ----a-w- c:\windows\system32\RTNUninst64.dll
2013-12-12 15:34 . 2013-10-02 15:11 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-12 15:34 . 2013-10-02 15:11 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-26 11:54 . 2013-12-16 15:45 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-16 15:45 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-16 15:45 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-16 15:45 66048 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-16 15:45 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-16 15:45 2764288 ----a-w- c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-16 15:45 53760 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-16 15:45 33792 ----a-w- c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-16 15:45 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-16 15:45 574976 ----a-w- c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-16 15:45 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-16 15:45 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-16 15:45 708608 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-16 15:45 218624 ----a-w- c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-16 15:45 5769216 ----a-w- c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-16 15:45 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-16 15:45 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-16 15:45 1995264 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-16 15:45 12996608 ----a-w- c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-16 15:45 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-16 15:45 2334208 ----a-w- c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-16 15:45 1395200 ----a-w- c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-16 15:45 817664 ----a-w- c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-16 15:45 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-11 20:53 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 20:53 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-12 02:23 . 2013-12-11 20:53 2048 ----a-w- c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-11 20:53 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-11-11 20:06 . 2013-11-11 20:06 62976 ----a-w- c:\windows\system32\TSWbPrxy.exe
2013-11-11 20:06 . 2013-11-11 20:06 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2013-11-11 20:06 . 2013-11-11 20:06 5773824 ----a-w- c:\windows\system32\mstscax.dll
2013-11-11 20:06 . 2013-11-11 20:06 54272 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2013-11-11 20:06 . 2013-11-11 20:06 4916224 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-11-11 20:06 . 2013-11-11 20:06 46592 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EF5F59BA-B2AB-48D8-9747-54DF806C73B8}]
c:\program files (x86)\Secure Speed Dial\IE\ADBlock\IE\Adblock.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2011-01-28 299576]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2011-02-07 12274688]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2012-09-05 184736]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-08-11 658424]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2013-10-23 377368]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AVerQuick.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2013-6-3 610304]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2011-02-03 22:09 75360 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 SecureUpdateSvc;SecureUpdate;c:\program files (x86)\Secure Speed Dial\IE\SecureUpdate.exe;c:\program files (x86)\Secure Speed Dial\IE\SecureUpdate.exe [x]
R2 XobniService;XobniService;c:\program files (x86)\Xobni\XobniService.exe;c:\program files (x86)\Xobni\XobniService.exe [x]
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 ATHDFU;Qualcomm Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 CXSONORA;AVerMedia 23885 AvStream Video Capture;c:\windows\system32\drivers\A885VCap64.sys;c:\windows\SYSNATIVE\drivers\A885VCap64.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 MfeEpeOpal;MfeEpeOpal; [x]
S0 MfeEpePc;MfeEpePc; [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1501000.012\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1501000.012\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1501000.012\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1501000.012\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [x]
S1 ccSet_NIS;NIS Settings Manager;c:\windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1501000.012\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140124.001\IDSvia64.sys;c:\program files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140124.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1501000.012\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1501000.012\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1501000.012\SYMNETS.SYS [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe;c:\program files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-02 15:34]
.
2014-01-06 c:\windows\Tasks\HPCeeScheduleForTONDA-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2014-01-27 c:\windows\Tasks\HPCeeScheduleForTonda.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2014-01-20 17:17 2486592 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2726728]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"BtTray"="c:\program files (x86)\Bluetooth Suite\BtTray.exe" [2012-09-14 764544]
"BtvStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-09-14 127616]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2011-07-15 14904]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 660360]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2000-01-01 172016]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2000-01-01 399856]
"Persistence"="c:\windows\system32\igfxpers.exe" [2000-01-01 442352]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2000-01-01 1664000]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-09-27 36352]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Tonda\AppData\Roaming\Mozilla\Firefox\Profiles\gxzj5pj1.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-AccelerateTab_is1 - c:\program files (x86)\Secure Speed Dial\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\21.1.0.18\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
"ImagePath"="\SystemRoot\System32\Drivers\NISx64\1501000.012\SYMNETS.SYS"
"TrustedImagePaths"="c:\program files (x86)\Norton Internet Security\Engine\21.1.0.18;c:\program files (x86)\Norton Internet Security\Engine64\21.1.0.18"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-01-27 20:38:31 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-01-27 19:38
ComboFix2.txt 2014-01-27 15:30
.
Před spuštěním: Volných bajtů: 501 600 522 240
Po spuštění: Volných bajtů: 501 273 858 048
.
- - End Of File - - A3E45D13772AAEDBA10FC8B6E2EAA267
A36C5E4F47E84449FF07ED3517B43A31

Příspěvekod **jaro3** » 28 led 2014 09:51

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Vlož nový log z HJT + info o problémech.

Babis · Příspěvekod **Babis** » 28 led 2014 12:05

Takže ComboFix udělal co měl?
Vypadá to, že po OTC ještě něco zbylo.. můžu použít DelFix?
CCleanerem projeto.

Babis · Příspěvekod **Babis** » 28 led 2014 12:19

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:17:05, on 28.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Adblock - {EF5F59BA-B2AB-48D8-9747-54DF806C73B8} - C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\IE\Adblock.dll (file missing)
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - Global Startup: AVerQuick.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: SecureUpdate (SecureUpdateSvc) - Unknown owner - C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 12819 bytes

..............
Vyskočila mi při HJT hláška (v příloze). Možnost "Spustit jako správce" ale v nabídce nebyla.

Babis · Příspěvekod **Babis** » 28 led 2014 12:21

Jinak problémy ani moc nebyly, spíš preventivka.
Jenom při startu systému vyskočila tabulka, ale to už vyřešil Mbam.

Příspěvekod **memphisto** » 28 led 2014 17:41

Ta hláška znamená, že máš HJT spouštět jako správce.

v HJT fixni:
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

Jinak to vypadá ok a pokud nejsou problémy, tak můžeš dát zelenou fajku

Prosím o kontrolu logu Vyřešeno

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Kdo je online