Využití CPU a GPU na max. a vysoke teploty Vyřešeno
Re: Využití CPU a GPU na max. a vysoke teploty
Tak zatím je vše v normálu nic se nepřehřívá není využití na max. zdřejmě pomohlo to CFScrip.txt tak uvidím jestli to neni jenom nějáká vyjímka
Být blbcem v dnešní době je těžké , je velká konkurence.
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Využití CPU a GPU na max. a vysoke teploty
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Kód: Vybrat vše
KillAll::
File::
c:\windows\core.exe
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Využití CPU a GPU na max. a vysoke teploty
ComboFix 14-01-29.01 - LevikCz 30.01.2014 19:52:04.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4095.2632 [GMT 1:00]
Spuštěný z: c:\users\LevikCz\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\LevikCz\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\core.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\core.exe
.
Nakažená kopie c:\windows\SysWow64\userinit.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\erdnt\cache86\userinit.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-28 do 2014-01-30 )))))))))))))))))))))))))))))))
.
.
2014-01-30 18:57 . 2014-01-30 18:57 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-01-30 18:57 . 2014-01-30 18:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-30 14:20 . 2014-01-30 14:20 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{98E76F92-8703-44C4-8564-D3670F29D295}\offreg.dll
2014-01-28 15:02 . 2014-01-30 08:51 -------- d-----w- c:\users\LevikCz\AppData\Local\CrashDumps
2014-01-27 18:34 . 2014-01-27 18:34 -------- d-----w- c:\windows\ERUNT
2014-01-27 14:10 . 2014-01-28 13:04 -------- d-----w- c:\users\LevikCz\AppData\Local\Adobe
2014-01-27 13:55 . 2014-01-27 19:44 -------- d-----w- C:\AdwCleaner
2014-01-27 13:47 . 2014-01-27 13:47 -------- d-----w- c:\users\LevikCz\AppData\Roaming\Malwarebytes
2014-01-27 13:46 . 2014-01-27 13:46 -------- d-----w- c:\programdata\Malwarebytes
2014-01-27 13:46 . 2014-01-27 13:46 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-01-27 13:46 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-01-26 09:40 . 2014-01-26 09:40 388096 ----a-r- c:\users\LevikCz\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-01-26 09:40 . 2014-01-26 09:40 -------- d-----w- c:\program files (x86)\Trend Micro
2014-01-26 07:44 . 2014-01-26 07:44 -------- d-----w- c:\users\LevikCz\AppData\Roaming\AVAST Software
2014-01-26 07:44 . 2014-01-26 07:44 -------- d-----w- c:\users\LevikCz\AppData\Roaming\RoboForm
2014-01-26 07:37 . 2014-01-26 07:37 -------- d-----w- c:\programdata\RoboForm
2014-01-26 07:37 . 2014-01-26 07:37 -------- d-----w- c:\program files (x86)\Siber Systems
2014-01-26 07:37 . 2014-01-26 07:36 80184 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-01-26 07:37 . 2014-01-26 07:36 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-01-26 07:37 . 2014-01-26 07:36 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-01-26 07:37 . 2014-01-26 07:36 1038072 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-01-26 07:37 . 2014-01-26 07:36 421704 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-01-26 07:37 . 2014-01-26 07:36 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-01-26 07:37 . 2014-01-26 07:36 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-01-26 07:37 . 2014-01-26 07:36 334136 ----a-w- c:\windows\system32\aswBoot.exe
2014-01-26 07:36 . 2014-01-26 07:36 43152 ----a-w- c:\windows\avastSS.scr
2014-01-26 07:35 . 2014-01-26 07:35 -------- d-----w- c:\program files\AVAST Software
2014-01-26 07:34 . 2014-01-26 07:34 -------- d-----w- c:\programdata\AVAST Software
2014-01-25 19:43 . 2014-01-25 19:43 -------- d-----w- c:\program files (x86)\Lavalys
2014-01-24 19:07 . 2014-01-24 19:10 -------- d-----w- c:\program files (x86)\KPO
2014-01-23 16:38 . 2014-01-29 14:37 -------- d-----w- c:\users\kpo_postgres
2014-01-19 13:02 . 2014-01-19 13:02 -------- d-----w- c:\users\LevikCz\AppData\Local\WarThunder
2014-01-19 13:02 . 2014-01-19 13:02 -------- d-----w- c:\programdata\WarThunder
2014-01-17 17:50 . 2014-01-17 17:50 -------- d-----w- c:\users\LevikCz\DocumentsSoubory ICQ358702350
2014-01-10 19:07 . 2014-01-10 19:07 -------- d-----w- c:\program files (x86)\VideoLAN
2014-01-08 15:59 . 2014-01-08 15:59 -------- d-----w- C:\NVIDIA
2014-01-08 15:18 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{98E76F92-8703-44C4-8564-D3670F29D295}\mpengine.dll
2014-01-07 13:59 . 2014-01-07 13:59 -------- d-----w- c:\users\LevikCz\.android
2014-01-07 13:48 . 2014-01-08 15:15 -------- d-----w- c:\program files (x86)\Shopping Suggestion
2014-01-07 13:46 . 2014-01-07 13:46 -------- d-----w- c:\program files (x86)\BitTorrent Sync
2014-01-07 13:46 . 2014-01-07 15:32 -------- d-----w- c:\users\LevikCz\AppData\Roaming\BitTorrent Sync
2014-01-04 18:28 . 2014-01-04 18:28 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2014-01-04 18:28 . 2014-01-04 18:28 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2014-01-04 18:26 . 2006-06-20 08:56 225280 ----a-w- c:\windows\SysWow64\rewire.dll
2014-01-04 18:26 . 2014-01-04 18:26 -------- d-----w- c:\program files (x86)\Image-Line
2014-01-04 18:26 . 2009-09-15 09:14 1554944 ----a-w- c:\windows\SysWow64\vorbis.acm
2014-01-04 18:26 . 2014-01-04 18:26 -------- d-----w- c:\program files (x86)\Outsim
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-30 14:38 . 2013-10-13 10:38 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-01-30 14:38 . 2013-10-13 10:38 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-01-17 19:15 . 2013-10-12 18:47 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-17 19:15 . 2013-10-12 18:47 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-26 18:45 . 2013-11-19 14:32 684622 ----a-w- c:\windows\unins000.exe
2013-12-19 20:33 . 2013-12-26 15:08 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-12-19 20:33 . 2013-12-26 15:08 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-12-19 20:33 . 2013-11-14 17:28 9657464 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-12-19 20:33 . 2013-11-14 17:28 3071656 ----a-w- c:\windows\system32\nvapi64.dll
2013-12-19 20:33 . 2013-11-14 17:28 2698272 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-12-19 20:33 . 2013-11-14 17:28 18310112 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-12-19 20:33 . 2013-11-14 17:28 15877216 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-12-19 20:33 . 2013-11-14 17:28 15230352 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-12-19 18:53 . 2013-12-26 15:09 6671648 ----a-w- c:\windows\system32\nvcpl.dll
2013-12-19 18:53 . 2013-12-26 15:09 3490080 ----a-w- c:\windows\system32\nvsvc64.dll
2013-12-19 18:53 . 2013-12-26 15:09 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-12-19 18:53 . 2013-12-26 15:09 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-12-19 18:53 . 2013-12-26 15:09 386336 ----a-w- c:\windows\system32\nvmctray.dll
2013-12-19 18:53 . 2013-12-26 15:09 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-12-19 11:20 . 2013-12-19 11:20 590112 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-12-19 05:01 . 2013-12-26 15:09 3539040 ----a-w- c:\windows\system32\nvcoproc.bin
2013-12-15 07:26 . 2013-10-28 12:20 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-10 02:15 . 2013-12-26 14:58 982232 ----a-w- c:\windows\SysWow64\nvspcap.dll
2013-12-10 02:14 . 2013-12-26 14:58 1100248 ----a-w- c:\windows\system32\nvspcap64.dll
2013-12-05 08:42 . 2013-12-26 15:16 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-12-05 08:42 . 2013-12-26 15:16 35104 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-12-05 08:42 . 2013-12-26 15:16 32544 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-11-30 06:43 . 2013-11-30 06:43 348672 ----a-w- c:\windows\curl.dll
2013-11-30 06:43 . 2013-11-30 06:43 82432 ----a-w- c:\windows\pthread.dll
2013-11-26 11:54 . 2013-12-12 21:13 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-11-26 11:25 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-26 10:19 . 2013-12-12 21:13 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-12 21:13 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-12 21:13 66048 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-12 21:13 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-12 21:13 2764288 ----a-w- c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-12 21:13 53760 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-12 21:13 33792 ----a-w- c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-12 21:13 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-12 21:13 574976 ----a-w- c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-12 21:13 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-12 21:13 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-12 21:13 708608 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-12 21:13 218624 ----a-w- c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-12 21:13 5769216 ----a-w- c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-12 21:13 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-12 21:13 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-12 21:13 1995264 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-12 21:13 12996608 ----a-w- c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-12 21:13 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-12 21:13 2334208 ----a-w- c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-12 21:13 1395200 ----a-w- c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-12 21:13 817664 ----a-w- c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-12 21:13 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-26 05:10 . 2013-11-26 05:10 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-26 05:10 . 2013-11-26 05:10 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-26 05:10 . 2013-11-26 05:10 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-26 05:10 . 2013-11-26 05:10 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-26 05:10 . 2013-11-26 05:10 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-26 05:10 . 2013-11-26 05:10 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-26 05:10 . 2013-11-26 05:10 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-26 05:10 . 2013-11-26 05:10 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-26 05:10 . 2013-11-26 05:10 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-26 05:09 . 2013-11-26 05:09 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-26 05:09 . 2013-11-26 05:09 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-26 05:09 . 2013-11-26 05:09 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-26 05:09 . 2013-11-26 05:09 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-26 05:09 . 2013-11-26 05:09 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-26 05:09 . 2013-11-26 05:09 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-26 05:09 . 2013-11-26 05:09 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-26 05:09 . 2013-11-26 05:09 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-26 05:09 . 2013-11-26 05:09 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-26 05:09 . 2013-11-26 05:09 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-26 05:09 . 2013-11-26 05:09 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-26 05:09 . 2013-11-26 05:09 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-26 05:09 . 2013-11-26 05:09 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-26 05:09 . 2013-11-26 05:09 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-26 05:09 . 2013-11-26 05:09 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-26 05:09 . 2013-11-26 05:09 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-26 05:09 . 2013-11-26 05:09 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-26 05:09 . 2013-11-26 05:09 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-26 05:09 . 2013-11-26 05:09 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-26 05:09 . 2013-11-26 05:09 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-26 05:09 . 2013-11-26 05:09 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-26 05:09 . 2013-11-26 05:09 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-26 05:09 . 2013-11-26 05:09 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-26 05:09 . 2013-11-26 05:09 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-26 05:09 . 2013-11-26 05:09 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-26 05:09 . 2013-11-26 05:09 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 05:09 . 2013-11-26 05:09 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-26 05:09 . 2013-11-26 05:09 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-26 05:09 . 2013-11-26 05:09 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-26 05:09 . 2013-11-26 05:09 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-26 05:09 . 2013-11-26 05:09 413696 ----a-w- c:\windows\system32\html.iec
2013-11-26 05:09 . 2013-11-26 05:09 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-26 05:09 . 2013-11-26 05:09 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-26 05:09 . 2013-11-26 05:09 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-26 05:09 . 2013-11-26 05:09 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-26 05:09 . 2013-11-26 05:09 235520 ----a-w- c:\windows\system32\url.dll
2013-11-26 05:09 . 2013-11-26 05:09 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[-] 2013-10-12 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
[-] 2013-10-12 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[7] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F6C07882-D703-4DD5-905A-2C4E815A5066}]
c:\users\LevikCz\AppData\Roaming\D394D188-BAC7-4e03-8FAF-389A4D7EC6F4\Shopping Suggestion.dll [BU]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"DAEMON Tools Lite"="d:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-07-03 3673184]
"EADM"="d:\program files (x86)\Origin\Origin.exe" [2014-01-29 3598680]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_IATIIME.EXE" [2012-02-29 283232]
"Steam"="d:\hry\Steam\steam.exe" [2014-01-27 1815976]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"RoboForm"="c:\program files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2014-01-26 100200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2009-06-30 36864]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-26 3767096]
"LogMeIn Hamachi Ui"="d:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-01-23 3813200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 DIRECTIO;DIRECTIO;d:\program files\PerformanceTest\DirectIo64.sys;d:\program files\PerformanceTest\DirectIo64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;d:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 KPO_Apache;KPO_Apache;c:\program files (x86)\KPO\server\apache\bin\httpd.exe;c:\program files (x86)\KPO\server\apache\bin\httpd.exe [x]
S2 KPO_PostgreSQL;KPO_PostgreSQL;C:/Program Files (x86)/KPO/server/postgresql/apps/pgsql/bin/pg_ctl.exe runservice -N KPO_PostgreSQL -D C:/Program Files (x86)/KPO/server/postgresql/data -o -F -p 45679;C:/Program Files (x86)/KPO/server/postgresql/apps/pgsql/bin/pg_ctl.exe runservice -N KPO_PostgreSQL -D C:/Program Files (x86)/KPO/server/postgresql/data -o -F -p 45679 [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-12 19:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-26 07:36 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-14 1028384]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Customize Menu - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do Microsoft Excelu - c:\progra~2\MICROS~1\Office15\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Od&eslat do OneNotu - c:\progra~2\MICROS~1\Office15\ONBttnIE.dll/105
IE: Save Forms - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Show avast! EasyPass Toolbar - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
FF - ProfilePath - c:\users\LevikCz\AppData\Roaming\Mozilla\Firefox\Profiles\z59widgs.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - ExtSQL: 2013-12-11 13:55; {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}; c:\users\LevikCz\AppData\Roaming\Mozilla\Firefox\Profiles\z59widgs.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KPO_PostgreSQL]
"ImagePath"="C:/Program Files (x86)/KPO/server/postgresql/apps/pgsql/bin/pg_ctl.exe runservice -N \"KPO_PostgreSQL\" -D \"C:/Program Files (x86)/KPO/server/postgresql/data\" -o \"-F -p 45679\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KPO_PostgreSQL]
"ImagePath"="C:/Program Files (x86)/KPO/server/postgresql/apps/pgsql/bin/pg_ctl.exe runservice -N \"KPO_PostgreSQL\" -D \"C:/Program Files (x86)/KPO/server/postgresql/data\" -o \"-F -p 45679\""
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\KPO\server\postgresql\apps\pgsql\bin\pg_ctl.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\KPO\server\postgresql\apps\pgsql\bin\postgres.exe
c:\program files (x86)\KPO\server\postgresql\apps\pgsql\bin\postgres.exe
c:\program files (x86)\KPO\server\postgresql\apps\pgsql\bin\postgres.exe
c:\program files (x86)\KPO\server\postgresql\apps\pgsql\bin\postgres.exe
c:\program files (x86)\KPO\server\postgresql\apps\pgsql\bin\postgres.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2014-01-30 20:03:35 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-01-30 19:03
ComboFix2.txt 2014-01-30 13:08
ComboFix3.txt 2014-01-29 14:42
.
Před spuštěním: Volných bajtů: 32 746 369 024
Po spuštění: Volných bajtů: 32 348 336 128
.
- - End Of File - - 4FF7A07D3203F066E75556562E2C77DB
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4095.2632 [GMT 1:00]
Spuštěný z: c:\users\LevikCz\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\LevikCz\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\core.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\core.exe
.
Nakažená kopie c:\windows\SysWow64\userinit.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\erdnt\cache86\userinit.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-28 do 2014-01-30 )))))))))))))))))))))))))))))))
.
.
2014-01-30 18:57 . 2014-01-30 18:57 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-01-30 18:57 . 2014-01-30 18:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-30 14:20 . 2014-01-30 14:20 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{98E76F92-8703-44C4-8564-D3670F29D295}\offreg.dll
2014-01-28 15:02 . 2014-01-30 08:51 -------- d-----w- c:\users\LevikCz\AppData\Local\CrashDumps
2014-01-27 18:34 . 2014-01-27 18:34 -------- d-----w- c:\windows\ERUNT
2014-01-27 14:10 . 2014-01-28 13:04 -------- d-----w- c:\users\LevikCz\AppData\Local\Adobe
2014-01-27 13:55 . 2014-01-27 19:44 -------- d-----w- C:\AdwCleaner
2014-01-27 13:47 . 2014-01-27 13:47 -------- d-----w- c:\users\LevikCz\AppData\Roaming\Malwarebytes
2014-01-27 13:46 . 2014-01-27 13:46 -------- d-----w- c:\programdata\Malwarebytes
2014-01-27 13:46 . 2014-01-27 13:46 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-01-27 13:46 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-01-26 09:40 . 2014-01-26 09:40 388096 ----a-r- c:\users\LevikCz\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-01-26 09:40 . 2014-01-26 09:40 -------- d-----w- c:\program files (x86)\Trend Micro
2014-01-26 07:44 . 2014-01-26 07:44 -------- d-----w- c:\users\LevikCz\AppData\Roaming\AVAST Software
2014-01-26 07:44 . 2014-01-26 07:44 -------- d-----w- c:\users\LevikCz\AppData\Roaming\RoboForm
2014-01-26 07:37 . 2014-01-26 07:37 -------- d-----w- c:\programdata\RoboForm
2014-01-26 07:37 . 2014-01-26 07:37 -------- d-----w- c:\program files (x86)\Siber Systems
2014-01-26 07:37 . 2014-01-26 07:36 80184 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-01-26 07:37 . 2014-01-26 07:36 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-01-26 07:37 . 2014-01-26 07:36 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-01-26 07:37 . 2014-01-26 07:36 1038072 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-01-26 07:37 . 2014-01-26 07:36 421704 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-01-26 07:37 . 2014-01-26 07:36 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-01-26 07:37 . 2014-01-26 07:36 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-01-26 07:37 . 2014-01-26 07:36 334136 ----a-w- c:\windows\system32\aswBoot.exe
2014-01-26 07:36 . 2014-01-26 07:36 43152 ----a-w- c:\windows\avastSS.scr
2014-01-26 07:35 . 2014-01-26 07:35 -------- d-----w- c:\program files\AVAST Software
2014-01-26 07:34 . 2014-01-26 07:34 -------- d-----w- c:\programdata\AVAST Software
2014-01-25 19:43 . 2014-01-25 19:43 -------- d-----w- c:\program files (x86)\Lavalys
2014-01-24 19:07 . 2014-01-24 19:10 -------- d-----w- c:\program files (x86)\KPO
2014-01-23 16:38 . 2014-01-29 14:37 -------- d-----w- c:\users\kpo_postgres
2014-01-19 13:02 . 2014-01-19 13:02 -------- d-----w- c:\users\LevikCz\AppData\Local\WarThunder
2014-01-19 13:02 . 2014-01-19 13:02 -------- d-----w- c:\programdata\WarThunder
2014-01-17 17:50 . 2014-01-17 17:50 -------- d-----w- c:\users\LevikCz\DocumentsSoubory ICQ358702350
2014-01-10 19:07 . 2014-01-10 19:07 -------- d-----w- c:\program files (x86)\VideoLAN
2014-01-08 15:59 . 2014-01-08 15:59 -------- d-----w- C:\NVIDIA
2014-01-08 15:18 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{98E76F92-8703-44C4-8564-D3670F29D295}\mpengine.dll
2014-01-07 13:59 . 2014-01-07 13:59 -------- d-----w- c:\users\LevikCz\.android
2014-01-07 13:48 . 2014-01-08 15:15 -------- d-----w- c:\program files (x86)\Shopping Suggestion
2014-01-07 13:46 . 2014-01-07 13:46 -------- d-----w- c:\program files (x86)\BitTorrent Sync
2014-01-07 13:46 . 2014-01-07 15:32 -------- d-----w- c:\users\LevikCz\AppData\Roaming\BitTorrent Sync
2014-01-04 18:28 . 2014-01-04 18:28 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2014-01-04 18:28 . 2014-01-04 18:28 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2014-01-04 18:26 . 2006-06-20 08:56 225280 ----a-w- c:\windows\SysWow64\rewire.dll
2014-01-04 18:26 . 2014-01-04 18:26 -------- d-----w- c:\program files (x86)\Image-Line
2014-01-04 18:26 . 2009-09-15 09:14 1554944 ----a-w- c:\windows\SysWow64\vorbis.acm
2014-01-04 18:26 . 2014-01-04 18:26 -------- d-----w- c:\program files (x86)\Outsim
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-30 14:38 . 2013-10-13 10:38 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-01-30 14:38 . 2013-10-13 10:38 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-01-17 19:15 . 2013-10-12 18:47 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-17 19:15 . 2013-10-12 18:47 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-26 18:45 . 2013-11-19 14:32 684622 ----a-w- c:\windows\unins000.exe
2013-12-19 20:33 . 2013-12-26 15:08 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-12-19 20:33 . 2013-12-26 15:08 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-12-19 20:33 . 2013-11-14 17:28 9657464 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-12-19 20:33 . 2013-11-14 17:28 3071656 ----a-w- c:\windows\system32\nvapi64.dll
2013-12-19 20:33 . 2013-11-14 17:28 2698272 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-12-19 20:33 . 2013-11-14 17:28 18310112 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-12-19 20:33 . 2013-11-14 17:28 15877216 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-12-19 20:33 . 2013-11-14 17:28 15230352 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-12-19 18:53 . 2013-12-26 15:09 6671648 ----a-w- c:\windows\system32\nvcpl.dll
2013-12-19 18:53 . 2013-12-26 15:09 3490080 ----a-w- c:\windows\system32\nvsvc64.dll
2013-12-19 18:53 . 2013-12-26 15:09 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-12-19 18:53 . 2013-12-26 15:09 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-12-19 18:53 . 2013-12-26 15:09 386336 ----a-w- c:\windows\system32\nvmctray.dll
2013-12-19 18:53 . 2013-12-26 15:09 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-12-19 11:20 . 2013-12-19 11:20 590112 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-12-19 05:01 . 2013-12-26 15:09 3539040 ----a-w- c:\windows\system32\nvcoproc.bin
2013-12-15 07:26 . 2013-10-28 12:20 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-10 02:15 . 2013-12-26 14:58 982232 ----a-w- c:\windows\SysWow64\nvspcap.dll
2013-12-10 02:14 . 2013-12-26 14:58 1100248 ----a-w- c:\windows\system32\nvspcap64.dll
2013-12-05 08:42 . 2013-12-26 15:16 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-12-05 08:42 . 2013-12-26 15:16 35104 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-12-05 08:42 . 2013-12-26 15:16 32544 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-11-30 06:43 . 2013-11-30 06:43 348672 ----a-w- c:\windows\curl.dll
2013-11-30 06:43 . 2013-11-30 06:43 82432 ----a-w- c:\windows\pthread.dll
2013-11-26 11:54 . 2013-12-12 21:13 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-11-26 11:25 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-26 10:19 . 2013-12-12 21:13 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-12 21:13 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-12 21:13 66048 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-12 21:13 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-12 21:13 2764288 ----a-w- c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-12 21:13 53760 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-12 21:13 33792 ----a-w- c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-12 21:13 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-12 21:13 574976 ----a-w- c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-12 21:13 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-12 21:13 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-12 21:13 708608 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-12 21:13 218624 ----a-w- c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-12 21:13 5769216 ----a-w- c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-12 21:13 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-12 21:13 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-12 21:13 1995264 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-12 21:13 12996608 ----a-w- c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-12 21:13 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-12 21:13 2334208 ----a-w- c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-12 21:13 1395200 ----a-w- c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-12 21:13 817664 ----a-w- c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-12 21:13 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-26 05:10 . 2013-11-26 05:10 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-26 05:10 . 2013-11-26 05:10 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-26 05:10 . 2013-11-26 05:10 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-26 05:10 . 2013-11-26 05:10 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-26 05:10 . 2013-11-26 05:10 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-26 05:10 . 2013-11-26 05:10 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-26 05:10 . 2013-11-26 05:10 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-26 05:10 . 2013-11-26 05:10 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-26 05:10 . 2013-11-26 05:10 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-26 05:09 . 2013-11-26 05:09 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-26 05:09 . 2013-11-26 05:09 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-26 05:09 . 2013-11-26 05:09 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-26 05:09 . 2013-11-26 05:09 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-26 05:09 . 2013-11-26 05:09 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-26 05:09 . 2013-11-26 05:09 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-26 05:09 . 2013-11-26 05:09 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-26 05:09 . 2013-11-26 05:09 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-26 05:09 . 2013-11-26 05:09 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-26 05:09 . 2013-11-26 05:09 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-26 05:09 . 2013-11-26 05:09 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-26 05:09 . 2013-11-26 05:09 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-26 05:09 . 2013-11-26 05:09 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-26 05:09 . 2013-11-26 05:09 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-26 05:09 . 2013-11-26 05:09 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-26 05:09 . 2013-11-26 05:09 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-26 05:09 . 2013-11-26 05:09 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-26 05:09 . 2013-11-26 05:09 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-26 05:09 . 2013-11-26 05:09 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-26 05:09 . 2013-11-26 05:09 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-26 05:09 . 2013-11-26 05:09 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-26 05:09 . 2013-11-26 05:09 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-26 05:09 . 2013-11-26 05:09 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-26 05:09 . 2013-11-26 05:09 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-26 05:09 . 2013-11-26 05:09 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-26 05:09 . 2013-11-26 05:09 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 05:09 . 2013-11-26 05:09 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-26 05:09 . 2013-11-26 05:09 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-26 05:09 . 2013-11-26 05:09 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-26 05:09 . 2013-11-26 05:09 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-26 05:09 . 2013-11-26 05:09 413696 ----a-w- c:\windows\system32\html.iec
2013-11-26 05:09 . 2013-11-26 05:09 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-26 05:09 . 2013-11-26 05:09 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-26 05:09 . 2013-11-26 05:09 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-26 05:09 . 2013-11-26 05:09 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-26 05:09 . 2013-11-26 05:09 235520 ----a-w- c:\windows\system32\url.dll
2013-11-26 05:09 . 2013-11-26 05:09 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[-] 2013-10-12 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
[-] 2013-10-12 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[7] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F6C07882-D703-4DD5-905A-2C4E815A5066}]
c:\users\LevikCz\AppData\Roaming\D394D188-BAC7-4e03-8FAF-389A4D7EC6F4\Shopping Suggestion.dll [BU]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"DAEMON Tools Lite"="d:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-07-03 3673184]
"EADM"="d:\program files (x86)\Origin\Origin.exe" [2014-01-29 3598680]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_IATIIME.EXE" [2012-02-29 283232]
"Steam"="d:\hry\Steam\steam.exe" [2014-01-27 1815976]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"RoboForm"="c:\program files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2014-01-26 100200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2009-06-30 36864]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-26 3767096]
"LogMeIn Hamachi Ui"="d:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-01-23 3813200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 DIRECTIO;DIRECTIO;d:\program files\PerformanceTest\DirectIo64.sys;d:\program files\PerformanceTest\DirectIo64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;d:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 KPO_Apache;KPO_Apache;c:\program files (x86)\KPO\server\apache\bin\httpd.exe;c:\program files (x86)\KPO\server\apache\bin\httpd.exe [x]
S2 KPO_PostgreSQL;KPO_PostgreSQL;C:/Program Files (x86)/KPO/server/postgresql/apps/pgsql/bin/pg_ctl.exe runservice -N KPO_PostgreSQL -D C:/Program Files (x86)/KPO/server/postgresql/data -o -F -p 45679;C:/Program Files (x86)/KPO/server/postgresql/apps/pgsql/bin/pg_ctl.exe runservice -N KPO_PostgreSQL -D C:/Program Files (x86)/KPO/server/postgresql/data -o -F -p 45679 [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-12 19:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-26 07:36 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-14 1028384]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Customize Menu - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do Microsoft Excelu - c:\progra~2\MICROS~1\Office15\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Od&eslat do OneNotu - c:\progra~2\MICROS~1\Office15\ONBttnIE.dll/105
IE: Save Forms - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Show avast! EasyPass Toolbar - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
FF - ProfilePath - c:\users\LevikCz\AppData\Roaming\Mozilla\Firefox\Profiles\z59widgs.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - ExtSQL: 2013-12-11 13:55; {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}; c:\users\LevikCz\AppData\Roaming\Mozilla\Firefox\Profiles\z59widgs.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KPO_PostgreSQL]
"ImagePath"="C:/Program Files (x86)/KPO/server/postgresql/apps/pgsql/bin/pg_ctl.exe runservice -N \"KPO_PostgreSQL\" -D \"C:/Program Files (x86)/KPO/server/postgresql/data\" -o \"-F -p 45679\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KPO_PostgreSQL]
"ImagePath"="C:/Program Files (x86)/KPO/server/postgresql/apps/pgsql/bin/pg_ctl.exe runservice -N \"KPO_PostgreSQL\" -D \"C:/Program Files (x86)/KPO/server/postgresql/data\" -o \"-F -p 45679\""
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\KPO\server\postgresql\apps\pgsql\bin\pg_ctl.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\KPO\server\postgresql\apps\pgsql\bin\postgres.exe
c:\program files (x86)\KPO\server\postgresql\apps\pgsql\bin\postgres.exe
c:\program files (x86)\KPO\server\postgresql\apps\pgsql\bin\postgres.exe
c:\program files (x86)\KPO\server\postgresql\apps\pgsql\bin\postgres.exe
c:\program files (x86)\KPO\server\postgresql\apps\pgsql\bin\postgres.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2014-01-30 20:03:35 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-01-30 19:03
ComboFix2.txt 2014-01-30 13:08
ComboFix3.txt 2014-01-29 14:42
.
Před spuštěním: Volných bajtů: 32 746 369 024
Po spuštění: Volných bajtů: 32 348 336 128
.
- - End Of File - - 4FF7A07D3203F066E75556562E2C77DB
A36C5E4F47E84449FF07ED3517B43A31
Být blbcem v dnešní době je těžké , je velká konkurence.
Re: Využití CPU a GPU na max. a vysoke teploty
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:05:06, on 30.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: InjectScript - {F6C07882-D703-4DD5-905A-2C4E815A5066} - C:\Users\LevikCz\AppData\Roaming\D394D188-BAC7-4e03-8FAF-389A4D7EC6F4\Shopping Suggestion.dll (file missing)
O3 - Toolbar: avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EADM] "D:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIME.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-202 203 206 Series"
O4 - HKCU\..\Run: [Steam] "D:\Hry\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKUS\S-1-5-21-1904636174-3968250633-3177946502-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1904636174-3968250633-3177946502-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1904636174-3968250633-3177946502-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'kpo_postgres')
O4 - HKUS\S-1-5-21-1904636174-3968250633-3177946502-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'kpo_postgres')
O8 - Extra context menu item: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Show avast! EasyPass Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Show avast! EasyPass Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\LevikCz\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\LevikCz\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KPO_Apache - Apache Software Foundation - C:\Program Files (x86)\KPO\server\apache\bin\httpd.exe
O23 - Service: KPO_PostgreSQL - PostgreSQL Global Development Group - C:/Program Files (x86)/KPO/server/postgresql/apps/pgsql/bin/pg_ctl.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12907 bytes
Scan saved at 20:05:06, on 30.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: InjectScript - {F6C07882-D703-4DD5-905A-2C4E815A5066} - C:\Users\LevikCz\AppData\Roaming\D394D188-BAC7-4e03-8FAF-389A4D7EC6F4\Shopping Suggestion.dll (file missing)
O3 - Toolbar: avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EADM] "D:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIME.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-202 203 206 Series"
O4 - HKCU\..\Run: [Steam] "D:\Hry\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKUS\S-1-5-21-1904636174-3968250633-3177946502-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1904636174-3968250633-3177946502-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1904636174-3968250633-3177946502-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'kpo_postgres')
O4 - HKUS\S-1-5-21-1904636174-3968250633-3177946502-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'kpo_postgres')
O8 - Extra context menu item: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Show avast! EasyPass Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Show avast! EasyPass Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\LevikCz\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\LevikCz\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KPO_Apache - Apache Software Foundation - C:\Program Files (x86)\KPO\server\apache\bin\httpd.exe
O23 - Service: KPO_PostgreSQL - PostgreSQL Global Development Group - C:/Program Files (x86)/KPO/server/postgresql/apps/pgsql/bin/pg_ctl.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12907 bytes
Být blbcem v dnešní době je těžké , je velká konkurence.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Využití CPU a GPU na max. a vysoke teploty
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
c:\windows\SysWow64\userinit.exe
c:\windows\SysWOW64\user32.dll
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Nebo na:
http://www.virscan.org/
Návod
Kód: Vybrat vše
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKUS\S-1-5-21-1904636174-3968250633-3177946502-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1904636174-3968250633-3177946502-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'kpo_postgres')
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Kód: Vybrat vše
DirLook::
c:\users\kpo_postgres
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
c:\windows\SysWow64\userinit.exe
c:\windows\SysWOW64\user32.dll
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Nebo na:
http://www.virscan.org/
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Využití CPU a GPU na max. a vysoke teploty
Proč bych to dělal když už je ten problém s kterým sem přišel v pořádku ted akorát riskuju to že se mi poserou Windowsy. Nic ve zlym.
Být blbcem v dnešní době je těžké , je velká konkurence.
Re: Využití CPU a GPU na max. a vysoke teploty
ComboFix 14-01-29.01 - LevikCz 31.01.2014 14:36:58.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4095.2672 [GMT 1:00]
Spuštěný z: c:\users\LevikCz\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\LevikCz\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Nakažená kopie c:\windows\SysWow64\userinit.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\erdnt\cache86\userinit.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-28 do 2014-01-31 )))))))))))))))))))))))))))))))
.
.
2014-01-31 13:42 . 2014-01-31 13:42 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-01-31 13:42 . 2014-01-31 13:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-28 15:02 . 2014-01-31 11:37 -------- d-----w- c:\users\LevikCz\AppData\Local\CrashDumps
2014-01-27 18:34 . 2014-01-27 18:34 -------- d-----w- c:\windows\ERUNT
2014-01-27 14:10 . 2014-01-28 13:04 -------- d-----w- c:\users\LevikCz\AppData\Local\Adobe
2014-01-27 13:55 . 2014-01-27 19:44 -------- d-----w- C:\AdwCleaner
2014-01-27 13:47 . 2014-01-27 13:47 -------- d-----w- c:\users\LevikCz\AppData\Roaming\Malwarebytes
2014-01-27 13:46 . 2014-01-27 13:46 -------- d-----w- c:\programdata\Malwarebytes
2014-01-27 13:46 . 2014-01-27 13:46 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-01-27 13:46 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-01-26 09:40 . 2014-01-26 09:40 388096 ----a-r- c:\users\LevikCz\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-01-26 09:40 . 2014-01-26 09:40 -------- d-----w- c:\program files (x86)\Trend Micro
2014-01-26 07:44 . 2014-01-26 07:44 -------- d-----w- c:\users\LevikCz\AppData\Roaming\AVAST Software
2014-01-26 07:44 . 2014-01-26 07:44 -------- d-----w- c:\users\LevikCz\AppData\Roaming\RoboForm
2014-01-26 07:37 . 2014-01-26 07:37 -------- d-----w- c:\programdata\RoboForm
2014-01-26 07:37 . 2014-01-26 07:37 -------- d-----w- c:\program files (x86)\Siber Systems
2014-01-26 07:37 . 2014-01-26 07:36 80184 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-01-26 07:37 . 2014-01-26 07:36 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-01-26 07:37 . 2014-01-26 07:36 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-01-26 07:37 . 2014-01-26 07:36 1038072 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-01-26 07:37 . 2014-01-26 07:36 421704 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-01-26 07:37 . 2014-01-26 07:36 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-01-26 07:37 . 2014-01-26 07:36 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-01-26 07:37 . 2014-01-26 07:36 334136 ----a-w- c:\windows\system32\aswBoot.exe
2014-01-26 07:36 . 2014-01-26 07:36 43152 ----a-w- c:\windows\avastSS.scr
2014-01-26 07:35 . 2014-01-26 07:35 -------- d-----w- c:\program files\AVAST Software
2014-01-26 07:34 . 2014-01-26 07:34 -------- d-----w- c:\programdata\AVAST Software
2014-01-25 19:43 . 2014-01-25 19:43 -------- d-----w- c:\program files (x86)\Lavalys
2014-01-24 19:07 . 2014-01-24 19:10 -------- d-----w- c:\program files (x86)\KPO
2014-01-23 16:38 . 2014-01-31 13:44 -------- d-----w- c:\users\kpo_postgres
2014-01-19 13:02 . 2014-01-19 13:02 -------- d-----w- c:\users\LevikCz\AppData\Local\WarThunder
2014-01-19 13:02 . 2014-01-19 13:02 -------- d-----w- c:\programdata\WarThunder
2014-01-17 17:50 . 2014-01-17 17:50 -------- d-----w- c:\users\LevikCz\DocumentsSoubory ICQ358702350
2014-01-10 19:07 . 2014-01-10 19:07 -------- d-----w- c:\program files (x86)\VideoLAN
2014-01-08 15:59 . 2014-01-08 15:59 -------- d-----w- C:\NVIDIA
2014-01-08 15:18 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{98E76F92-8703-44C4-8564-D3670F29D295}\mpengine.dll
2014-01-07 13:59 . 2014-01-07 13:59 -------- d-----w- c:\users\LevikCz\.android
2014-01-07 13:48 . 2014-01-08 15:15 -------- d-----w- c:\program files (x86)\Shopping Suggestion
2014-01-07 13:46 . 2014-01-07 13:46 -------- d-----w- c:\program files (x86)\BitTorrent Sync
2014-01-07 13:46 . 2014-01-07 15:32 -------- d-----w- c:\users\LevikCz\AppData\Roaming\BitTorrent Sync
2014-01-04 18:28 . 2014-01-04 18:28 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2014-01-04 18:28 . 2014-01-04 18:28 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2014-01-04 18:26 . 2006-06-20 08:56 225280 ----a-w- c:\windows\SysWow64\rewire.dll
2014-01-04 18:26 . 2014-01-04 18:26 -------- d-----w- c:\program files (x86)\Image-Line
2014-01-04 18:26 . 2009-09-15 09:14 1554944 ----a-w- c:\windows\SysWow64\vorbis.acm
2014-01-04 18:26 . 2014-01-04 18:26 -------- d-----w- c:\program files (x86)\Outsim
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-31 07:40 . 2013-10-13 10:38 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-01-31 07:40 . 2013-10-13 10:38 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-01-17 19:15 . 2013-10-12 18:47 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-17 19:15 . 2013-10-12 18:47 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-26 18:45 . 2013-11-19 14:32 684622 ----a-w- c:\windows\unins000.exe
2013-12-19 20:33 . 2013-12-26 15:08 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-12-19 20:33 . 2013-12-26 15:08 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-12-19 20:33 . 2013-11-14 17:28 9657464 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-12-19 20:33 . 2013-11-14 17:28 3071656 ----a-w- c:\windows\system32\nvapi64.dll
2013-12-19 20:33 . 2013-11-14 17:28 2698272 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-12-19 20:33 . 2013-11-14 17:28 18310112 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-12-19 20:33 . 2013-11-14 17:28 15877216 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-12-19 20:33 . 2013-11-14 17:28 15230352 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-12-19 18:53 . 2013-12-26 15:09 6671648 ----a-w- c:\windows\system32\nvcpl.dll
2013-12-19 18:53 . 2013-12-26 15:09 3490080 ----a-w- c:\windows\system32\nvsvc64.dll
2013-12-19 18:53 . 2013-12-26 15:09 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-12-19 18:53 . 2013-12-26 15:09 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-12-19 18:53 . 2013-12-26 15:09 386336 ----a-w- c:\windows\system32\nvmctray.dll
2013-12-19 18:53 . 2013-12-26 15:09 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-12-19 11:20 . 2013-12-19 11:20 590112 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-12-19 05:01 . 2013-12-26 15:09 3539040 ----a-w- c:\windows\system32\nvcoproc.bin
2013-12-15 07:26 . 2013-10-28 12:20 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-10 02:15 . 2013-12-26 14:58 982232 ----a-w- c:\windows\SysWow64\nvspcap.dll
2013-12-10 02:14 . 2013-12-26 14:58 1100248 ----a-w- c:\windows\system32\nvspcap64.dll
2013-12-05 08:42 . 2013-12-26 15:16 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-12-05 08:42 . 2013-12-26 15:16 35104 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-12-05 08:42 . 2013-12-26 15:16 32544 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-11-30 06:43 . 2013-11-30 06:43 348672 ----a-w- c:\windows\curl.dll
2013-11-30 06:43 . 2013-11-30 06:43 82432 ----a-w- c:\windows\pthread.dll
2013-11-26 11:54 . 2013-12-12 21:13 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-11-26 11:25 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-26 10:19 . 2013-12-12 21:13 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-12 21:13 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-12 21:13 66048 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-12 21:13 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-12 21:13 2764288 ----a-w- c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-12 21:13 53760 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-12 21:13 33792 ----a-w- c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-12 21:13 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-12 21:13 574976 ----a-w- c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-12 21:13 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-12 21:13 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-12 21:13 708608 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-12 21:13 218624 ----a-w- c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-12 21:13 5769216 ----a-w- c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-12 21:13 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-12 21:13 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-12 21:13 1995264 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-12 21:13 12996608 ----a-w- c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-12 21:13 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-12 21:13 2334208 ----a-w- c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-12 21:13 1395200 ----a-w- c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-12 21:13 817664 ----a-w- c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-12 21:13 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-26 05:10 . 2013-11-26 05:10 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-26 05:10 . 2013-11-26 05:10 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-26 05:10 . 2013-11-26 05:10 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-26 05:10 . 2013-11-26 05:10 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-26 05:10 . 2013-11-26 05:10 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-26 05:10 . 2013-11-26 05:10 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-26 05:10 . 2013-11-26 05:10 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-26 05:10 . 2013-11-26 05:10 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-26 05:10 . 2013-11-26 05:10 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-26 05:09 . 2013-11-26 05:09 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-26 05:09 . 2013-11-26 05:09 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-26 05:09 . 2013-11-26 05:09 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-26 05:09 . 2013-11-26 05:09 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-26 05:09 . 2013-11-26 05:09 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-26 05:09 . 2013-11-26 05:09 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-26 05:09 . 2013-11-26 05:09 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-26 05:09 . 2013-11-26 05:09 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-26 05:09 . 2013-11-26 05:09 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-26 05:09 . 2013-11-26 05:09 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-26 05:09 . 2013-11-26 05:09 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-26 05:09 . 2013-11-26 05:09 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-26 05:09 . 2013-11-26 05:09 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-26 05:09 . 2013-11-26 05:09 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-26 05:09 . 2013-11-26 05:09 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-26 05:09 . 2013-11-26 05:09 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-26 05:09 . 2013-11-26 05:09 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-26 05:09 . 2013-11-26 05:09 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-26 05:09 . 2013-11-26 05:09 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-26 05:09 . 2013-11-26 05:09 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-26 05:09 . 2013-11-26 05:09 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-26 05:09 . 2013-11-26 05:09 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-26 05:09 . 2013-11-26 05:09 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-26 05:09 . 2013-11-26 05:09 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-26 05:09 . 2013-11-26 05:09 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-26 05:09 . 2013-11-26 05:09 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 05:09 . 2013-11-26 05:09 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-26 05:09 . 2013-11-26 05:09 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-26 05:09 . 2013-11-26 05:09 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-26 05:09 . 2013-11-26 05:09 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-26 05:09 . 2013-11-26 05:09 413696 ----a-w- c:\windows\system32\html.iec
2013-11-26 05:09 . 2013-11-26 05:09 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-26 05:09 . 2013-11-26 05:09 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-26 05:09 . 2013-11-26 05:09 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-26 05:09 . 2013-11-26 05:09 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-26 05:09 . 2013-11-26 05:09 235520 ----a-w- c:\windows\system32\url.dll
2013-11-26 05:09 . 2013-11-26 05:09 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\users\kpo_postgres ----
.
2014-01-31 13:44 . 2014-01-31 13:44 524288 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{bace639b-8a7d-11e3-9cfd-0023542c3d45}.TMContainer00000000000000000002.regtrans-ms
2014-01-31 13:44 . 2014-01-31 13:44 524288 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{bace639b-8a7d-11e3-9cfd-0023542c3d45}.TMContainer00000000000000000001.regtrans-ms
2014-01-31 13:44 . 2014-01-31 13:44 65536 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{bace639b-8a7d-11e3-9cfd-0023542c3d45}.TM.blf
2014-01-31 13:44 . 2014-01-31 13:44 524288 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{bace6397-8a7d-11e3-9cfd-0023542c3d45}.TMContainer00000000000000000002.regtrans-ms
2014-01-31 13:44 . 2014-01-31 13:44 524288 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{bace6397-8a7d-11e3-9cfd-0023542c3d45}.TMContainer00000000000000000001.regtrans-ms
2014-01-31 13:44 . 2014-01-31 13:44 65536 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{bace6397-8a7d-11e3-9cfd-0023542c3d45}.TM.blf
2014-01-29 14:37 . 2014-01-29 19:09 524288 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{cf2b00fb-88f2-11e3-8df7-0023542c3d45}.TMContainer00000000000000000002.regtrans-ms
2014-01-29 14:37 . 2014-01-29 19:09 524288 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{cf2b00fb-88f2-11e3-8df7-0023542c3d45}.TMContainer00000000000000000001.regtrans-ms
2014-01-29 14:37 . 2014-01-29 19:09 65536 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{cf2b00fb-88f2-11e3-8df7-0023542c3d45}.TM.blf
2014-01-29 14:37 . 2014-01-29 19:09 524288 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{cf2b00f7-88f2-11e3-8df7-0023542c3d45}.TMContainer00000000000000000002.regtrans-ms
2014-01-29 14:37 . 2014-01-29 19:09 524288 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{cf2b00f7-88f2-11e3-8df7-0023542c3d45}.TMContainer00000000000000000001.regtrans-ms
2014-01-29 14:37 . 2014-01-29 19:09 65536 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{cf2b00f7-88f2-11e3-8df7-0023542c3d45}.TM.blf
2014-01-26 13:56 . 2014-01-26 16:33 524288 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{8a59223b-8691-11e3-b777-0023542c3d45}.TMContainer00000000000000000002.regtrans-ms
2014-01-26 13:56 . 2014-01-26 16:33 524288 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{8a59223b-8691-11e3-b777-0023542c3d45}.TMContainer00000000000000000001.regtrans-ms
2014-01-26 13:56 . 2014-01-26 16:33 65536 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{8a59223b-8691-11e3-b777-0023542c3d45}.TM.blf
2014-01-26 13:56 . 2014-01-26 16:33 524288 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{8a592237-8691-11e3-b777-0023542c3d45}.TMContainer00000000000000000002.regtrans-ms
2014-01-26 13:56 . 2014-01-26 16:33 524288 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{8a592237-8691-11e3-b777-0023542c3d45}.TMContainer00000000000000000001.regtrans-ms
2014-01-26 13:56 . 2014-01-26 16:33 65536 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{8a592237-8691-11e3-b777-0023542c3d45}.TM.blf
2014-01-26 09:33 . 2014-01-26 11:41 524288 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{a4b7900d-865e-11e3-acc1-0023542c3d45}.TMContainer00000000000000000001.regtrans-ms
2014-01-26 09:33 . 2014-01-26 11:41 524288 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{a4b7900d-865e-11e3-acc1-0023542c3d45}.TMContainer00000000000000000002.regtrans-ms
2014-01-26 09:33 . 2014-01-26 11:41 65536 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{a4b7900d-865e-11e3-acc1-0023542c3d45}.TM.blf
2014-01-26 08:00 . 2014-01-26 09:33 524288 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{a4b78ffe-865e-11e3-acc1-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
2014-01-26 08:00 . 2014-01-26 09:33 524288 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{a4b78ffe-865e-11e3-acc1-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
2014-01-26 08:00 . 2014-01-26 09:33 65536 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{a4b78ffe-865e-11e3-acc1-806e6f6e6963}.TM.blf
2014-01-25 19:43 . 2014-01-25 19:43 1106 ----a-w- c:\users\kpo_postgres\Desktop\EVEREST Home Edition.lnk
2014-01-23 16:38 . 2014-01-23 20:12 524288 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{82051008-8431-11e3-9caf-0023542c3d45}.TMContainer00000000000000000002.regtrans-ms
2014-01-23 16:38 . 2014-01-23 20:12 524288 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{82051008-8431-11e3-9caf-0023542c3d45}.TMContainer00000000000000000001.regtrans-ms
2014-01-23 16:38 . 2014-01-23 20:12 65536 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{82051008-8431-11e3-9caf-0023542c3d45}.TM.blf
2014-01-23 16:38 . 2014-01-23 16:38 0 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2
2014-01-23 16:38 . 2014-01-31 13:44 262144 ---ha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat
2014-01-23 16:38 . 2014-01-31 13:44 5120 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1
2014-01-23 16:38 . 2014-01-23 16:38 20 --sh--w- c:\users\kpo_postgres\ntuser.ini
2014-01-23 16:38 . 2014-01-23 20:12 524288 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
2014-01-23 16:38 . 2014-01-23 20:12 524288 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
2014-01-23 16:38 . 2014-01-23 20:12 65536 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
2014-01-23 16:38 . 2014-01-31 13:44 230400 --sha-w- c:\users\kpo_postgres\ntuser.dat.LOG1
2014-01-23 16:38 . 2014-01-23 16:38 0 --sha-w- c:\users\kpo_postgres\ntuser.dat.LOG2
2014-01-23 16:38 . 2013-10-13 20:01 16384 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2014-01-23 16:38 . 2013-10-13 18:09 145 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\History\desktop.ini
2014-01-23 16:38 . 2013-10-13 18:09 145 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\History\History.IE5\desktop.ini
2014-01-23 16:38 . 2013-10-13 18:09 67 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini
2014-01-23 16:38 . 2009-07-14 04:49 146 --sha-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
2014-01-23 16:38 . 2009-07-14 04:49 290 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
2014-01-23 16:38 . 2009-07-14 04:49 272 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
2014-01-23 16:38 . 2013-10-13 20:01 16384 --sha-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
2014-01-23 16:38 . 2009-06-10 20:45 3 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\SendTo\Compressed (zipped) Folder.ZFSendToTarget
2014-01-23 16:38 . 2009-07-14 04:54 1238 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk
2014-01-23 16:38 . 2009-07-14 04:54 558 --sha-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\SendTo\Desktop.ini
2014-01-23 16:38 . 2013-12-15 16:33 982 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk
2014-01-23 16:38 . 2009-06-10 20:44 7 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\SendTo\Desktop (create shortcut).DeskLink
2014-01-23 16:38 . 2009-06-10 20:44 4 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\SendTo\Mail Recipient.MAPIMail
2014-01-23 16:38 . 2009-07-14 04:54 1258 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk
2014-01-23 16:38 . 2009-07-14 04:54 704 --sha-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Desktop.ini
2014-01-23 16:38 . 2009-07-14 04:54 1358 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk
2014-01-23 16:38 . 2009-07-14 04:54 1262 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk
2014-01-23 16:38 . 2009-07-14 04:54 1250 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk
2014-01-23 16:38 . 2009-07-14 04:54 1280 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk
2014-01-23 16:38 . 2009-07-14 04:54 1304 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk
2014-01-23 16:38 . 2009-07-14 04:54 678 --sha-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Desktop.ini
2014-01-23 16:38 . 2009-07-14 04:54 592 --sha-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Desktop.ini
2014-01-23 16:38 . 2009-07-14 04:54 1306 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk
2014-01-23 16:38 . 2009-07-14 04:49 262 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk
2014-01-23 16:38 . 2009-07-14 04:49 1228 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk
2014-01-23 16:38 . 2009-07-14 04:49 262 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk
2014-01-23 16:38 . 2009-07-14 04:49 262 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk
2014-01-23 16:38 . 2009-07-14 04:49 318 --sha-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Desktop.ini
2014-01-23 16:38 . 2009-07-14 04:49 262 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk
2014-01-23 16:38 . 2014-01-31 13:44 262144 --sha-w- c:\users\kpo_postgres\NTUSER.DAT
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[-] 2013-10-12 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
[-] 2013-10-12 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[7] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F6C07882-D703-4DD5-905A-2C4E815A5066}]
c:\users\LevikCz\AppData\Roaming\D394D188-BAC7-4e03-8FAF-389A4D7EC6F4\Shopping Suggestion.dll [BU]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"DAEMON Tools Lite"="d:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-07-03 3673184]
"EADM"="d:\program files (x86)\Origin\Origin.exe" [2014-01-29 3598680]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_IATIIME.EXE" [2012-02-29 283232]
"Steam"="d:\hry\Steam\steam.exe" [2014-01-27 1815976]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"RoboForm"="c:\program files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2014-01-26 100200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2009-06-30 36864]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-26 3767096]
"LogMeIn Hamachi Ui"="d:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-01-23 3813200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 DIRECTIO;DIRECTIO;d:\program files\PerformanceTest\DirectIo64.sys;d:\program files\PerformanceTest\DirectIo64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;d:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 KPO_Apache;KPO_Apache;c:\program files (x86)\KPO\server\apache\bin\httpd.exe;c:\program files (x86)\KPO\server\apache\bin\httpd.exe [x]
S2 KPO_PostgreSQL;KPO_PostgreSQL;C:/Program Files (x86)/KPO/server/postgresql/apps/pgsql/bin/pg_ctl.exe runservice -N KPO_PostgreSQL -D C:/Program Files (x86)/KPO/server/postgresql/data -o -F -p 45679;C:/Program Files (x86)/KPO/server/postgresql/apps/pgsql/bin/pg_ctl.exe runservice -N KPO_PostgreSQL -D C:/Program Files (x86)/KPO/server/postgresql/data -o -F -p 45679 [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-12 19:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-26 07:36 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-14 1028384]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Customize Menu - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do Microsoft Excelu - c:\progra~2\MICROS~1\Office15\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Od&eslat do OneNotu - c:\progra~2\MICROS~1\Office15\ONBttnIE.dll/105
IE: Save Forms - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Show avast! EasyPass Toolbar - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
FF - ProfilePath - c:\users\LevikCz\AppData\Roaming\Mozilla\Firefox\Profiles\z59widgs.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - ExtSQL: 2013-12-11 13:55; {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}; c:\users\LevikCz\AppData\Roaming\Mozilla\Firefox\Profiles\z59widgs.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KPO_PostgreSQL]
"ImagePath"="C:/Program Files (x86)/KPO/server/postgresql/apps/pgsql/bin/pg_ctl.exe runservice -N \"KPO_PostgreSQL\" -D \"C:/Program Files (x86)/KPO/server/postgresql/data\" -o \"-F -p 45679\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KPO_PostgreSQL]
"ImagePath"="C:/Program Files (x86)/KPO/server/postgresql/apps/pgsql/bin/pg_ctl.exe runservice -N \"KPO_PostgreSQL\" -D \"C:/Program Files (x86)/KPO/server/postgresql/data\" -o \"-F -p 45679\""
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\KPO\server\postgresql\apps\pgsql\bin\pg_ctl.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\KPO\server\postgresql\apps\pgsql\bin\postgres.exe
c:\program files (x86)\KPO\server\postgresql\apps\pgsql\bin\postgres.exe
c:\program files (x86)\KPO\server\postgresql\apps\pgsql\bin\postgres.exe
c:\program files (x86)\KPO\server\postgresql\apps\pgsql\bin\postgres.exe
c:\program files (x86)\KPO\server\postgresql\apps\pgsql\bin\postgres.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2014-01-31 14:48:31 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-01-31 13:48
ComboFix2.txt 2014-01-30 19:03
ComboFix3.txt 2014-01-30 13:08
ComboFix4.txt 2014-01-29 14:42
.
Před spuštěním: Volných bajtů: 32 631 943 168
Po spuštění: Volných bajtů: 32 412 225 536
.
- - End Of File - - 9C3FE62E294B733ABF61436F68376BE4
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4095.2672 [GMT 1:00]
Spuštěný z: c:\users\LevikCz\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\LevikCz\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Nakažená kopie c:\windows\SysWow64\userinit.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\erdnt\cache86\userinit.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-28 do 2014-01-31 )))))))))))))))))))))))))))))))
.
.
2014-01-31 13:42 . 2014-01-31 13:42 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-01-31 13:42 . 2014-01-31 13:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-28 15:02 . 2014-01-31 11:37 -------- d-----w- c:\users\LevikCz\AppData\Local\CrashDumps
2014-01-27 18:34 . 2014-01-27 18:34 -------- d-----w- c:\windows\ERUNT
2014-01-27 14:10 . 2014-01-28 13:04 -------- d-----w- c:\users\LevikCz\AppData\Local\Adobe
2014-01-27 13:55 . 2014-01-27 19:44 -------- d-----w- C:\AdwCleaner
2014-01-27 13:47 . 2014-01-27 13:47 -------- d-----w- c:\users\LevikCz\AppData\Roaming\Malwarebytes
2014-01-27 13:46 . 2014-01-27 13:46 -------- d-----w- c:\programdata\Malwarebytes
2014-01-27 13:46 . 2014-01-27 13:46 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-01-27 13:46 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-01-26 09:40 . 2014-01-26 09:40 388096 ----a-r- c:\users\LevikCz\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-01-26 09:40 . 2014-01-26 09:40 -------- d-----w- c:\program files (x86)\Trend Micro
2014-01-26 07:44 . 2014-01-26 07:44 -------- d-----w- c:\users\LevikCz\AppData\Roaming\AVAST Software
2014-01-26 07:44 . 2014-01-26 07:44 -------- d-----w- c:\users\LevikCz\AppData\Roaming\RoboForm
2014-01-26 07:37 . 2014-01-26 07:37 -------- d-----w- c:\programdata\RoboForm
2014-01-26 07:37 . 2014-01-26 07:37 -------- d-----w- c:\program files (x86)\Siber Systems
2014-01-26 07:37 . 2014-01-26 07:36 80184 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-01-26 07:37 . 2014-01-26 07:36 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-01-26 07:37 . 2014-01-26 07:36 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-01-26 07:37 . 2014-01-26 07:36 1038072 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-01-26 07:37 . 2014-01-26 07:36 421704 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-01-26 07:37 . 2014-01-26 07:36 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-01-26 07:37 . 2014-01-26 07:36 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-01-26 07:37 . 2014-01-26 07:36 334136 ----a-w- c:\windows\system32\aswBoot.exe
2014-01-26 07:36 . 2014-01-26 07:36 43152 ----a-w- c:\windows\avastSS.scr
2014-01-26 07:35 . 2014-01-26 07:35 -------- d-----w- c:\program files\AVAST Software
2014-01-26 07:34 . 2014-01-26 07:34 -------- d-----w- c:\programdata\AVAST Software
2014-01-25 19:43 . 2014-01-25 19:43 -------- d-----w- c:\program files (x86)\Lavalys
2014-01-24 19:07 . 2014-01-24 19:10 -------- d-----w- c:\program files (x86)\KPO
2014-01-23 16:38 . 2014-01-31 13:44 -------- d-----w- c:\users\kpo_postgres
2014-01-19 13:02 . 2014-01-19 13:02 -------- d-----w- c:\users\LevikCz\AppData\Local\WarThunder
2014-01-19 13:02 . 2014-01-19 13:02 -------- d-----w- c:\programdata\WarThunder
2014-01-17 17:50 . 2014-01-17 17:50 -------- d-----w- c:\users\LevikCz\DocumentsSoubory ICQ358702350
2014-01-10 19:07 . 2014-01-10 19:07 -------- d-----w- c:\program files (x86)\VideoLAN
2014-01-08 15:59 . 2014-01-08 15:59 -------- d-----w- C:\NVIDIA
2014-01-08 15:18 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{98E76F92-8703-44C4-8564-D3670F29D295}\mpengine.dll
2014-01-07 13:59 . 2014-01-07 13:59 -------- d-----w- c:\users\LevikCz\.android
2014-01-07 13:48 . 2014-01-08 15:15 -------- d-----w- c:\program files (x86)\Shopping Suggestion
2014-01-07 13:46 . 2014-01-07 13:46 -------- d-----w- c:\program files (x86)\BitTorrent Sync
2014-01-07 13:46 . 2014-01-07 15:32 -------- d-----w- c:\users\LevikCz\AppData\Roaming\BitTorrent Sync
2014-01-04 18:28 . 2014-01-04 18:28 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2014-01-04 18:28 . 2014-01-04 18:28 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2014-01-04 18:26 . 2006-06-20 08:56 225280 ----a-w- c:\windows\SysWow64\rewire.dll
2014-01-04 18:26 . 2014-01-04 18:26 -------- d-----w- c:\program files (x86)\Image-Line
2014-01-04 18:26 . 2009-09-15 09:14 1554944 ----a-w- c:\windows\SysWow64\vorbis.acm
2014-01-04 18:26 . 2014-01-04 18:26 -------- d-----w- c:\program files (x86)\Outsim
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-31 07:40 . 2013-10-13 10:38 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-01-31 07:40 . 2013-10-13 10:38 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-01-17 19:15 . 2013-10-12 18:47 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-17 19:15 . 2013-10-12 18:47 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-26 18:45 . 2013-11-19 14:32 684622 ----a-w- c:\windows\unins000.exe
2013-12-19 20:33 . 2013-12-26 15:08 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-12-19 20:33 . 2013-12-26 15:08 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-12-19 20:33 . 2013-11-14 17:28 9657464 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-12-19 20:33 . 2013-11-14 17:28 3071656 ----a-w- c:\windows\system32\nvapi64.dll
2013-12-19 20:33 . 2013-11-14 17:28 2698272 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-12-19 20:33 . 2013-11-14 17:28 18310112 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-12-19 20:33 . 2013-11-14 17:28 15877216 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-12-19 20:33 . 2013-11-14 17:28 15230352 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-12-19 18:53 . 2013-12-26 15:09 6671648 ----a-w- c:\windows\system32\nvcpl.dll
2013-12-19 18:53 . 2013-12-26 15:09 3490080 ----a-w- c:\windows\system32\nvsvc64.dll
2013-12-19 18:53 . 2013-12-26 15:09 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-12-19 18:53 . 2013-12-26 15:09 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-12-19 18:53 . 2013-12-26 15:09 386336 ----a-w- c:\windows\system32\nvmctray.dll
2013-12-19 18:53 . 2013-12-26 15:09 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-12-19 11:20 . 2013-12-19 11:20 590112 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-12-19 05:01 . 2013-12-26 15:09 3539040 ----a-w- c:\windows\system32\nvcoproc.bin
2013-12-15 07:26 . 2013-10-28 12:20 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-10 02:15 . 2013-12-26 14:58 982232 ----a-w- c:\windows\SysWow64\nvspcap.dll
2013-12-10 02:14 . 2013-12-26 14:58 1100248 ----a-w- c:\windows\system32\nvspcap64.dll
2013-12-05 08:42 . 2013-12-26 15:16 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-12-05 08:42 . 2013-12-26 15:16 35104 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-12-05 08:42 . 2013-12-26 15:16 32544 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-11-30 06:43 . 2013-11-30 06:43 348672 ----a-w- c:\windows\curl.dll
2013-11-30 06:43 . 2013-11-30 06:43 82432 ----a-w- c:\windows\pthread.dll
2013-11-26 11:54 . 2013-12-12 21:13 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-11-26 11:25 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-26 10:19 . 2013-12-12 21:13 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-12 21:13 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-12 21:13 66048 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-12 21:13 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-12 21:13 2764288 ----a-w- c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-12 21:13 53760 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-12 21:13 33792 ----a-w- c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-12 21:13 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-12 21:13 574976 ----a-w- c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-12 21:13 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-12 21:13 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-12 21:13 708608 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-12 21:13 218624 ----a-w- c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-12 21:13 5769216 ----a-w- c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-12 21:13 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-12 21:13 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-12 21:13 1995264 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-12 21:13 12996608 ----a-w- c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-12 21:13 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-12 21:13 2334208 ----a-w- c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-12 21:13 1395200 ----a-w- c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-12 21:13 817664 ----a-w- c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-12 21:13 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-26 05:10 . 2013-11-26 05:10 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-26 05:10 . 2013-11-26 05:10 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-26 05:10 . 2013-11-26 05:10 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-26 05:10 . 2013-11-26 05:10 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-26 05:10 . 2013-11-26 05:10 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-26 05:10 . 2013-11-26 05:10 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-26 05:10 . 2013-11-26 05:10 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-26 05:10 . 2013-11-26 05:10 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-26 05:10 . 2013-11-26 05:10 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-26 05:09 . 2013-11-26 05:09 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-26 05:09 . 2013-11-26 05:09 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-26 05:09 . 2013-11-26 05:09 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-26 05:09 . 2013-11-26 05:09 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-26 05:09 . 2013-11-26 05:09 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-26 05:09 . 2013-11-26 05:09 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-26 05:09 . 2013-11-26 05:09 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-26 05:09 . 2013-11-26 05:09 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-26 05:09 . 2013-11-26 05:09 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-26 05:09 . 2013-11-26 05:09 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-26 05:09 . 2013-11-26 05:09 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-26 05:09 . 2013-11-26 05:09 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-26 05:09 . 2013-11-26 05:09 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-26 05:09 . 2013-11-26 05:09 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-26 05:09 . 2013-11-26 05:09 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-26 05:09 . 2013-11-26 05:09 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-26 05:09 . 2013-11-26 05:09 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-26 05:09 . 2013-11-26 05:09 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-26 05:09 . 2013-11-26 05:09 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-26 05:09 . 2013-11-26 05:09 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-26 05:09 . 2013-11-26 05:09 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-26 05:09 . 2013-11-26 05:09 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-26 05:09 . 2013-11-26 05:09 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-26 05:09 . 2013-11-26 05:09 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-26 05:09 . 2013-11-26 05:09 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-26 05:09 . 2013-11-26 05:09 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 05:09 . 2013-11-26 05:09 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-26 05:09 . 2013-11-26 05:09 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-26 05:09 . 2013-11-26 05:09 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-26 05:09 . 2013-11-26 05:09 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-26 05:09 . 2013-11-26 05:09 413696 ----a-w- c:\windows\system32\html.iec
2013-11-26 05:09 . 2013-11-26 05:09 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-26 05:09 . 2013-11-26 05:09 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-26 05:09 . 2013-11-26 05:09 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-26 05:09 . 2013-11-26 05:09 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-26 05:09 . 2013-11-26 05:09 235520 ----a-w- c:\windows\system32\url.dll
2013-11-26 05:09 . 2013-11-26 05:09 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\users\kpo_postgres ----
.
2014-01-31 13:44 . 2014-01-31 13:44 524288 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{bace639b-8a7d-11e3-9cfd-0023542c3d45}.TMContainer00000000000000000002.regtrans-ms
2014-01-31 13:44 . 2014-01-31 13:44 524288 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{bace639b-8a7d-11e3-9cfd-0023542c3d45}.TMContainer00000000000000000001.regtrans-ms
2014-01-31 13:44 . 2014-01-31 13:44 65536 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{bace639b-8a7d-11e3-9cfd-0023542c3d45}.TM.blf
2014-01-31 13:44 . 2014-01-31 13:44 524288 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{bace6397-8a7d-11e3-9cfd-0023542c3d45}.TMContainer00000000000000000002.regtrans-ms
2014-01-31 13:44 . 2014-01-31 13:44 524288 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{bace6397-8a7d-11e3-9cfd-0023542c3d45}.TMContainer00000000000000000001.regtrans-ms
2014-01-31 13:44 . 2014-01-31 13:44 65536 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{bace6397-8a7d-11e3-9cfd-0023542c3d45}.TM.blf
2014-01-29 14:37 . 2014-01-29 19:09 524288 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{cf2b00fb-88f2-11e3-8df7-0023542c3d45}.TMContainer00000000000000000002.regtrans-ms
2014-01-29 14:37 . 2014-01-29 19:09 524288 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{cf2b00fb-88f2-11e3-8df7-0023542c3d45}.TMContainer00000000000000000001.regtrans-ms
2014-01-29 14:37 . 2014-01-29 19:09 65536 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{cf2b00fb-88f2-11e3-8df7-0023542c3d45}.TM.blf
2014-01-29 14:37 . 2014-01-29 19:09 524288 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{cf2b00f7-88f2-11e3-8df7-0023542c3d45}.TMContainer00000000000000000002.regtrans-ms
2014-01-29 14:37 . 2014-01-29 19:09 524288 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{cf2b00f7-88f2-11e3-8df7-0023542c3d45}.TMContainer00000000000000000001.regtrans-ms
2014-01-29 14:37 . 2014-01-29 19:09 65536 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{cf2b00f7-88f2-11e3-8df7-0023542c3d45}.TM.blf
2014-01-26 13:56 . 2014-01-26 16:33 524288 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{8a59223b-8691-11e3-b777-0023542c3d45}.TMContainer00000000000000000002.regtrans-ms
2014-01-26 13:56 . 2014-01-26 16:33 524288 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{8a59223b-8691-11e3-b777-0023542c3d45}.TMContainer00000000000000000001.regtrans-ms
2014-01-26 13:56 . 2014-01-26 16:33 65536 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{8a59223b-8691-11e3-b777-0023542c3d45}.TM.blf
2014-01-26 13:56 . 2014-01-26 16:33 524288 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{8a592237-8691-11e3-b777-0023542c3d45}.TMContainer00000000000000000002.regtrans-ms
2014-01-26 13:56 . 2014-01-26 16:33 524288 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{8a592237-8691-11e3-b777-0023542c3d45}.TMContainer00000000000000000001.regtrans-ms
2014-01-26 13:56 . 2014-01-26 16:33 65536 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{8a592237-8691-11e3-b777-0023542c3d45}.TM.blf
2014-01-26 09:33 . 2014-01-26 11:41 524288 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{a4b7900d-865e-11e3-acc1-0023542c3d45}.TMContainer00000000000000000001.regtrans-ms
2014-01-26 09:33 . 2014-01-26 11:41 524288 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{a4b7900d-865e-11e3-acc1-0023542c3d45}.TMContainer00000000000000000002.regtrans-ms
2014-01-26 09:33 . 2014-01-26 11:41 65536 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{a4b7900d-865e-11e3-acc1-0023542c3d45}.TM.blf
2014-01-26 08:00 . 2014-01-26 09:33 524288 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{a4b78ffe-865e-11e3-acc1-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
2014-01-26 08:00 . 2014-01-26 09:33 524288 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{a4b78ffe-865e-11e3-acc1-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
2014-01-26 08:00 . 2014-01-26 09:33 65536 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{a4b78ffe-865e-11e3-acc1-806e6f6e6963}.TM.blf
2014-01-25 19:43 . 2014-01-25 19:43 1106 ----a-w- c:\users\kpo_postgres\Desktop\EVEREST Home Edition.lnk
2014-01-23 16:38 . 2014-01-23 20:12 524288 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{82051008-8431-11e3-9caf-0023542c3d45}.TMContainer00000000000000000002.regtrans-ms
2014-01-23 16:38 . 2014-01-23 20:12 524288 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{82051008-8431-11e3-9caf-0023542c3d45}.TMContainer00000000000000000001.regtrans-ms
2014-01-23 16:38 . 2014-01-23 20:12 65536 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat{82051008-8431-11e3-9caf-0023542c3d45}.TM.blf
2014-01-23 16:38 . 2014-01-23 16:38 0 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2
2014-01-23 16:38 . 2014-01-31 13:44 262144 ---ha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat
2014-01-23 16:38 . 2014-01-31 13:44 5120 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1
2014-01-23 16:38 . 2014-01-23 16:38 20 --sh--w- c:\users\kpo_postgres\ntuser.ini
2014-01-23 16:38 . 2014-01-23 20:12 524288 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
2014-01-23 16:38 . 2014-01-23 20:12 524288 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
2014-01-23 16:38 . 2014-01-23 20:12 65536 --sha-w- c:\users\kpo_postgres\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
2014-01-23 16:38 . 2014-01-31 13:44 230400 --sha-w- c:\users\kpo_postgres\ntuser.dat.LOG1
2014-01-23 16:38 . 2014-01-23 16:38 0 --sha-w- c:\users\kpo_postgres\ntuser.dat.LOG2
2014-01-23 16:38 . 2013-10-13 20:01 16384 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2014-01-23 16:38 . 2013-10-13 18:09 145 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\History\desktop.ini
2014-01-23 16:38 . 2013-10-13 18:09 145 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\History\History.IE5\desktop.ini
2014-01-23 16:38 . 2013-10-13 18:09 67 --sha-w- c:\users\kpo_postgres\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini
2014-01-23 16:38 . 2009-07-14 04:49 146 --sha-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
2014-01-23 16:38 . 2009-07-14 04:49 290 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
2014-01-23 16:38 . 2009-07-14 04:49 272 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
2014-01-23 16:38 . 2013-10-13 20:01 16384 --sha-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
2014-01-23 16:38 . 2009-06-10 20:45 3 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\SendTo\Compressed (zipped) Folder.ZFSendToTarget
2014-01-23 16:38 . 2009-07-14 04:54 1238 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk
2014-01-23 16:38 . 2009-07-14 04:54 558 --sha-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\SendTo\Desktop.ini
2014-01-23 16:38 . 2013-12-15 16:33 982 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk
2014-01-23 16:38 . 2009-06-10 20:44 7 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\SendTo\Desktop (create shortcut).DeskLink
2014-01-23 16:38 . 2009-06-10 20:44 4 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\SendTo\Mail Recipient.MAPIMail
2014-01-23 16:38 . 2009-07-14 04:54 1258 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk
2014-01-23 16:38 . 2009-07-14 04:54 704 --sha-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Desktop.ini
2014-01-23 16:38 . 2009-07-14 04:54 1358 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk
2014-01-23 16:38 . 2009-07-14 04:54 1262 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk
2014-01-23 16:38 . 2009-07-14 04:54 1250 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk
2014-01-23 16:38 . 2009-07-14 04:54 1280 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk
2014-01-23 16:38 . 2009-07-14 04:54 1304 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk
2014-01-23 16:38 . 2009-07-14 04:54 678 --sha-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Desktop.ini
2014-01-23 16:38 . 2009-07-14 04:54 592 --sha-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Desktop.ini
2014-01-23 16:38 . 2009-07-14 04:54 1306 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk
2014-01-23 16:38 . 2009-07-14 04:49 262 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk
2014-01-23 16:38 . 2009-07-14 04:49 1228 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk
2014-01-23 16:38 . 2009-07-14 04:49 262 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk
2014-01-23 16:38 . 2009-07-14 04:49 262 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk
2014-01-23 16:38 . 2009-07-14 04:49 318 --sha-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Desktop.ini
2014-01-23 16:38 . 2009-07-14 04:49 262 ----a-w- c:\users\kpo_postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk
2014-01-23 16:38 . 2014-01-31 13:44 262144 --sha-w- c:\users\kpo_postgres\NTUSER.DAT
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[-] 2013-10-12 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
[-] 2013-10-12 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[7] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F6C07882-D703-4DD5-905A-2C4E815A5066}]
c:\users\LevikCz\AppData\Roaming\D394D188-BAC7-4e03-8FAF-389A4D7EC6F4\Shopping Suggestion.dll [BU]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"DAEMON Tools Lite"="d:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-07-03 3673184]
"EADM"="d:\program files (x86)\Origin\Origin.exe" [2014-01-29 3598680]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_IATIIME.EXE" [2012-02-29 283232]
"Steam"="d:\hry\Steam\steam.exe" [2014-01-27 1815976]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"RoboForm"="c:\program files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2014-01-26 100200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2009-06-30 36864]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-26 3767096]
"LogMeIn Hamachi Ui"="d:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-01-23 3813200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 DIRECTIO;DIRECTIO;d:\program files\PerformanceTest\DirectIo64.sys;d:\program files\PerformanceTest\DirectIo64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;d:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 KPO_Apache;KPO_Apache;c:\program files (x86)\KPO\server\apache\bin\httpd.exe;c:\program files (x86)\KPO\server\apache\bin\httpd.exe [x]
S2 KPO_PostgreSQL;KPO_PostgreSQL;C:/Program Files (x86)/KPO/server/postgresql/apps/pgsql/bin/pg_ctl.exe runservice -N KPO_PostgreSQL -D C:/Program Files (x86)/KPO/server/postgresql/data -o -F -p 45679;C:/Program Files (x86)/KPO/server/postgresql/apps/pgsql/bin/pg_ctl.exe runservice -N KPO_PostgreSQL -D C:/Program Files (x86)/KPO/server/postgresql/data -o -F -p 45679 [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-12 19:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-26 07:36 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-14 1028384]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Customize Menu - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do Microsoft Excelu - c:\progra~2\MICROS~1\Office15\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Od&eslat do OneNotu - c:\progra~2\MICROS~1\Office15\ONBttnIE.dll/105
IE: Save Forms - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Show avast! EasyPass Toolbar - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
FF - ProfilePath - c:\users\LevikCz\AppData\Roaming\Mozilla\Firefox\Profiles\z59widgs.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - ExtSQL: 2013-12-11 13:55; {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}; c:\users\LevikCz\AppData\Roaming\Mozilla\Firefox\Profiles\z59widgs.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KPO_PostgreSQL]
"ImagePath"="C:/Program Files (x86)/KPO/server/postgresql/apps/pgsql/bin/pg_ctl.exe runservice -N \"KPO_PostgreSQL\" -D \"C:/Program Files (x86)/KPO/server/postgresql/data\" -o \"-F -p 45679\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KPO_PostgreSQL]
"ImagePath"="C:/Program Files (x86)/KPO/server/postgresql/apps/pgsql/bin/pg_ctl.exe runservice -N \"KPO_PostgreSQL\" -D \"C:/Program Files (x86)/KPO/server/postgresql/data\" -o \"-F -p 45679\""
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\KPO\server\postgresql\apps\pgsql\bin\pg_ctl.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\KPO\server\postgresql\apps\pgsql\bin\postgres.exe
c:\program files (x86)\KPO\server\postgresql\apps\pgsql\bin\postgres.exe
c:\program files (x86)\KPO\server\postgresql\apps\pgsql\bin\postgres.exe
c:\program files (x86)\KPO\server\postgresql\apps\pgsql\bin\postgres.exe
c:\program files (x86)\KPO\server\postgresql\apps\pgsql\bin\postgres.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2014-01-31 14:48:31 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-01-31 13:48
ComboFix2.txt 2014-01-30 19:03
ComboFix3.txt 2014-01-30 13:08
ComboFix4.txt 2014-01-29 14:42
.
Před spuštěním: Volných bajtů: 32 631 943 168
Po spuštění: Volných bajtů: 32 412 225 536
.
- - End Of File - - 9C3FE62E294B733ABF61436F68376BE4
A36C5E4F47E84449FF07ED3517B43A31
Být blbcem v dnešní době je těžké , je velká konkurence.
Re: Využití CPU a GPU na max. a vysoke teploty
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:56:15, on 31.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: InjectScript - {F6C07882-D703-4DD5-905A-2C4E815A5066} - C:\Users\LevikCz\AppData\Roaming\D394D188-BAC7-4e03-8FAF-389A4D7EC6F4\Shopping Suggestion.dll (file missing)
O3 - Toolbar: avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EADM] "D:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIME.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-202 203 206 Series"
O4 - HKCU\..\Run: [Steam] "D:\Hry\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKUS\S-1-5-21-1904636174-3968250633-3177946502-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1904636174-3968250633-3177946502-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'kpo_postgres')
O8 - Extra context menu item: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Show avast! EasyPass Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Show avast! EasyPass Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\LevikCz\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\LevikCz\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KPO_Apache - Apache Software Foundation - C:\Program Files (x86)\KPO\server\apache\bin\httpd.exe
O23 - Service: KPO_PostgreSQL - PostgreSQL Global Development Group - C:/Program Files (x86)/KPO/server/postgresql/apps/pgsql/bin/pg_ctl.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12339 bytes
Scan saved at 14:56:15, on 31.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: InjectScript - {F6C07882-D703-4DD5-905A-2C4E815A5066} - C:\Users\LevikCz\AppData\Roaming\D394D188-BAC7-4e03-8FAF-389A4D7EC6F4\Shopping Suggestion.dll (file missing)
O3 - Toolbar: avast! EasyPass Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EADM] "D:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIME.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-202 203 206 Series"
O4 - HKCU\..\Run: [Steam] "D:\Hry\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKUS\S-1-5-21-1904636174-3968250633-3177946502-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1904636174-3968250633-3177946502-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'kpo_postgres')
O8 - Extra context menu item: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Show avast! EasyPass Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: Show avast! EasyPass Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\LevikCz\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\LevikCz\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KPO_Apache - Apache Software Foundation - C:\Program Files (x86)\KPO\server\apache\bin\httpd.exe
O23 - Service: KPO_PostgreSQL - PostgreSQL Global Development Group - C:/Program Files (x86)/KPO/server/postgresql/apps/pgsql/bin/pg_ctl.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12339 bytes
Být blbcem v dnešní době je těžké , je velká konkurence.
Re: Využití CPU a GPU na max. a vysoke teploty
https://www.virustotal.com/cs/file/538fe1012fedc72727a8de0c2c01944b3d35c29812ecef88e95aac07235e0b0b/analysis/1391176683/
https://www.virustotal.com/cs/file/fdc6b8e08ae234fa4302b6552a3935714755fe51d11b8dd3e3c24415e1ed8731/analysis/1391176789/
https://www.virustotal.com/cs/file/fdc6b8e08ae234fa4302b6552a3935714755fe51d11b8dd3e3c24415e1ed8731/analysis/1391176789/
Být blbcem v dnešní době je těžké , je velká konkurence.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Využití CPU a GPU na max. a vysoke teploty
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Co problémy?
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Využití CPU a GPU na max. a vysoke teploty Vyřešeno
Díky za pomoc. :)
Být blbcem v dnešní době je těžké , je velká konkurence.
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 83 hostů