Policejní vir

Zpráva

basta · #1 Příspěvek od **basta** » 21 črc 2013 07:51

Dobrý den,
teta mě poprosila o opravu počítače, na kterém se usadil policejní vir. Postupovala jsem podle tohoto návodu:

http://www.viruskasino.com/2013/05/policajny-virus.html

Potom jsem ještě použila CCleaner a aktualizovala systém, javu, flashplayer a pdf reader (a uvažuju, že tam hodím nějakou alternativu). Místo IE jsem jim nastavila jako výchozí Chrome. Mám v plánu po skončení vytvořit bratránkovi samostatný účet s omezenými právy a uložit kopii celého systému.

Nevyznám se ve všech pomocných programech Toshiba, na můj vkus je jich trochu moc, ráda bych tam nechala jen nějakou možnost aktualizace ovladačů.

Prosím o kontrolu logu:
---------------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by edita at 2013-07-21 08:37:22
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 65 GB (43%) free of 153 GB
Total RAM: 2937 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:37:32, on 21.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16576)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\edita.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: FCToolbarURLSearchHook Class - {fa887e92-8f5f-4ec9-99ca-09be0e4120d6} - C:\Program Files (x86)\AddThis Toolbar\Helper.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Helldorado Drivers Auto Removal (pr2anfab) (pr2anfab) - Unknown owner - C:\Windows\system32\pr2anfab.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater15.3.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11227 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=d117d730-24e8-4474-b8b0-2c7cf7e96730 /coreSdkOptions=286 /logConfFile="C:\ProgramData\AVG2012\temp\90fec06a-7d50-4e1b-9f4f-95137db15b54-19c-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe"
WLIDSvcM.exe 2296
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=dec99c03-1376-4c53-9740-815ea00ae505 /coreSdkOptions=18 /logConfFile="C:\ProgramData\AVG2012\temp\fab1274b-70fd-4c09-811e-9b4634ced961-570-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\"
"taskhost.exe"
taskeng.exe {3C8B8C6A-D16A-437B-8A97-1A1D7C2A8796}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe"
"C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe"
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
"C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
taskeng.exe {A5AEE652-B9F8-40F5-99D9-28BBDDF0629D}
"C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version8\TeamViewer8_Logfile.log
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Deskjet F2200 series#1277743904" -Startup
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1840.0.194950024\1911226849" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,20 --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.1883 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/InstantDummy/DummyPadding channel:stable/InstantExtended/Padding2 channel:stable/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_05/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --disable-accelerated-2d-canvas --channel="1840.2.1278269262\529339286" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="1840.3.111979417\392312305" --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Users\edita\Desktop\RSITx64.exe"
C:\Windows\servicing\TrustedInstaller.exe

======Scheduled tasks folder======

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1718553088-1064719229-2117249098-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1718553088-1064719229-2117249098-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]
AVG Do Not Track - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll [2012-10-15 1393272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-07-21 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-07-21 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2009-08-03 709976]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2009-08-06 1050000]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2009-08-06 596328]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2009-08-06 35160]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-02 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-02 387608]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-02 365592]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-08-05 497504]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2009-08-05 909624]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-28 7982112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-20 1815848]
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-07-29 238080]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2009-09-03 1481568]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2009-08-04 711000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"=C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [2009-08-12 6203296]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SVPWUTIL"=C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [2009-08-12 352256]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2009-06-02 423936]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-01-13 34088]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
""= []
"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2012-11-19 2598520]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-05-11 958576]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-08-27 259584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-07-21 08:37:22 ----D---- C:\rsit
2013-07-21 08:37:22 ----D---- C:\Program Files\trend micro
2013-07-21 08:08:17 ----D---- C:\Windows\system32\MRT
2013-07-21 08:01:11 ----AD---- C:\3590F75ABA9E485486C100C1A9D4FF06ZZZZZZ....Z....Z
2013-07-21 07:52:24 ----AD---- C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ
2013-07-21 07:25:54 ----D---- C:\Program Files\CCleaner
2013-07-21 07:08:37 ----D---- C:\ProgramData\Sun
2013-07-21 07:08:34 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-07-21 07:08:34 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-07-21 07:08:34 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-07-21 07:08:18 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-07-21 07:08:18 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-07-21 07:08:18 ----A---- C:\Windows\SYSWOW64\java.exe
2013-07-21 01:44:51 ----D---- C:\Users\edita\AppData\Roaming\Malwarebytes
2013-07-21 01:35:50 ----D---- C:\Windows\ERUNT
2013-07-21 01:25:57 ----A---- C:\Windows\DeleteOnReboot.bat
2013-07-20 21:59:51 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-07-20 17:36:20 ----D---- C:\ProgramData\Malwarebytes
2013-07-17 20:36:38 ----A---- C:\Users\edita\AppData\Roaming\AltShell.ini

======List of files/folders modified in the last 1 month======

2013-07-21 08:37:31 ----D---- C:\Windows\system32\config
2013-07-21 08:37:26 ----D---- C:\Windows\Temp
2013-07-21 08:37:22 ----RD---- C:\Program Files
2013-07-21 08:33:36 ----D---- C:\Windows
2013-07-21 08:31:58 ----SHD---- C:\System Volume Information
2013-07-21 08:29:36 ----D---- C:\Windows\Logs
2013-07-21 08:26:40 ----D---- C:\Windows\SoftwareDistribution
2013-07-21 08:26:04 ----D---- C:\Windows\debug
2013-07-21 08:22:07 ----D---- C:\Windows\SysWOW64
2013-07-21 08:22:07 ----D---- C:\Program Files (x86)\Google
2013-07-21 08:22:05 ----HD---- C:\Config.Msi
2013-07-21 08:11:44 ----D---- C:\Windows\Microsoft.NET
2013-07-21 08:08:17 ----D---- C:\Windows\System32
2013-07-21 08:07:44 ----SHD---- C:\Windows\Installer
2013-07-21 08:06:28 ----RSD---- C:\Windows\assembly
2013-07-21 08:03:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-21 08:03:27 ----D---- C:\Windows\inf
2013-07-21 07:56:12 ----D---- C:\Windows\system32\Tasks
2013-07-21 07:54:51 ----RSD---- C:\Windows\Fonts
2013-07-21 07:54:34 ----D---- C:\Program Files (x86)\TeamViewer
2013-07-21 07:48:18 ----D---- C:\ProgramData\GameXN
2013-07-21 07:43:44 ----SD---- C:\ProgramData\Microsoft
2013-07-21 07:43:44 ----D---- C:\Program Files (x86)\Microsoft
2013-07-21 07:43:42 ----D---- C:\ProgramData\Google
2013-07-21 07:39:48 ----D---- C:\Users\edita\AppData\Roaming\Skype
2013-07-21 07:39:31 ----D---- C:\Windows\Panther
2013-07-21 07:39:28 ----D---- C:\Windows\Minidump
2013-07-21 07:22:23 ----D---- C:\ProgramData\Adobe
2013-07-21 07:22:23 ----D---- C:\Program Files (x86)\Common Files
2013-07-21 07:22:23 ----D---- C:\Program Files (x86)\Adobe
2013-07-21 07:08:37 ----D---- C:\ProgramData
2013-07-21 07:08:09 ----D---- C:\Windows\system32\drivers\AVG
2013-07-21 07:08:06 ----D---- C:\Program Files (x86)\Java
2013-07-21 07:03:23 ----RD---- C:\Program Files (x86)
2013-07-21 07:03:22 ----D---- C:\Windows\system32\drivers
2013-07-21 01:25:53 ----D---- C:\ProgramData\ICQ
2013-07-21 01:15:42 ----D---- C:\Windows\Tasks
2013-07-21 00:52:25 ----D---- C:\Users\edita\AppData\Roaming\go
2013-07-20 21:59:48 ----D---- C:\Windows\SYSWOW64\drivers
2013-07-20 18:01:26 ----D---- C:\Windows\Prefetch
2013-07-20 17:27:15 ----SHD---- C:\$RECYCLE.BIN
2013-07-20 17:27:06 ----RD---- C:\Users
2013-07-20 17:24:33 ----D---- C:\Windows\system32\wdi
2013-07-15 20:47:28 ----D---- C:\Program Files\Microsoft Silverlight
2013-07-15 20:47:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-07-15 17:25:56 ----A---- C:\Windows\win.ini
2013-07-08 08:24:58 ----D---- C:\Windows\system32\catroot2
2013-06-24 00:57:12 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 pe3anfab;Helldorado Environment Driver (pe3anfab); C:\Windows\system32\drivers\pe3anfab.sys [2007-10-04 72312]
R0 pf2anfab;Helldorado File System Driver (pf2anfab); C:\Windows\system32\drivers\pf2anfab.sys [2007-10-04 107640]
R0 ps7anfab;Helldorado Synchronization Driver (ps7anfab); C:\Windows\system32\drivers\ps7anfab.sys [2007-10-04 102016]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\Windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-11-08 307040]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-04-11 384800]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-07-02 45856]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-01-19 42696]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2012-12-10 127328]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-08-27 7369600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-28 1966624]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-07-10 139264]
R3 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2009-07-30 44912]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-07-20 274480]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-01-19 310984]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 atikmdag;atikmdag; C:\Windows\system32\drivers\atikmdag.sys [2009-07-13 5020672]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2011-05-13 48488]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-12-02 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-12-02 27136]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187B.sys [2010-03-31 450048]
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-12-02 9216]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2010-12-02 9216]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S4 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-08-10 68608]
S4 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2005-05-16 7168]
S4 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2005-11-03 89600]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-11-02 5174392]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-10 248688]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-14 42368]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-07-08 4153184]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2009-08-06 116104]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-08-05 488800]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-09-03 251760]
R2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [2013-07-02 1598128]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-03 137560]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-04 826224]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-14 135664]
S2 pr2anfab;Helldorado Drivers Auto Removal (pr2anfab); C:\Windows\system32\pr2anfab.exe [2007-10-04 781176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-09-01 1025352]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-14 135664]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-27 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

#2 Příspěvek od **stell** » 21 črc 2013 09:05

ahoj.

Nevyznám se ve všech pomocných programech Toshiba, na můj vkus je jich trochu moc,...

Radsej ich nechaj tak, pretoze niektore spustene procesy nie su dolezite pre system, ale ich ukoncenie moze sposobit urcite nevysvetlitelne problemy s pocitacom.

Vyzera to dobre este tam nieco zostalo, takze to este precistime.
Stiahni na plochu OTL.
Stiahni na plochu OTL
http://oldtimer.geekstogo.com/OTL.exe
spust>.ako Admin.

do spodneho okna skopiruj tento text.
a klikni na gombik RUNFIX>.alebo OPRAVIT, log po restarte vloz sem.

Kód: Vybrat vše

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Users\edita\AppData\Roaming\AltShell.ini
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[clearallrestorepoints]
[Reboot]

basta · #3 Příspěvek od **basta** » 21 črc 2013 09:44

All processes killed
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\msdownld.tmp folder moved successfully.
C:\Users\edita\AppData\Roaming\AltShell.ini moved successfully.
< ipconfig /flushdns /c >
Konfigurace protokolu IP syst‚mu Windows
MezipamŘś pýekl d nˇ DNS byla ŁspŘçnŘ vypr zdnŘna.
C:\Users\edita\Desktop\cmd.bat deleted successfully.
C:\Users\edita\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: edita
->Temp folder emptied: 15875000 bytes
->Temporary Internet Files folder emptied: 5243151 bytes
->Java cache emptied: 1 bytes
->Google Chrome cache emptied: 13115649 bytes
->Flash cache emptied: 2016740 bytes

User: Guest
->Temp folder emptied: 177586 bytes
->Temporary Internet Files folder emptied: 51298 bytes
->Flash cache emptied: 56468 bytes

User: Public

User: temp
->Temp folder emptied: 643931 bytes
->Temporary Internet Files folder emptied: 33298 bytes
->Flash cache emptied: 56468 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 60233898 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42305091 bytes
RecycleBin emptied: 1173 bytes

Total Files Cleaned = 133,00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 07212013_103936

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#4 Příspěvek od **stell** » 21 črc 2013 09:46

vies co, ak si uz tu, tak daj este log z Combofix,
http://www.bleepingcomputer.com/combofi ... t-combofix

basta · #5 Příspěvek od **basta** » 21 črc 2013 10:09

ComboFix 13-07-20.03 - edita 21.07.2013 10:58:04.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2937.1768 [GMT 2:00]
Spuštěný z: c:\users\edita\Desktop\ComboFix.exe
AV: AVG Anti-Virus 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\edita\AppData\Roaming\Microsoft\Windows\Recent\VideoLAN Website.url
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-06-21 do 2013-07-21 )))))))))))))))))))))))))))))))
.
.
2013-07-21 09:05 . 2013-07-21 09:05 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-07-21 09:05 . 2013-07-21 09:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-21 08:39 . 2013-07-21 08:39 -------- d-----w- C:\_OTL
2013-07-21 06:37 . 2013-07-21 06:37 -------- d-----w- C:\rsit
2013-07-21 06:37 . 2013-07-21 06:37 -------- d-----w- c:\program files\trend micro
2013-07-21 06:08 . 2013-07-21 06:13 -------- d-----w- c:\windows\system32\MRT
2013-07-21 05:25 . 2013-07-21 05:25 -------- d-----w- c:\program files\CCleaner
2013-07-21 05:22 . 2013-07-21 05:22 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-07-21 05:08 . 2013-07-21 05:08 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-07-21 05:08 . 2013-07-21 05:08 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-07-21 05:08 . 2013-07-21 05:08 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-07-21 05:08 . 2013-07-21 05:08 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-21 05:03 . 2013-07-21 05:03 -------- d-----w- c:\users\edita\AppData\Local\Programs
2013-07-20 23:44 . 2013-07-20 23:44 -------- d-----w- c:\users\edita\AppData\Roaming\Malwarebytes
2013-07-20 23:35 . 2013-07-20 23:35 -------- d-----w- c:\windows\ERUNT
2013-07-20 23:25 . 2013-07-20 23:30 121 ----a-w- c:\windows\DeleteOnReboot.bat
2013-07-20 19:59 . 2013-07-20 22:48 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-07-20 15:36 . 2013-07-20 15:36 -------- d-----w- c:\programdata\Malwarebytes
2013-07-20 15:27 . 2013-07-20 15:28 -------- d-----w- c:\users\temp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-02 08:32 . 2012-11-12 16:38 45856 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-06-23 22:57 . 2010-06-22 16:15 78277128 ----a-w- c:\windows\system32\MRT.exe
2013-05-19 12:01 . 2011-03-28 16:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-01 07:03 . 2013-05-01 07:03 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-01 07:03 . 2013-05-01 07:03 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-05-01 07:03 . 2013-05-01 07:03 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-05-01 07:03 . 2013-05-01 07:03 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-05-01 07:02 . 2013-05-01 07:02 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-05-01 07:02 . 2013-05-01 07:02 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-05-01 07:02 . 2013-05-01 07:02 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-05-01 07:02 . 2013-05-01 07:02 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-05-01 07:02 . 2013-05-01 07:02 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-05-01 07:02 . 2013-05-01 07:02 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-05-01 07:02 . 2013-05-01 07:02 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-05-01 07:02 . 2013-05-01 07:02 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-05-01 07:02 . 2013-05-01 07:02 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-01 07:02 . 2013-05-01 07:02 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-05-01 07:02 . 2013-05-01 07:02 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-05-01 07:02 . 2013-05-01 07:02 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-05-01 07:02 . 2013-05-01 07:02 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-05-01 07:02 . 2013-05-01 07:02 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-05-01 07:02 . 2013-05-01 07:02 197120 ----a-w- c:\windows\system32\msrating.dll
2013-05-01 07:02 . 2013-05-01 07:02 216064 ----a-w- c:\windows\system32\msls31.dll
2013-05-01 07:02 . 2013-05-01 07:02 441856 ----a-w- c:\windows\system32\html.iec
2013-05-01 07:02 . 2013-05-01 07:02 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-05-01 07:02 . 2013-05-01 07:02 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-05-01 07:02 . 2013-05-01 07:02 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-05-01 07:02 . 2013-05-01 07:02 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-05-01 07:02 . 2013-05-01 07:02 81408 ----a-w- c:\windows\system32\icardie.dll
2013-05-01 07:02 . 2013-05-01 07:02 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-05-01 07:02 . 2013-05-01 07:02 235008 ----a-w- c:\windows\system32\url.dll
2013-05-01 07:02 . 2013-05-01 07:02 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-05-01 07:02 . 2013-05-01 07:02 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-05-01 07:02 . 2013-05-01 07:02 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-01 07:02 . 2013-05-01 07:02 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-05-01 07:02 . 2013-05-01 07:02 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-05-01 07:02 . 2013-05-01 07:02 102912 ----a-w- c:\windows\system32\inseng.dll
2013-05-01 07:02 . 2013-05-01 07:02 144896 ----a-w- c:\windows\system32\wextract.exe
2013-05-01 07:02 . 2013-05-01 07:02 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-05-01 07:02 . 2013-05-01 07:02 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-05-01 07:02 . 2013-05-01 07:02 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-05-01 07:02 . 2013-05-01 07:02 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-05-01 07:02 . 2013-05-01 07:02 149504 ----a-w- c:\windows\system32\occache.dll
2013-05-01 07:02 . 2013-05-01 07:02 13824 ----a-w- c:\windows\system32\mshta.exe
2013-05-01 07:02 . 2013-05-01 07:02 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-05-01 07:02 . 2013-05-01 07:02 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-05-01 07:02 . 2013-05-01 07:02 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-05-01 07:02 . 2013-05-01 07:02 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-05-01 07:02 . 2013-05-01 07:02 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-05-01 07:02 . 2013-05-01 07:02 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-05-01 07:02 . 2013-05-01 07:02 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-05-01 07:02 . 2013-05-01 07:02 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-05-01 06:59 . 2013-05-01 06:59 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-05-01 06:59 . 2013-05-01 06:59 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-05-01 06:59 . 2013-05-01 06:59 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2013-05-01 06:59 . 2013-05-01 06:59 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-05-01 06:59 . 2013-05-01 06:59 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-05-01 06:59 . 2013-05-01 06:59 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-05-01 06:59 . 2013-05-01 06:59 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-05-01 06:59 . 2013-05-01 06:59 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-05-01 06:59 . 2013-05-01 06:59 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-05-01 06:59 . 2013-05-01 06:59 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-05-01 06:59 . 2013-05-01 06:59 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-05-01 06:59 . 2013-05-01 06:59 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-05-01 06:59 . 2013-05-01 06:59 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-05-01 06:59 . 2013-05-01 06:59 1504768 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-05-01 06:59 . 2013-05-01 06:59 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-05-01 06:59 . 2013-05-01 06:59 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-05-01 06:59 . 2013-05-01 06:59 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-05-01 06:59 . 2013-05-01 06:59 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-05-01 06:59 . 2013-05-01 06:59 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-05-01 06:59 . 2013-05-01 06:59 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-05-01 06:59 . 2013-05-01 06:59 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-05-01 06:59 . 2013-05-01 06:59 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-05-01 06:59 . 2013-05-01 06:59 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-05-01 06:59 . 2013-05-01 06:59 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-05-01 06:59 . 2013-05-01 06:59 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-05-01 06:59 . 2013-05-01 06:59 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-05-01 06:59 . 2013-05-01 06:59 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-05-01 06:59 . 2013-05-01 06:59 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-05-01 06:59 . 2013-05-01 06:59 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-05-01 06:59 . 2013-05-01 06:59 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{fa887e92-8f5f-4ec9-99ca-09be0e4120d6}"= "c:\program files (x86)\AddThis Toolbar\Helper.dll" [2011-05-08 357376]
.
[HKEY_CLASSES_ROOT\clsid\{fa887e92-8f5f-4ec9-99ca-09be0e4120d6}]
[HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{4ACB7285-8557-43C3-80DA-22D40B15DC77}]
[HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-08-12 6203296]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2009-08-12 352256]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2009-06-02 423936]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-01-13 34088]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-08-12 6203296]
.
c:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
c:\users\temp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 pr2anfab;Helldorado Drivers Auto Removal (pr2anfab);c:\windows\system32\pr2anfab.exe svc;c:\windows\SYSNATIVE\pr2anfab.exe svc [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8187B.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 pe3anfab;Helldorado Environment Driver (pe3anfab);c:\windows\system32\drivers\pe3anfab.sys;c:\windows\SYSNATIVE\drivers\pe3anfab.sys [x]
S0 pf2anfab;Helldorado File System Driver (pf2anfab);c:\windows\system32\drivers\pf2anfab.sys;c:\windows\SYSNATIVE\drivers\pf2anfab.sys [x]
S0 ps7anfab;Helldorado Synchronization Driver (ps7anfab);c:\windows\system32\drivers\ps7anfab.sys;c:\windows\SYSNATIVE\drivers\ps7anfab.sys [x]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys;c:\windows\SYSNATIVE\DRIVERS\tos_sps64.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsfiltera.sys [x]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys;c:\windows\SYSNATIVE\drivers\IntcHdmi.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-15 13:51 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-07-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1718553088-1064719229-2117249098-1000Core.job
- c:\users\edita\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-25 05:21]
.
2013-07-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1718553088-1064719229-2117249098-1000UA.job
- c:\users\edita\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-25 05:21]
.
2013-07-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-14 14:19]
.
2013-07-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-14 14:19]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-08-03 709976]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2009-08-06 1050000]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 365592]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 81.27.192.33 81.27.192.97 192.168.1.254
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-VirtuaGirl_is1 - c:\users\edita\AppData\Local\vghd\bin\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{855F3B16-6D32-4FE6-8A56-BBB695989046}"=hex:51,66,7a,6c,4c,1d,38,12,78,38,4c,
81,00,23,88,0a,f5,40,f8,f6,90,c6,d4,52
"{65056C24-1BD2-4A50-844A-20EE6AB19187}"=hex:51,66,7a,6c,4c,1d,38,12,4a,6f,16,
61,e0,55,3e,0f,fb,5c,63,ae,6f,ef,d5,93
"{30F9B915-B755-4826-820B-08FBA6BD249D}"=hex:51,66,7a,6c,4c,1d,38,12,7b,ba,ea,
34,67,f9,48,0d,fd,1d,4b,bb,a3,e3,60,89
"{2E924F4F-67F0-4BD8-9560-49F468E843D2}"=hex:51,66,7a,6c,4c,1d,38,12,21,4c,81,
2a,c2,29,b6,0e,ea,76,0a,b4,6d,b6,07,c6
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=hex:51,66,7a,6c,4c,1d,38,12,11,7f,11,
d0,78,5b,08,05,de,bb,01,03,dd,4c,30,54
"{B43176CC-4D9E-493B-A636-D9CBFE39C6DA}"=hex:51,66,7a,6c,4c,1d,38,12,a2,75,22,
b0,ac,03,55,0c,d9,20,9a,8b,fb,67,82,ce
"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,
89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b
"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4,
91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,
27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b
"{0347C33E-8762-4905-BF09-768834316C61}"=hex:51,66,7a,6c,4c,1d,38,12,50,c0,54,
07,50,c9,6b,0c,c0,1f,35,c8,31,6f,28,75
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{346FDE31-DFF9-418A-90C8-BA31DC9FF2EF}"=hex:51,66,7a,6c,4c,1d,38,12,5f,dd,7c,
30,cb,91,e4,04,ef,de,f9,71,d9,c1,b6,fb
"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,
38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{9EBF8AAF-0A31-4786-909A-97A0EF101743}"=hex:51,66,7a,6c,4c,1d,38,12,c1,89,ac,
9a,03,44,e8,02,ef,8c,d4,e0,ea,4e,53,57
"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,
ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,
d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}"=hex:51,66,7a,6c,4c,1d,38,12,91,fc,ec,
fb,7c,81,45,0a,c2,d4,4d,32,e4,48,ec,42
"{555D4D79-4BD2-4094-A395-CFC534424A05}"=hex:51,66,7a,6c,4c,1d,38,12,17,4e,4e,
51,e0,05,fa,05,dc,83,8c,85,31,1c,0e,11
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
"{E0258ACF-8DF2-4E59-BF03-C20A2DC1B059}"=hex:51,66,7a,6c,4c,1d,38,12,a1,89,36,
e4,c0,c3,37,0b,c0,15,81,4a,28,9f,f4,4d
"{F9D52B9C-3387-43A8-ADD0-BCC68ABEB1C1}"=hex:51,66,7a,6c,4c,1d,38,12,f2,28,c6,
fd,b5,7d,c6,06,d2,c6,ff,86,8f,e0,f5,d5
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:43,fa,74,d8,32,26,cd,01
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-07-21 11:08:31
ComboFix-quarantined-files.txt 2013-07-21 09:08
.
Před spuštěním: Volných bajtů: 67 841 986 560
Po spuštění: Volných bajtů: 67 546 816 512
.
- - End Of File - - F2C260C9D06448F668C6296188BA7087
A36C5E4F47E84449FF07ED3517B43A31

#6 Příspěvek od **stell** » 21 črc 2013 10:26

Pri tejto akcii je nutné mať ComboFix na ploche.

Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do neho celý tex:

Kód: Vybrat vše

KILLALL::
RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"Adobe ARM"=-
"HP Software Update"=-

Potom klik na Subor -> Uložiť ako.. .-> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *]všetky súbory
A ulož ho na plochu> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :

Po skonceni skenu vlož log .

basta · #7 Příspěvek od **basta** » 21 črc 2013 11:38

ComboFix 13-07-20.03 - edita 21.07.2013 11:40:14.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2937.1597 [GMT 2:00]
Spuštěný z: c:\users\edita\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\edita\Desktop\CFScript.txt
AV: AVG Anti-Virus 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-06-21 do 2013-07-21 )))))))))))))))))))))))))))))))
.
.
2013-07-21 09:46 . 2013-07-21 09:46 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-07-21 08:39 . 2013-07-21 08:39 -------- d-----w- C:\_OTL
2013-07-21 06:37 . 2013-07-21 06:37 -------- d-----w- C:\rsit
2013-07-21 06:37 . 2013-07-21 06:37 -------- d-----w- c:\program files\trend micro
2013-07-21 06:08 . 2013-07-21 06:13 -------- d-----w- c:\windows\system32\MRT
2013-07-21 05:25 . 2013-07-21 05:25 -------- d-----w- c:\program files\CCleaner
2013-07-21 05:22 . 2013-07-21 05:22 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-07-21 05:08 . 2013-07-21 05:08 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-07-21 05:08 . 2013-07-21 05:08 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-07-21 05:08 . 2013-07-21 05:08 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-07-21 05:08 . 2013-07-21 05:08 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-21 05:03 . 2013-07-21 05:03 -------- d-----w- c:\users\edita\AppData\Local\Programs
2013-07-20 23:44 . 2013-07-20 23:44 -------- d-----w- c:\users\edita\AppData\Roaming\Malwarebytes
2013-07-20 23:35 . 2013-07-20 23:35 -------- d-----w- c:\windows\ERUNT
2013-07-20 23:25 . 2013-07-20 23:30 121 ----a-w- c:\windows\DeleteOnReboot.bat
2013-07-20 19:59 . 2013-07-20 22:48 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-07-20 15:36 . 2013-07-20 15:36 -------- d-----w- c:\programdata\Malwarebytes
2013-07-20 15:27 . 2013-07-20 15:28 -------- d-----w- c:\users\temp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-02 08:32 . 2012-11-12 16:38 45856 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-06-23 22:57 . 2010-06-22 16:15 78277128 ----a-w- c:\windows\system32\MRT.exe
2013-05-19 12:01 . 2011-03-28 16:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-01 07:03 . 2013-05-01 07:03 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-01 07:03 . 2013-05-01 07:03 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-05-01 07:03 . 2013-05-01 07:03 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-05-01 07:03 . 2013-05-01 07:03 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-05-01 07:02 . 2013-05-01 07:02 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-05-01 07:02 . 2013-05-01 07:02 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-05-01 07:02 . 2013-05-01 07:02 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-05-01 07:02 . 2013-05-01 07:02 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-05-01 07:02 . 2013-05-01 07:02 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-05-01 07:02 . 2013-05-01 07:02 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-05-01 07:02 . 2013-05-01 07:02 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-05-01 07:02 . 2013-05-01 07:02 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-05-01 07:02 . 2013-05-01 07:02 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-01 07:02 . 2013-05-01 07:02 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-05-01 07:02 . 2013-05-01 07:02 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-05-01 07:02 . 2013-05-01 07:02 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-05-01 07:02 . 2013-05-01 07:02 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-05-01 07:02 . 2013-05-01 07:02 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-05-01 07:02 . 2013-05-01 07:02 197120 ----a-w- c:\windows\system32\msrating.dll
2013-05-01 07:02 . 2013-05-01 07:02 216064 ----a-w- c:\windows\system32\msls31.dll
2013-05-01 07:02 . 2013-05-01 07:02 441856 ----a-w- c:\windows\system32\html.iec
2013-05-01 07:02 . 2013-05-01 07:02 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-05-01 07:02 . 2013-05-01 07:02 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-05-01 07:02 . 2013-05-01 07:02 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-05-01 07:02 . 2013-05-01 07:02 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-05-01 07:02 . 2013-05-01 07:02 81408 ----a-w- c:\windows\system32\icardie.dll
2013-05-01 07:02 . 2013-05-01 07:02 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-05-01 07:02 . 2013-05-01 07:02 235008 ----a-w- c:\windows\system32\url.dll
2013-05-01 07:02 . 2013-05-01 07:02 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-05-01 07:02 . 2013-05-01 07:02 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-05-01 07:02 . 2013-05-01 07:02 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-01 07:02 . 2013-05-01 07:02 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-05-01 07:02 . 2013-05-01 07:02 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-05-01 07:02 . 2013-05-01 07:02 102912 ----a-w- c:\windows\system32\inseng.dll
2013-05-01 07:02 . 2013-05-01 07:02 144896 ----a-w- c:\windows\system32\wextract.exe
2013-05-01 07:02 . 2013-05-01 07:02 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-05-01 07:02 . 2013-05-01 07:02 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-05-01 07:02 . 2013-05-01 07:02 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-05-01 07:02 . 2013-05-01 07:02 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-05-01 07:02 . 2013-05-01 07:02 149504 ----a-w- c:\windows\system32\occache.dll
2013-05-01 07:02 . 2013-05-01 07:02 13824 ----a-w- c:\windows\system32\mshta.exe
2013-05-01 07:02 . 2013-05-01 07:02 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-05-01 07:02 . 2013-05-01 07:02 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-05-01 07:02 . 2013-05-01 07:02 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-05-01 07:02 . 2013-05-01 07:02 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-05-01 07:02 . 2013-05-01 07:02 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-05-01 07:02 . 2013-05-01 07:02 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-05-01 07:02 . 2013-05-01 07:02 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-05-01 07:02 . 2013-05-01 07:02 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-05-01 06:59 . 2013-05-01 06:59 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-01 06:59 . 2013-05-01 06:59 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-05-01 06:59 . 2013-05-01 06:59 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-05-01 06:59 . 2013-05-01 06:59 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2013-05-01 06:59 . 2013-05-01 06:59 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-05-01 06:59 . 2013-05-01 06:59 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-05-01 06:59 . 2013-05-01 06:59 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-05-01 06:59 . 2013-05-01 06:59 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-05-01 06:59 . 2013-05-01 06:59 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-05-01 06:59 . 2013-05-01 06:59 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-05-01 06:59 . 2013-05-01 06:59 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-05-01 06:59 . 2013-05-01 06:59 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-05-01 06:59 . 2013-05-01 06:59 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-05-01 06:59 . 2013-05-01 06:59 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-05-01 06:59 . 2013-05-01 06:59 1504768 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-05-01 06:59 . 2013-05-01 06:59 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-05-01 06:59 . 2013-05-01 06:59 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-05-01 06:59 . 2013-05-01 06:59 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-05-01 06:59 . 2013-05-01 06:59 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-05-01 06:59 . 2013-05-01 06:59 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-05-01 06:59 . 2013-05-01 06:59 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-05-01 06:59 . 2013-05-01 06:59 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-05-01 06:59 . 2013-05-01 06:59 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-05-01 06:59 . 2013-05-01 06:59 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-05-01 06:59 . 2013-05-01 06:59 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-05-01 06:59 . 2013-05-01 06:59 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-05-01 06:59 . 2013-05-01 06:59 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-05-01 06:59 . 2013-05-01 06:59 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-05-01 06:59 . 2013-05-01 06:59 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-05-01 06:59 . 2013-05-01 06:59 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-05-01 06:59 . 2013-05-01 06:59 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{fa887e92-8f5f-4ec9-99ca-09be0e4120d6}"= "c:\program files (x86)\AddThis Toolbar\Helper.dll" [2011-05-08 357376]
.
[HKEY_CLASSES_ROOT\clsid\{fa887e92-8f5f-4ec9-99ca-09be0e4120d6}]
[HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{4ACB7285-8557-43C3-80DA-22D40B15DC77}]
[HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-08-12 6203296]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2009-08-12 352256]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2009-06-02 423936]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-01-13 34088]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-08-12 6203296]
.
c:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
c:\users\temp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 pr2anfab;Helldorado Drivers Auto Removal (pr2anfab);c:\windows\system32\pr2anfab.exe svc;c:\windows\SYSNATIVE\pr2anfab.exe svc [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8187B.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 pe3anfab;Helldorado Environment Driver (pe3anfab);c:\windows\system32\drivers\pe3anfab.sys;c:\windows\SYSNATIVE\drivers\pe3anfab.sys [x]
S0 pf2anfab;Helldorado File System Driver (pf2anfab);c:\windows\system32\drivers\pf2anfab.sys;c:\windows\SYSNATIVE\drivers\pf2anfab.sys [x]
S0 ps7anfab;Helldorado Synchronization Driver (ps7anfab);c:\windows\system32\drivers\ps7anfab.sys;c:\windows\SYSNATIVE\drivers\ps7anfab.sys [x]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys;c:\windows\SYSNATIVE\DRIVERS\tos_sps64.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsfiltera.sys [x]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys;c:\windows\SYSNATIVE\drivers\IntcHdmi.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-15 13:51 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-07-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1718553088-1064719229-2117249098-1000Core.job
- c:\users\edita\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-25 05:21]
.
2013-07-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1718553088-1064719229-2117249098-1000UA.job
- c:\users\edita\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-25 05:21]
.
2013-07-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-14 14:19]
.
2013-07-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-14 14:19]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-08-03 709976]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2009-08-06 1050000]
"TosNC"="c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe" [BU]
"TosReelTimeMonitor"="c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 365592]
"SmoothView"="c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe" [BU]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"00TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SmartFaceVWatcher"="c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [BU]
"Teco"="c:\program files (x86)\TOSHIBA\TECO\Teco.exe" [BU]
"TosWaitSrv"="c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe" [BU]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 81.27.192.33 81.27.192.97 192.168.1.254
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\TeamViewer\Version8\TeamViewer.exe
c:\program files (x86)\TeamViewer\Version8\tv_w32.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
.
**************************************************************************
.
Celkový čas: 2013-07-21 12:01:58 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-07-21 10:01
ComboFix2.txt 2013-07-21 09:08
.
Před spuštěním: Volných bajtů: 67 613 184 000
Po spuštění: Volných bajtů: 67 168 567 296
.
- - End Of File - - 898C0A49E1AC03D718194DE99681E1F4
A36C5E4F47E84449FF07ED3517B43A31

#8 Příspěvek od **stell** » 21 črc 2013 12:00

ok, premenuj ikonku combofixu na uninstall
a spust, odklikaj ok,ok,ok, combofix sa odinstaluje z pocitaca.

Ak uz nemas ziadne problemy tak tot vsjo.
Mozes porobit co si chcela,... Mám v plánu po skončení vytvořit bratránkovi samostatný účet...

basta · #9 Příspěvek od **basta** » 21 črc 2013 21:50

Vypadá to dobře! Díky moc.

Jo, akorát se mi pořád dokola instaluje aktualizace windows kb2813170, vždycky to hlásí úspěch, pak se znovu instaluje při vypínání a pak po restartu se chce znovu instalovat.

#10 Příspěvek od **stell** » 22 črc 2013 09:14

Zda sa ze microsoftu zasa nieco sa podarilo,
Skus to takto.
http://support.microsoft.com/kb/910339
Jak lze zjistit, zda je aktualizace nainstalována
potom napis.

VIRY.CZ

Policejní vir

Policejní vir

Re: Policejní vir

Re: Policejní vir

Re: Policejní vir

Re: Policejní vir

Re: Policejní vir

Re: Policejní vir

Re: Policejní vir

Re: Policejní vir

Re: Policejní vir