Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Trochu mě zlobilo Pc

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Čarls
Přítel fóra
Přítel fóra
Příspěvky: 1094
Registrován: 05 srp 2006 16:23
Bydliště: U Safari

Trochu mě zlobilo Pc

#1 Příspěvek od Čarls »

Trochu mě zlobilo Pc a proto prosím o preventivní posouzení logu z Combofixu
Děkuji předem za případnou pomoc

ComboFix 13-11-15.01 - Karel 15.11.2013 21:03:18.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8189.5707 [GMT 1:00]
Spuštěný z: c:\users\Karel\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
* Vytvořen nový Bod Obnovení
.
ADS - Windows: deleted 24 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Karel\AppData\Roaming\inst.exe
c:\windows\SysWow64\FlashPlayerApp.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-15 do 2013-11-15 )))))))))))))))))))))))))))))))
.
.
2013-11-13 18:28 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-11-13 18:28 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-11-13 18:28 . 2013-10-04 02:28 190464 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-11-13 18:28 . 2013-10-04 02:25 197120 ----a-w- c:\windows\system32\credui.dll
2013-11-13 18:28 . 2013-10-04 02:24 1930752 ----a-w- c:\windows\system32\authui.dll
2013-11-13 18:28 . 2013-10-04 01:58 152576 ----a-w- c:\windows\SysWow64\SmartcardCredentialProvider.dll
2013-11-13 18:28 . 2013-10-04 01:56 168960 ----a-w- c:\windows\SysWow64\credui.dll
2013-11-13 18:28 . 2013-10-04 01:56 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-11-11 20:46 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-11-09 05:08 . 2013-11-07 23:41 174968 ----a-w- c:\windows\system32\drivers\idmwfp.sys
2013-10-20 11:46 . 2013-10-20 11:46 -------- d-----w- c:\programdata\Package Cache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-13 18:28 . 2012-10-28 21:29 82896128 ----a-w- c:\windows\system32\MRT.exe
2013-11-13 17:41 . 2012-10-28 14:18 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-28 20:25 . 2012-10-28 20:57 6656 ----a-w- c:\windows\system32\lpcio.dll
2013-10-16 01:55 . 2013-10-16 01:55 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-10-16 01:55 . 2013-10-16 01:55 312744 ----a-w- c:\windows\system32\javaws.exe
2013-10-16 01:55 . 2013-10-16 01:55 189352 ----a-w- c:\windows\system32\javaw.exe
2013-10-16 01:55 . 2013-10-16 01:55 189352 ----a-w- c:\windows\system32\java.exe
2013-10-08 05:50 . 2013-10-16 01:59 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-27 03:18 . 2013-10-12 05:17 1147480 ----a-w- c:\windows\system32\drivers\NISx64\1501000.012\symefa64.sys
2013-09-27 02:26 . 2013-10-12 05:17 858200 ----a-w- c:\windows\system32\drivers\NISx64\1501000.012\srtsp64.sys
2013-09-26 03:28 . 2013-10-12 05:17 590936 ----a-w- c:\windows\system32\drivers\NISx64\1501000.012\symnets.sys
2013-09-26 02:50 . 2013-10-12 05:17 162392 ----a-w- c:\windows\system32\drivers\NISx64\1501000.012\ccsetx64.sys
2013-09-25 02:22 . 2013-11-13 18:27 340992 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 01:57 . 2013-11-13 18:27 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-21 08:49 . 2012-10-28 11:30 3008880 ----a-w- c:\windows\system32\auto_reactivate.exe
2013-09-12 08:58 . 2013-09-19 20:05 9281032 ----a-w- c:\windows\system32\nvcuda.dll
2013-09-12 08:58 . 2013-09-19 20:05 7720576 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-09-12 08:58 . 2013-09-19 20:05 7648000 ----a-w- c:\windows\system32\nvopencl.dll
2013-09-12 08:58 . 2013-09-19 20:05 681760 ----a-w- c:\windows\system32\NvFBC64.dll
2013-09-12 08:58 . 2013-09-19 20:05 6329552 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-09-12 08:58 . 2013-09-19 20:05 603424 ----a-w- c:\windows\system32\NvIFR64.dll
2013-09-12 08:58 . 2013-09-19 20:05 586016 ----a-w- c:\windows\SysWow64\NvFBC.dll
2013-09-12 08:58 . 2013-09-19 20:05 515360 ----a-w- c:\windows\SysWow64\NvIFR.dll
2013-09-12 08:58 . 2013-09-19 20:05 2970400 ----a-w- c:\windows\system32\nvcuvid.dll
2013-09-12 08:58 . 2013-09-19 20:05 29337376 ----a-w- c:\windows\system32\nvoglv64.dll
2013-09-12 08:58 . 2013-09-19 20:05 2789152 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-09-12 08:58 . 2013-09-19 20:05 2630304 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-09-12 08:58 . 2013-09-19 20:05 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2013-09-12 08:58 . 2013-09-19 20:05 2367264 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-09-12 08:58 . 2013-09-19 20:05 22102304 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-09-12 08:58 . 2013-09-19 20:05 2007328 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-09-12 08:58 . 2013-09-19 20:05 1884448 ----a-w- c:\windows\system32\nvdispco6432723.dll
2013-09-12 08:58 . 2013-09-19 20:05 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-09-12 08:58 . 2013-09-19 20:05 1511712 ----a-w- c:\windows\system32\nvdispgenco6432723.dll
2013-09-12 08:58 . 2013-09-19 20:05 13628208 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-09-12 08:58 . 2013-09-19 20:05 12947360 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-09-12 08:58 . 2013-09-19 20:05 11274528 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-09-12 08:58 . 2013-09-15 19:07 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-09-12 08:58 . 2013-09-15 19:07 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-09-12 08:58 . 2013-09-15 19:06 2986672 ----a-w- c:\windows\system32\nvapi64.dll
2013-09-12 08:58 . 2013-09-15 19:06 15901448 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-09-12 08:58 . 2013-09-15 19:06 15703688 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-09-12 07:25 . 2013-09-15 19:07 6599968 ----a-w- c:\windows\system32\nvcpl.dll
2013-09-12 07:25 . 2013-09-15 19:07 3452192 ----a-w- c:\windows\system32\nvsvc64.dll
2013-09-12 07:25 . 2013-09-15 19:07 920864 ----a-w- c:\windows\system32\nvvsvc.exe
2013-09-12 07:25 . 2013-09-15 19:07 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-09-12 07:25 . 2013-09-15 19:07 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-09-12 07:25 . 2013-09-15 19:07 219424 ----a-w- c:\windows\system32\nvmctray.dll
2013-09-11 23:17 . 2013-09-11 23:17 571168 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-09-08 20:29 . 2012-07-17 12:37 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-09-08 05:56 . 2012-12-21 21:11 25640 ----a-w- c:\windows\etdrv.sys
2013-09-08 05:56 . 2012-10-28 11:24 30528 ----a-w- c:\windows\GVTDrv64.sys
2013-09-08 05:56 . 2012-10-28 11:23 25640 ----a-w- c:\windows\gdrv.sys
2013-09-08 02:30 . 2013-10-09 02:21 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-09 02:21 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-09 02:21 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-09-04 12:12 . 2013-10-09 02:19 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-09 02:19 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-09 02:19 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-09 02:19 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-09 02:19 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-09 02:19 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-09 02:19 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-09-04 02:28 . 2012-10-28 11:05 177752 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-08-29 02:17 . 2013-10-09 02:21 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-09 02:21 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-09 02:21 243712 ----a-w- c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-09 02:21 859648 ----a-w- c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-09 02:21 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-09 02:21 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-09 02:21 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-09 02:21 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-09 02:21 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-09 02:21 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-09 02:21 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-09 02:21 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-29 01:29 . 2013-10-09 02:21 33280 ----a-w- c:\windows\system32\drivers\usbser.sys
2013-08-29 00:49 . 2013-10-09 02:21 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-09 02:21 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-09 02:21 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-09 02:21 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-08-28 01:21 . 2013-10-09 02:21 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-08-28 01:12 . 2013-10-09 02:20 461312 ----a-w- c:\windows\system32\scavengeui.dll
2013-08-20 08:26 . 2013-06-09 17:18 1446912 ----a-w- c:\windows\system32\VSFilter.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2012-06-29 5980024]
"AcronisTimounterMonitor"="c:\program files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe" [2012-06-29 1173224]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-08-09 5263504]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
USB Sharing.lnk - c:\program files (x86)\USB Sharing\usbshare.exe [2012-10-28 139264]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0autocheck auto_reactivate \\?\Volume{68697fcb-6d5b-11e2-9015-902b34914d28}\bootwiz\asrm.bin
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys;c:\windows\SYSNATIVE\DRIVERS\lgbtpt64.sys [x]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys;c:\windows\SYSNATIVE\DRIVERS\lgbtbs64.sys [x]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys;c:\windows\SYSNATIVE\DRIVERS\lgvmdm64.sys [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1501000.012\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1501000.012\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1501000.012\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1501000.012\SYMEFA64.SYS [x]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys;c:\windows\SYSNATIVE\DRIVERS\vididr.sys [x]
S0 vidsflt67;Acronis Disk Storage Filter (67);c:\windows\system32\DRIVERS\vsflt67.sys;c:\windows\SYSNATIVE\DRIVERS\vsflt67.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20131101.003\BHDrvx64.sys;c:\program files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20131101.003\BHDrvx64.sys [x]
S1 ccSet_NIS;NIS Settings Manager;c:\windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1501000.012\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\IPSDefs\20131114.001\IDSvia64.sys;c:\program files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\IPSDefs\20131114.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1501000.012\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1501000.012\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1501000.012\SYMNETS.SYS [x]
S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys;c:\windows\SYSNATIVE\DRIVERS\idmwfp.sys [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe;c:\program files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
S3 AVER_H193;AVerMedia H193 Video Capture;c:\windows\system32\drivers\AVer888RC_64.sys;c:\windows\SYSNATIVE\drivers\AVer888RC_64.sys [x]
S3 CXCIR;AVerMedia Consumer Infrared Receiver;c:\windows\system32\DRIVERS\AVer888RCIR_64.sys;c:\windows\SYSNATIVE\DRIVERS\AVer888RCIR_64.sys [x]
S3 DKRtWrt;DKRtWrt;c:\windows\system32\DRIVERS\DKRtWrt.sys;c:\windows\SYSNATIVE\DRIVERS\DKRtWrt.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-28 17:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-11-15 23:07 23496 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2012-06-29 403552]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-04 1840720]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-03 767312]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
.
------- Doplňkový sken -------
.
uStart Page = https://www.gemoney.cz/lide
uLocal Page = c:\windows\system32\blank.htm
uSearchURL,(Default) = hxxp://search.daum.net/search?nil_profile=ie&ref_code=ms&q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Stáhnout s IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: Stáhnout Star Downloaderem
Trusted Zone: csob.cz\ib24
TCP: DhcpNameServer = 192.168.0.254
FF - ProfilePath - c:\users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\3xsmdpzu.default-1364998690183\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.type - 4
FF - user.js: nglayout.initialpaint.delay - 100
FF - user.js: content.notify.ontimer - true
FF - user.js: content.notify.interval - 100000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 4
FF - user.js: network.http.max-persistent-connections-per-server - 2
FF - user.js: browser.sessionstore.resume_session_once - true
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-EfficientPIM - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers- - (no file)
ShellIconOverlayIdentifiers- - (no file)
ShellIconOverlayIdentifiers- - (no file)
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2487367 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2656351 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2736428 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2742595 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939v3 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2858302v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2604121 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656351 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656405 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2686827 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2729449 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2736428 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2737019 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2742595 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2789642 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2804576 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2835393 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2840628 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2840628v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2858302v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\21.1.0.18\diMaster.dll\" /prefetch:1"
"ImagePath"="\SystemRoot\System32\Drivers\NISx64\1501000.012\SYMNETS.SYS"
"TrustedImagePaths"="c:\program files (x86)\Norton Internet Security\Engine\21.1.0.18;c:\program files (x86)\Norton Internet Security\Engine64\21.1.0.18"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-763623151-130089330-3102020656-1000_Classes\Wow6432Node\CLSID\{18b39737-b623-4295-a1af-3992d72abf65}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:0000011c
"Therad"=dword:0000001d
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_USERS\S-1-5-21-763623151-130089330-3102020656-1000_Classes\Wow6432Node\CLSID\{1b4a2c5f-cc4e-412f-a118-79646a9355fe}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:000000a0
"Therad"=dword:0000002f
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,2e,01,00,a6,5d,03,eb,90,e8,ca,5c,64,d8,60,f3,33,f7,8e,a9,d8,3e,b0,\
.
[HKEY_USERS\S-1-5-21-763623151-130089330-3102020656-1000_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):7c,2a,a4,44,4d,8b,ab,c2,e3,d0,87,69,0d,88,32,fe,63,ec,53,a4,0f,
c1,cf,17,01,b2,08,29,25,ff,78,ea,56,fa,f6,01,c1,55,a6,04,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-763623151-130089330-3102020656-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):86,8d,92,59,bd,9b,f3,4f,f9,be,6d,49,fa,2c,08,d7,ef,b7,b2,f1,1a,
95,bf,68,a3,4d,9f,95,c9,ba,68,76,ae,95,2f,ea,a6,6e,81,eb,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-11-15 21:10:36
ComboFix-quarantined-files.txt 2013-11-15 20:10
.
Před spuštěním: Volných bajtů: 37 505 982 464
Po spuštění: Volných bajtů: 37 335 638 016
.
- - End Of File - - DEDD2FBA92556FE27BEAA63545B8FCEB
A36C5E4F47E84449FF07ED3517B43A31
Nikdo není dobrý náhodně,ctnosti je třeba se učit.
SENECA

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Trochu mě zlobilo Pc

#2 Příspěvek od Rudy »

Ahoj!
Log vypadá čistý. Nic nebezpečného tam nemáš. :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Čarls
Přítel fóra
Přítel fóra
Příspěvky: 1094
Registrován: 05 srp 2006 16:23
Bydliště: U Safari

Re: Trochu mě zlobilo Pc

#3 Příspěvek od Čarls »

Díky moc mějte se hezky a ať se daří :)
Nikdo není dobrý náhodně,ctnosti je třeba se učit.
SENECA

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Trochu mě zlobilo Pc

#4 Příspěvek od Rudy »

Čarls píše:Díky moc mějte se hezky a ať se daří :)
Tobě taky a nemáš zač! :thumbsup:
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno