ComboFix 13-12-29.01 - Libor 29.12.2013 19:28:20.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3955.2350 [GMT 1:00]
Spuštěný z: c:\users\Libor\Desktop\ComboFix.exe
AV: AVG AntiVirus Business Edition *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Business Edition *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Toshiba
c:\users\Libor\AppData\Roaming\Toshiba
c:\users\Libor\AppData\Roaming\Toshiba\ReelTime\Backup\ReelTimeMonitorData.dat
c:\users\Libor\AppData\Roaming\Toshiba\ReelTime\ReelTimeMonitorData.dat
c:\users\Lucka\AppData\Roaming\Toshiba
c:\users\Lucka\AppData\Roaming\Toshiba\ReelTime\Backup\ReelTimeMonitorData.dat
c:\users\Lucka\AppData\Roaming\Toshiba\ReelTime\ReelTimeMonitorData.dat
c:\users\Mamka\AppData\Roaming\Toshiba
c:\users\Mamka\AppData\Roaming\Toshiba\ReelTime\Backup\ReelTimeMonitorData.dat
c:\users\Mamka\AppData\Roaming\Toshiba\ReelTime\ReelTimeMonitorData.dat
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-28 do 2013-12-29 )))))))))))))))))))))))))))))))
.
.
2013-12-29 18:38 . 2013-12-29 18:38 -------- d-----w- c:\users\Mamka\AppData\Local\temp
2013-12-29 18:38 . 2013-12-29 18:38 -------- d-----w- c:\users\Lucka\AppData\Local\temp
2013-12-29 18:38 . 2013-12-29 18:38 -------- d-----w- c:\users\Klárka\AppData\Local\temp
2013-12-29 18:38 . 2013-12-29 18:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-29 17:42 . 2013-12-29 17:42 -------- d-----w- C:\rsit
2013-12-29 17:42 . 2013-12-29 17:42 -------- d-----w- c:\program files\trend micro
2013-12-29 17:25 . 2013-12-29 17:25 -------- d-----w- c:\users\Libor\AppData\Roaming\CD-LabelPrint
2013-12-29 17:24 . 2013-12-29 17:24 -------- d-----w- c:\users\Libor\AppData\Local\Canon Easy-PhotoPrint EX
2013-12-29 17:19 . 2010-03-18 18:25 307200 ----a-w- c:\windows\SysWow64\CNC6100L.dll
2013-12-29 17:19 . 2010-03-18 16:11 106496 ----a-w- c:\windows\SysWow64\CNC6100U.dll
2013-12-29 17:19 . 2008-08-25 17:02 15872 ----a-w- c:\windows\SysWow64\CNHMCA.dll
2013-12-29 17:18 . 2013-12-29 17:18 -------- d--h--w- c:\programdata\CanonBJ
2013-12-29 17:18 . 2012-03-14 04:00 385024 ----a-w- c:\windows\system32\CNMLMAG.DLL
2013-12-29 17:09 . 2010-05-06 04:00 361472 ----a-w- c:\windows\system32\CNMXLMAG.DLL
2013-12-29 17:05 . 2013-12-29 17:05 -------- d-----w- c:\program files\Canon
2013-12-29 16:46 . 2013-12-29 16:46 -------- d-----w- c:\programdata\CanonIJ
2013-12-29 16:39 . 2013-12-29 16:39 -------- d-----w- c:\programdata\Canon IJ Network Tool
2013-12-29 16:30 . 2013-12-29 16:30 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2013-12-29 16:29 . 2010-03-11 07:57 248320 ----a-w- c:\windows\system32\CNMIUAG.DLL
2013-12-28 22:13 . 2013-12-28 22:13 -------- d-----w- c:\windows\ERUNT
2013-12-28 22:06 . 2013-12-28 22:07 -------- d-----w- C:\AdwCleaner
2013-12-28 21:52 . 2013-12-28 21:52 -------- d-----w- c:\users\Mamka\AppData\Roaming\PC Suite
2013-12-28 21:50 . 2013-12-28 21:50 -------- d-----w- c:\users\Lucka\AppData\Roaming\PC Suite
2013-12-28 21:01 . 2013-12-28 21:01 -------- d-----w- c:\users\Klárka\AppData\Roaming\PC Suite
2013-12-28 17:16 . 2013-12-28 20:25 -------- d-----w- C:\FRST
2013-12-28 12:08 . 2012-06-22 10:01 22704 ----a-w- c:\windows\system32\drivers\EsgScanner.sys
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconF7A21AF7.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconD7F16134.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\Icon1226A4C5.exe
2013-12-28 12:08 . 2013-12-28 12:08 -------- d-----w- C:\sh4ldr
2013-12-28 12:08 . 2013-12-28 12:08 -------- d-----w- c:\program files\Enigma Software Group
2013-12-28 10:55 . 2013-12-28 10:55 -------- d-----w- c:\users\Klárka\AppData\Roaming\WinRAR
2013-12-23 18:11 . 2013-12-23 18:11 -------- d-----w- c:\program files (x86)\WebexpEnhancedV1
2013-12-21 19:30 . 2013-12-21 19:30 -------- d-----w- c:\program files (x86)\Microsoft WSE
2013-12-21 19:30 . 2006-09-28 15:05 3977496 ----a-w- c:\windows\system32\d3dx9_31.dll
2013-12-21 19:30 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll
2013-12-21 19:11 . 2013-12-21 19:11 -------- d-----w- c:\program files (x86)\Electronic Arts
2013-12-17 10:36 . 2013-12-17 10:36 -------- d-----w- c:\users\Libor\AppData\Roaming\Nokia Suite
2013-12-17 10:16 . 2013-12-17 10:18 -------- d-----w- c:\users\Libor\AppData\Local\Nokia
2013-12-17 10:16 . 2013-12-17 10:16 -------- d-----w- c:\programdata\Nokia
2013-12-17 10:16 . 2013-12-17 10:16 -------- d-----w- c:\program files (x86)\Common Files\Nokia
2013-12-17 10:15 . 2012-10-17 13:53 26112 ----a-w- c:\windows\system32\drivers\pccsmcfdx64.sys
2013-12-17 10:15 . 2013-12-17 10:15 -------- d-----w- c:\program files (x86)\PC Connectivity Solution
2013-12-17 10:14 . 2013-12-17 10:16 -------- d-----w- c:\program files (x86)\Nokia
2013-12-17 08:00 . 2013-12-17 12:51 -------- d-----w- c:\users\Libor\AppData\Roaming\Nokia
2013-12-17 08:00 . 2013-12-17 08:24 -------- d-----w- c:\users\Libor\AppData\Roaming\PC Suite
2013-12-17 08:00 . 2013-12-17 08:23 -------- d-----w- c:\programdata\PC Suite
2013-12-17 07:58 . 2013-12-17 07:58 -------- d-----w- c:\program files\DIFX
2013-12-17 07:57 . 2013-01-23 09:31 57856 ----a-w- c:\windows\system32\nmwcdclsX64.dll
2013-12-17 07:55 . 2013-12-17 07:55 -------- d-----w- c:\programdata\Installations
2013-12-16 14:22 . 2013-12-16 14:22 -------- d-----w- c:\users\Libor\AppData\Local\Apple
2013-12-16 14:21 . 2013-12-16 14:21 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-16 14:21 . 2013-12-16 14:21 -------- d-----w- c:\users\Libor\AppData\Local\Apple Computer
2013-12-16 13:52 . 2013-12-16 13:53 -------- d-----w- c:\users\Lucka\AppData\Local\Google
2013-12-16 13:50 . 2013-12-16 13:50 -------- d-----w- c:\users\Lucka\AppData\Roaming\dvdcss
2013-12-16 13:38 . 2013-12-16 13:38 -------- d-----w- c:\users\Klárka\AppData\Roaming\dvdcss
2013-12-16 13:32 . 2013-12-16 13:33 -------- d-----w- c:\users\Libor\AppData\Roaming\vlc
2013-12-14 08:02 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-14 08:02 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-14 08:02 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-14 08:02 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-14 08:02 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-14 08:01 . 2013-11-27 00:20 235216 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll
2013-12-14 08:01 . 2013-11-26 10:19 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-12-14 08:01 . 2013-11-26 09:23 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-12-14 08:01 . 2013-11-27 00:52 293072 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2013-12-14 08:01 . 2013-11-26 10:18 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-12-14 08:01 . 2013-11-26 08:34 482816 ----a-w- c:\program files\Internet Explorer\ieinstal.exe
2013-12-14 08:01 . 2013-11-26 07:55 469504 ----a-w- c:\program files (x86)\Internet Explorer\ieinstal.exe
2013-12-14 08:01 . 2013-11-26 06:48 353280 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2013-12-14 08:01 . 2013-11-26 06:41 251392 ----a-w- c:\program files (x86)\Internet Explorer\IEShims.dll
2013-12-14 08:01 . 2013-11-26 06:22 270848 ----a-w- c:\program files (x86)\Internet Explorer\ieproxy.dll
2013-12-12 08:58 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-12-12 08:58 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-09 09:48 . 2013-12-09 09:48 -------- d-----w- c:\users\Libor\AppData\Local\Diagnostics
2013-12-05 11:07 . 2013-12-05 11:07 -------- d-----w- c:\windows\Migration
2013-12-05 11:03 . 2013-12-05 11:03 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-05 11:03 . 2013-12-05 11:03 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-05 11:03 . 2013-12-05 11:03 806096 ----a-w- c:\program files (x86)\Internet Explorer\iexplore.exe
2013-12-05 11:03 . 2013-12-05 11:03 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-05 11:03 . 2013-12-05 11:03 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-05 11:03 . 2013-12-05 11:03 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-05 11:03 . 2013-12-05 11:03 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-05 10:55 . 2013-09-08 02:30 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-12-05 10:54 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2013-12-03 16:14 . 2013-12-16 13:58 -------- d-----w- c:\users\Mamka\AppData\Roaming\vlc
2013-12-03 16:12 . 2013-12-16 13:51 -------- d-----w- c:\users\Lucka\AppData\Roaming\vlc
2013-12-03 16:11 . 2013-12-03 16:11 -------- d-----w- c:\users\Lucka\AppData\Local\VirtualStore
2013-12-03 16:09 . 2013-12-16 13:42 -------- d-----w- c:\users\Klárka\AppData\Roaming\vlc
2013-12-03 13:50 . 2013-12-15 07:41 -------- d-----w- c:\users\Libor\AppData\Roaming\dvdcss
2013-12-03 13:01 . 2013-12-16 13:26 -------- d-----w- c:\program files (x86)\VideoLAN
2013-12-03 12:59 . 2013-12-03 12:59 79 ----a-w- c:\windows\SysWow64\ssinstall-uninstall.bat
2013-12-03 12:59 . 2013-12-03 12:59 2324216 ----a-w- c:\windows\SysWow64\ssins.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconF7A21AF7.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconF7A21AF7.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconD7F16134.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconD7F16134.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\Icon1226A4C5.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\Icon1226A4C5.exe
2013-12-15 19:10 . 2013-07-04 12:17 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-12 09:18 . 2013-07-03 07:05 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-12 09:18 . 2013-07-03 07:05 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-05 11:02 . 2013-12-05 11:02 208384 ----a-w- c:\windows\SysWow64\webcheck.dll
2013-12-05 11:02 . 2013-12-05 11:02 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-25 00:48 . 2013-11-25 00:48 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2013-10-23 00:05 . 2013-10-23 00:05 45880 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
2013-10-21 20:44 . 2013-10-21 20:44 53248 ----a-r- c:\users\Libor\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-10-21 20:43 . 2013-07-04 06:03 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-10-14 17:00 . 2013-07-04 14:42 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-10-12 02:30 . 2013-11-17 12:33 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-17 12:33 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-17 12:33 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-17 12:33 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-17 12:33 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-10-08 05:50 . 2013-10-21 20:08 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-05 20:25 . 2013-11-17 12:33 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 19:57 . 2013-11-17 12:33 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-10-03 02:23 . 2013-11-17 12:33 404480 ----a-w- c:\windows\system32\gdi32.dll
2013-10-03 02:00 . 2013-11-17 12:33 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{04724dd3-3640-40ad-86de-591e4929b256}]
2013-12-19 17:36 87552 ----a-w- c:\program files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ie\WebexpEnhancedV1alpha280.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-23 2454840]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-11-20 4411952]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-03-24 599328]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-04 423936]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2010-08-24 206240]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Monitor.lnk - c:\program files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe [2013-7-3 91464]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys;c:\windows\SYSNATIVE\DRIVERS\EsgScanner.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE;c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [x]
S2 ssinstall;SInstalátor;c:\windows\SysWOW64\ssins.exe;c:\windows\SysWOW64\ssins.exe [x]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 10:37 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-03 09:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-22 10134560]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-03-22 896032]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2011-02-10 1546720]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2013-02-21 2991856]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-24 2726728]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/?clid=2
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
AddRemove-ssinstall - c:\windows\system32\ssinstall-uninstall.bat
AddRemove-{2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_231F3FD17DB59CFD.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-12-29 19:51:18
ComboFix-quarantined-files.txt 2013-12-29 18:51
.
Před spuštěním: Volných bajtů: 383 430 049 792
Po spuštění: Volných bajtů: 383 048 396 800
.
- - End Of File - - BC02B1207CB817FEC407915C96C01AFA
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Adware Generic5.AKJO
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Adware Generic5.AKJO
ComboFix 13-12-29.01 - Libor 29.12.2013 19:28:20.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3955.2350 [GMT 1:00]
Spuštěný z: c:\users\Libor\Desktop\ComboFix.exe
AV: AVG AntiVirus Business Edition *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Business Edition *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Toshiba
c:\users\Libor\AppData\Roaming\Toshiba
c:\users\Libor\AppData\Roaming\Toshiba\ReelTime\Backup\ReelTimeMonitorData.dat
c:\users\Libor\AppData\Roaming\Toshiba\ReelTime\ReelTimeMonitorData.dat
c:\users\Lucka\AppData\Roaming\Toshiba
c:\users\Lucka\AppData\Roaming\Toshiba\ReelTime\Backup\ReelTimeMonitorData.dat
c:\users\Lucka\AppData\Roaming\Toshiba\ReelTime\ReelTimeMonitorData.dat
c:\users\Mamka\AppData\Roaming\Toshiba
c:\users\Mamka\AppData\Roaming\Toshiba\ReelTime\Backup\ReelTimeMonitorData.dat
c:\users\Mamka\AppData\Roaming\Toshiba\ReelTime\ReelTimeMonitorData.dat
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-28 do 2013-12-29 )))))))))))))))))))))))))))))))
.
.
2013-12-29 18:38 . 2013-12-29 18:38 -------- d-----w- c:\users\Mamka\AppData\Local\temp
2013-12-29 18:38 . 2013-12-29 18:38 -------- d-----w- c:\users\Lucka\AppData\Local\temp
2013-12-29 18:38 . 2013-12-29 18:38 -------- d-----w- c:\users\Klárka\AppData\Local\temp
2013-12-29 18:38 . 2013-12-29 18:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-29 17:42 . 2013-12-29 17:42 -------- d-----w- C:\rsit
2013-12-29 17:42 . 2013-12-29 17:42 -------- d-----w- c:\program files\trend micro
2013-12-29 17:25 . 2013-12-29 17:25 -------- d-----w- c:\users\Libor\AppData\Roaming\CD-LabelPrint
2013-12-29 17:24 . 2013-12-29 17:24 -------- d-----w- c:\users\Libor\AppData\Local\Canon Easy-PhotoPrint EX
2013-12-29 17:19 . 2010-03-18 18:25 307200 ----a-w- c:\windows\SysWow64\CNC6100L.dll
2013-12-29 17:19 . 2010-03-18 16:11 106496 ----a-w- c:\windows\SysWow64\CNC6100U.dll
2013-12-29 17:19 . 2008-08-25 17:02 15872 ----a-w- c:\windows\SysWow64\CNHMCA.dll
2013-12-29 17:18 . 2013-12-29 17:18 -------- d--h--w- c:\programdata\CanonBJ
2013-12-29 17:18 . 2012-03-14 04:00 385024 ----a-w- c:\windows\system32\CNMLMAG.DLL
2013-12-29 17:09 . 2010-05-06 04:00 361472 ----a-w- c:\windows\system32\CNMXLMAG.DLL
2013-12-29 17:05 . 2013-12-29 17:05 -------- d-----w- c:\program files\Canon
2013-12-29 16:46 . 2013-12-29 16:46 -------- d-----w- c:\programdata\CanonIJ
2013-12-29 16:39 . 2013-12-29 16:39 -------- d-----w- c:\programdata\Canon IJ Network Tool
2013-12-29 16:30 . 2013-12-29 16:30 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2013-12-29 16:29 . 2010-03-11 07:57 248320 ----a-w- c:\windows\system32\CNMIUAG.DLL
2013-12-28 22:13 . 2013-12-28 22:13 -------- d-----w- c:\windows\ERUNT
2013-12-28 22:06 . 2013-12-28 22:07 -------- d-----w- C:\AdwCleaner
2013-12-28 21:52 . 2013-12-28 21:52 -------- d-----w- c:\users\Mamka\AppData\Roaming\PC Suite
2013-12-28 21:50 . 2013-12-28 21:50 -------- d-----w- c:\users\Lucka\AppData\Roaming\PC Suite
2013-12-28 21:01 . 2013-12-28 21:01 -------- d-----w- c:\users\Klárka\AppData\Roaming\PC Suite
2013-12-28 17:16 . 2013-12-28 20:25 -------- d-----w- C:\FRST
2013-12-28 12:08 . 2012-06-22 10:01 22704 ----a-w- c:\windows\system32\drivers\EsgScanner.sys
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconF7A21AF7.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconD7F16134.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\Icon1226A4C5.exe
2013-12-28 12:08 . 2013-12-28 12:08 -------- d-----w- C:\sh4ldr
2013-12-28 12:08 . 2013-12-28 12:08 -------- d-----w- c:\program files\Enigma Software Group
2013-12-28 10:55 . 2013-12-28 10:55 -------- d-----w- c:\users\Klárka\AppData\Roaming\WinRAR
2013-12-23 18:11 . 2013-12-23 18:11 -------- d-----w- c:\program files (x86)\WebexpEnhancedV1
2013-12-21 19:30 . 2013-12-21 19:30 -------- d-----w- c:\program files (x86)\Microsoft WSE
2013-12-21 19:30 . 2006-09-28 15:05 3977496 ----a-w- c:\windows\system32\d3dx9_31.dll
2013-12-21 19:30 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll
2013-12-21 19:11 . 2013-12-21 19:11 -------- d-----w- c:\program files (x86)\Electronic Arts
2013-12-17 10:36 . 2013-12-17 10:36 -------- d-----w- c:\users\Libor\AppData\Roaming\Nokia Suite
2013-12-17 10:16 . 2013-12-17 10:18 -------- d-----w- c:\users\Libor\AppData\Local\Nokia
2013-12-17 10:16 . 2013-12-17 10:16 -------- d-----w- c:\programdata\Nokia
2013-12-17 10:16 . 2013-12-17 10:16 -------- d-----w- c:\program files (x86)\Common Files\Nokia
2013-12-17 10:15 . 2012-10-17 13:53 26112 ----a-w- c:\windows\system32\drivers\pccsmcfdx64.sys
2013-12-17 10:15 . 2013-12-17 10:15 -------- d-----w- c:\program files (x86)\PC Connectivity Solution
2013-12-17 10:14 . 2013-12-17 10:16 -------- d-----w- c:\program files (x86)\Nokia
2013-12-17 08:00 . 2013-12-17 12:51 -------- d-----w- c:\users\Libor\AppData\Roaming\Nokia
2013-12-17 08:00 . 2013-12-17 08:24 -------- d-----w- c:\users\Libor\AppData\Roaming\PC Suite
2013-12-17 08:00 . 2013-12-17 08:23 -------- d-----w- c:\programdata\PC Suite
2013-12-17 07:58 . 2013-12-17 07:58 -------- d-----w- c:\program files\DIFX
2013-12-17 07:57 . 2013-01-23 09:31 57856 ----a-w- c:\windows\system32\nmwcdclsX64.dll
2013-12-17 07:55 . 2013-12-17 07:55 -------- d-----w- c:\programdata\Installations
2013-12-16 14:22 . 2013-12-16 14:22 -------- d-----w- c:\users\Libor\AppData\Local\Apple
2013-12-16 14:21 . 2013-12-16 14:21 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-16 14:21 . 2013-12-16 14:21 -------- d-----w- c:\users\Libor\AppData\Local\Apple Computer
2013-12-16 13:52 . 2013-12-16 13:53 -------- d-----w- c:\users\Lucka\AppData\Local\Google
2013-12-16 13:50 . 2013-12-16 13:50 -------- d-----w- c:\users\Lucka\AppData\Roaming\dvdcss
2013-12-16 13:38 . 2013-12-16 13:38 -------- d-----w- c:\users\Klárka\AppData\Roaming\dvdcss
2013-12-16 13:32 . 2013-12-16 13:33 -------- d-----w- c:\users\Libor\AppData\Roaming\vlc
2013-12-14 08:02 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-14 08:02 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-14 08:02 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-14 08:02 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-14 08:02 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-14 08:01 . 2013-11-27 00:20 235216 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll
2013-12-14 08:01 . 2013-11-26 10:19 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-12-14 08:01 . 2013-11-26 09:23 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-12-14 08:01 . 2013-11-27 00:52 293072 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2013-12-14 08:01 . 2013-11-26 10:18 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-12-14 08:01 . 2013-11-26 08:34 482816 ----a-w- c:\program files\Internet Explorer\ieinstal.exe
2013-12-14 08:01 . 2013-11-26 07:55 469504 ----a-w- c:\program files (x86)\Internet Explorer\ieinstal.exe
2013-12-14 08:01 . 2013-11-26 06:48 353280 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2013-12-14 08:01 . 2013-11-26 06:41 251392 ----a-w- c:\program files (x86)\Internet Explorer\IEShims.dll
2013-12-14 08:01 . 2013-11-26 06:22 270848 ----a-w- c:\program files (x86)\Internet Explorer\ieproxy.dll
2013-12-12 08:58 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-12-12 08:58 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-09 09:48 . 2013-12-09 09:48 -------- d-----w- c:\users\Libor\AppData\Local\Diagnostics
2013-12-05 11:07 . 2013-12-05 11:07 -------- d-----w- c:\windows\Migration
2013-12-05 11:03 . 2013-12-05 11:03 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-05 11:03 . 2013-12-05 11:03 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-05 11:03 . 2013-12-05 11:03 806096 ----a-w- c:\program files (x86)\Internet Explorer\iexplore.exe
2013-12-05 11:03 . 2013-12-05 11:03 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-05 11:03 . 2013-12-05 11:03 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-05 11:03 . 2013-12-05 11:03 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-05 11:03 . 2013-12-05 11:03 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-05 10:55 . 2013-09-08 02:30 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-12-05 10:54 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2013-12-03 16:14 . 2013-12-16 13:58 -------- d-----w- c:\users\Mamka\AppData\Roaming\vlc
2013-12-03 16:12 . 2013-12-16 13:51 -------- d-----w- c:\users\Lucka\AppData\Roaming\vlc
2013-12-03 16:11 . 2013-12-03 16:11 -------- d-----w- c:\users\Lucka\AppData\Local\VirtualStore
2013-12-03 16:09 . 2013-12-16 13:42 -------- d-----w- c:\users\Klárka\AppData\Roaming\vlc
2013-12-03 13:50 . 2013-12-15 07:41 -------- d-----w- c:\users\Libor\AppData\Roaming\dvdcss
2013-12-03 13:01 . 2013-12-16 13:26 -------- d-----w- c:\program files (x86)\VideoLAN
2013-12-03 12:59 . 2013-12-03 12:59 79 ----a-w- c:\windows\SysWow64\ssinstall-uninstall.bat
2013-12-03 12:59 . 2013-12-03 12:59 2324216 ----a-w- c:\windows\SysWow64\ssins.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconF7A21AF7.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconF7A21AF7.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconD7F16134.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconD7F16134.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\Icon1226A4C5.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\Icon1226A4C5.exe
2013-12-15 19:10 . 2013-07-04 12:17 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-12 09:18 . 2013-07-03 07:05 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-12 09:18 . 2013-07-03 07:05 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-05 11:02 . 2013-12-05 11:02 208384 ----a-w- c:\windows\SysWow64\webcheck.dll
2013-12-05 11:02 . 2013-12-05 11:02 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-25 00:48 . 2013-11-25 00:48 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2013-10-23 00:05 . 2013-10-23 00:05 45880 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
2013-10-21 20:44 . 2013-10-21 20:44 53248 ----a-r- c:\users\Libor\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-10-21 20:43 . 2013-07-04 06:03 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-10-14 17:00 . 2013-07-04 14:42 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-10-12 02:30 . 2013-11-17 12:33 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-17 12:33 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-17 12:33 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-17 12:33 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-17 12:33 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-10-08 05:50 . 2013-10-21 20:08 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-05 20:25 . 2013-11-17 12:33 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 19:57 . 2013-11-17 12:33 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-10-03 02:23 . 2013-11-17 12:33 404480 ----a-w- c:\windows\system32\gdi32.dll
2013-10-03 02:00 . 2013-11-17 12:33 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{04724dd3-3640-40ad-86de-591e4929b256}]
2013-12-19 17:36 87552 ----a-w- c:\program files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ie\WebexpEnhancedV1alpha280.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-23 2454840]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-11-20 4411952]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-03-24 599328]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-04 423936]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2010-08-24 206240]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Monitor.lnk - c:\program files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe [2013-7-3 91464]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys;c:\windows\SYSNATIVE\DRIVERS\EsgScanner.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE;c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [x]
S2 ssinstall;SInstalátor;c:\windows\SysWOW64\ssins.exe;c:\windows\SysWOW64\ssins.exe [x]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 10:37 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-03 09:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-22 10134560]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-03-22 896032]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2011-02-10 1546720]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2013-02-21 2991856]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-24 2726728]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/?clid=2
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
AddRemove-ssinstall - c:\windows\system32\ssinstall-uninstall.bat
AddRemove-{2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_231F3FD17DB59CFD.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-12-29 19:51:18
ComboFix-quarantined-files.txt 2013-12-29 18:51
.
Před spuštěním: Volných bajtů: 383 430 049 792
Po spuštění: Volných bajtů: 383 048 396 800
.
- - End Of File - - BC02B1207CB817FEC407915C96C01AFA
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3955.2350 [GMT 1:00]
Spuštěný z: c:\users\Libor\Desktop\ComboFix.exe
AV: AVG AntiVirus Business Edition *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Business Edition *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Toshiba
c:\users\Libor\AppData\Roaming\Toshiba
c:\users\Libor\AppData\Roaming\Toshiba\ReelTime\Backup\ReelTimeMonitorData.dat
c:\users\Libor\AppData\Roaming\Toshiba\ReelTime\ReelTimeMonitorData.dat
c:\users\Lucka\AppData\Roaming\Toshiba
c:\users\Lucka\AppData\Roaming\Toshiba\ReelTime\Backup\ReelTimeMonitorData.dat
c:\users\Lucka\AppData\Roaming\Toshiba\ReelTime\ReelTimeMonitorData.dat
c:\users\Mamka\AppData\Roaming\Toshiba
c:\users\Mamka\AppData\Roaming\Toshiba\ReelTime\Backup\ReelTimeMonitorData.dat
c:\users\Mamka\AppData\Roaming\Toshiba\ReelTime\ReelTimeMonitorData.dat
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-28 do 2013-12-29 )))))))))))))))))))))))))))))))
.
.
2013-12-29 18:38 . 2013-12-29 18:38 -------- d-----w- c:\users\Mamka\AppData\Local\temp
2013-12-29 18:38 . 2013-12-29 18:38 -------- d-----w- c:\users\Lucka\AppData\Local\temp
2013-12-29 18:38 . 2013-12-29 18:38 -------- d-----w- c:\users\Klárka\AppData\Local\temp
2013-12-29 18:38 . 2013-12-29 18:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-29 17:42 . 2013-12-29 17:42 -------- d-----w- C:\rsit
2013-12-29 17:42 . 2013-12-29 17:42 -------- d-----w- c:\program files\trend micro
2013-12-29 17:25 . 2013-12-29 17:25 -------- d-----w- c:\users\Libor\AppData\Roaming\CD-LabelPrint
2013-12-29 17:24 . 2013-12-29 17:24 -------- d-----w- c:\users\Libor\AppData\Local\Canon Easy-PhotoPrint EX
2013-12-29 17:19 . 2010-03-18 18:25 307200 ----a-w- c:\windows\SysWow64\CNC6100L.dll
2013-12-29 17:19 . 2010-03-18 16:11 106496 ----a-w- c:\windows\SysWow64\CNC6100U.dll
2013-12-29 17:19 . 2008-08-25 17:02 15872 ----a-w- c:\windows\SysWow64\CNHMCA.dll
2013-12-29 17:18 . 2013-12-29 17:18 -------- d--h--w- c:\programdata\CanonBJ
2013-12-29 17:18 . 2012-03-14 04:00 385024 ----a-w- c:\windows\system32\CNMLMAG.DLL
2013-12-29 17:09 . 2010-05-06 04:00 361472 ----a-w- c:\windows\system32\CNMXLMAG.DLL
2013-12-29 17:05 . 2013-12-29 17:05 -------- d-----w- c:\program files\Canon
2013-12-29 16:46 . 2013-12-29 16:46 -------- d-----w- c:\programdata\CanonIJ
2013-12-29 16:39 . 2013-12-29 16:39 -------- d-----w- c:\programdata\Canon IJ Network Tool
2013-12-29 16:30 . 2013-12-29 16:30 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2013-12-29 16:29 . 2010-03-11 07:57 248320 ----a-w- c:\windows\system32\CNMIUAG.DLL
2013-12-28 22:13 . 2013-12-28 22:13 -------- d-----w- c:\windows\ERUNT
2013-12-28 22:06 . 2013-12-28 22:07 -------- d-----w- C:\AdwCleaner
2013-12-28 21:52 . 2013-12-28 21:52 -------- d-----w- c:\users\Mamka\AppData\Roaming\PC Suite
2013-12-28 21:50 . 2013-12-28 21:50 -------- d-----w- c:\users\Lucka\AppData\Roaming\PC Suite
2013-12-28 21:01 . 2013-12-28 21:01 -------- d-----w- c:\users\Klárka\AppData\Roaming\PC Suite
2013-12-28 17:16 . 2013-12-28 20:25 -------- d-----w- C:\FRST
2013-12-28 12:08 . 2012-06-22 10:01 22704 ----a-w- c:\windows\system32\drivers\EsgScanner.sys
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconF7A21AF7.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconD7F16134.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\Icon1226A4C5.exe
2013-12-28 12:08 . 2013-12-28 12:08 -------- d-----w- C:\sh4ldr
2013-12-28 12:08 . 2013-12-28 12:08 -------- d-----w- c:\program files\Enigma Software Group
2013-12-28 10:55 . 2013-12-28 10:55 -------- d-----w- c:\users\Klárka\AppData\Roaming\WinRAR
2013-12-23 18:11 . 2013-12-23 18:11 -------- d-----w- c:\program files (x86)\WebexpEnhancedV1
2013-12-21 19:30 . 2013-12-21 19:30 -------- d-----w- c:\program files (x86)\Microsoft WSE
2013-12-21 19:30 . 2006-09-28 15:05 3977496 ----a-w- c:\windows\system32\d3dx9_31.dll
2013-12-21 19:30 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll
2013-12-21 19:11 . 2013-12-21 19:11 -------- d-----w- c:\program files (x86)\Electronic Arts
2013-12-17 10:36 . 2013-12-17 10:36 -------- d-----w- c:\users\Libor\AppData\Roaming\Nokia Suite
2013-12-17 10:16 . 2013-12-17 10:18 -------- d-----w- c:\users\Libor\AppData\Local\Nokia
2013-12-17 10:16 . 2013-12-17 10:16 -------- d-----w- c:\programdata\Nokia
2013-12-17 10:16 . 2013-12-17 10:16 -------- d-----w- c:\program files (x86)\Common Files\Nokia
2013-12-17 10:15 . 2012-10-17 13:53 26112 ----a-w- c:\windows\system32\drivers\pccsmcfdx64.sys
2013-12-17 10:15 . 2013-12-17 10:15 -------- d-----w- c:\program files (x86)\PC Connectivity Solution
2013-12-17 10:14 . 2013-12-17 10:16 -------- d-----w- c:\program files (x86)\Nokia
2013-12-17 08:00 . 2013-12-17 12:51 -------- d-----w- c:\users\Libor\AppData\Roaming\Nokia
2013-12-17 08:00 . 2013-12-17 08:24 -------- d-----w- c:\users\Libor\AppData\Roaming\PC Suite
2013-12-17 08:00 . 2013-12-17 08:23 -------- d-----w- c:\programdata\PC Suite
2013-12-17 07:58 . 2013-12-17 07:58 -------- d-----w- c:\program files\DIFX
2013-12-17 07:57 . 2013-01-23 09:31 57856 ----a-w- c:\windows\system32\nmwcdclsX64.dll
2013-12-17 07:55 . 2013-12-17 07:55 -------- d-----w- c:\programdata\Installations
2013-12-16 14:22 . 2013-12-16 14:22 -------- d-----w- c:\users\Libor\AppData\Local\Apple
2013-12-16 14:21 . 2013-12-16 14:21 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-16 14:21 . 2013-12-16 14:21 -------- d-----w- c:\users\Libor\AppData\Local\Apple Computer
2013-12-16 13:52 . 2013-12-16 13:53 -------- d-----w- c:\users\Lucka\AppData\Local\Google
2013-12-16 13:50 . 2013-12-16 13:50 -------- d-----w- c:\users\Lucka\AppData\Roaming\dvdcss
2013-12-16 13:38 . 2013-12-16 13:38 -------- d-----w- c:\users\Klárka\AppData\Roaming\dvdcss
2013-12-16 13:32 . 2013-12-16 13:33 -------- d-----w- c:\users\Libor\AppData\Roaming\vlc
2013-12-14 08:02 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-14 08:02 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-14 08:02 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-14 08:02 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-14 08:02 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-14 08:01 . 2013-11-27 00:20 235216 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll
2013-12-14 08:01 . 2013-11-26 10:19 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-12-14 08:01 . 2013-11-26 09:23 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-12-14 08:01 . 2013-11-27 00:52 293072 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2013-12-14 08:01 . 2013-11-26 10:18 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-12-14 08:01 . 2013-11-26 08:34 482816 ----a-w- c:\program files\Internet Explorer\ieinstal.exe
2013-12-14 08:01 . 2013-11-26 07:55 469504 ----a-w- c:\program files (x86)\Internet Explorer\ieinstal.exe
2013-12-14 08:01 . 2013-11-26 06:48 353280 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2013-12-14 08:01 . 2013-11-26 06:41 251392 ----a-w- c:\program files (x86)\Internet Explorer\IEShims.dll
2013-12-14 08:01 . 2013-11-26 06:22 270848 ----a-w- c:\program files (x86)\Internet Explorer\ieproxy.dll
2013-12-12 08:58 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-12-12 08:58 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-09 09:48 . 2013-12-09 09:48 -------- d-----w- c:\users\Libor\AppData\Local\Diagnostics
2013-12-05 11:07 . 2013-12-05 11:07 -------- d-----w- c:\windows\Migration
2013-12-05 11:03 . 2013-12-05 11:03 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-05 11:03 . 2013-12-05 11:03 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-05 11:03 . 2013-12-05 11:03 806096 ----a-w- c:\program files (x86)\Internet Explorer\iexplore.exe
2013-12-05 11:03 . 2013-12-05 11:03 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-05 11:03 . 2013-12-05 11:03 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-05 11:03 . 2013-12-05 11:03 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-05 11:03 . 2013-12-05 11:03 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-05 10:55 . 2013-09-08 02:30 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-12-05 10:54 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2013-12-03 16:14 . 2013-12-16 13:58 -------- d-----w- c:\users\Mamka\AppData\Roaming\vlc
2013-12-03 16:12 . 2013-12-16 13:51 -------- d-----w- c:\users\Lucka\AppData\Roaming\vlc
2013-12-03 16:11 . 2013-12-03 16:11 -------- d-----w- c:\users\Lucka\AppData\Local\VirtualStore
2013-12-03 16:09 . 2013-12-16 13:42 -------- d-----w- c:\users\Klárka\AppData\Roaming\vlc
2013-12-03 13:50 . 2013-12-15 07:41 -------- d-----w- c:\users\Libor\AppData\Roaming\dvdcss
2013-12-03 13:01 . 2013-12-16 13:26 -------- d-----w- c:\program files (x86)\VideoLAN
2013-12-03 12:59 . 2013-12-03 12:59 79 ----a-w- c:\windows\SysWow64\ssinstall-uninstall.bat
2013-12-03 12:59 . 2013-12-03 12:59 2324216 ----a-w- c:\windows\SysWow64\ssins.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconF7A21AF7.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconF7A21AF7.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconD7F16134.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconD7F16134.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\Icon1226A4C5.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\Icon1226A4C5.exe
2013-12-15 19:10 . 2013-07-04 12:17 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-12 09:18 . 2013-07-03 07:05 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-12 09:18 . 2013-07-03 07:05 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-05 11:02 . 2013-12-05 11:02 208384 ----a-w- c:\windows\SysWow64\webcheck.dll
2013-12-05 11:02 . 2013-12-05 11:02 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-25 00:48 . 2013-11-25 00:48 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2013-10-23 00:05 . 2013-10-23 00:05 45880 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
2013-10-21 20:44 . 2013-10-21 20:44 53248 ----a-r- c:\users\Libor\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-10-21 20:43 . 2013-07-04 06:03 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-10-14 17:00 . 2013-07-04 14:42 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-10-12 02:30 . 2013-11-17 12:33 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-17 12:33 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-17 12:33 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-17 12:33 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-17 12:33 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-10-08 05:50 . 2013-10-21 20:08 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-05 20:25 . 2013-11-17 12:33 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 19:57 . 2013-11-17 12:33 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-10-03 02:23 . 2013-11-17 12:33 404480 ----a-w- c:\windows\system32\gdi32.dll
2013-10-03 02:00 . 2013-11-17 12:33 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{04724dd3-3640-40ad-86de-591e4929b256}]
2013-12-19 17:36 87552 ----a-w- c:\program files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ie\WebexpEnhancedV1alpha280.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-23 2454840]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-11-20 4411952]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-03-24 599328]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-04 423936]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2010-08-24 206240]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Monitor.lnk - c:\program files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe [2013-7-3 91464]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys;c:\windows\SYSNATIVE\DRIVERS\EsgScanner.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE;c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [x]
S2 ssinstall;SInstalátor;c:\windows\SysWOW64\ssins.exe;c:\windows\SysWOW64\ssins.exe [x]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 10:37 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-03 09:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-22 10134560]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-03-22 896032]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2011-02-10 1546720]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2013-02-21 2991856]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-24 2726728]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/?clid=2
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
AddRemove-ssinstall - c:\windows\system32\ssinstall-uninstall.bat
AddRemove-{2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_231F3FD17DB59CFD.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-12-29 19:51:18
ComboFix-quarantined-files.txt 2013-12-29 18:51
.
Před spuštěním: Volných bajtů: 383 430 049 792
Po spuštění: Volných bajtů: 383 048 396 800
.
- - End Of File - - BC02B1207CB817FEC407915C96C01AFA
-
Rudy
- Site Admin
- Příspěvky: 119533
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Adware Generic5.AKJO
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jak CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll::
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
Driver::
Skype C2C Service
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Adware Generic5.AKJO
ComboFix 13-12-29.01 - Libor 30.12.2013 9:12.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3955.2342 [GMT 1:00]
Spuštěný z: c:\users\Libor\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Libor\Desktop\CFScript.txt
AV: AVG AntiVirus Business Edition *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Business Edition *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Toshiba
c:\users\Libor\AppData\Roaming\TOSHIBA
c:\users\Libor\AppData\Roaming\TOSHIBA\ReelTime\Backup\ReelTimeMonitorData.dat
c:\users\Libor\AppData\Roaming\TOSHIBA\ReelTime\ReelTimeMonitorData.dat
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Skype C2C Service
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-28 do 2013-12-30 )))))))))))))))))))))))))))))))
.
.
2013-12-30 13:26 . 2013-12-30 13:26 -------- d-----w- c:\programdata\Toshiba
2013-12-30 08:26 . 2013-12-30 08:26 -------- d-----w- c:\users\Libor\AppData\Roaming\TOSHIBA
2013-12-30 08:24 . 2013-12-30 08:26 -------- d-----w- c:\users\Klárka\AppData\Local\temp
2013-12-30 08:24 . 2013-12-30 08:24 -------- d-----w- c:\users\Mamka\AppData\Local\temp
2013-12-30 08:24 . 2013-12-30 08:24 -------- d-----w- c:\users\Lucka\AppData\Local\temp
2013-12-30 08:24 . 2013-12-30 08:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-29 17:42 . 2013-12-29 17:42 -------- d-----w- C:\rsit
2013-12-29 17:42 . 2013-12-29 17:42 -------- d-----w- c:\program files\trend micro
2013-12-29 17:25 . 2013-12-29 17:25 -------- d-----w- c:\users\Libor\AppData\Roaming\CD-LabelPrint
2013-12-29 17:24 . 2013-12-29 17:24 -------- d-----w- c:\users\Libor\AppData\Local\Canon Easy-PhotoPrint EX
2013-12-29 17:19 . 2010-03-18 18:25 307200 ----a-w- c:\windows\SysWow64\CNC6100L.dll
2013-12-29 17:19 . 2010-03-18 16:11 106496 ----a-w- c:\windows\SysWow64\CNC6100U.dll
2013-12-29 17:19 . 2008-08-25 17:02 15872 ----a-w- c:\windows\SysWow64\CNHMCA.dll
2013-12-29 17:18 . 2013-12-29 17:18 -------- d--h--w- c:\programdata\CanonBJ
2013-12-29 17:18 . 2012-03-14 04:00 385024 ----a-w- c:\windows\system32\CNMLMAG.DLL
2013-12-29 17:09 . 2010-05-06 04:00 361472 ----a-w- c:\windows\system32\CNMXLMAG.DLL
2013-12-29 17:05 . 2013-12-29 17:05 -------- d-----w- c:\program files\Canon
2013-12-29 16:46 . 2013-12-29 16:46 -------- d-----w- c:\programdata\CanonIJ
2013-12-29 16:39 . 2013-12-29 16:39 -------- d-----w- c:\programdata\Canon IJ Network Tool
2013-12-29 16:30 . 2013-12-29 16:30 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2013-12-29 16:29 . 2010-03-11 07:57 248320 ----a-w- c:\windows\system32\CNMIUAG.DLL
2013-12-28 22:13 . 2013-12-28 22:13 -------- d-----w- c:\windows\ERUNT
2013-12-28 22:06 . 2013-12-28 22:07 -------- d-----w- C:\AdwCleaner
2013-12-28 21:52 . 2013-12-28 21:52 -------- d-----w- c:\users\Mamka\AppData\Roaming\PC Suite
2013-12-28 21:50 . 2013-12-28 21:50 -------- d-----w- c:\users\Lucka\AppData\Roaming\PC Suite
2013-12-28 21:01 . 2013-12-28 21:01 -------- d-----w- c:\users\Klárka\AppData\Roaming\PC Suite
2013-12-28 17:16 . 2013-12-28 20:25 -------- d-----w- C:\FRST
2013-12-28 12:08 . 2012-06-22 10:01 22704 ----a-w- c:\windows\system32\drivers\EsgScanner.sys
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconF7A21AF7.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconD7F16134.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\Icon1226A4C5.exe
2013-12-28 12:08 . 2013-12-28 12:08 -------- d-----w- C:\sh4ldr
2013-12-28 12:08 . 2013-12-28 12:08 -------- d-----w- c:\program files\Enigma Software Group
2013-12-28 10:55 . 2013-12-28 10:55 -------- d-----w- c:\users\Klárka\AppData\Roaming\WinRAR
2013-12-23 18:11 . 2013-12-23 18:11 -------- d-----w- c:\program files (x86)\WebexpEnhancedV1
2013-12-21 19:30 . 2013-12-21 19:30 -------- d-----w- c:\program files (x86)\Microsoft WSE
2013-12-21 19:30 . 2006-09-28 15:05 3977496 ----a-w- c:\windows\system32\d3dx9_31.dll
2013-12-21 19:30 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll
2013-12-21 19:11 . 2013-12-21 19:11 -------- d-----w- c:\program files (x86)\Electronic Arts
2013-12-17 10:36 . 2013-12-17 10:36 -------- d-----w- c:\users\Libor\AppData\Roaming\Nokia Suite
2013-12-17 10:16 . 2013-12-17 10:18 -------- d-----w- c:\users\Libor\AppData\Local\Nokia
2013-12-17 10:16 . 2013-12-17 10:16 -------- d-----w- c:\programdata\Nokia
2013-12-17 10:16 . 2013-12-17 10:16 -------- d-----w- c:\program files (x86)\Common Files\Nokia
2013-12-17 10:15 . 2012-10-17 13:53 26112 ----a-w- c:\windows\system32\drivers\pccsmcfdx64.sys
2013-12-17 10:15 . 2013-12-17 10:15 -------- d-----w- c:\program files (x86)\PC Connectivity Solution
2013-12-17 10:14 . 2013-12-17 10:16 -------- d-----w- c:\program files (x86)\Nokia
2013-12-17 08:00 . 2013-12-17 12:51 -------- d-----w- c:\users\Libor\AppData\Roaming\Nokia
2013-12-17 08:00 . 2013-12-17 08:24 -------- d-----w- c:\users\Libor\AppData\Roaming\PC Suite
2013-12-17 08:00 . 2013-12-17 08:23 -------- d-----w- c:\programdata\PC Suite
2013-12-17 07:58 . 2013-12-17 07:58 -------- d-----w- c:\program files\DIFX
2013-12-17 07:57 . 2013-01-23 09:31 57856 ----a-w- c:\windows\system32\nmwcdclsX64.dll
2013-12-17 07:55 . 2013-12-17 07:55 -------- d-----w- c:\programdata\Installations
2013-12-16 14:22 . 2013-12-16 14:22 -------- d-----w- c:\users\Libor\AppData\Local\Apple
2013-12-16 14:21 . 2013-12-16 14:21 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-16 14:21 . 2013-12-16 14:21 -------- d-----w- c:\users\Libor\AppData\Local\Apple Computer
2013-12-16 13:52 . 2013-12-16 13:53 -------- d-----w- c:\users\Lucka\AppData\Local\Google
2013-12-16 13:50 . 2013-12-16 13:50 -------- d-----w- c:\users\Lucka\AppData\Roaming\dvdcss
2013-12-16 13:38 . 2013-12-16 13:38 -------- d-----w- c:\users\Klárka\AppData\Roaming\dvdcss
2013-12-16 13:32 . 2013-12-16 13:33 -------- d-----w- c:\users\Libor\AppData\Roaming\vlc
2013-12-14 08:02 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-14 08:02 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-14 08:02 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-14 08:02 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-14 08:02 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-14 08:01 . 2013-11-27 00:20 235216 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll
2013-12-14 08:01 . 2013-11-26 10:19 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-12-14 08:01 . 2013-11-26 09:23 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-12-14 08:01 . 2013-11-27 00:52 293072 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2013-12-14 08:01 . 2013-11-26 10:18 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-12-14 08:01 . 2013-11-26 08:34 482816 ----a-w- c:\program files\Internet Explorer\ieinstal.exe
2013-12-14 08:01 . 2013-11-26 07:55 469504 ----a-w- c:\program files (x86)\Internet Explorer\ieinstal.exe
2013-12-14 08:01 . 2013-11-26 06:48 353280 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2013-12-14 08:01 . 2013-11-26 06:41 251392 ----a-w- c:\program files (x86)\Internet Explorer\IEShims.dll
2013-12-14 08:01 . 2013-11-26 06:22 270848 ----a-w- c:\program files (x86)\Internet Explorer\ieproxy.dll
2013-12-12 08:58 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-12-12 08:58 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-09 09:48 . 2013-12-09 09:48 -------- d-----w- c:\users\Libor\AppData\Local\Diagnostics
2013-12-05 11:07 . 2013-12-05 11:07 -------- d-----w- c:\windows\Migration
2013-12-05 11:03 . 2013-12-05 11:03 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-05 11:03 . 2013-12-05 11:03 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-05 11:03 . 2013-12-05 11:03 806096 ----a-w- c:\program files (x86)\Internet Explorer\iexplore.exe
2013-12-05 11:03 . 2013-12-05 11:03 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-05 11:03 . 2013-12-05 11:03 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-05 11:03 . 2013-12-05 11:03 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-05 11:03 . 2013-12-05 11:03 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-05 10:55 . 2013-09-08 02:30 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-12-05 10:54 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2013-12-03 16:14 . 2013-12-16 13:58 -------- d-----w- c:\users\Mamka\AppData\Roaming\vlc
2013-12-03 16:12 . 2013-12-16 13:51 -------- d-----w- c:\users\Lucka\AppData\Roaming\vlc
2013-12-03 16:11 . 2013-12-03 16:11 -------- d-----w- c:\users\Lucka\AppData\Local\VirtualStore
2013-12-03 16:09 . 2013-12-16 13:42 -------- d-----w- c:\users\Klárka\AppData\Roaming\vlc
2013-12-03 13:50 . 2013-12-15 07:41 -------- d-----w- c:\users\Libor\AppData\Roaming\dvdcss
2013-12-03 13:01 . 2013-12-16 13:26 -------- d-----w- c:\program files (x86)\VideoLAN
2013-12-03 12:59 . 2013-12-03 12:59 79 ----a-w- c:\windows\SysWow64\ssinstall-uninstall.bat
2013-12-03 12:59 . 2013-12-03 12:59 2324216 ----a-w- c:\windows\SysWow64\ssins.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconF7A21AF7.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconF7A21AF7.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconD7F16134.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconD7F16134.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\Icon1226A4C5.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\Icon1226A4C5.exe
2013-12-15 19:10 . 2013-07-04 12:17 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-12 09:18 . 2013-07-03 07:05 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-12 09:18 . 2013-07-03 07:05 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-05 11:02 . 2013-12-05 11:02 208384 ----a-w- c:\windows\SysWow64\webcheck.dll
2013-12-05 11:02 . 2013-12-05 11:02 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-25 00:48 . 2013-11-25 00:48 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2013-10-23 00:05 . 2013-10-23 00:05 45880 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
2013-10-21 20:44 . 2013-10-21 20:44 53248 ----a-r- c:\users\Libor\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-10-21 20:43 . 2013-07-04 06:03 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-10-14 17:00 . 2013-07-04 14:42 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-10-12 02:30 . 2013-11-17 12:33 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-17 12:33 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-17 12:33 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-17 12:33 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-17 12:33 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-10-08 05:50 . 2013-10-21 20:08 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-05 20:25 . 2013-11-17 12:33 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 19:57 . 2013-11-17 12:33 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-10-03 02:23 . 2013-11-17 12:33 404480 ----a-w- c:\windows\system32\gdi32.dll
2013-10-03 02:00 . 2013-11-17 12:33 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{04724dd3-3640-40ad-86de-591e4929b256}]
2013-12-19 17:36 87552 ----a-w- c:\program files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ie\WebexpEnhancedV1alpha280.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-23 2454840]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-11-20 4411952]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-03-24 599328]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-04 423936]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2010-08-24 206240]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Monitor.lnk - c:\program files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe [2013-7-3 91464]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys;c:\windows\SYSNATIVE\DRIVERS\EsgScanner.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE;c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [x]
S2 ssinstall;SInstalátor;c:\windows\SysWOW64\ssins.exe;c:\windows\SysWOW64\ssins.exe [x]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 10:37 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-03 09:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"HSON"="c:\program files (x86)\TOSHIBA\TBS\HSON.exe" [BU]
"SmoothView"="c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe" [BU]
"00TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-22 10134560]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-03-22 896032]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2011-02-10 1546720]
"TosWaitSrv"="c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe" [BU]
"TosReelTimeMonitor"="c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2013-02-21 2991856]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-24 2726728]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/?clid=2
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-ssinstall - c:\windows\system32\ssinstall-uninstall.bat
AddRemove-{2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_231F3FD17DB59CFD.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
.
**************************************************************************
.
Celkový čas: 2013-12-30 14:37:04 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-12-30 13:37
ComboFix2.txt 2013-12-29 18:51
.
Před spuštěním: Volných bajtů: 383 124 418 560
Po spuštění: Volných bajtů: 382 590 545 920
.
- - End Of File - - 909EFE78875CF0806F23F7133941AF6E
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3955.2342 [GMT 1:00]
Spuštěný z: c:\users\Libor\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Libor\Desktop\CFScript.txt
AV: AVG AntiVirus Business Edition *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Business Edition *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Toshiba
c:\users\Libor\AppData\Roaming\TOSHIBA
c:\users\Libor\AppData\Roaming\TOSHIBA\ReelTime\Backup\ReelTimeMonitorData.dat
c:\users\Libor\AppData\Roaming\TOSHIBA\ReelTime\ReelTimeMonitorData.dat
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Skype C2C Service
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-28 do 2013-12-30 )))))))))))))))))))))))))))))))
.
.
2013-12-30 13:26 . 2013-12-30 13:26 -------- d-----w- c:\programdata\Toshiba
2013-12-30 08:26 . 2013-12-30 08:26 -------- d-----w- c:\users\Libor\AppData\Roaming\TOSHIBA
2013-12-30 08:24 . 2013-12-30 08:26 -------- d-----w- c:\users\Klárka\AppData\Local\temp
2013-12-30 08:24 . 2013-12-30 08:24 -------- d-----w- c:\users\Mamka\AppData\Local\temp
2013-12-30 08:24 . 2013-12-30 08:24 -------- d-----w- c:\users\Lucka\AppData\Local\temp
2013-12-30 08:24 . 2013-12-30 08:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-29 17:42 . 2013-12-29 17:42 -------- d-----w- C:\rsit
2013-12-29 17:42 . 2013-12-29 17:42 -------- d-----w- c:\program files\trend micro
2013-12-29 17:25 . 2013-12-29 17:25 -------- d-----w- c:\users\Libor\AppData\Roaming\CD-LabelPrint
2013-12-29 17:24 . 2013-12-29 17:24 -------- d-----w- c:\users\Libor\AppData\Local\Canon Easy-PhotoPrint EX
2013-12-29 17:19 . 2010-03-18 18:25 307200 ----a-w- c:\windows\SysWow64\CNC6100L.dll
2013-12-29 17:19 . 2010-03-18 16:11 106496 ----a-w- c:\windows\SysWow64\CNC6100U.dll
2013-12-29 17:19 . 2008-08-25 17:02 15872 ----a-w- c:\windows\SysWow64\CNHMCA.dll
2013-12-29 17:18 . 2013-12-29 17:18 -------- d--h--w- c:\programdata\CanonBJ
2013-12-29 17:18 . 2012-03-14 04:00 385024 ----a-w- c:\windows\system32\CNMLMAG.DLL
2013-12-29 17:09 . 2010-05-06 04:00 361472 ----a-w- c:\windows\system32\CNMXLMAG.DLL
2013-12-29 17:05 . 2013-12-29 17:05 -------- d-----w- c:\program files\Canon
2013-12-29 16:46 . 2013-12-29 16:46 -------- d-----w- c:\programdata\CanonIJ
2013-12-29 16:39 . 2013-12-29 16:39 -------- d-----w- c:\programdata\Canon IJ Network Tool
2013-12-29 16:30 . 2013-12-29 16:30 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2013-12-29 16:29 . 2010-03-11 07:57 248320 ----a-w- c:\windows\system32\CNMIUAG.DLL
2013-12-28 22:13 . 2013-12-28 22:13 -------- d-----w- c:\windows\ERUNT
2013-12-28 22:06 . 2013-12-28 22:07 -------- d-----w- C:\AdwCleaner
2013-12-28 21:52 . 2013-12-28 21:52 -------- d-----w- c:\users\Mamka\AppData\Roaming\PC Suite
2013-12-28 21:50 . 2013-12-28 21:50 -------- d-----w- c:\users\Lucka\AppData\Roaming\PC Suite
2013-12-28 21:01 . 2013-12-28 21:01 -------- d-----w- c:\users\Klárka\AppData\Roaming\PC Suite
2013-12-28 17:16 . 2013-12-28 20:25 -------- d-----w- C:\FRST
2013-12-28 12:08 . 2012-06-22 10:01 22704 ----a-w- c:\windows\system32\drivers\EsgScanner.sys
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconF7A21AF7.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconD7F16134.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\Icon1226A4C5.exe
2013-12-28 12:08 . 2013-12-28 12:08 -------- d-----w- C:\sh4ldr
2013-12-28 12:08 . 2013-12-28 12:08 -------- d-----w- c:\program files\Enigma Software Group
2013-12-28 10:55 . 2013-12-28 10:55 -------- d-----w- c:\users\Klárka\AppData\Roaming\WinRAR
2013-12-23 18:11 . 2013-12-23 18:11 -------- d-----w- c:\program files (x86)\WebexpEnhancedV1
2013-12-21 19:30 . 2013-12-21 19:30 -------- d-----w- c:\program files (x86)\Microsoft WSE
2013-12-21 19:30 . 2006-09-28 15:05 3977496 ----a-w- c:\windows\system32\d3dx9_31.dll
2013-12-21 19:30 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll
2013-12-21 19:11 . 2013-12-21 19:11 -------- d-----w- c:\program files (x86)\Electronic Arts
2013-12-17 10:36 . 2013-12-17 10:36 -------- d-----w- c:\users\Libor\AppData\Roaming\Nokia Suite
2013-12-17 10:16 . 2013-12-17 10:18 -------- d-----w- c:\users\Libor\AppData\Local\Nokia
2013-12-17 10:16 . 2013-12-17 10:16 -------- d-----w- c:\programdata\Nokia
2013-12-17 10:16 . 2013-12-17 10:16 -------- d-----w- c:\program files (x86)\Common Files\Nokia
2013-12-17 10:15 . 2012-10-17 13:53 26112 ----a-w- c:\windows\system32\drivers\pccsmcfdx64.sys
2013-12-17 10:15 . 2013-12-17 10:15 -------- d-----w- c:\program files (x86)\PC Connectivity Solution
2013-12-17 10:14 . 2013-12-17 10:16 -------- d-----w- c:\program files (x86)\Nokia
2013-12-17 08:00 . 2013-12-17 12:51 -------- d-----w- c:\users\Libor\AppData\Roaming\Nokia
2013-12-17 08:00 . 2013-12-17 08:24 -------- d-----w- c:\users\Libor\AppData\Roaming\PC Suite
2013-12-17 08:00 . 2013-12-17 08:23 -------- d-----w- c:\programdata\PC Suite
2013-12-17 07:58 . 2013-12-17 07:58 -------- d-----w- c:\program files\DIFX
2013-12-17 07:57 . 2013-01-23 09:31 57856 ----a-w- c:\windows\system32\nmwcdclsX64.dll
2013-12-17 07:55 . 2013-12-17 07:55 -------- d-----w- c:\programdata\Installations
2013-12-16 14:22 . 2013-12-16 14:22 -------- d-----w- c:\users\Libor\AppData\Local\Apple
2013-12-16 14:21 . 2013-12-16 14:21 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-16 14:21 . 2013-12-16 14:21 -------- d-----w- c:\users\Libor\AppData\Local\Apple Computer
2013-12-16 13:52 . 2013-12-16 13:53 -------- d-----w- c:\users\Lucka\AppData\Local\Google
2013-12-16 13:50 . 2013-12-16 13:50 -------- d-----w- c:\users\Lucka\AppData\Roaming\dvdcss
2013-12-16 13:38 . 2013-12-16 13:38 -------- d-----w- c:\users\Klárka\AppData\Roaming\dvdcss
2013-12-16 13:32 . 2013-12-16 13:33 -------- d-----w- c:\users\Libor\AppData\Roaming\vlc
2013-12-14 08:02 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-14 08:02 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-14 08:02 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-14 08:02 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-14 08:02 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-14 08:01 . 2013-11-27 00:20 235216 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll
2013-12-14 08:01 . 2013-11-26 10:19 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-12-14 08:01 . 2013-11-26 09:23 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-12-14 08:01 . 2013-11-27 00:52 293072 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2013-12-14 08:01 . 2013-11-26 10:18 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-12-14 08:01 . 2013-11-26 08:34 482816 ----a-w- c:\program files\Internet Explorer\ieinstal.exe
2013-12-14 08:01 . 2013-11-26 07:55 469504 ----a-w- c:\program files (x86)\Internet Explorer\ieinstal.exe
2013-12-14 08:01 . 2013-11-26 06:48 353280 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2013-12-14 08:01 . 2013-11-26 06:41 251392 ----a-w- c:\program files (x86)\Internet Explorer\IEShims.dll
2013-12-14 08:01 . 2013-11-26 06:22 270848 ----a-w- c:\program files (x86)\Internet Explorer\ieproxy.dll
2013-12-12 08:58 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-12-12 08:58 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-09 09:48 . 2013-12-09 09:48 -------- d-----w- c:\users\Libor\AppData\Local\Diagnostics
2013-12-05 11:07 . 2013-12-05 11:07 -------- d-----w- c:\windows\Migration
2013-12-05 11:03 . 2013-12-05 11:03 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-05 11:03 . 2013-12-05 11:03 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-05 11:03 . 2013-12-05 11:03 806096 ----a-w- c:\program files (x86)\Internet Explorer\iexplore.exe
2013-12-05 11:03 . 2013-12-05 11:03 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-05 11:03 . 2013-12-05 11:03 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-05 11:03 . 2013-12-05 11:03 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-05 11:03 . 2013-12-05 11:03 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-05 10:55 . 2013-09-08 02:30 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-12-05 10:54 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2013-12-03 16:14 . 2013-12-16 13:58 -------- d-----w- c:\users\Mamka\AppData\Roaming\vlc
2013-12-03 16:12 . 2013-12-16 13:51 -------- d-----w- c:\users\Lucka\AppData\Roaming\vlc
2013-12-03 16:11 . 2013-12-03 16:11 -------- d-----w- c:\users\Lucka\AppData\Local\VirtualStore
2013-12-03 16:09 . 2013-12-16 13:42 -------- d-----w- c:\users\Klárka\AppData\Roaming\vlc
2013-12-03 13:50 . 2013-12-15 07:41 -------- d-----w- c:\users\Libor\AppData\Roaming\dvdcss
2013-12-03 13:01 . 2013-12-16 13:26 -------- d-----w- c:\program files (x86)\VideoLAN
2013-12-03 12:59 . 2013-12-03 12:59 79 ----a-w- c:\windows\SysWow64\ssinstall-uninstall.bat
2013-12-03 12:59 . 2013-12-03 12:59 2324216 ----a-w- c:\windows\SysWow64\ssins.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconF7A21AF7.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconF7A21AF7.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconD7F16134.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconD7F16134.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\Icon1226A4C5.exe
2013-12-28 12:08 . 2013-12-28 12:08 110080 ----a-r- c:\users\Klárka\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\Icon1226A4C5.exe
2013-12-15 19:10 . 2013-07-04 12:17 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-12 09:18 . 2013-07-03 07:05 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-12 09:18 . 2013-07-03 07:05 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-05 11:02 . 2013-12-05 11:02 208384 ----a-w- c:\windows\SysWow64\webcheck.dll
2013-12-05 11:02 . 2013-12-05 11:02 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-25 00:48 . 2013-11-25 00:48 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2013-10-23 00:05 . 2013-10-23 00:05 45880 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
2013-10-21 20:44 . 2013-10-21 20:44 53248 ----a-r- c:\users\Libor\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-10-21 20:43 . 2013-07-04 06:03 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-10-14 17:00 . 2013-07-04 14:42 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-10-12 02:30 . 2013-11-17 12:33 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-17 12:33 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-17 12:33 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-17 12:33 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-17 12:33 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-10-08 05:50 . 2013-10-21 20:08 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-05 20:25 . 2013-11-17 12:33 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 19:57 . 2013-11-17 12:33 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-10-03 02:23 . 2013-11-17 12:33 404480 ----a-w- c:\windows\system32\gdi32.dll
2013-10-03 02:00 . 2013-11-17 12:33 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{04724dd3-3640-40ad-86de-591e4929b256}]
2013-12-19 17:36 87552 ----a-w- c:\program files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ie\WebexpEnhancedV1alpha280.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-23 2454840]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-11-20 4411952]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-03-24 599328]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-04 423936]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2010-08-24 206240]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Monitor.lnk - c:\program files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe [2013-7-3 91464]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys;c:\windows\SYSNATIVE\DRIVERS\EsgScanner.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE;c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [x]
S2 ssinstall;SInstalátor;c:\windows\SysWOW64\ssins.exe;c:\windows\SysWOW64\ssins.exe [x]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 10:37 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-03 09:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"HSON"="c:\program files (x86)\TOSHIBA\TBS\HSON.exe" [BU]
"SmoothView"="c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe" [BU]
"00TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-22 10134560]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-03-22 896032]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2011-02-10 1546720]
"TosWaitSrv"="c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe" [BU]
"TosReelTimeMonitor"="c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2013-02-21 2991856]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-24 2726728]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/?clid=2
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-ssinstall - c:\windows\system32\ssinstall-uninstall.bat
AddRemove-{2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_231F3FD17DB59CFD.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
.
**************************************************************************
.
Celkový čas: 2013-12-30 14:37:04 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-12-30 13:37
ComboFix2.txt 2013-12-29 18:51
.
Před spuštěním: Volných bajtů: 383 124 418 560
Po spuštění: Volných bajtů: 382 590 545 920
.
- - End Of File - - 909EFE78875CF0806F23F7133941AF6E
Re: Adware Generic5.AKJO
Stejne potize (ale pouze v IE uzivatele Klarka) Ostatní aplikace funguji bez problemu zatím zda se u všech uživatelských uctu. PC se velmi zrychlilo. Pokusim se byt konkretnejsi, třeba Vas lepe navedu.
Nyní jsem prihlasen na profilu Klara. V jejím IE nejdou psat hacky a krouzek nad písmenem "u", pokud jej pouziji, vykonají jiny prikaz. Kurzor mysi na obrazovce je neviditelny, pouze pri pohybu problikava.
Při spusteni IE vybehne tato silenost. Sakra jde to i blbe kopirovat: http://start.qone8.com/?type=sc&ts=1382 ... X52VEP0JOT
Teprve po zadani prikazu domu, nabehne spravna domovska stranka. Na ni opravdu něco delat je des. Vyskakuji reklamy pri klepnuti na nejaky odkaz se mnohdy otevre soucasne i nova záložka s nechtěnou adresou webu. Jako priklad posilam v příloze prt scr obrazovky
Vypada ze je napaden pouze IE uzivatele Klarka
Nyní jsem prihlasen na profilu Klara. V jejím IE nejdou psat hacky a krouzek nad písmenem "u", pokud jej pouziji, vykonají jiny prikaz. Kurzor mysi na obrazovce je neviditelny, pouze pri pohybu problikava.
Při spusteni IE vybehne tato silenost. Sakra jde to i blbe kopirovat: http://start.qone8.com/?type=sc&ts=1382 ... X52VEP0JOT
Teprve po zadani prikazu domu, nabehne spravna domovska stranka. Na ni opravdu něco delat je des. Vyskakuji reklamy pri klepnuti na nejaky odkaz se mnohdy otevre soucasne i nova záložka s nechtěnou adresou webu. Jako priklad posilam v příloze prt scr obrazovky
Vypada ze je napaden pouze IE uzivatele Klarka
- Přílohy
-
- doc1.rar
- (879.14 KiB) Staženo 47 x
-
Rudy
- Site Admin
- Příspěvky: 119533
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Adware Generic5.AKJO
Spusťte v toto profilu ADWcleaner:
a Junkware removal Tool:Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Adware Generic5.AKJO
# AdwCleaner v3.016 - Report created 30/12/2013 at 21:18:22
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Klárka - TOSHIBA
# Running from : C:\Users\Klárka\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\Klárka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Klárka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Klárka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
***** [ Registry ] *****
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Handy Updater]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\AskPartnerNetwork
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
-\\ Google Chrome v31.0.1650.63
[ File : C:\Users\Klárka\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [4411 octets] - [28/12/2013 23:06:47]
AdwCleaner[R1].txt - [2246 octets] - [30/12/2013 21:17:27]
AdwCleaner[S0].txt - [4417 octets] - [28/12/2013 23:07:24]
AdwCleaner[S1].txt - [1624 octets] - [30/12/2013 21:18:22]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1684 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Kl rka on po 30.12.2013 at 21:26:35,54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AA3957CB-783C-44DF-88F1-0F77AE1D3C1D}
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 30.12.2013 at 21:35:26,02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Klárka - TOSHIBA
# Running from : C:\Users\Klárka\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\Klárka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Klárka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Klárka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
***** [ Registry ] *****
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Handy Updater]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\AskPartnerNetwork
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
-\\ Google Chrome v31.0.1650.63
[ File : C:\Users\Klárka\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [4411 octets] - [28/12/2013 23:06:47]
AdwCleaner[R1].txt - [2246 octets] - [30/12/2013 21:17:27]
AdwCleaner[S0].txt - [4417 octets] - [28/12/2013 23:07:24]
AdwCleaner[S1].txt - [1624 octets] - [30/12/2013 21:18:22]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1684 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Kl rka on po 30.12.2013 at 21:26:35,54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AA3957CB-783C-44DF-88F1-0F77AE1D3C1D}
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 30.12.2013 at 21:35:26,02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: Adware Generic5.AKJO
Super. Ted jsme se zbavili qone8, po spusteni IE nabehne na spravnou domovskou stranku. Kurzor mysi posloucha bezvadne. Bohuzel diakritika při psani v IE ma stejne potize a reklamy skacou jako dosud
-
Rudy
- Site Admin
- Příspěvky: 119533
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Adware Generic5.AKJO
Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 119533
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Adware Generic5.AKJO
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php MBAM a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Adware Generic5.AKJO
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2013.12.31.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Klárka :: TOSHIBA [administrátor]
31.12.2013 8:23:26
MBAM-log-2013-12-31 (09-50-19).txt
Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 498945
Uplynulý čas: 1 hodin, 24 minut, 20 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 1
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ie\WebexpEnhancedV1alpha280.dll (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
Nalezené klíče v registru: 8
HKCU\Software\LemurLeap (PUP.Optional.LemurLeap.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Webexp Enhanced (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{04724dd3-3640-40ad-86de-591e4929b256} (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{a2b29df8-4f88-4198-8224-14c97fc4175e} (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{6E490F9B-7982-402B-B4F9-AEB1568A87A1} (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{04724DD3-3640-40AD-86DE-591E4929B256} (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{04724DD3-3640-40AD-86DE-591E4929B256} (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{04724DD3-3640-40AD-86DE-591E4929B256} (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 9
C:\Program Files (x86)\WebexpEnhancedV1 (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280 (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ch (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ff (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ff\chrome (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ff\chrome\content (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ff\chrome\content\icons (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ff\chrome\content\icons\default (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ie (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 15
C:\AdwCleaner\Quarantine\C\Users\Klárka\AppData\Local\SwvUpdater\Updater.exe.vir (PUP.Optional.Amonetize) -> Nebyla provedena žádná instrukce.
C:\FRST\Quarantine\KMP_3.7.0.113.exe (PUP.Optional.Softonic.A) -> Nebyla provedena žádná instrukce.
C:\FRST\Quarantine\listicka-partner-12902-1.1.13-offline.exe (PUP.Optional.Seznam) -> Nebyla provedena žádná instrukce.
C:\Users\Klárka\Downloads\GotClip_Setup (1).exe (PUP.Optional.HandyUpdater.A) -> Nebyla provedena žádná instrukce.
C:\Users\Klárka\Downloads\iLividSetup(1).exe.part (PUP.Optional.Bandoo) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\uninstall.exe (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ch\WebexpEnhancedV1alpha280.crx (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ff\chrome.manifest (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ff\install.rdf (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ff\chrome\content\ffWebexpEnhancedV1alpha280.js (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ff\chrome\content\ffWebexpEnhancedV1alpha280ffaction.js (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ff\chrome\content\overlay.xul (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ff\chrome\content\icons\Thumbs.db (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ff\chrome\content\icons\default\WebexpEnhancedV1alpha280_32.png (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ie\WebexpEnhancedV1alpha280.dll (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
(konec)
www.malwarebytes.org
Verze: v2013.12.31.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Klárka :: TOSHIBA [administrátor]
31.12.2013 8:23:26
MBAM-log-2013-12-31 (09-50-19).txt
Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 498945
Uplynulý čas: 1 hodin, 24 minut, 20 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 1
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ie\WebexpEnhancedV1alpha280.dll (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
Nalezené klíče v registru: 8
HKCU\Software\LemurLeap (PUP.Optional.LemurLeap.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Webexp Enhanced (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{04724dd3-3640-40ad-86de-591e4929b256} (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{a2b29df8-4f88-4198-8224-14c97fc4175e} (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{6E490F9B-7982-402B-B4F9-AEB1568A87A1} (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{04724DD3-3640-40AD-86DE-591E4929B256} (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{04724DD3-3640-40AD-86DE-591E4929B256} (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{04724DD3-3640-40AD-86DE-591E4929B256} (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 9
C:\Program Files (x86)\WebexpEnhancedV1 (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280 (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ch (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ff (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ff\chrome (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ff\chrome\content (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ff\chrome\content\icons (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ff\chrome\content\icons\default (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ie (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 15
C:\AdwCleaner\Quarantine\C\Users\Klárka\AppData\Local\SwvUpdater\Updater.exe.vir (PUP.Optional.Amonetize) -> Nebyla provedena žádná instrukce.
C:\FRST\Quarantine\KMP_3.7.0.113.exe (PUP.Optional.Softonic.A) -> Nebyla provedena žádná instrukce.
C:\FRST\Quarantine\listicka-partner-12902-1.1.13-offline.exe (PUP.Optional.Seznam) -> Nebyla provedena žádná instrukce.
C:\Users\Klárka\Downloads\GotClip_Setup (1).exe (PUP.Optional.HandyUpdater.A) -> Nebyla provedena žádná instrukce.
C:\Users\Klárka\Downloads\iLividSetup(1).exe.part (PUP.Optional.Bandoo) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\uninstall.exe (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ch\WebexpEnhancedV1alpha280.crx (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ff\chrome.manifest (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ff\install.rdf (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ff\chrome\content\ffWebexpEnhancedV1alpha280.js (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ff\chrome\content\ffWebexpEnhancedV1alpha280ffaction.js (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ff\chrome\content\overlay.xul (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ff\chrome\content\icons\Thumbs.db (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ff\chrome\content\icons\default\WebexpEnhancedV1alpha280_32.png (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha280\ie\WebexpEnhancedV1alpha280.dll (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
(konec)
-
Rudy
- Site Admin
- Příspěvky: 119533
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Adware Generic5.AKJO
Všechny nalezené položky smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Adware Generic5.AKJO
Reklamy pryc, zlobi uz jen ta diakritika v IE
-
Rudy
- Site Admin
- Příspěvky: 119533
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Adware Generic5.AKJO
Pokud je to pouze v IE, zkuste ho přeinstalovat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Adware Generic5.AKJO
Jo, funguje!! Super. Co teď s programy combofix, jrt, mbam?
Přispějete na provoz fóra?