Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola PC

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zamčeno
Zpráva
Autor
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119320
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola PC

#16 Příspěvek od Rudy »

Je to tam pořád. Dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Uživatelský avatar
JuraFilth
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 209
Registrován: 23 črc 2009 16:18
Bydliště: Havířov

Re: Kontrola PC

#17 Příspěvek od JuraFilth »

ComboFix 14-01-01.01 - Jura 02.01.2014 0:18.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.5996.4334 [GMT 1:00]
Spuštěný z: c:\users\Jura\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-01 do 2014-01-01 )))))))))))))))))))))))))))))))
.
.
2014-01-01 23:27 . 2014-01-01 23:27 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-01-01 23:27 . 2014-01-01 23:27 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-01-01 23:27 . 2014-01-01 23:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-01 18:36 . 2014-01-01 18:36 61440 ----a-w- c:\windows\SysWow64\drivers\fytlebt.sys
2014-01-01 16:31 . 2014-01-01 16:31 -------- d-----w- C:\_OTM
2013-12-31 09:52 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D30F61D0-4F45-40D0-A7DD-306EEF12B075}\mpengine.dll
2013-12-31 00:25 . 2013-12-31 00:26 -------- d-----w- C:\AdwCleaner
2013-12-29 18:30 . 2005-07-22 18:59 3807440 ----a-w- c:\windows\system32\d3dx9_27.dll
2013-12-29 18:30 . 2005-05-26 14:34 3767504 ----a-w- c:\windows\system32\d3dx9_26.dll
2013-12-29 18:30 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\SysWow64\d3dx9_26.dll
2013-12-29 18:30 . 2005-03-18 16:19 3823312 ----a-w- c:\windows\system32\d3dx9_25.dll
2013-12-29 18:30 . 2005-02-05 18:45 3544272 ----a-w- c:\windows\system32\d3dx9_24.dll
2013-12-20 13:29 . 2013-12-20 13:29 -------- d-----w- c:\users\Jura\AppData\Local\Blizzard
2013-12-20 13:23 . 2013-12-20 13:29 -------- d-----w- c:\program files (x86)\Hearthstone
2013-12-20 13:22 . 2013-12-20 13:22 -------- d-----w- c:\users\Jura\AppData\Local\Blizzard Entertainment
2013-12-20 13:22 . 2013-12-29 11:05 -------- d-----w- c:\users\Jura\AppData\Local\Battle.net
2013-12-20 13:22 . 2013-12-20 14:06 -------- d-----w- c:\users\Jura\AppData\Roaming\Battle.net
2013-12-20 13:22 . 2013-12-20 13:22 -------- d-----w- c:\program files (x86)\Battle.net
2013-12-14 15:30 . 2013-12-14 15:30 -------- d-----w- c:\users\Jura\AppData\Roaming\NVIDIA
2013-12-14 15:29 . 2013-12-14 15:29 -------- d-----w- c:\users\Jura\AppData\Roaming\ArcSoft
2013-12-14 15:28 . 2013-12-15 11:04 -------- d-----w- c:\programdata\ArcSoft
2013-12-14 15:28 . 2013-12-14 15:28 -------- d-----w- c:\users\Jura\AppData\Local\ArcSoft
2013-12-14 14:07 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-12-14 14:03 . 2013-12-14 14:03 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-14 14:03 . 2013-12-14 14:03 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-14 13:24 . 2013-12-14 13:24 -------- d-----w- c:\users\Jura\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2013-12-11 15:12 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-11 15:12 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-11 15:12 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-11 15:12 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-11 15:12 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-15 14:00 . 2012-06-05 07:13 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-11 00:55 . 2012-05-31 17:00 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 00:55 . 2011-07-20 14:06 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-19 02:33 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-12 02:30 . 2013-11-13 03:31 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-13 03:31 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-13 03:31 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-13 03:31 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-13 03:31 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-10-05 20:25 . 2013-11-13 03:32 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 19:57 . 2013-11-13 03:32 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-10-04 02:28 . 2013-11-13 03:31 190464 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-10-04 02:25 . 2013-11-13 03:31 197120 ----a-w- c:\windows\system32\credui.dll
2013-10-04 02:24 . 2013-11-13 03:31 1930752 ----a-w- c:\windows\system32\authui.dll
2013-10-04 01:58 . 2013-11-13 03:31 152576 ----a-w- c:\windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56 . 2013-11-13 03:31 168960 ----a-w- c:\windows\SysWow64\credui.dll
2013-10-04 01:56 . 2013-11-13 03:31 1796096 ----a-w- c:\windows\SysWow64\authui.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2013-01-10 3093624]
"Akamai NetSession Interface"="c:\users\Jura\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-07-01 1103440]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-01 4858456]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-5-10 1131296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
R0 qcrgzqjp;qcrgzqjp;c:\windows\system32\drivers\fytlebt.sys;c:\windows\SYSNATIVE\drivers\fytlebt.sys [x]
R2 ADExchange;ArcSoft Exchange Service;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 GamesAppIntegrationService;GamesAppIntegrationService;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x]
S2 mitsijm2013;Autodesk Moldflow Inventor Tool Suite Integration 2013 Job Manager;c:\program files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdmp.sys [x]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiSDa.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys;c:\windows\SYSNATIVE\DRIVERS\vcsvad.sys [x]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-31 00:55]
.
2014-01-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2745053825-4183210311-2120478399-1001Core.job
- c:\users\Jura\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-06 08:56]
.
2014-01-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2745053825-4183210311-2120478399-1001UA.job
- c:\users\Jura\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-06 08:56]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-01 23:33 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-21 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-21 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-21 416024]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-10 11785832]
"Power Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2011-05-10 1831528]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://packardbell.msn.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\lcgu7e6f.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2014-01-02 00:30:49
ComboFix-quarantined-files.txt 2014-01-01 23:30
ComboFix2.txt 2013-09-11 16:52
ComboFix3.txt 2013-09-10 21:20
.
Před spuštěním: Volných bajtů: 504 242 704 384
Po spuštění: Volných bajtů: 503 950 983 168
.
- - End Of File - - C902004EA240F30BBAC0F0E04380E6EF
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119320
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola PC

#18 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
KillAll::

Collect::
c:\windows\SysWow64\drivers\fytlebt.sys

File::
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2745053825-4183210311-2120478399-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2745053825-4183210311-2120478399-1001UA.job

Folder::
c:\users\Jura\AppData\Local\Akamai

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=-

Driver::
qcrgzqjp

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

Reboot::
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Uživatelský avatar
JuraFilth
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 209
Registrován: 23 črc 2009 16:18
Bydliště: Havířov

Re: Kontrola PC

#19 Příspěvek od JuraFilth »

ComboFix 14-01-01.01 - Jura 02.01.2014 21:03:13.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.5996.4385 [GMT 1:00]
Spuštěný z: c:\users\Jura\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jura\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2745053825-4183210311-2120478399-1001Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2745053825-4183210311-2120478399-1001UA.job"
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jura\AppData\Local\Akamai
c:\users\Jura\AppData\Local\Akamai\admintool.exe
c:\users\Jura\AppData\Local\Akamai\client.ini
c:\users\Jura\AppData\Local\Akamai\ControlPanel.exe
c:\users\Jura\AppData\Local\Akamai\CplTasks.xml
c:\users\Jura\AppData\Local\Akamai\euc_state.json
c:\users\Jura\AppData\Local\Akamai\extraroot.pem
c:\users\Jura\AppData\Local\Akamai\guid.ini
c:\users\Jura\AppData\Local\Akamai\installer.txt
c:\users\Jura\AppData\Local\Akamai\Languages\csy.dll
c:\users\Jura\AppData\Local\Akamai\Languages\dan.dll
c:\users\Jura\AppData\Local\Akamai\Languages\deu.dll
c:\users\Jura\AppData\Local\Akamai\Languages\esp.dll
c:\users\Jura\AppData\Local\Akamai\Languages\fin.dll
c:\users\Jura\AppData\Local\Akamai\Languages\fra.dll
c:\users\Jura\AppData\Local\Akamai\Languages\chs.dll
c:\users\Jura\AppData\Local\Akamai\Languages\cht.dll
c:\users\Jura\AppData\Local\Akamai\Languages\ita.dll
c:\users\Jura\AppData\Local\Akamai\Languages\jpn.dll
c:\users\Jura\AppData\Local\Akamai\Languages\kor.dll
c:\users\Jura\AppData\Local\Akamai\Languages\nld.dll
c:\users\Jura\AppData\Local\Akamai\Languages\nor.dll
c:\users\Jura\AppData\Local\Akamai\Languages\plk.dll
c:\users\Jura\AppData\Local\Akamai\Languages\ptb.dll
c:\users\Jura\AppData\Local\Akamai\Languages\ptg.dll
c:\users\Jura\AppData\Local\Akamai\Languages\rus.dll
c:\users\Jura\AppData\Local\Akamai\Languages\sve.dll
c:\users\Jura\AppData\Local\Akamai\Languages\trk.dll
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.131229_161403.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.131229_161752.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.131231_003014.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.131231_234915.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.140101_163847.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.140101_183704.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.140101_183948.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.140101_233526.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131226_220001.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131226_230002.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131227_000003.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131227_010003.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131227_020004.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131227_030004.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131227_051031.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131227_095938.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131227_105938.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131227_115939.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131227_125939.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131227_153336.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131227_163336.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131227_173336.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131227_183337.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131227_193338.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131227_203338.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131227_213338.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131227_223338.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131227_233339.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131228_003339.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131228_013339.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131228_023340.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131228_033341.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131228_091558.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131228_101558.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131228_111558.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131228_122121.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131228_144003.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131228_154003.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131228_164004.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131228_174004.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131228_184005.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131228_194005.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131229_002211.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131229_101301.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131229_111302.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131229_121303.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131229_131303.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131229_141303.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131229_151304.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131229_161304.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131229_161403.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131229_161757.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131229_171758.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131229_181759.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131229_191759.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131229_201800.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131229_211801.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131229_221801.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131229_231801.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131230_001802.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131230_011803.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131230_021803.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131230_031804.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131230_095903.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131230_105903.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131230_115904.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131230_125905.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131230_135905.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131230_145905.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131230_155906.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131230_165907.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131230_175907.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131230_185907.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131230_200916.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131230_210917.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131230_220917.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131230_230917.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131231_000918.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131231_003021.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131231_013022.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131231_093940.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131231_103936.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131231_113937.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131231_123937.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131231_133937.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131231_143938.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131231_195023.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131231_205023.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131231_231332.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.131231_234929.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140101_004929.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140101_014929.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140101_101138.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140101_111139.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140101_121139.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140101_131140.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140101_141140.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140101_151140.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140101_161140.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140101_163852.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140101_182826.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140101_183957.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140101_193958.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140101_203959.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140101_213959.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140101_224000.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140101_233548.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140102_003548.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140102_070840.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140102_080837.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140102_090838.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140102_100838.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140102_110838.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140102_120838.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140102_130839.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140102_140839.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140102_150840.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.140102_195834.sent
c:\users\Jura\AppData\Local\Akamai\netsession_installer.exe
c:\users\Jura\AppData\Local\Akamai\netsession_win.exe
c:\users\Jura\AppData\Local\Akamai\readme.txt
c:\users\Jura\AppData\Local\Akamai\root.pem
c:\users\Jura\AppData\Local\Akamai\rswinui.exe
c:\users\Jura\AppData\Local\Akamai\uninstall.exe
c:\users\Jura\AppData\Local\Akamai\user.dat
c:\windows\SysWow64\drivers\fytlebt.sys
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2745053825-4183210311-2120478399-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2745053825-4183210311-2120478399-1001UA.job
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_qcrgzqjp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-02 do 2014-01-02 )))))))))))))))))))))))))))))))
.
.
2014-01-02 20:12 . 2014-01-02 20:12 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-01-02 20:12 . 2014-01-02 20:12 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-01-02 20:12 . 2014-01-02 20:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-01 16:31 . 2014-01-01 16:31 -------- d-----w- C:\_OTM
2013-12-31 09:52 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D30F61D0-4F45-40D0-A7DD-306EEF12B075}\mpengine.dll
2013-12-31 00:25 . 2013-12-31 00:26 -------- d-----w- C:\AdwCleaner
2013-12-29 18:30 . 2005-07-22 18:59 3807440 ----a-w- c:\windows\system32\d3dx9_27.dll
2013-12-29 18:30 . 2005-05-26 14:34 3767504 ----a-w- c:\windows\system32\d3dx9_26.dll
2013-12-29 18:30 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\SysWow64\d3dx9_26.dll
2013-12-29 18:30 . 2005-03-18 16:19 3823312 ----a-w- c:\windows\system32\d3dx9_25.dll
2013-12-29 18:30 . 2005-02-05 18:45 3544272 ----a-w- c:\windows\system32\d3dx9_24.dll
2013-12-20 13:29 . 2013-12-20 13:29 -------- d-----w- c:\users\Jura\AppData\Local\Blizzard
2013-12-20 13:23 . 2013-12-20 13:29 -------- d-----w- c:\program files (x86)\Hearthstone
2013-12-20 13:22 . 2013-12-20 13:22 -------- d-----w- c:\users\Jura\AppData\Local\Blizzard Entertainment
2013-12-20 13:22 . 2014-01-02 14:26 -------- d-----w- c:\users\Jura\AppData\Local\Battle.net
2013-12-20 13:22 . 2013-12-20 14:06 -------- d-----w- c:\users\Jura\AppData\Roaming\Battle.net
2013-12-20 13:22 . 2013-12-20 13:22 -------- d-----w- c:\program files (x86)\Battle.net
2013-12-14 15:30 . 2013-12-14 15:30 -------- d-----w- c:\users\Jura\AppData\Roaming\NVIDIA
2013-12-14 15:29 . 2013-12-14 15:29 -------- d-----w- c:\users\Jura\AppData\Roaming\ArcSoft
2013-12-14 15:28 . 2013-12-15 11:04 -------- d-----w- c:\programdata\ArcSoft
2013-12-14 15:28 . 2013-12-14 15:28 -------- d-----w- c:\users\Jura\AppData\Local\ArcSoft
2013-12-14 14:07 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-12-14 14:03 . 2013-12-14 14:03 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-14 14:03 . 2013-12-14 14:03 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-14 13:24 . 2013-12-14 13:24 -------- d-----w- c:\users\Jura\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2013-12-11 15:12 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-11 15:12 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-11 15:12 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-11 15:12 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-11 15:12 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-15 14:00 . 2012-06-05 07:13 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-11 00:55 . 2012-05-31 17:00 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 00:55 . 2011-07-20 14:06 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-19 02:33 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-12 02:30 . 2013-11-13 03:31 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-13 03:31 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-13 03:31 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-13 03:31 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-13 03:31 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-10-05 20:25 . 2013-11-13 03:32 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 19:57 . 2013-11-13 03:32 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2013-01-10 3093624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-07-01 1103440]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-01 4858456]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-5-10 1131296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
R2 ADExchange;ArcSoft Exchange Service;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 GamesAppIntegrationService;GamesAppIntegrationService;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x]
S2 mitsijm2013;Autodesk Moldflow Inventor Tool Suite Integration 2013 Job Manager;c:\program files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdmp.sys [x]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiSDa.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys;c:\windows\SYSNATIVE\DRIVERS\vcsvad.sys [x]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-31 00:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-01 23:33 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-21 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-21 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-21 416024]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-10 11785832]
"Power Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2011-05-10 1831528]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://packardbell.msn.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\lcgu7e6f.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-Akamai - c:\users\Jura\AppData\Local\Akamai\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Launch Manager\LMworker.exe
c:\program files (x86)\Launch Manager\LMutilps32.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Celkový čas: 2014-01-02 21:22:53 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-01-02 20:22
ComboFix2.txt 2014-01-01 23:30
ComboFix3.txt 2013-09-11 16:52
ComboFix4.txt 2013-09-10 21:20
.
Před spuštěním: Volných bajtů: 503 137 103 872
Po spuštění: Volných bajtů: 502 895 063 040
.
- - End Of File - - 4F9411F2E138262BB233A0AF9ACD678A
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119320
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola PC

#20 Příspěvek od Rudy »

Je to pryč. Log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Uživatelský avatar
JuraFilth
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 209
Registrován: 23 črc 2009 16:18
Bydliště: Havířov

Re: Kontrola PC

#21 Příspěvek od JuraFilth »

Děkuji převelice :) Co to bylo jestli to není tajný ? :shock:
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119320
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola PC

#22 Příspěvek od Rudy »

1 rootkit (bránil mazání, musl jsem ho sestřelit až ComoboFixem) pár AdWarů a zbytečnosti. CF osinstalujte pomocí T-Cleaneru:
http://vyosek.tym.cz/pro_usery/T-Cleaner.exe . Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Sekce pouze pro Vzorné návštěvníky“