Re: Windows 8 spuštění složky %USERPROFILE% po spuštění
Napsal: 19 srp 2013 19:30
Log již vypadá OK. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
VIRY.CZ
Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/
Windows 8 spuštění složky %USERPROFILE% po spuštění
Stránka 2 z 2
Re: Windows 8 spuštění složky %USERPROFILE% po spuštění
Napsal: 19 srp 2013 19:42
Bohužel změna nenastala. Po každém přihlášení do systému a následně načtení plochy se otevře %USERPROFILE%. Opravdu nevím kde je chyba.
Re: Windows 8 spuštění složky %USERPROFILE% po spuštění
Napsal: 19 srp 2013 19:45
Dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware.
Re: Windows 8 spuštění složky %USERPROFILE% po spuštění
Napsal: 19 srp 2013 19:58
ComboFix 13-08-19.02 - Adam . 08. 2013 20:51:47.1.4 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.5119.3959 [GMT 2:00]
Spuštěný z: c:\users\Adam\Desktop\ComboFix.exe
AV: ESET Smart Security 6.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 6.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\.lnk
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-07-19 do 2013-08-19 )))))))))))))))))))))))))))))))
.
.
2013-08-19 18:54 . 2013-08-19 18:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-19 11:35 . 2013-08-19 17:56 -------- d-----w- c:\program files\trend micro
2013-08-18 19:29 . 2013-08-18 19:29 -------- d-s---w- c:\windows\SysWow64\Microsoft
2013-08-18 19:06 . 2013-05-09 08:58 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-08-18 19:05 . 2013-08-18 20:48 -------- d-----w- c:\programdata\AVAST Software
2013-08-18 18:19 . 2013-08-18 18:18 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-08-18 18:18 . 2013-08-18 18:18 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-08-18 09:26 . 2013-08-18 08:36 2601752 ----a-w- c:\windows\SysWow64\pbsvc_moh.exe
2013-08-18 09:25 . 2013-08-18 09:25 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2013-08-17 15:54 . 2013-08-18 18:18 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-08-17 12:42 . 2013-08-17 12:42 -------- d-----w- c:\programdata\EA Core
2013-08-17 12:42 . 2013-08-17 15:54 -------- d-----w- c:\programdata\EA Logs
2013-08-17 12:42 . 2013-08-17 12:42 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2013-08-17 12:42 . 2013-08-18 09:53 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-08-17 12:20 . 2013-08-17 12:20 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins
2013-08-16 19:17 . 2013-08-16 19:17 -------- d-----w- c:\program files (x86)\Origin Games
2013-08-16 19:14 . 2013-08-16 19:22 -------- d-----w- c:\programdata\Origin
2013-08-16 19:14 . 2013-08-16 19:14 -------- d-----w- c:\programdata\Electronic Arts
2013-08-16 19:14 . 2013-08-18 18:10 -------- d-----w- c:\program files (x86)\Origin
2013-08-15 17:09 . 2013-08-19 11:58 -------- d-----w- c:\program files (x86)\TunnelBear
2013-08-14 10:42 . 2013-08-14 10:42 -------- d-----w- c:\programdata\Binarysense
2013-08-14 10:42 . 2013-08-14 10:42 -------- d-----w- c:\programdata\Licenses
2013-08-14 09:18 . 2013-08-14 09:28 -------- d-----w- c:\programdata\WinTuning
2013-08-13 20:19 . 2012-10-22 19:18 1361408 ----a-w- c:\windows\system32\Windows.UI.Immersive.dll
2013-08-13 20:19 . 2012-10-22 19:18 103424 ----a-w- c:\windows\system32\SLCHook.dll
2013-08-13 20:19 . 2012-10-03 05:36 15872 ----a-w- c:\windows\system32\slwga.dll
2013-08-13 20:19 . 2012-09-20 07:07 133287 ----a-w- c:\windows\SysWow64\slmgr.vbs
2013-08-13 20:19 . 2012-09-20 07:07 133287 ----a-w- c:\windows\system32\slmgr.vbs
2013-08-13 20:19 . 2012-07-26 22:37 415232 ----a-w- c:\windows\system32\GenuineCenter.dll
2013-08-13 20:00 . 2012-11-20 05:24 1164800 ----a-w- c:\windows\SysWow64\Display.dll
2013-08-13 20:00 . 2012-11-20 05:02 6656 ----a-w- c:\windows\SysWow64\KBDKURD.DLL
2013-08-13 20:00 . 2012-11-20 04:59 7168 ----a-w- c:\windows\system32\KBDKURD.DLL
2013-08-13 20:00 . 2012-11-20 05:17 1184256 ----a-w- c:\windows\system32\Display.dll
2013-08-13 19:57 . 2013-08-13 19:57 -------- d-----w- c:\program files (x86)\Xfire
2013-08-13 19:06 . 2012-09-20 09:10 2367528 ----a-w- c:\windows\system32\WSService.dll
2013-08-13 19:05 . 2012-10-11 07:23 441576 ----a-w- c:\windows\system32\drivers\netio.sys
2013-08-13 19:03 . 2012-09-27 06:35 74240 ----a-w- c:\windows\SysWow64\newdev.exe
2013-08-13 19:03 . 2012-09-27 06:35 73728 ----a-w- c:\windows\SysWow64\ndadmin.exe
2013-08-13 19:03 . 2012-09-27 06:34 275968 ----a-w- c:\windows\SysWow64\newdev.dll
2013-08-13 19:03 . 2012-09-27 07:17 76288 ----a-w- c:\windows\system32\newdev.exe
2013-08-13 19:03 . 2012-09-27 07:17 75264 ----a-w- c:\windows\system32\ndadmin.exe
2013-08-13 19:03 . 2012-09-27 07:15 301568 ----a-w- c:\windows\system32\newdev.dll
2013-08-13 19:03 . 2012-10-02 07:34 68608 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-08-13 19:03 . 2013-05-23 22:25 694272 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-08-13 19:03 . 2013-05-23 23:02 1314816 ----a-w- c:\windows\system32\rpcrt4.dll
2013-08-13 19:03 . 2012-10-12 05:39 82944 ----a-w- c:\windows\SysWow64\dskquota.dll
2013-08-13 19:03 . 2012-10-12 06:13 109568 ----a-w- c:\windows\system32\dskquota.dll
2013-08-13 19:02 . 2012-10-24 04:54 396008 ----a-w- c:\windows\system32\hal.dll
2013-08-13 19:02 . 2012-10-17 03:57 929792 ----a-w- c:\windows\SysWow64\mfnetsrc.dll
2013-08-13 19:02 . 2012-10-17 03:57 568832 ----a-w- c:\windows\SysWow64\mfnetcore.dll
2013-08-13 19:02 . 2012-10-17 03:57 513024 ----a-w- c:\windows\SysWow64\mfmpeg2srcsnk.dll
2013-08-13 19:02 . 2012-10-17 04:32 1172992 ----a-w- c:\windows\system32\mfnetsrc.dll
2013-08-13 19:02 . 2012-10-17 04:32 677888 ----a-w- c:\windows\system32\mfnetcore.dll
2013-08-13 19:02 . 2012-10-17 04:32 673280 ----a-w- c:\windows\system32\mfmpeg2srcsnk.dll
2013-08-13 19:02 . 2013-07-09 06:07 2233168 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-13 19:01 . 2012-11-27 04:20 798208 ----a-w- c:\windows\SysWow64\WebcamUi.dll
2013-08-13 19:01 . 2012-11-27 04:20 560128 ----a-w- c:\windows\SysWow64\UserLanguagesCpl.dll
2013-08-13 19:01 . 2012-11-27 04:20 46592 ----a-w- c:\windows\SysWow64\vds_ps.dll
2013-08-13 19:01 . 2012-11-27 04:20 1048064 ----a-w- c:\windows\SysWow64\mstsc.exe
2013-08-13 19:01 . 2012-11-27 04:20 179200 ----a-w- c:\windows\SysWow64\wpnapps.dll
2013-08-13 19:01 . 2012-11-27 04:20 1217536 ----a-w- c:\windows\SysWow64\storagewmi.dll
2013-08-13 19:01 . 2012-11-27 04:20 702464 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-08-13 19:01 . 2012-11-27 04:19 245248 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-08-13 19:01 . 2012-11-27 04:49 1027152 ----a-w- c:\windows\SysWow64\Taskmgr.exe
2013-08-13 18:59 . 2013-06-16 22:41 997632 ----a-w- c:\windows\system32\drivers\ndis.sys
2013-08-13 18:17 . 2013-08-13 18:18 -------- d-----w- c:\windows\system32\MRT
2013-08-13 18:04 . 2012-11-08 04:25 523776 ----a-w- c:\windows\SysWow64\WSShared.dll
2013-08-13 18:04 . 2012-11-08 04:25 143872 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.dll
2013-08-13 18:04 . 2012-11-08 04:25 124928 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-13 18:04 . 2012-11-08 04:22 641536 ----a-w- c:\windows\system32\WSShared.dll
2013-08-13 18:04 . 2012-11-08 04:22 198656 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.dll
2013-08-13 18:04 . 2012-11-08 04:22 163840 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-13 17:54 . 2013-08-13 17:54 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-08-13 17:54 . 2013-08-13 17:54 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-08-13 17:54 . 2013-08-13 17:54 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-08-13 17:54 . 2013-08-13 17:54 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-13 17:54 . 2013-08-13 17:54 -------- d-----w- c:\program files (x86)\Java
2013-08-13 17:47 . 2013-06-27 22:04 78200 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-13 17:47 . 2013-06-27 22:04 693112 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-13 17:45 . 2013-08-13 17:48 -------- d-----r- c:\windows\BrowserChoice
2013-08-13 17:40 . 2013-08-13 17:40 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2013-08-13 16:34 . 2013-08-13 16:34 19187712 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-08-13 16:34 . 2013-08-13 16:34 18523648 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-08-13 16:27 . 2013-08-13 16:27 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-08-13 16:26 . 2013-08-18 18:26 -------- d-----w- c:\program files (x86)\IObit
2013-08-13 16:21 . 2013-08-13 16:26 -------- d-----w- c:\program files (x86)\Common Files\Steam
2013-08-13 16:21 . 2013-08-18 09:50 -------- d-----w- c:\program files (x86)\Steam
2013-08-13 16:03 . 2013-08-13 16:03 11776 ----a-w- c:\windows\skipmetrosuite.exe
2013-08-13 15:52 . 2013-08-13 15:52 -------- d-----w- c:\program files (x86)\DsNET Corp
2013-08-13 15:47 . 2013-08-13 15:47 -------- d-----w- c:\program files (x86)\The KMPlayer
2013-08-13 15:36 . 2008-07-31 08:41 68616 ----a-w- c:\windows\SysWow64\XAPOFX1_1.dll
2013-08-13 15:36 . 2008-07-31 08:40 509448 ----a-w- c:\windows\SysWow64\XAudio2_2.dll
2013-08-13 15:36 . 2008-07-12 06:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2013-08-13 15:36 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2013-08-13 15:36 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2013-08-13 15:36 . 2013-08-13 15:36 -------- d-sh--w- c:\windows\SysWow64\AI_RecycleBin
2013-08-13 15:36 . 2013-08-13 17:26 -------- d-----w- c:\program files (x86)\League of Legends
2013-08-13 15:27 . 2013-08-13 15:28 -------- d-----w- c:\program files\TeamSpeak 3 Client
2013-08-13 15:27 . 2013-08-15 17:13 -------- d-----w- c:\programdata\Xfire
2013-08-13 15:25 . 2013-08-13 15:25 410984 ----a-w- c:\windows\SysWow64\deploytk.dll
2013-08-13 15:23 . 2010-02-10 17:13 165376 ----a-w- c:\windows\SysWow64\unrar.dll
2013-08-13 15:23 . 2010-02-28 09:53 749056 ----a-w- c:\windows\SysWow64\lameACM.acm
2013-08-13 15:23 . 2010-01-17 15:18 151552 ----a-w- c:\windows\SysWow64\ac3acm.acm
2013-08-13 15:23 . 2004-01-25 16:18 217088 ----a-w- c:\windows\SysWow64\yv12vfw.dll
2013-08-13 15:23 . 2009-05-29 21:37 205824 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2013-08-13 15:23 . 2009-05-29 21:31 881664 ----a-w- c:\windows\SysWow64\xvidcore.dll
2013-08-13 15:23 . 2010-03-10 18:00 85504 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2013-08-13 15:23 . 2013-08-13 15:23 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
2013-08-13 15:20 . 2013-08-19 16:12 -------- d-----w- c:\programdata\Microsoft Help
2013-08-13 15:19 . 2013-08-13 15:19 -------- d-----w- c:\program files (x86)\Common Files\EZB Systems
2013-08-13 15:19 . 2013-08-13 15:19 -------- d-----w- c:\program files (x86)\UltraISO
2013-08-13 15:06 . 2012-10-10 07:04 94208 ----a-w- c:\windows\system32\synceng.dll
2013-08-13 15:06 . 2012-10-10 06:31 72192 ----a-w- c:\windows\SysWow64\synceng.dll
2013-08-13 15:06 . 2012-11-26 04:21 71168 ----a-w- c:\windows\SysWow64\ncryptsslp.dll
2013-08-13 15:06 . 2012-11-26 04:20 86016 ----a-w- c:\windows\system32\ncryptsslp.dll
2013-08-13 15:06 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2013-08-13 15:06 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2013-08-13 15:06 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-08-13 15:06 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-08-13 15:06 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-08-13 15:06 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-08-13 15:06 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-13 14:25 . 2013-02-25 22:32 1059560 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-08-13 14:25 . 2012-07-25 20:22 15920536 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-08-13 14:25 . 2013-02-25 22:32 2936208 ----a-w- c:\windows\system32\nvapi64.dll
2013-08-13 13:32 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2012-07-26 1475072]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Spotify Web Helper"="c:\users\Adam\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-08-15 1104384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"VolPanel"="c:\program files (x86)\creative\sound blaster x-fi\volume panel\volpanlu.exe" [2007-04-17 184320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"disablecad"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R4 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [x]
R4 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S3 ALSysIO;ALSysIO;c:\users\Adam\AppData\Local\Temp\ALSysIO64.sys;c:\users\Adam\AppData\Local\Temp\ALSysIO64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 t3;Sound Blaster X-Fi Xtreme Audio;c:\windows\system32\drivers\t3.sys;c:\windows\SYSNATIVE\drivers\t3.sys [x]
S3 yukonw8;NDIS6.3 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk63x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk63x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\AutorunsDisabled\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-13 13:39 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-03-21 6330568]
"Launch LCore"="c:\program files\logitech gaming software\lcore.exe" [2013-04-24 7477016]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.20
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_moh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
**************************************************************************
.
Celkový čas: 2013-08-19 20:57:07 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-08-19 18:57
.
Před spuštěním: 82 355 097 600 bytes free
Po spuštění: 81 954 873 344 bytes free
.
- - End Of File - - 9A9DAB033F0C35984A6CC6864F17EC30
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.5119.3959 [GMT 2:00]
Spuštěný z: c:\users\Adam\Desktop\ComboFix.exe
AV: ESET Smart Security 6.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 6.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\.lnk
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-07-19 do 2013-08-19 )))))))))))))))))))))))))))))))
.
.
2013-08-19 18:54 . 2013-08-19 18:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-19 11:35 . 2013-08-19 17:56 -------- d-----w- c:\program files\trend micro
2013-08-18 19:29 . 2013-08-18 19:29 -------- d-s---w- c:\windows\SysWow64\Microsoft
2013-08-18 19:06 . 2013-05-09 08:58 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-08-18 19:05 . 2013-08-18 20:48 -------- d-----w- c:\programdata\AVAST Software
2013-08-18 18:19 . 2013-08-18 18:18 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-08-18 18:18 . 2013-08-18 18:18 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-08-18 09:26 . 2013-08-18 08:36 2601752 ----a-w- c:\windows\SysWow64\pbsvc_moh.exe
2013-08-18 09:25 . 2013-08-18 09:25 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2013-08-17 15:54 . 2013-08-18 18:18 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-08-17 12:42 . 2013-08-17 12:42 -------- d-----w- c:\programdata\EA Core
2013-08-17 12:42 . 2013-08-17 15:54 -------- d-----w- c:\programdata\EA Logs
2013-08-17 12:42 . 2013-08-17 12:42 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2013-08-17 12:42 . 2013-08-18 09:53 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-08-17 12:20 . 2013-08-17 12:20 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins
2013-08-16 19:17 . 2013-08-16 19:17 -------- d-----w- c:\program files (x86)\Origin Games
2013-08-16 19:14 . 2013-08-16 19:22 -------- d-----w- c:\programdata\Origin
2013-08-16 19:14 . 2013-08-16 19:14 -------- d-----w- c:\programdata\Electronic Arts
2013-08-16 19:14 . 2013-08-18 18:10 -------- d-----w- c:\program files (x86)\Origin
2013-08-15 17:09 . 2013-08-19 11:58 -------- d-----w- c:\program files (x86)\TunnelBear
2013-08-14 10:42 . 2013-08-14 10:42 -------- d-----w- c:\programdata\Binarysense
2013-08-14 10:42 . 2013-08-14 10:42 -------- d-----w- c:\programdata\Licenses
2013-08-14 09:18 . 2013-08-14 09:28 -------- d-----w- c:\programdata\WinTuning
2013-08-13 20:19 . 2012-10-22 19:18 1361408 ----a-w- c:\windows\system32\Windows.UI.Immersive.dll
2013-08-13 20:19 . 2012-10-22 19:18 103424 ----a-w- c:\windows\system32\SLCHook.dll
2013-08-13 20:19 . 2012-10-03 05:36 15872 ----a-w- c:\windows\system32\slwga.dll
2013-08-13 20:19 . 2012-09-20 07:07 133287 ----a-w- c:\windows\SysWow64\slmgr.vbs
2013-08-13 20:19 . 2012-09-20 07:07 133287 ----a-w- c:\windows\system32\slmgr.vbs
2013-08-13 20:19 . 2012-07-26 22:37 415232 ----a-w- c:\windows\system32\GenuineCenter.dll
2013-08-13 20:00 . 2012-11-20 05:24 1164800 ----a-w- c:\windows\SysWow64\Display.dll
2013-08-13 20:00 . 2012-11-20 05:02 6656 ----a-w- c:\windows\SysWow64\KBDKURD.DLL
2013-08-13 20:00 . 2012-11-20 04:59 7168 ----a-w- c:\windows\system32\KBDKURD.DLL
2013-08-13 20:00 . 2012-11-20 05:17 1184256 ----a-w- c:\windows\system32\Display.dll
2013-08-13 19:57 . 2013-08-13 19:57 -------- d-----w- c:\program files (x86)\Xfire
2013-08-13 19:06 . 2012-09-20 09:10 2367528 ----a-w- c:\windows\system32\WSService.dll
2013-08-13 19:05 . 2012-10-11 07:23 441576 ----a-w- c:\windows\system32\drivers\netio.sys
2013-08-13 19:03 . 2012-09-27 06:35 74240 ----a-w- c:\windows\SysWow64\newdev.exe
2013-08-13 19:03 . 2012-09-27 06:35 73728 ----a-w- c:\windows\SysWow64\ndadmin.exe
2013-08-13 19:03 . 2012-09-27 06:34 275968 ----a-w- c:\windows\SysWow64\newdev.dll
2013-08-13 19:03 . 2012-09-27 07:17 76288 ----a-w- c:\windows\system32\newdev.exe
2013-08-13 19:03 . 2012-09-27 07:17 75264 ----a-w- c:\windows\system32\ndadmin.exe
2013-08-13 19:03 . 2012-09-27 07:15 301568 ----a-w- c:\windows\system32\newdev.dll
2013-08-13 19:03 . 2012-10-02 07:34 68608 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-08-13 19:03 . 2013-05-23 22:25 694272 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-08-13 19:03 . 2013-05-23 23:02 1314816 ----a-w- c:\windows\system32\rpcrt4.dll
2013-08-13 19:03 . 2012-10-12 05:39 82944 ----a-w- c:\windows\SysWow64\dskquota.dll
2013-08-13 19:03 . 2012-10-12 06:13 109568 ----a-w- c:\windows\system32\dskquota.dll
2013-08-13 19:02 . 2012-10-24 04:54 396008 ----a-w- c:\windows\system32\hal.dll
2013-08-13 19:02 . 2012-10-17 03:57 929792 ----a-w- c:\windows\SysWow64\mfnetsrc.dll
2013-08-13 19:02 . 2012-10-17 03:57 568832 ----a-w- c:\windows\SysWow64\mfnetcore.dll
2013-08-13 19:02 . 2012-10-17 03:57 513024 ----a-w- c:\windows\SysWow64\mfmpeg2srcsnk.dll
2013-08-13 19:02 . 2012-10-17 04:32 1172992 ----a-w- c:\windows\system32\mfnetsrc.dll
2013-08-13 19:02 . 2012-10-17 04:32 677888 ----a-w- c:\windows\system32\mfnetcore.dll
2013-08-13 19:02 . 2012-10-17 04:32 673280 ----a-w- c:\windows\system32\mfmpeg2srcsnk.dll
2013-08-13 19:02 . 2013-07-09 06:07 2233168 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-13 19:01 . 2012-11-27 04:20 798208 ----a-w- c:\windows\SysWow64\WebcamUi.dll
2013-08-13 19:01 . 2012-11-27 04:20 560128 ----a-w- c:\windows\SysWow64\UserLanguagesCpl.dll
2013-08-13 19:01 . 2012-11-27 04:20 46592 ----a-w- c:\windows\SysWow64\vds_ps.dll
2013-08-13 19:01 . 2012-11-27 04:20 1048064 ----a-w- c:\windows\SysWow64\mstsc.exe
2013-08-13 19:01 . 2012-11-27 04:20 179200 ----a-w- c:\windows\SysWow64\wpnapps.dll
2013-08-13 19:01 . 2012-11-27 04:20 1217536 ----a-w- c:\windows\SysWow64\storagewmi.dll
2013-08-13 19:01 . 2012-11-27 04:20 702464 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-08-13 19:01 . 2012-11-27 04:19 245248 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-08-13 19:01 . 2012-11-27 04:49 1027152 ----a-w- c:\windows\SysWow64\Taskmgr.exe
2013-08-13 18:59 . 2013-06-16 22:41 997632 ----a-w- c:\windows\system32\drivers\ndis.sys
2013-08-13 18:17 . 2013-08-13 18:18 -------- d-----w- c:\windows\system32\MRT
2013-08-13 18:04 . 2012-11-08 04:25 523776 ----a-w- c:\windows\SysWow64\WSShared.dll
2013-08-13 18:04 . 2012-11-08 04:25 143872 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.dll
2013-08-13 18:04 . 2012-11-08 04:25 124928 ----a-w- c:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-13 18:04 . 2012-11-08 04:22 641536 ----a-w- c:\windows\system32\WSShared.dll
2013-08-13 18:04 . 2012-11-08 04:22 198656 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.dll
2013-08-13 18:04 . 2012-11-08 04:22 163840 ----a-w- c:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-13 17:54 . 2013-08-13 17:54 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-08-13 17:54 . 2013-08-13 17:54 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-08-13 17:54 . 2013-08-13 17:54 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-08-13 17:54 . 2013-08-13 17:54 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-13 17:54 . 2013-08-13 17:54 -------- d-----w- c:\program files (x86)\Java
2013-08-13 17:47 . 2013-06-27 22:04 78200 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-13 17:47 . 2013-06-27 22:04 693112 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-13 17:45 . 2013-08-13 17:48 -------- d-----r- c:\windows\BrowserChoice
2013-08-13 17:40 . 2013-08-13 17:40 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2013-08-13 16:34 . 2013-08-13 16:34 19187712 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-08-13 16:34 . 2013-08-13 16:34 18523648 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-08-13 16:27 . 2013-08-13 16:27 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-08-13 16:26 . 2013-08-18 18:26 -------- d-----w- c:\program files (x86)\IObit
2013-08-13 16:21 . 2013-08-13 16:26 -------- d-----w- c:\program files (x86)\Common Files\Steam
2013-08-13 16:21 . 2013-08-18 09:50 -------- d-----w- c:\program files (x86)\Steam
2013-08-13 16:03 . 2013-08-13 16:03 11776 ----a-w- c:\windows\skipmetrosuite.exe
2013-08-13 15:52 . 2013-08-13 15:52 -------- d-----w- c:\program files (x86)\DsNET Corp
2013-08-13 15:47 . 2013-08-13 15:47 -------- d-----w- c:\program files (x86)\The KMPlayer
2013-08-13 15:36 . 2008-07-31 08:41 68616 ----a-w- c:\windows\SysWow64\XAPOFX1_1.dll
2013-08-13 15:36 . 2008-07-31 08:40 509448 ----a-w- c:\windows\SysWow64\XAudio2_2.dll
2013-08-13 15:36 . 2008-07-12 06:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2013-08-13 15:36 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2013-08-13 15:36 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2013-08-13 15:36 . 2013-08-13 15:36 -------- d-sh--w- c:\windows\SysWow64\AI_RecycleBin
2013-08-13 15:36 . 2013-08-13 17:26 -------- d-----w- c:\program files (x86)\League of Legends
2013-08-13 15:27 . 2013-08-13 15:28 -------- d-----w- c:\program files\TeamSpeak 3 Client
2013-08-13 15:27 . 2013-08-15 17:13 -------- d-----w- c:\programdata\Xfire
2013-08-13 15:25 . 2013-08-13 15:25 410984 ----a-w- c:\windows\SysWow64\deploytk.dll
2013-08-13 15:23 . 2010-02-10 17:13 165376 ----a-w- c:\windows\SysWow64\unrar.dll
2013-08-13 15:23 . 2010-02-28 09:53 749056 ----a-w- c:\windows\SysWow64\lameACM.acm
2013-08-13 15:23 . 2010-01-17 15:18 151552 ----a-w- c:\windows\SysWow64\ac3acm.acm
2013-08-13 15:23 . 2004-01-25 16:18 217088 ----a-w- c:\windows\SysWow64\yv12vfw.dll
2013-08-13 15:23 . 2009-05-29 21:37 205824 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2013-08-13 15:23 . 2009-05-29 21:31 881664 ----a-w- c:\windows\SysWow64\xvidcore.dll
2013-08-13 15:23 . 2010-03-10 18:00 85504 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2013-08-13 15:23 . 2013-08-13 15:23 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
2013-08-13 15:20 . 2013-08-19 16:12 -------- d-----w- c:\programdata\Microsoft Help
2013-08-13 15:19 . 2013-08-13 15:19 -------- d-----w- c:\program files (x86)\Common Files\EZB Systems
2013-08-13 15:19 . 2013-08-13 15:19 -------- d-----w- c:\program files (x86)\UltraISO
2013-08-13 15:06 . 2012-10-10 07:04 94208 ----a-w- c:\windows\system32\synceng.dll
2013-08-13 15:06 . 2012-10-10 06:31 72192 ----a-w- c:\windows\SysWow64\synceng.dll
2013-08-13 15:06 . 2012-11-26 04:21 71168 ----a-w- c:\windows\SysWow64\ncryptsslp.dll
2013-08-13 15:06 . 2012-11-26 04:20 86016 ----a-w- c:\windows\system32\ncryptsslp.dll
2013-08-13 15:06 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2013-08-13 15:06 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2013-08-13 15:06 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-08-13 15:06 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-08-13 15:06 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-08-13 15:06 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-08-13 15:06 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-13 14:25 . 2013-02-25 22:32 1059560 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-08-13 14:25 . 2012-07-25 20:22 15920536 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-08-13 14:25 . 2013-02-25 22:32 2936208 ----a-w- c:\windows\system32\nvapi64.dll
2013-08-13 13:32 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2012-07-26 1475072]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Spotify Web Helper"="c:\users\Adam\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-08-15 1104384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"VolPanel"="c:\program files (x86)\creative\sound blaster x-fi\volume panel\volpanlu.exe" [2007-04-17 184320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"disablecad"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R4 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [x]
R4 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S3 ALSysIO;ALSysIO;c:\users\Adam\AppData\Local\Temp\ALSysIO64.sys;c:\users\Adam\AppData\Local\Temp\ALSysIO64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 t3;Sound Blaster X-Fi Xtreme Audio;c:\windows\system32\drivers\t3.sys;c:\windows\SYSNATIVE\drivers\t3.sys [x]
S3 yukonw8;NDIS6.3 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk63x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk63x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\AutorunsDisabled\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-13 13:39 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-03-21 6330568]
"Launch LCore"="c:\program files\logitech gaming software\lcore.exe" [2013-04-24 7477016]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.20
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_moh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
**************************************************************************
.
Celkový čas: 2013-08-19 20:57:07 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-08-19 18:57
.
Před spuštěním: 82 355 097 600 bytes free
Po spuštění: 81 954 873 344 bytes free
.
- - End Of File - - 9A9DAB033F0C35984A6CC6864F17EC30
A36C5E4F47E84449FF07ED3517B43A31
Re: Windows 8 spuštění složky %USERPROFILE% po spuštění
Napsal: 19 srp 2013 20:34
Log je již OK. Nastala nějaká změna?
Re: Windows 8 spuštění složky %USERPROFILE% po spuštění
Napsal: 19 srp 2013 20:35
Už je to v pohodě. Mohu se zeptat kde byl problém? V této cestě ? c:\users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\.lnk
Re: Windows 8 spuštění složky %USERPROFILE% po spuštění
Napsal: 19 srp 2013 21:19
Asi tam. Nic jiného nebylo mazáno.
Re: Windows 8 spuštění složky %USERPROFILE% po spuštění
Napsal: 19 srp 2013 21:20
Dobře. Děkuji za Váš čas a super práci.
Re: Windows 8 spuštění složky %USERPROFILE% po spuštění
Napsal: 19 srp 2013 21:21
Rádo se stalo! 