ComboFix 14-08-26.02 - Lhotecky 26.08.2014 21:48:33.3.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8120.6235 [GMT 2:00]
Spuštěný z: c:\users\Lhotecky\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Lhotecky\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-07-26 do 2014-08-26 )))))))))))))))))))))))))))))))
.
.
2014-08-26 19:50 . 2014-08-26 19:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-26 16:36 . 2014-08-26 16:42 -------- d-----w- C:\AdwCleaner
2014-08-26 16:35 . 2014-08-26 16:35 -------- d-----w- c:\program files\McAfee Security Scan
2014-08-25 20:36 . 2014-08-25 20:37 -------- d-----w- c:\program files\trend micro
2014-08-25 20:36 . 2014-08-25 20:36 -------- d-----w- C:\rsit
2014-08-25 18:15 . 2014-08-26 16:35 -------- d-----w- c:\programdata\McAfee Security Scan
2014-08-25 18:15 . 2014-08-25 18:15 -------- d-----w- c:\programdata\McAfee
2014-08-25 13:37 . 2014-08-21 09:24 11319192 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{152D4B35-12BF-4DD8-B815-0A03A98428E6}\mpengine.dll
2014-08-25 13:35 . 2014-08-26 18:46 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-08-25 13:35 . 2014-08-25 13:35 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-08-25 13:35 . 2014-08-25 13:35 -------- d-----w- c:\programdata\Malwarebytes
2014-08-25 13:35 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-08-25 13:35 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-08-25 13:35 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-08-15 08:06 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-15 08:06 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-08-15 08:06 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-08-15 08:06 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-08-15 08:06 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-15 08:06 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-08-15 08:06 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-08-15 08:06 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-15 05:16 . 2014-08-15 05:16 -------- d-----w- c:\programdata\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-08-15 05:07 . 2014-08-07 02:06 529920 ----a-w- c:\windows\system32\aepdu.dll
2014-08-15 05:07 . 2014-07-14 02:02 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-08-15 05:07 . 2014-07-14 01:40 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-08-15 05:07 . 2014-08-07 02:01 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-08-11 16:48 . 2014-08-11 16:52 -------- d-----w- c:\program files (x86)\EIZO
2014-08-10 19:04 . 2014-08-10 19:04 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2014-08-10 19:01 . 2014-08-10 19:01 -------- d-----w- c:\program files (x86)\Canon
2014-08-10 18:55 . 2014-08-10 18:59 -------- d-----w- c:\program files (x86)\Common Files\Canon
2014-08-10 18:39 . 2014-08-10 18:39 -------- d-----w- c:\program files\ESET
2014-08-10 16:26 . 2014-08-10 16:27 -------- d-----w- C:\totalcmd
2014-08-10 15:52 . 2014-08-10 15:52 -------- d-----r- C:\MSOCache
2014-08-07 17:23 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll
2014-08-07 17:23 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll
2014-08-07 17:22 . 2014-08-07 17:22 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2014-08-07 17:22 . 2014-08-07 17:23 -------- d-----w- c:\program files (x86)\Winamp
2014-08-07 17:21 . 2014-08-07 17:21 -------- d-----w- c:\program files (x86)\Webteh
2014-08-07 17:20 . 2014-08-07 17:20 -------- d-----w- c:\program files\CCleaner
2014-08-07 17:18 . 2014-08-07 17:27 -------- d-----w- c:\program files (x86)\Google
2014-08-07 17:16 . 2014-08-07 17:16 -------- d-----w- c:\program files (x86)\VideoLAN
2014-08-07 17:10 . 2014-08-07 17:10 -------- d-----w- c:\program files (x86)\PTGui
2014-08-07 17:05 . 2014-08-07 17:05 -------- d-----w- c:\program files (x86)\PhotomatixPro3
2014-08-07 16:18 . 2014-08-07 16:18 -------- d-----w- c:\program files\DIFX
2014-08-07 16:18 . 2014-08-07 16:18 -------- d-----w- c:\program files\WDCSAM
2014-08-07 16:12 . 2014-08-07 16:29 -------- d-----w- C:\Copy
2014-08-07 16:05 . 2014-08-25 18:15 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-07 16:05 . 2014-08-25 18:15 699568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-08-07 16:05 . 2014-08-07 16:05 -------- d-----w- c:\windows\SysWow64\Macromed
2014-08-07 16:05 . 2014-08-07 16:05 -------- d-----w- c:\windows\system32\Macromed
2014-08-07 15:54 . 2014-08-07 15:54 -------- d-----w- c:\program files (x86)\Seznam.cz
2014-08-07 15:54 . 2014-08-11 16:35 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2014-08-07 15:53 . 2014-08-07 15:53 79 ----a-w- c:\windows\SysWow64\ssinstall-uninstall.bat
2014-08-07 15:53 . 2014-08-07 15:53 2324216 ----a-w- c:\windows\SysWow64\ssins.exe
2014-08-07 15:51 . 2014-08-07 16:25 -------- d-----w- c:\windows\system32\appmgmt
2014-08-04 14:20 . 2010-11-21 03:23 345088 ----a-w- c:\windows\system32\utilman.exe
2014-08-04 12:40 . 2014-08-04 12:41 -------- d-----w- c:\users\Lhotecky
2014-08-04 09:48 . 2014-08-04 10:01 -------- d-----w- C:\Starý disk
2014-07-29 12:53 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-07-29 12:53 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll
2014-07-29 12:53 . 2014-05-08 09:32 3178496 ----a-w- c:\windows\system32\rdpcorets.dll
2014-07-29 12:53 . 2014-05-08 09:32 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-07-29 11:53 . 2014-08-15 08:06 -------- d-s---w- c:\windows\system32\CompatTel
2014-07-29 11:53 . 2014-07-29 11:53 -------- d-----w- c:\windows\SysWow64\Wat
2014-07-29 11:53 . 2014-07-29 11:53 -------- d-----w- c:\windows\system32\Wat
2014-07-29 11:17 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-07-29 11:17 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-07-29 11:17 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-07-29 11:17 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-07-29 11:17 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-07-29 11:11 . 2014-07-29 11:11 -------- d-----w- c:\windows\Migration
2014-07-29 11:08 . 2013-10-14 16:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-07-29 10:55 . 2013-10-02 01:10 44544 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2014-07-29 10:50 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2014-07-29 10:46 . 2014-08-15 08:09 -------- d-----w- c:\windows\system32\MRT
2014-07-29 10:45 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2014-07-29 10:45 . 2012-08-23 14:08 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2014-07-29 10:45 . 2012-08-23 14:13 243200 ----a-w- c:\windows\system32\rdpudd.dll
2014-07-29 10:45 . 2012-08-23 11:12 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2014-07-29 10:45 . 2012-08-23 10:51 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2014-07-29 10:43 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2014-07-29 10:38 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-07-29 10:38 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-07-29 10:38 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-07-29 10:38 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-07-29 10:38 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-07-29 10:38 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-07-29 10:38 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-07-29 10:29 . 2013-09-25 02:23 1030144 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-07-29 10:29 . 2013-09-25 01:57 792576 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-07-29 10:29 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2014-07-29 10:29 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-07-29 10:04 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2014-07-29 10:03 . 2014-06-18 02:19 503296 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tiptsf.dll
2014-07-29 10:02 . 2014-03-04 09:20 3969984 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2014-07-29 10:01 . 2013-12-24 23:09 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-07-29 10:01 . 2013-12-24 22:48 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-07-29 10:01 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2014-07-29 10:01 . 2013-11-22 22:48 3928064 ----a-w- c:\windows\system32\d2d1.dll
2014-07-29 10:01 . 2013-09-08 02:27 327168 ----a-w- c:\windows\system32\mswsock.dll
2014-07-29 10:01 . 2013-09-08 02:03 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2014-07-29 09:59 . 2014-03-04 09:44 362496 ----a-w- c:\windows\system32\wow64win.dll
2014-07-29 09:54 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-07-29 09:54 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-07-29 09:54 . 2013-10-12 02:30 830464 ----a-w- c:\windows\system32\nshwfp.dll
2014-07-29 09:54 . 2013-10-12 02:29 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2014-07-29 09:54 . 2013-10-12 02:29 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2014-07-29 09:54 . 2013-10-12 02:03 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2014-07-29 09:54 . 2013-10-12 02:01 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2014-07-29 09:40 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2014-07-29 09:40 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2014-07-29 09:40 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2014-07-28 23:35 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2014-07-28 23:35 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2014-07-28 23:35 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2014-07-28 23:35 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2014-07-28 23:35 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2014-07-28 23:35 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2014-07-28 23:35 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2014-07-28 23:35 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2014-07-28 23:35 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-05 07:20 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-06-05 18:09 . 2014-06-05 18:09 296320 ----a-w- c:\windows\system32\drivers\volsnap.sys
2014-06-05 18:09 . 2014-06-05 18:09 7680 ----a-w- c:\windows\system32\KBDINTAM.DLL
2014-06-05 18:09 . 2014-06-05 18:09 7680 ----a-w- c:\windows\system32\KBDINMAL.DLL
2014-06-05 18:09 . 2014-06-05 18:09 7680 ----a-w- c:\windows\system32\KBDINDEV.DLL
2014-06-05 18:09 . 2014-06-05 18:09 7680 ----a-w- c:\windows\system32\KBDINBEN.DLL
2014-06-05 18:09 . 2014-06-05 18:09 7168 ----a-w- c:\windows\SysWow64\KBDINTAM.DLL
2014-06-05 18:09 . 2014-06-05 18:09 7168 ----a-w- c:\windows\SysWow64\KBDINORI.DLL
2014-06-05 18:09 . 2014-06-05 18:09 7168 ----a-w- c:\windows\SysWow64\KBDINMAR.DLL
2014-06-05 18:09 . 2014-06-05 18:09 7168 ----a-w- c:\windows\SysWow64\KBDINMAL.DLL
2014-06-05 18:09 . 2014-06-05 18:09 7168 ----a-w- c:\windows\SysWow64\KBDINKAN.DLL
2014-06-05 18:09 . 2014-06-05 18:09 7168 ----a-w- c:\windows\SysWow64\KBDINHIN.DLL
2014-06-05 18:09 . 2014-06-05 18:09 7168 ----a-w- c:\windows\SysWow64\KBDINDEV.DLL
2014-06-05 18:09 . 2014-06-05 18:09 7168 ----a-w- c:\windows\SysWow64\KBDINBEN.DLL
2014-06-05 18:09 . 2014-06-05 18:09 7168 ----a-w- c:\windows\system32\KBDINTEL.DLL
2014-06-05 18:09 . 2014-06-05 18:09 7168 ----a-w- c:\windows\system32\KBDINPUN.DLL
2014-06-05 18:09 . 2014-06-05 18:09 7168 ----a-w- c:\windows\system32\KBDINORI.DLL
2014-06-05 18:09 . 2014-06-05 18:09 7168 ----a-w- c:\windows\system32\KBDINMAR.DLL
2014-06-05 18:09 . 2014-06-05 18:09 7168 ----a-w- c:\windows\system32\KBDINKAN.DLL
2014-06-05 18:09 . 2014-06-05 18:09 7168 ----a-w- c:\windows\system32\KBDINHIN.DLL
2014-06-05 18:09 . 2014-06-05 18:09 7168 ----a-w- c:\windows\system32\KBDINGUJ.DLL
2014-06-05 18:09 . 2014-06-05 18:09 7168 ----a-w- c:\windows\system32\KBDINEN.DLL
2014-06-05 18:09 . 2014-06-05 18:09 7168 ----a-w- c:\windows\system32\KBDINBE2.DLL
2014-06-05 18:09 . 2014-06-05 18:09 7168 ----a-w- c:\windows\system32\KBDINBE1.DLL
2014-06-05 18:09 . 2014-06-05 18:09 7168 ----a-w- c:\windows\system32\KBDINASA.DLL
2014-06-05 18:09 . 2014-06-05 18:09 6656 ----a-w- c:\windows\SysWow64\KBDINTEL.DLL
2014-06-05 18:09 . 2014-06-05 18:09 6656 ----a-w- c:\windows\SysWow64\KBDINPUN.DLL
2014-06-05 18:09 . 2014-06-05 18:09 6656 ----a-w- c:\windows\SysWow64\KBDINGUJ.DLL
2014-06-05 18:09 . 2014-06-05 18:09 6656 ----a-w- c:\windows\SysWow64\KBDINBE2.DLL
2014-06-05 18:09 . 2014-06-05 18:09 6656 ----a-w- c:\windows\SysWow64\KBDINBE1.DLL
2014-06-05 18:09 . 2014-06-05 18:09 6656 ----a-w- c:\windows\SysWow64\KBDINASA.DLL
2014-06-05 18:03 . 2014-06-05 18:03 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-05 18:03 . 2014-06-05 18:03 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-05 18:03 . 2014-06-05 18:03 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2014-06-05 18:03 . 2014-06-05 18:03 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2014-06-05 18:03 . 2014-06-05 18:03 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-05 18:03 . 2014-06-05 18:03 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-05 18:03 . 2014-06-05 18:03 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-05 18:03 . 2014-06-05 18:03 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-05 18:03 . 2014-06-05 18:03 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2014-06-05 18:03 . 2014-06-05 18:03 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-05 18:03 . 2014-06-05 18:03 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-05 18:03 . 2014-06-05 18:03 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2014-06-05 18:03 . 2014-06-05 18:03 363008 ----a-w- c:\windows\system32\dxgi.dll
2014-06-05 18:03 . 2014-06-05 18:03 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-05 18:03 . 2014-06-05 18:03 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-05 18:03 . 2014-06-05 18:03 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2014-06-05 18:03 . 2014-06-05 18:03 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-05 18:03 . 2014-06-05 18:03 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-05 18:03 . 2014-06-05 18:03 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-05 18:03 . 2014-06-05 18:03 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-05 18:03 . 2014-06-05 18:03 296960 ----a-w- c:\windows\system32\d3d10core.dll
2014-06-05 18:03 . 2014-06-05 18:03 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2014-06-05 18:03 . 2014-06-05 18:03 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-06-05 18:03 . 2014-06-05 18:03 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-05 18:03 . 2014-06-05 18:03 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-05 18:03 . 2014-06-05 18:03 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2014-06-05 18:03 . 2014-06-05 18:03 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2014-06-05 18:03 . 2014-06-05 18:03 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-06-05 18:03 . 2014-06-05 18:03 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2014-06-05 18:03 . 2014-06-05 18:03 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2014-06-05 18:03 . 2014-06-05 18:03 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2014-06-05 18:03 . 2014-06-05 18:03 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2014-06-05 18:03 . 2014-06-05 18:03 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2014-06-05 18:03 . 2014-06-05 18:03 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2014-06-05 18:03 . 2014-06-05 18:03 1643520 ----a-w- c:\windows\system32\DWrite.dll
2014-06-05 18:03 . 2014-06-05 18:03 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2014-06-05 18:03 . 2014-06-05 18:03 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2014-06-05 18:03 . 2014-06-05 18:03 1238528 ----a-w- c:\windows\system32\d3d10.dll
2014-06-05 18:03 . 2014-06-05 18:03 1175552 ----a-w- c:\windows\system32\FntCache.dll
2014-06-05 18:03 . 2014-06-05 18:03 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2014-06-05 18:03 . 2014-06-05 18:03 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2014-06-05 18:03 . 2014-06-05 18:03 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-05 18:03 . 2014-06-05 18:03 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-05 17:58 . 2014-06-05 17:58 2560 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\qwavedrv.sys.mui
2014-06-05 17:58 . 2014-06-05 17:58 5632 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\ndiscap.sys.mui
2014-06-05 17:58 . 2014-06-05 17:58 2560 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\scfilter.sys.mui
2014-06-05 17:58 . 2014-06-05 17:58 50176 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\tcpip.sys.mui
2014-06-05 17:58 . 2014-06-05 17:58 27136 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\bfe.dll.mui
2014-06-05 17:58 . 2014-06-05 17:58 15360 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\pacer.sys.mui
2014-06-05 17:46 . 2014-06-05 17:46 96768 ----a-w- c:\windows\system32\fsutil.exe
2014-06-05 17:46 . 2014-06-05 17:46 91648 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS
2014-06-05 17:46 . 2014-06-05 17:46 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2014-06-05 17:46 . 2014-06-05 17:46 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2014-06-05 17:46 . 2014-06-05 17:46 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2014-06-05 17:46 . 2014-06-05 17:46 2565632 ----a-w- c:\windows\system32\esent.dll
2014-06-05 17:46 . 2014-06-05 17:46 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2014-06-05 17:46 . 2014-06-05 17:46 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2014-06-05 17:46 . 2014-06-05 17:46 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2014-06-05 17:46 . 2014-06-05 17:46 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2014-06-05 17:45 . 2014-06-05 17:45 878080 ----a-w- c:\windows\system32\advapi32.dll
2014-06-05 17:45 . 2014-06-05 17:45 859648 ----a-w- c:\windows\system32\tdh.dll
2014-06-05 17:45 . 2014-06-05 17:45 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2014-06-05 17:45 . 2014-06-05 17:45 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2014-06-05 17:45 . 2014-06-05 17:45 1732032 ----a-w- c:\windows\system32\ntdll.dll
2014-06-05 17:45 . 2014-06-05 17:45 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2014-06-05 17:44 . 2014-06-05 17:44 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2014-06-05 17:44 . 2014-06-05 17:44 6656 ----a-w- c:\windows\system32\apisetschema.dll
2014-06-05 17:44 . 2014-06-05 17:44 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2014-06-05 17:44 . 2014-06-05 17:44 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-10-01 18:38 1720976 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-10-01 18:38 1720976 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-10-01 18:38 1720976 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
"CLMLServer_For_P2G8"="c:\program files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" [2013-08-05 111576]
"CLVirtualDrive"="c:\program files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" [2013-08-07 490760]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2013-07-18 683656]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
c:\users\Lhotecky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Odeslat do OneNote.lnk - c:\program files\Microsoft Office\Office15\ONENOTEM.EXE /tsr [2012-10-1 185992]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]
ScreenManager Pro for LCD Ver3.3.3.lnk - c:\program files (x86)\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe [2013-2-19 9046352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HPFSService;HP File Sanitizer;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys;c:\windows\SYSNATIVE\drivers\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE [x]
S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [x]
S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [x]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
Obsah adresáře 'Naplánované úlohy'
.
2014-08-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-07 18:15]
.
2014-08-26 c:\windows\Tasks\HPCeeScheduleForLhotecky.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-10-01 18:37 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-10-01 18:37 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-10-01 18:37 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-06-11 165872]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-06-11 407536]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-06-11 444400]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-07-27 7194840]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-11-22 2919168]
.
------- Doplňkový sken -------
.
uStart Page = www.google.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS
mStart Page = hxxp://www.bing.com?pc=CMDTDFJS
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Lhotecky\AppData\Roaming\Mozilla\Firefox\Profiles\1t1274o6.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-08-26 21:51:28
ComboFix-quarantined-files.txt 2014-08-26 19:51
ComboFix2.txt 2014-08-26 18:04
ComboFix3.txt 2014-08-26 17:48
.
Před spuštěním: Volných bajtů: 228 635 664 384
Po spuštění: Volných bajtů: 228 578 377 728
.
- - End Of File - - E9D670693358AC27F9CD4E08089881D7
A36C5E4F47E84449FF07ED3517B43A31
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventivní kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o preventivní kontrolu
Tak udělejte prosím nový skript 
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o preventivní kontrolu
To nad Vámi už je z nového scriptu.
Re: Prosím o preventivní kontrolu
Nevadí,to jsou jen drobnosti, domažeme jinak
S počítačem to vypadá jak?
:arrow:Stáhněte OTM http://oldtimer.geekstogo.com/OTM.exe
Stáhněte na plochu Otm, 2krát klikněte na Otm,spustí se program,
Do levého okna "Paste Instructions for Items to be Moved" pod žlutou čáru zkopírujete skript
-klikněte na červené tlačítko Moveit!
-sem vložte obsah zeleného okénka
-Pokud se bude chtít restartovat pc, dejte YES,log pak najdete C:\_OTM\MovedFiles. Log vložte sem
S počítačem to vypadá jak?
:arrow:Stáhněte OTM http://oldtimer.geekstogo.com/OTM.exe
Stáhněte na plochu Otm, 2krát klikněte na Otm,spustí se program,
Do levého okna "Paste Instructions for Items to be Moved" pod žlutou čáru zkopírujete skript
Kód: Vybrat vše
:processes
explorer.exe
:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk
c:\program files\McAfee Security Scan
c:\programdata\McAfee Security Scan
c:\programdata\McAfee
:reg
[HKCU\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=""
[HKLM\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=""
[HKLM\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz"
:commands
[resethosts]
[emptytemp]
[EMPTYFLASH]
[clearallrestorepoints]
[Reboot]-sem vložte obsah zeleného okénka
-Pokud se bude chtít restartovat pc, dejte YES,log pak najdete C:\_OTM\MovedFiles. Log vložte sem
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o preventivní kontrolu
Počítač vypadá, že funguje OK.
tady je ten log:
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2683.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4C4E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA0C1.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\WINDOWS\Installer\MSIDEB.tmp moved successfully.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup folder moved successfully.
File/Folder McAfee Security Scan Plus.lnk not found.
c:\program files\McAfee Security Scan\3.8.150\sacoredata folder moved successfully.
c:\program files\McAfee Security Scan\3.8.150 folder moved successfully.
c:\program files\McAfee Security Scan folder moved successfully.
c:\programdata\McAfee Security Scan\Extensions folder moved successfully.
c:\programdata\McAfee Security Scan folder moved successfully.
c:\programdata\McAfee\MCLOGS\SecurityScanner\mcuicnt folder moved successfully.
c:\programdata\McAfee\MCLOGS\SecurityScanner folder moved successfully.
c:\programdata\McAfee\MCLOGS\PartnerCustom\SSScheduler folder moved successfully.
c:\programdata\McAfee\MCLOGS\PartnerCustom\SecurityScan_Release folder moved successfully.
c:\programdata\McAfee\MCLOGS\PartnerCustom\SecurityScan_Inner folder moved successfully.
c:\programdata\McAfee\MCLOGS\PartnerCustom\mcuicnt folder moved successfully.
c:\programdata\McAfee\MCLOGS\PartnerCustom\McCHSvc folder moved successfully.
c:\programdata\McAfee\MCLOGS\PartnerCustom folder moved successfully.
c:\programdata\McAfee\MCLOGS\McUICnt\mcuicnt folder moved successfully.
c:\programdata\McAfee\MCLOGS\McUICnt folder moved successfully.
c:\programdata\McAfee\MCLOGS\Common\mcuicnt folder moved successfully.
c:\programdata\McAfee\MCLOGS\Common\McCHSvc folder moved successfully.
c:\programdata\McAfee\MCLOGS\Common folder moved successfully.
c:\programdata\McAfee\MCLOGS folder moved successfully.
c:\programdata\McAfee folder moved successfully.
========== REGISTRY ==========
HKCU\Software\Microsoft\Internet Explorer\Main\\"Default_Page_URL"|"" /E : value set successfully!
HKLM\Software\Microsoft\Internet Explorer\Main\\"Default_Page_URL"|"" /E : value set successfully!
HKLM\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"http://www.seznam.cz" /E : value set successfully!
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Lhotecky
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 5732 bytes
->FireFox cache emptied: 182313257 bytes
->Flash cache emptied: 660 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 174,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Lhotecky
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
Restore point Set: OTM Restore Point
OTM by OldTimer - Version 3.1.21.0 log created on 08262014_222911
Files moved on Reboot...
C:\Users\Lhotecky\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Lhotecky\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
tady je ten log:
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2683.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4C4E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPA0C1.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\WINDOWS\Installer\MSIDEB.tmp moved successfully.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup folder moved successfully.
File/Folder McAfee Security Scan Plus.lnk not found.
c:\program files\McAfee Security Scan\3.8.150\sacoredata folder moved successfully.
c:\program files\McAfee Security Scan\3.8.150 folder moved successfully.
c:\program files\McAfee Security Scan folder moved successfully.
c:\programdata\McAfee Security Scan\Extensions folder moved successfully.
c:\programdata\McAfee Security Scan folder moved successfully.
c:\programdata\McAfee\MCLOGS\SecurityScanner\mcuicnt folder moved successfully.
c:\programdata\McAfee\MCLOGS\SecurityScanner folder moved successfully.
c:\programdata\McAfee\MCLOGS\PartnerCustom\SSScheduler folder moved successfully.
c:\programdata\McAfee\MCLOGS\PartnerCustom\SecurityScan_Release folder moved successfully.
c:\programdata\McAfee\MCLOGS\PartnerCustom\SecurityScan_Inner folder moved successfully.
c:\programdata\McAfee\MCLOGS\PartnerCustom\mcuicnt folder moved successfully.
c:\programdata\McAfee\MCLOGS\PartnerCustom\McCHSvc folder moved successfully.
c:\programdata\McAfee\MCLOGS\PartnerCustom folder moved successfully.
c:\programdata\McAfee\MCLOGS\McUICnt\mcuicnt folder moved successfully.
c:\programdata\McAfee\MCLOGS\McUICnt folder moved successfully.
c:\programdata\McAfee\MCLOGS\Common\mcuicnt folder moved successfully.
c:\programdata\McAfee\MCLOGS\Common\McCHSvc folder moved successfully.
c:\programdata\McAfee\MCLOGS\Common folder moved successfully.
c:\programdata\McAfee\MCLOGS folder moved successfully.
c:\programdata\McAfee folder moved successfully.
========== REGISTRY ==========
HKCU\Software\Microsoft\Internet Explorer\Main\\"Default_Page_URL"|"" /E : value set successfully!
HKLM\Software\Microsoft\Internet Explorer\Main\\"Default_Page_URL"|"" /E : value set successfully!
HKLM\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"http://www.seznam.cz" /E : value set successfully!
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Lhotecky
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 5732 bytes
->FireFox cache emptied: 182313257 bytes
->Flash cache emptied: 660 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 174,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Lhotecky
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
Restore point Set: OTM Restore Point
OTM by OldTimer - Version 3.1.21.0 log created on 08262014_222911
Files moved on Reboot...
C:\Users\Lhotecky\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Lhotecky\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Re: Prosím o preventivní kontrolu
Odinstalujte combofix přes Start - Spustit- zkopírujte do okénka:
ComboFix /Uninstall
-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
***********
Stáhněte T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
***********
Z mého podpisu stahněte Ccleaner- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru
záložka čistič- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner
záložka Registry- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy
ok zavřít Záložka Nástroje- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.
Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.
***********
Stahněte OTC a použijtehttp://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech
A pokud nejsou problémy,je to vše
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o preventivní kontrolu
Mockrát děkuji. Zatím to vypadá OK. Když by byl problém, ozvu se.
Ještě jednou díky.
Ještě jednou díky.
Re: Prosím o preventivní kontrolu
Není zač
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Přispějete na provoz fóra?