ComboFix 14-03-05.01 - Kada 07.03.2014 21:01:07.1.6 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.16329.14075 [GMT 1:00]
Spuštěný z: c:\users\Kada\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Kada\AppData\Roaming\Microsoft\Windows\Templates\1028.msi
c:\users\Kada\AppData\Roaming\Microsoft\Windows\Templates\1031.msi
c:\users\Kada\AppData\Roaming\Microsoft\Windows\Templates\1033.msi
c:\users\Kada\AppData\Roaming\Microsoft\Windows\Templates\1036.msi
c:\users\Kada\AppData\Roaming\Microsoft\Windows\Templates\1041.msi
c:\users\Kada\AppData\Roaming\Microsoft\Windows\Templates\2052.msi
c:\windows\inf\ntvdm.vbe
c:\windows\SysWow64\Config.ini
c:\windows\SysWow64\local.txt
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-02-07 do 2014-03-07 )))))))))))))))))))))))))))))))
.
.
2014-03-07 20:20 . 2014-03-07 20:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-07 20:19 . 2014-03-07 20:19 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-03-07 19:31 . 2014-03-07 19:31 -------- d-----w- c:\program files (x86)\DLLSuite
2014-03-06 20:10 . 2014-03-06 20:10 -------- d-----w- c:\users\Default\AppData\Roaming\IObit
2014-03-06 19:28 . 2014-02-20 18:52 1031560 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{55CC22F2-59EB-4518-AD10-2936C754C6ED}\gapaengine.dll
2014-03-06 19:28 . 2014-02-06 09:01 10536864 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C07792FD-0A44-4727-BF19-77A5BC0F3B67}\mpengine.dll
2014-03-05 04:17 . 2014-02-06 09:01 10536864 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-03-03 07:51 . 2014-03-03 07:51 -------- d-----w- c:\users\Kada\AppData\Local\Skype
2014-03-03 07:51 . 2014-03-03 07:51 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-03-03 07:51 . 2014-03-03 07:51 -------- d-----r- c:\program files (x86)\Skype
2014-02-27 21:52 . 2014-02-27 21:52 -------- d-----w- c:\windows\Migration
2014-02-25 22:28 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-02-25 22:28 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll
2014-02-16 20:16 . 2014-02-16 20:16 -------- d-----w- c:\users\Kada\AppData\Local\O&O
2014-02-16 20:15 . 2013-09-25 02:23 1030144 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-02-16 20:15 . 2013-09-25 01:57 792576 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-02-15 22:26 . 2013-12-21 09:53 548864 ----a-w- c:\windows\system32\vbscript.dll
2014-02-15 22:26 . 2013-12-21 08:56 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-02-15 19:16 . 2013-12-06 02:30 1882112 ----a-w- c:\windows\system32\msxml3.dll
2014-02-15 19:16 . 2013-12-06 02:02 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
2014-02-15 19:16 . 2013-12-06 02:30 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-02-15 19:16 . 2013-12-06 02:02 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2014-02-15 19:16 . 2013-12-04 02:16 658432 ----a-w- c:\windows\system32\RMActivate_isv.exe
2014-02-15 19:16 . 2013-12-04 02:16 626176 ----a-w- c:\windows\system32\RMActivate.exe
2014-02-15 19:16 . 2013-12-04 01:54 594944 ----a-w- c:\windows\SysWow64\RMActivate_isv.exe
2014-02-15 19:16 . 2013-12-04 01:54 572416 ----a-w- c:\windows\SysWow64\RMActivate.exe
2014-02-15 19:16 . 2013-12-04 01:54 508928 ----a-w- c:\windows\SysWow64\RMActivate_ssp_isv.exe
2014-02-15 19:16 . 2013-12-04 02:16 552960 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2014-02-15 19:16 . 2013-12-04 02:16 553984 ----a-w- c:\windows\system32\RMActivate_ssp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-05 04:07 . 2012-03-29 08:47 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-05 04:07 . 2012-02-29 08:16 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-20 18:52 . 2012-06-12 17:40 1031560 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-02-16 19:29 . 2012-02-29 12:09 88567024 ----a-w- c:\windows\system32\MRT.exe
2014-01-26 16:30 . 2014-01-26 16:30 123704 ----a-w- c:\windows\system32\drivers\jraid.sys
2014-01-26 16:29 . 2014-01-26 16:29 888536 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2014-01-26 16:29 . 2014-01-26 16:29 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-01-26 16:29 . 2012-02-24 09:59 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-01-26 16:28 . 2014-01-26 16:28 871856 ----a-w- c:\windows\system32\tossaeapo64.dll
2014-01-26 16:28 . 2014-01-26 16:28 722688 ----a-w- c:\windows\system32\sltech64.dll
2014-01-26 16:28 . 2014-01-26 16:28 582056 ----a-w- c:\windows\system32\tosasfapo64.dll
2014-01-26 16:28 . 2014-01-26 16:28 244480 ----a-w- c:\windows\system32\slprp64.dll
2014-01-26 16:28 . 2014-01-26 16:28 2103040 ----a-w- c:\windows\system32\WavesGUILib64.dll
2014-01-26 16:28 . 2014-01-26 16:28 162224 ----a-w- c:\windows\system32\toseaeapo64.dll
2014-01-26 16:28 . 2014-01-26 16:28 947760 ----a-w- c:\windows\system32\SFSS_APO.dll
2014-01-26 16:28 . 2014-01-26 16:28 897792 ----a-w- c:\windows\system32\sl3apo64.dll
2014-01-26 16:28 . 2014-01-26 16:28 2810072 ----a-w- c:\windows\system32\RtPgEx64.dll
2014-01-26 16:28 . 2014-01-26 16:28 1662024 ----a-w- c:\windows\system32\RTSnMg64.cpl
2014-01-26 16:28 . 2014-01-26 16:28 1014016 ----a-w- c:\windows\system32\slcnt64.dll
2014-01-26 16:28 . 2014-01-26 16:28 3760344 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2014-01-26 16:28 . 2014-01-26 16:28 618200 ----a-w- c:\windows\system32\RtDataProc64.dll
2014-01-26 16:28 . 2014-01-26 16:28 2588888 ----a-w- c:\windows\system32\SET9C90.tmp
2014-01-26 16:28 . 2014-01-26 16:28 1021656 ----a-w- c:\windows\system32\RtkApi64.dll
2014-01-26 16:28 . 2014-01-26 16:28 75024 ----a-w- c:\windows\system32\R4EEG64A.dll
2014-01-26 16:28 . 2014-01-26 16:28 7164176 ----a-w- c:\windows\system32\R4EEP64A.dll
2014-01-26 16:28 . 2014-01-26 16:28 434960 ----a-w- c:\windows\system32\R4EED64A.dll
2014-01-26 16:28 . 2014-01-26 16:28 41974272 ----a-w- c:\windows\system32\RCoRes64.dat
2014-01-26 16:28 . 2014-01-26 16:28 154840 ----a-w- c:\windows\system32\RCoInstII64.dll
2014-01-26 16:28 . 2014-01-26 16:28 141584 ----a-w- c:\windows\system32\R4EEL64A.dll
2014-01-26 16:28 . 2014-01-26 16:28 1286872 ----a-w- c:\windows\system32\RTCOM64.dll
2014-01-26 16:28 . 2014-01-26 16:28 124176 ----a-w- c:\windows\system32\R4EEA64A.dll
2014-01-26 16:28 . 2014-01-26 16:28 912184 ----a-w- c:\windows\system32\NAHIMICAPOSettingsIPC.dll
2014-01-26 16:28 . 2014-01-26 16:28 907008 ----a-w- c:\windows\system32\MaxxVoiceAPO2064.dll
2014-01-26 16:28 . 2014-01-26 16:28 906800 ----a-w- c:\windows\system32\MISS_APO.dll
2014-01-26 16:28 . 2014-01-26 16:28 662784 ----a-w- c:\windows\system32\MaxxVolumeSDAPO.dll
2014-01-26 16:28 . 2014-01-26 16:28 5753112 ----a-w- c:\windows\system32\NAHIMICAPOlfx.dll
2014-01-26 16:28 . 2014-01-26 16:28 3899648 ----a-w- c:\windows\system32\MaxxAudioVnN64.dll
2014-01-26 16:28 . 2014-01-26 16:28 27644160 ----a-w- c:\windows\system32\MaxxAudioVnA64.dll
2014-01-26 16:28 . 2014-01-26 16:28 14153984 ----a-w- c:\windows\system32\MaxxAudioRealtek64.dll
2014-01-26 16:28 . 2014-01-26 16:28 1286400 ----a-w- c:\windows\system32\MaxxSpeechAPO64.dll
2014-01-26 16:28 . 2014-01-26 16:28 1922304 ----a-w- c:\windows\system32\MaxxAudioRealtek264.dll
2014-01-26 16:28 . 2014-01-26 16:28 790272 ----a-w- c:\windows\SysWow64\MaxxAudioAPOShell.dll
2014-01-26 16:28 . 2014-01-26 16:28 663296 ----a-w- c:\windows\system32\MaxxAudioAPO30.dll
2014-01-26 16:28 . 2014-01-26 16:28 2036992 ----a-w- c:\windows\system32\MaxxAudioEQ64.dll
2014-01-26 16:28 . 2014-01-26 16:28 1345280 ----a-w- c:\windows\system32\MaxxAudioAPO5064.dll
2014-01-26 16:28 . 2014-01-26 16:28 1084160 ----a-w- c:\windows\system32\MaxxAudioAPO4064.dll
2014-01-26 16:28 . 2014-01-26 16:28 1013504 ----a-w- c:\windows\system32\MaxxAudioAPOShell64.dll
2014-01-26 16:28 . 2014-01-26 16:28 6217904 ----a-w- c:\windows\system32\DDPP64A.dll
2014-01-26 16:28 . 2014-01-26 16:28 501184 ----a-w- c:\windows\system32\DTSU2PLFX64.dll
2014-01-26 16:28 . 2014-01-26 16:28 487360 ----a-w- c:\windows\system32\DTSU2PGFX64.dll
2014-01-26 16:28 . 2014-01-26 16:28 415680 ----a-w- c:\windows\system32\DTSU2PREC64.dll
2014-01-26 16:28 . 2014-01-26 16:28 313520 ----a-w- c:\windows\system32\DDPO64A.dll
2014-01-26 16:28 . 2014-01-26 16:28 2743328 ----a-w- c:\windows\system32\FMAPO64.dll
2014-01-26 16:28 . 2014-01-26 16:28 1938608 ----a-w- c:\windows\system32\DDPD64A.dll
2014-01-26 16:28 . 2014-01-26 16:28 260272 ----a-w- c:\windows\system32\DDPA64.dll
2014-01-26 16:28 . 2014-01-26 16:28 605496 ----a-w- c:\windows\system32\audioLibVc.dll
2014-01-26 16:28 . 2014-01-26 16:28 209096 ----a-w- c:\windows\system32\AERTAC64.dll
2014-01-26 16:28 . 2014-01-26 16:28 113576 ----a-w- c:\windows\system32\CONEQMSAPOGUILibrary.dll
2014-01-26 16:28 . 2014-01-26 16:28 109848 ----a-w- c:\windows\system32\AcpiServiceVnA64.dll
2014-01-26 16:27 . 2014-01-26 16:27 31520 ----a-w- c:\windows\system32\nvhdap64.dll
2014-01-26 16:27 . 2014-01-26 16:27 196384 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2014-01-26 16:27 . 2014-01-26 16:27 1510176 ----a-w- c:\windows\system32\nvhdagenco64.dll
2014-01-26 16:25 . 2014-01-26 16:25 9619872 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-01-26 16:25 . 2014-01-26 16:25 707360 ----a-w- c:\windows\system32\NvFBC64.dll
2014-01-26 16:25 . 2014-01-26 16:25 657184 ----a-w- c:\windows\system32\NvIFR64.dll
2014-01-26 16:25 . 2014-01-26 16:25 609568 ----a-w- c:\windows\SysWow64\NvFBC.dll
2014-01-26 16:25 . 2014-01-26 16:25 562464 ----a-w- c:\windows\SysWow64\NvIFR.dll
2014-01-26 16:25 . 2014-01-26 16:25 317472 ----a-w- c:\windows\system32\nvoglshim64.dll
2014-01-26 16:25 . 2014-01-26 16:25 30361888 ----a-w- c:\windows\system32\nvoglv64.dll
2014-01-26 16:25 . 2014-01-26 16:25 266984 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2014-01-26 16:25 . 2014-01-26 16:25 22951200 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2014-01-26 16:25 . 2014-01-26 16:25 168616 ----a-w- c:\windows\system32\nvinitx.dll
2014-01-26 16:25 . 2014-01-26 16:25 15862272 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-01-26 16:25 . 2014-01-26 16:25 1511712 ----a-w- c:\windows\system32\nvdispgenco6433182.dll
2014-01-26 16:25 . 2014-01-26 16:25 141336 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-01-26 16:25 . 2014-01-26 16:25 12613408 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2014-01-26 16:25 . 2014-01-26 16:25 1242400 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2014-01-26 16:25 . 2014-01-26 16:25 11514624 ----a-w- c:\windows\system32\nvopencl.dll
2014-01-26 16:25 . 2014-01-26 16:25 1884448 ----a-w- c:\windows\system32\nvdispco6433182.dll
2014-01-26 16:25 . 2012-10-10 20:23 1436528 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-01-26 16:25 . 2012-10-10 20:23 18293608 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-01-26 16:25 . 2014-01-26 16:25 9691888 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-01-26 16:25 . 2014-01-26 16:25 3132704 ----a-w- c:\windows\system32\nvcuvid.dll
2014-01-26 16:25 . 2014-01-26 16:25 3125024 ----a-w- c:\windows\system32\nvcuvenc.dll
2014-01-26 16:25 . 2014-01-26 16:25 2947872 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2014-01-26 16:25 . 2014-01-26 16:25 2747680 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2014-01-26 16:25 . 2014-01-26 16:25 18208624 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-01-26 16:25 . 2014-01-26 16:25 15218504 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-01-26 16:25 . 2014-01-26 16:25 11600432 ----a-w- c:\windows\system32\nvcuda.dll
2014-01-26 16:25 . 2014-01-26 16:25 2697248 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-01-26 16:25 . 2014-01-26 16:25 25257248 ----a-w- c:\windows\system32\nvcompiler.dll
2014-01-26 16:25 . 2014-01-26 16:25 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2014-01-26 16:25 . 2012-10-10 20:23 3069608 ----a-w- c:\windows\system32\nvapi64.dll
2014-01-26 14:30 . 2014-01-26 14:30 3174912 ----a-w- c:\windows\system32\rdpcorets.dll
2014-01-26 14:30 . 2014-01-26 14:30 243200 ----a-w- c:\windows\system32\rdpudd.dll
2014-01-26 14:30 . 2014-01-26 14:30 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2014-01-26 14:30 . 2014-01-26 14:30 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2014-01-26 14:30 . 2014-01-26 14:30 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2014-01-26 14:30 . 2014-01-26 14:30 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-01-26 14:30 . 2014-01-26 14:30 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DS Clock"="c:\program files (x86)\DS Clock\dsclock.exe" [2005-02-14 331776]
"Advanced SystemCare 7"="c:\program files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" [2013-12-09 2285344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUS AiChargerPlus Execute"="c:\program files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe" [2010-11-08 465536]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 VDiskBus;ASUS Disk Unlocker;c:\windows\system32\DRIVERS\VDiskBus64.sys;c:\windows\SYSNATIVE\DRIVERS\VDiskBus64.sys [x]
R2 ALIWEHCD;MFP Server Enhanced Controller;c:\windows\system32\Drivers\mfpec.sys;c:\windows\SYSNATIVE\Drivers\mfpec.sys [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AliWGP;Composite Device;c:\windows\system32\DRIVERS\mfpcomp.sys;c:\windows\SYSNATIVE\DRIVERS\mfpcomp.sys [x]
R3 ASFLTDrv.sys;ASFLTDrv.sys; [x]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 silabenm;LifeScan USB Device Driver vSL2.0 Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys;c:\windows\SYSNATIVE\DRIVERS\silabenm.sys [x]
R3 silabser;LifeScan USB Device Driver vSL2.0 Driver;c:\windows\system32\DRIVERS\silabser.sys;c:\windows\SYSNATIVE\DRIVERS\silabser.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0; [x]
S0 AiChargerPlus;ASUS Charger Plus Driver;c:\windows\system32\DRIVERS\AiChargerPlus.sys;c:\windows\SYSNATIVE\DRIVERS\AiChargerPlus.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 EIO64;EIO Driver;c:\windows\system32\DRIVERS\EIO64.sys;c:\windows\SYSNATIVE\DRIVERS\EIO64.sys [x]
S2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [x]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 DTSAudioService;DTSAudioService;c:\program files\Realtek\Audio\HDA\DTSAudioService64.exe;c:\program files\Realtek\Audio\HDA\DTSAudioService64.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
S3 WUSBVBus;MFP Server Detector;c:\windows\system32\DRIVERS\mfpvbus.sys;c:\windows\SYSNATIVE\DRIVERS\mfpvbus.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2014-03-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 04:07]
.
2014-02-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-22 15:28]
.
2014-02-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-22 15:28]
.
2013-04-01 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job
- c:\program files (x86)\Spybot - Search & Destroy\SpybotSD.exe [2012-05-10 13:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-01-30 14:05 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.daum.net/
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://search.daum.net/search?nil_profile=ie&ref_code=ms&q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\Kada\AppData\Roaming\Mozilla\Firefox\Profiles\r84krtmc.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.atlas.cz/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933&SearchSource=2&q=
FF - prefs.js: network.proxy.type - 4
FF - ExtSQL: 2014-01-26 16:05; ascsurfingprotection@iobit.com; c:\users\Kada\AppData\Roaming\Mozilla\Firefox\Profiles\r84krtmc.default\extensions\ascsurfingprotection@iobit.com
FF - ExtSQL: 2014-01-26 16:05; iobitapps@mybrowserbar.com; c:\program files (x86)\IObit Apps Toolbar\FF
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-{EFEED92A-A33D-4873-BA8F-32BAA631E54D} - (no file)
WebBrowser-{1392B8D2-5C05-419F-A8F6-B9F15A596612} - (no file)
AddRemove-LFSVCOMM&10C4&85A7 - c:\program files (x86)\Silabs\MCU\CP210x\DriverUninstaller.exe VCP CP210x Cardinal\LFSVCOMM&10C4&85A7
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,08,a8,cb,10,8f,f0,01,48,aa,93,f6,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,08,a8,cb,10,8f,f0,01,48,aa,93,f6,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="3CB0A6BA70B161ED6434C8DB55A3E2D7733088DB01D95121144D888BE0778102D97766D65FC0BF6B892AEDAE25C0C11561FCDD4072CD37DDF78D36018852E37D2CB11F031CE8C68322FC5520DECA56A8D59435EF91894D6FB1D2C313319D801448BDD94AA7C4CDCE0549515F942814E08770475DA3DFBCF77B91F119F23BDBDE87AB82898ADF51F94CDD147060328D9E743AB1D2711754AD51F2E7C1E67D1B0589C168F24D39F145573AB7A75B35FD575BD276E9C6E806D9F351B08C2A298AC9AE7A3D8B01467103CA97B7B2A7F1BF94C1CDF9937482665D683F38CDDEFB18FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A9C6AECB7A5D1407BA7FD869164D67949DB7CE019D40AA5CEC91D85446739C1DC0E5957E1C32746BAA27C5A4BEDCE46CD6AAED39E8FA9C33A66B2F1C267AB566D72774A71BCC3E99F10E62D819A519B305FD997E8CBD28F0BF565579B32949E94952421625BD222C75793C672A0C3D65469FD13E68E2F7A2B8EB152BD5E73D14E882450E08BC91EA80A93B3DC4B770C3780E37B1F125F921260DF05149A36C77A298FABB6289F4C0F21FF72E8CD7C631908C22F473C38CE9B2DE1BF21C4EA44874BA93ADABE4A5BC401FBF717C20C7B518A41B880D04889E9AC8F978B4D92762EED174D32A14F4116F3595A36147F07D299DE1D1302DB381AFF6AAAF48422AC3BB8A3687FBE1A4159BAE2DC3DE07B158750A6896A58A4DFC56D9FB48E281D80E12D5A302121B6BC4F31FF134E81DEDB942BBD506856B059F89A472D96698CF06C1E93FE1309075BCBCDBFEBDC9CF7D3A66C884AEC0A40017D4D0445D858D2316ACBF3C29F0996041CB7EA70A9F612C954D8D0206198C583ADA1A5DAFC668554C4915843EBE8F40B98DE571AA5C9F3AAC79A99263A5FE1A02CF80DC138735E3DA21E7326BDBCE1CB07FB39490C4D75C017E7FAB84D05CC58BFD4797ABF605BB18548119E05DBA6ED3B74E0016745C3ABC0336F7895908521641F71403196DBDFB13E8BA2E2B3826775BDF5474D605EEA945B855F4D2E827088B5E8E874485C127A46B514B02B02792A7D668CBAF2C0C3A9437D7B1A3EBA16AE20AF48A276A11D8E21A49137311C73F6965441F92AF947FD424C58B077F92696050EC403F3D68793CC94242E3CC53BB8401A5566C73803480B697320B98BFD5B0C84DC3E022FB11B395127D8BD8086CF1E4FD3CF75CBCB221E87E3A912D6125154F20903443714DDE58BFC8F62E1A58BA8DF301C9D6A87A58FBDA1C533A266FE3032789344A6002E7B30990094B302A01BE603745CF97B0DA7244B5D9BF2D72054AD3F3B16AD9A30D0E5E227431E52FF47D51D6A4BB529CEF92064405400C0FF54C50F7CF57DDCCA00F62AFC3E5C8DBDF"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\AI Suite II\AsRoutineController.exe
c:\program files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
c:\program files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
c:\program files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
c:\program files (x86)\ASUS\AI Suite II\AI Suite II.exe
c:\program files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe
.
**************************************************************************
.
Celkový čas: 2014-03-07 21:29:16 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-03-07 20:29
.
Před spuštěním: Volných bajtů: 223 415 095 296
Po spuštění: Volných bajtů: 222 874 206 208
.
- - End Of File - - 4469D708970944B0E4B0DD889CE22517
A36C5E4F47E84449FF07ED3517B43A31
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím kontrolu loguz ComboFix - problém s rundll32
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119534
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím kontrolu loguz ComboFix - problém s rundll32
Zdravím!
Proč spouštíte Combofix, utilitu určeou pouze profesionálům? Hodláte si nabořit systém, nebo nějakou aplikaci?
Ještě dočistíme. Přesuńte Combofix na plochu. Otevřte poznámkový blok a zkopírujte do něj:
Proč spouštíte Combofix, utilitu určeou pouze profesionálům? Hodláte si nabořit systém, nebo nějakou aplikaci?
Ještě dočistíme. Přesuńte Combofix na plochu. Otevřte poznámkový blok a zkopírujte do něj:
uložte na plochu jako CFScript.txt. Pak jejm myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
Firefox::
FF - ProfilePath - c:\users\Kada\AppData\Roaming\Mozilla\Firefox\Profiles\r84krtmc.default\
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.as ... ource=2&q=
RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
Regnull::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?