Prosim o kontrolu logu programu Hijackthis Vyřešeno

[kowaltsky]

Dobrý den,
Mám pocit, že na mém nově reinstalovaném PC je nějaká havěť, ale antivir (Avast, Kaspersky Rescure Disk), ale ani SpyBot nic nenašly
Tak jsem to projel softem Hijackthis, ten mi sice dal log, ale ja se v něm nevyznám a prosil bych o pomoc.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:21:21, on 12.2.2013
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\HotKeyBind\HotKeyBind.exe
C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe
C:\Program Files (x86)\LibreOffice 4.0\program\soffice.exe
C:\Program Files (x86)\LibreOffice 4.0\program\soffice.bin
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\GameforgeLive\gfl_client.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
E:\Software\nVidia Force Ware 310.90 WinVista,7,8 x64.exe
C:\NVIDIA\DisplayDriver\310.90\Win8_WinVista_Win7_64\English\setup.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\kowaltsky.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
F:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O1 - Hosts: 81.0.254.162 L2authd.Lineage2.com
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\kowaltsky\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [HotKeyBind.exe] C:\Program Files (x86)\HotKeyBind\HotKeyBind.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\kowaltsky\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: LibreOffice 4.0.lnk = C:\Program Files (x86)\LibreOffice 4.0\program\quickstart.exe
O4 - Global Startup: forteManager.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\kowaltsky\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\kowaltsky\AppData\Roaming\FlashGetBHO\GetUrl.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{13346C32-7E13-4F15-A6ED-34975DAFAB30}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{24F18E37-6795-4CDA-8372-A1885A1D2B5A}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{13346C32-7E13-4F15-A6ED-34975DAFAB30}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{13346C32-7E13-4F15-A6ED-34975DAFAB30}: NameServer = 8.26.56.26,156.154.70.22
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 11750 bytes


Děkuji

[Reklama]

[memphisto]

Odinstaluj ten Spybot. Je zbytečný. Jinak z Comoda máš předpokládám jen firewall?

v logu fixni:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O1 - Hosts: 81.0.254.162 L2authd.Lineage2.com
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\kowaltsky\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O13 - Gopher Prefix:

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[kowaltsky]

Ano, Comodo pouzivam jako firewall.
Report z Malwarebytes' Anti-Malware:

Kód: Vybrat vše

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verze: v2013.02.13.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
kowaltsky :: CHEVROLET [administrátor]

13.2.2013 9:14:20
mbam-log-2013-02-13 (09-14-20).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 231699
Uplynulý čas: 2 minut, 2 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)


Report z AdwCleaner:

Kód: Vybrat vše

# AdwCleaner v2.112 - Logfile created 02/13/2013 at 09:17:32
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : kowaltsky - CHEVROLET
# Boot Mode : Normal
# Running from : F:\adwcleaner0.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\kowaltsky\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.11.1661.0

File : C:\Users\kowaltsky\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [768 octets] - [13/02/2013 09:17:32]

########## EOF - C:\AdwCleaner[R1].txt - [827 octets] ##########


[jaro3]

Zatím se nic nenašlo , proč máš ten pocit? Jsou nějaké problémy?

[kowaltsky]

Tak PC se mi zda takovy "liny" ac je vse nove instalovane - mam nainstalovane to co obvykle.
Myslel jsem si, ze je to i jeden z duvodu, proc mi nejdou spustit 2 hry - Lineage a AiON, ktere bych si chtel zahrat, ale na tom to nestoji + na to jsem vytvoril solo topic - viewtopic.php?f=36&t=103008

[jaro3]

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[kowaltsky]

Log z TDSSKiller je uploadnuty zde: http://ulozto.cz/xuYUULD/tdsskiller-2-8 ... 53-log-txt
Log ma 189197 znaku, povolenych je 60 000

Log z ComboFIX:
ComboFix 13-02-13.01 - kowaltsky 13.02.2013 10:41:53.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8190.6198 [GMT 1:00]
Spuštěný z: c:\users\kowaltsky\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: COMODO Firewall *Disabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: COMODO Antivirus *Disabled/Outdated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-13 do 2013-02-13 )))))))))))))))))))))))))))))))
.
.
2013-02-13 09:47 . 2013-02-13 09:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-13 09:38 . 2013-02-13 09:38 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DE094BC4-E9D7-4D51-A226-62C8265931FD}\offreg.dll
2013-02-13 08:59 . 2009-04-06 09:08 5174 ----a-w- c:\windows\SysWow64\nppt9x.vxd
2013-02-13 08:59 . 2009-04-06 09:08 4682 ----a-w- c:\windows\SysWow64\npptNT2.sys
2013-02-13 08:12 . 2013-02-13 08:12 -------- d-----w- c:\programdata\Malwarebytes
2013-02-13 08:12 . 2013-02-13 08:12 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-02-13 08:12 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-12 23:26 . 2013-01-18 11:15 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DE094BC4-E9D7-4D51-A226-62C8265931FD}\mpengine.dll
2013-02-12 23:26 . 2013-01-17 00:28 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-02-12 22:02 . 2013-02-12 22:02 -------- d-----w- c:\users\UpdatusUser
2013-02-12 21:59 . 2012-12-29 10:34 2824656 ----a-w- c:\windows\system32\nvapi64.dll
2013-02-12 21:59 . 2012-12-29 10:34 25256376 ----a-w- c:\windows\system32\nvcompiler.dll
2013-02-12 21:59 . 2012-12-29 10:34 2504248 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-02-12 21:59 . 2012-12-29 10:34 17560504 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-02-12 21:57 . 2012-12-29 08:40 6382008 ----a-w- c:\windows\system32\nvcpl.dll
2013-02-12 21:57 . 2012-12-29 08:40 3455416 ----a-w- c:\windows\system32\nvsvc64.dll
2013-02-12 21:57 . 2012-12-29 08:40 2923201 ----a-w- c:\windows\system32\nvcoproc.bin
2013-02-12 21:57 . 2012-12-29 08:40 884152 ----a-w- c:\windows\system32\nvvsvc.exe
2013-02-12 21:57 . 2012-12-29 08:40 63928 ----a-w- c:\windows\system32\nvshext.dll
2013-02-12 21:57 . 2012-12-29 08:40 118712 ----a-w- c:\windows\system32\nvmctray.dll
2013-02-12 21:57 . 2013-02-12 21:57 -------- d-----w- c:\programdata\NVIDIA Corporation
2013-02-12 21:55 . 2013-02-12 21:55 29672 ----a-w- c:\windows\system32\drivers\HWiNFO64A.SYS
2013-02-12 21:23 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-12 21:23 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-12 21:19 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-02-12 21:19 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-02-12 21:19 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-02-12 21:19 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-02-12 21:19 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-02-12 21:19 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-02-12 21:18 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-12 21:18 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-02-12 21:18 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-02-12 21:18 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-02-12 21:18 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-12 21:18 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-12 21:17 . 2013-02-12 21:25 -------- d-----w- c:\program files\trend micro
2013-02-12 21:17 . 2013-02-12 21:17 -------- d-----w- C:\rsit
2013-02-12 21:03 . 2012-12-29 10:34 1813432 ----a-w- c:\windows\system32\nvdispco64.dll
2013-02-12 21:03 . 2012-05-15 10:48 364352 ----a-w- c:\windows\system32\nvdecodemft.dll
2013-02-12 21:03 . 2012-05-15 10:48 301376 ----a-w- c:\windows\SysWow64\nvdecodemft.dll
2013-02-12 21:03 . 2012-05-15 10:48 1468224 ----a-w- c:\windows\system32\nvgenco64.dll
2013-02-12 20:41 . 2013-02-12 20:41 -------- d-----w- c:\windows\Sun
2013-02-12 20:33 . 2013-02-12 20:33 -------- d-----w- c:\program files (x86)\Intel
2013-02-12 20:33 . 2010-03-02 08:04 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2013-02-12 20:33 . 2013-02-12 20:33 -------- d-----w- C:\Intel
2013-02-12 09:16 . 2013-02-12 09:16 -------- d-----w- c:\program files\Microsoft Silverlight
2013-02-12 09:16 . 2013-02-12 09:16 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-02-11 17:02 . 2013-02-12 11:04 281520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-02-11 17:01 . 2013-02-11 17:02 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins
2013-02-11 17:01 . 2013-02-11 17:01 -------- d-----w- c:\programdata\EA Core
2013-02-11 17:00 . 2013-02-12 09:59 -------- d-----w- c:\programdata\EA Logs
2013-02-11 16:54 . 2013-02-11 16:54 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2013-02-11 16:46 . 2007-02-27 01:05 89088 ----a-w- c:\windows\system32\CNARLMNT.DLL
2013-02-11 16:23 . 2013-02-11 16:24 -------- d-----w- c:\program files (x86)\LibreOffice 4.0
2013-02-11 16:14 . 2013-02-11 16:14 -------- d-----w- C:\VTRoot
2013-02-11 11:57 . 2013-02-11 11:57 -------- d-----w- c:\program files (x86)\SSD Tweaker
2013-02-11 11:40 . 2013-02-11 11:40 -------- d-----w- c:\program files (x86)\Microsoft.NET
2013-02-11 11:26 . 2013-02-13 09:06 -------- d-----w- c:\programdata\InstallShield
2013-02-11 11:26 . 2008-10-10 15:01 26624 ----a-r- c:\windows\SysWow64\LGDispDrv.dll
2013-02-11 11:26 . 2008-10-10 15:01 147456 ----a-r- c:\windows\SysWow64\LgExport.dll
2013-02-11 11:26 . 2013-02-11 11:26 -------- d-----w- c:\program files (x86)\LG Soft India
2013-02-11 11:26 . 2004-04-16 10:24 61440 ----a-w- c:\windows\SysWow64\ISUSPM.cpl
2013-02-11 11:26 . 2013-02-13 08:56 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2013-02-11 11:26 . 2013-02-11 11:26 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2013-02-11 11:22 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2013-02-11 11:22 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2013-02-11 11:22 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2013-02-11 11:22 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2013-02-11 11:22 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2013-02-11 11:22 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2013-02-11 11:18 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-02-11 10:44 . 2013-02-12 21:26 70004024 ----a-w- c:\windows\system32\MRT.exe
2013-02-11 10:36 . 2013-02-11 10:36 -------- d-----w- c:\windows\system32\SPReview
2013-02-11 10:35 . 2013-02-11 10:35 -------- d-----w- c:\windows\system32\EventProviders
2013-02-11 09:58 . 2013-02-11 09:58 -------- d-----w- c:\program files (x86)\GUM1FB0.tmp
2013-02-11 09:58 . 2013-02-11 09:58 4096000 ----a-w- c:\program files (x86)\GUT1FB1.tmp
2013-02-11 09:43 . 2010-11-20 13:33 273792 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2013-02-11 09:42 . 2010-11-20 13:33 31104 ----a-w- c:\windows\system32\drivers\msahci.sys
2013-02-11 09:41 . 2010-11-20 13:27 392192 ----a-w- c:\windows\system32\WMPhoto.dll
2013-02-11 09:39 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2013-02-11 09:22 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-02-11 09:22 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-02-11 09:22 . 2011-03-25 03:29 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-02-11 09:22 . 2011-03-25 03:29 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-02-11 09:22 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-02-11 09:22 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2013-02-11 09:22 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2013-02-11 09:22 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-02-11 09:22 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2013-02-11 09:22 . 2011-04-28 03:54 80384 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2013-02-11 09:22 . 2010-11-20 13:24 229376 ----a-w- c:\windows\system32\fsquirt.exe
2013-02-11 09:00 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2013-02-11 09:00 . 2009-07-14 01:41 332288 ----a-w- c:\windows\system32\uxtheme.dll.backup
2013-02-11 09:00 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-02-11 09:00 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-02-11 09:00 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-02-11 09:00 . 2009-07-14 01:41 44544 ----a-w- c:\windows\system32\themeservice.dll.backup
2013-02-11 08:58 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2013-02-11 08:57 . 2013-02-11 08:57 -------- d-----w- c:\windows\SysWow64\Wat
2013-02-11 08:57 . 2013-02-11 08:57 -------- d-----w- c:\windows\system32\Wat
2013-02-11 08:57 . 2013-02-11 08:57 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-11 08:56 . 2013-02-11 08:56 -------- d-----w- c:\program files (x86)\Java
2013-02-10 23:18 . 2013-02-10 23:20 -------- d-----w- c:\program files (x86)\Unreal Commander
2013-02-10 23:16 . 2013-02-13 09:26 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-02-10 23:15 . 2013-02-10 23:15 -------- d-----w- c:\program files\Registrar Registry Manager
2013-02-10 23:12 . 2013-02-10 23:12 -------- d-----w- c:\programdata\Apple Computer
2013-02-10 23:12 . 2010-03-17 20:53 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2013-02-10 23:12 . 2010-03-17 20:53 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2013-02-10 23:12 . 2010-03-17 20:53 180224 ----a-w- c:\windows\SysWow64\QTCF.dll
2013-02-10 23:12 . 2013-02-10 23:12 -------- d-----w- c:\program files (x86)\QuickTime Alternative
2013-02-10 23:11 . 2013-02-10 23:11 -------- d-----w- c:\programdata\progeSOFT
2013-02-10 23:11 . 2013-02-10 23:11 -------- d-----w- c:\program files (x86)\PSPad editor
2013-02-10 23:02 . 2013-02-10 23:03 -------- d-----w- c:\program files (x86)\MiniTool Partition Wizard Home Edition 7.1
2013-02-10 22:58 . 2013-02-10 22:58 -------- d-----w- c:\program files\Tracker Software
2013-02-10 22:57 . 2013-02-11 10:27 -------- d-----w- c:\program files\Paint.NET
2013-02-10 22:53 . 2010-10-27 01:43 110592 ----a-w- c:\windows\system32\rtvcvfw32.dll
2013-02-10 22:53 . 2013-02-13 09:28 -------- d-----w- c:\program files (x86)\MSI Afterburner
2013-02-10 22:52 . 2013-02-10 22:52 -------- d-----w- c:\program files (x86)\Opera
2013-02-10 22:40 . 2012-06-09 18:21 206336 ----a-w- c:\windows\system32\unrar64.dll
2013-02-10 22:40 . 2011-12-07 18:37 148992 ----a-w- c:\windows\system32\lagarith.dll
2013-02-10 22:40 . 2013-02-06 18:00 127488 ----a-w- c:\windows\system32\ff_vfw.dll
2013-02-10 22:40 . 2013-02-10 22:40 -------- d-----w- c:\program files\K-Lite Codec Pack x64
2013-02-10 22:38 . 2012-07-01 23:15 4102656 ----a-w- c:\windows\SysWow64\x264vfw.dll
2013-02-10 22:38 . 2011-12-07 18:32 216064 ----a-w- c:\windows\SysWow64\lagarith.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-13 08:41 . 2009-07-13 23:55 332288 ----a-w- c:\windows\system32\uxtheme.dll
2013-02-13 08:41 . 2009-07-13 23:54 44544 ----a-w- c:\windows\system32\themeservice.dll
2013-02-11 10:41 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-02-11 10:41 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-02-10 23:00 . 2013-02-10 23:00 249344 ----a-w- c:\windows\system32\webcheck.dll
2013-02-10 23:00 . 2013-02-10 23:00 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
2013-01-24 22:43 . 2012-12-14 19:45 43216 ----a-w- c:\windows\system32\cmdcsr.dll
2013-01-24 22:43 . 2012-12-14 19:45 461384 ----a-w- c:\windows\system32\guard64.dll
2013-01-24 22:43 . 2012-12-14 19:45 354752 ----a-w- c:\windows\SysWow64\guard32.dll
2013-01-24 22:42 . 2012-12-14 19:45 326352 ----a-w- c:\windows\system32\cmdvrt64.dll
2013-01-24 22:42 . 2012-09-04 18:22 45776 ----a-w- c:\windows\system32\cmdkbd64.dll
2013-01-24 22:42 . 2012-12-14 19:45 263888 ----a-w- c:\windows\SysWow64\cmdvrt32.dll
2013-01-24 22:42 . 2012-09-04 18:07 40656 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2013-01-16 19:51 . 2012-12-14 19:45 95752 ----a-w- c:\windows\system32\drivers\inspect.sys
2013-01-16 19:51 . 2012-12-14 19:45 48360 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2013-01-16 19:51 . 2012-12-14 19:45 699880 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2013-01-16 19:51 . 2012-12-14 19:45 23176 ----a-w- c:\windows\system32\drivers\cmderd.sys
2013-01-04 04:43 . 2013-02-12 21:19 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-12-29 01:54 . 2012-12-29 01:54 550328 ----a-w- c:\windows\SysWow64\nvStreaming.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"HotKeyBind.exe"="c:\program files (x86)\HotKeyBind\HotKeyBind.exe" [2004-11-15 884224]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2010-06-07 2605424]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\kowaltsky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LibreOffice 4.0.lnk - c:\program files (x86)\LibreOffice 4.0\program\quickstart.exe [2013-1-31 48304]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
forteManager.lnk - c:\program files (x86)\LG Soft India\forteManager\bin\Monitor.exe [2013-2-11 1683456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-01-24 158928]
R3 LGDDCDevice;LGDDCDevice;c:\program files (x86)\LG Soft India\forteManager\bin\I2CDriver.sys [2009-04-24 14336]
R3 LGII2CDevice;LGII2CDevice;c:\program files (x86)\LG Soft India\forteManager\bin\PII2CDriver.sys [2009-04-24 18432]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-02-11 1255736]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2013-01-16 23176]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2013-01-16 699880]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2013-01-16 48360]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS [2013-02-12 29672]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-12-29 383416]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM10664.sys [2007-07-20 993280]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-10 22:30 1607120 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-10 22:18]
.
2013-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-10 22:18]
.
2013-02-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2205530581-3246399405-1614897881-1001Core.job
- c:\users\kowaltsky\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-11 09:58]
.
2013-02-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2205530581-3246399405-1614897881-1001UA.job
- c:\users\kowaltsky\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-11 09:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cm106Sound"="c:\windows\Syswow64\cm106.cpl" [2007-08-08 6447104]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-01-24 1451728]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://us.yahoo.com?fr=fp-comodo
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download all by FlashGet3 - c:\users\kowaltsky\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - c:\users\kowaltsky\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?? - c:\users\kowaltsky\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\kowaltsky\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{13346C32-7E13-4F15-A6ED-34975DAFAB30}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{24F18E37-6795-4CDA-8372-A1885A1D2B5A}: NameServer = 8.26.56.26,156.154.70.22
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2205530581-3246399405-1614897881-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="c:\\Users\\kowaltsky\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-2205530581-3246399405-1614897881-1001\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="c:\\Users\\kowaltsky\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-02-13 10:49:29
ComboFix-quarantined-files.txt 2013-02-13 09:49
.
Před spuštěním: Volných bajtů: 18 991 161 344
Po spuštění: Volných bajtů: 18 696 253 440
.
- - End Of File - - 07DBEBDA0E3191F66D99517132F20BED

Asi ziji v iluzi, ze mam PC zahnojeny

[jaro3]

Tdsskiller vlož sem , do více příspěvků..


SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: COMODO Antivirus *Disabled/Outdated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
dvě antispywarové ochrany , jednu (Comodo) trvale vypni!

c:\programdata\Spybot - Search & Destroy---tuto složku smaž!

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[kowaltsky]

panove, dosahl jsem vysledku. Jak? No tak PC mi totalne selhal (bluescreen - nejak jsem to neprocital, ale asi ssd).
Tak jsem to cele preinstaloval a vse jede jak ma jet - zdrejme se ssd nejak spatne "chytnul"
Nicmene dekuji za Vas cas i ochotu sdileni Vasich moudrosti