Prosím kontrolu logu .

Faposlav · Příspěvekod **Faposlav** » 28 dub 2013 12:01

11:02:58.0353 1516 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:02:58.0354 1516 usbehci - ok
11:02:58.0369 1516 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:02:58.0372 1516 usbhub - ok
11:02:58.0407 1516 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
11:02:58.0407 1516 usbohci - ok
11:02:58.0431 1516 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:02:58.0431 1516 usbprint - ok
11:02:58.0436 1516 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:02:58.0437 1516 USBSTOR - ok
11:02:58.0448 1516 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:02:58.0448 1516 usbuhci - ok
11:02:58.0468 1516 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
11:02:58.0469 1516 usbvideo - ok
11:02:58.0494 1516 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:02:58.0496 1516 UxSms - ok
11:02:58.0505 1516 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:02:58.0506 1516 VaultSvc - ok
11:02:58.0514 1516 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:02:58.0514 1516 vdrvroot - ok
11:02:58.0598 1516 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:02:58.0611 1516 vds - ok
11:02:58.0671 1516 [ 330BC29200E4D31809DA27042347E6DB ] VD_FileDisk C:\Windows\system32\drivers\VD_FileDisk.sys
11:02:58.0672 1516 VD_FileDisk - ok
11:02:58.0702 1516 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:02:58.0702 1516 vga - ok
11:02:58.0721 1516 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:02:58.0722 1516 VgaSave - ok
11:02:58.0735 1516 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:02:58.0737 1516 vhdmp - ok
11:02:58.0755 1516 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:02:58.0756 1516 viaide - ok
11:02:58.0806 1516 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:02:58.0808 1516 volmgr - ok
11:02:58.0872 1516 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:02:58.0878 1516 volmgrx - ok
11:02:58.0904 1516 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:02:58.0907 1516 volsnap - ok
11:02:58.0925 1516 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:02:58.0927 1516 vsmraid - ok
11:02:58.0980 1516 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:02:58.0995 1516 VSS - ok
11:02:59.0028 1516 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
11:02:59.0029 1516 vwifibus - ok
11:02:59.0050 1516 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:02:59.0054 1516 W32Time - ok
11:02:59.0102 1516 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:02:59.0102 1516 WacomPen - ok
11:02:59.0112 1516 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:02:59.0113 1516 WANARP - ok
11:02:59.0117 1516 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:02:59.0118 1516 Wanarpv6 - ok
11:02:59.0182 1516 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:02:59.0196 1516 WatAdminSvc - ok
11:02:59.0251 1516 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:02:59.0265 1516 wbengine - ok
11:02:59.0310 1516 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:02:59.0314 1516 WbioSrvc - ok
11:02:59.0339 1516 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:02:59.0350 1516 wcncsvc - ok
11:02:59.0366 1516 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:02:59.0371 1516 WcsPlugInService - ok
11:02:59.0386 1516 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:02:59.0387 1516 Wd - ok
11:02:59.0428 1516 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:02:59.0435 1516 Wdf01000 - ok
11:02:59.0441 1516 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:02:59.0444 1516 WdiServiceHost - ok
11:02:59.0450 1516 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:02:59.0453 1516 WdiSystemHost - ok
11:02:59.0527 1516 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:02:59.0535 1516 WebClient - ok
11:02:59.0561 1516 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:02:59.0566 1516 Wecsvc - ok
11:02:59.0572 1516 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:02:59.0575 1516 wercplsupport - ok
11:02:59.0582 1516 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:02:59.0585 1516 WerSvc - ok
11:02:59.0595 1516 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:02:59.0596 1516 WfpLwf - ok
11:02:59.0607 1516 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:02:59.0608 1516 WIMMount - ok
11:02:59.0618 1516 WinDefend - ok
11:02:59.0625 1516 WinHttpAutoProxySvc - ok
11:02:59.0759 1516 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:02:59.0764 1516 Winmgmt - ok
11:02:59.0910 1516 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:02:59.0925 1516 WinRM - ok
11:03:00.0005 1516 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:03:00.0023 1516 Wlansvc - ok
11:03:00.0158 1516 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:03:00.0176 1516 wlidsvc - ok
11:03:00.0194 1516 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:03:00.0194 1516 WmiAcpi - ok
11:03:00.0210 1516 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:03:00.0211 1516 wmiApSrv - ok
11:03:00.0227 1516 WMPNetworkSvc - ok
11:03:00.0246 1516 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:03:00.0248 1516 WPCSvc - ok
11:03:00.0307 1516 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:03:00.0314 1516 WPDBusEnum - ok
11:03:00.0323 1516 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:03:00.0325 1516 ws2ifsl - ok
11:03:00.0347 1516 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
11:03:00.0351 1516 wscsvc - ok
11:03:00.0356 1516 WSearch - ok
11:03:00.0432 1516 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:03:00.0453 1516 wuauserv - ok
11:03:00.0481 1516 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:03:00.0482 1516 WudfPf - ok
11:03:00.0540 1516 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:03:00.0541 1516 WUDFRd - ok
11:03:00.0588 1516 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:03:00.0594 1516 wudfsvc - ok
11:03:00.0620 1516 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
11:03:00.0628 1516 WwanSvc - ok
11:03:00.0645 1516 ================ Scan global ===============================
11:03:00.0668 1516 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:03:00.0713 1516 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:03:00.0734 1516 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:03:00.0786 1516 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:03:00.0816 1516 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:03:00.0825 1516 [Global] - ok
11:03:00.0826 1516 ================ Scan MBR ==================================
11:03:00.0839 1516 [ BF946F05580CB54061CFF68818A67CFF ] \Device\Harddisk0\DR0
11:03:01.0061 1516 \Device\Harddisk0\DR0 - ok
11:03:01.0062 1516 ================ Scan VBR ==================================
11:03:01.0068 1516 [ C83F95F8D482207A891F0F67AC34684F ] \Device\Harddisk0\DR0\Partition1
11:03:01.0071 1516 \Device\Harddisk0\DR0\Partition1 - ok
11:03:01.0106 1516 [ D0C6D699D82AD20363A69B82AF660625 ] \Device\Harddisk0\DR0\Partition2
11:03:01.0108 1516 \Device\Harddisk0\DR0\Partition2 - ok
11:03:01.0147 1516 [ 002E6ACB4150CD25C4BAB8CF445BC363 ] \Device\Harddisk0\DR0\Partition3
11:03:01.0173 1516 \Device\Harddisk0\DR0\Partition3 - ok
11:03:01.0173 1516 ============================================================
11:03:01.0173 1516 Scan finished
11:03:01.0173 1516 ============================================================
11:03:01.0184 3692 Detected object count: 0
11:03:01.0184 3692 Actual detected object count: 0
11:04:04.0895 3920 Deinitialize success

ComboFix 13-04-27.04 - Faposlav 28.04.2013 11:08:11.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1033.18.4095.2326 [GMT 2:00]
Spuštěný z: c:\users\Faposlav\Downloads\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Faposlav\AppData\Roaming\Microsoft\Windows\Recent\Company of Heroes.url
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-28 do 2013-04-28 )))))))))))))))))))))))))))))))
.
.
2013-04-28 09:23 . 2013-04-28 09:23 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-04-28 09:23 . 2013-04-28 09:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-27 13:56 . 2013-04-27 13:56 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-04-27 13:56 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-04-25 15:42 . 2013-04-25 15:42 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-04-25 15:42 . 2013-04-25 15:42 -------- d-----r- c:\program files (x86)\Skype
2013-04-24 16:03 . 2013-04-24 16:03 -------- d-----w- c:\users\Faposlav\AppData\Local\Chromium
2013-04-24 15:33 . 2013-04-24 15:33 -------- d-----w- c:\users\Faposlav\AppData\Local\NVIDIA
2013-04-24 13:20 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-21 07:28 . 2013-04-21 07:28 -------- d-----w- c:\windows\SysWow64\searchplugins
2013-04-21 07:28 . 2013-04-21 07:28 -------- d-----w- c:\windows\SysWow64\Extensions
2013-04-21 07:28 . 2013-04-21 07:28 -------- d-----w- c:\programdata\BrowserProtect
2013-04-21 07:28 . 2013-04-21 07:43 -------- d-----w- c:\users\Faposlav\AppData\Roaming\BabSolution
2013-04-21 07:28 . 2013-04-21 07:28 -------- d-----w- c:\users\Faposlav\AppData\Roaming\Babylon
2013-04-21 07:28 . 2013-04-21 07:28 -------- d-----w- c:\programdata\Babylon
2013-04-21 07:27 . 2013-04-21 07:27 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-04-21 07:27 . 2013-04-21 07:27 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2013-04-20 08:36 . 2013-04-20 08:38 -------- d-----w- c:\users\Faposlav\AppData\Local\Darksiders
2013-04-19 13:06 . 2013-04-19 13:06 1 ----a-w- c:\windows\SysWow64\SI.bin
2013-04-19 13:06 . 2001-09-05 04:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2013-04-19 13:06 . 2001-09-05 04:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2013-04-19 13:06 . 2001-09-05 04:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2013-04-19 13:06 . 2001-09-05 04:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2013-04-15 13:10 . 2013-04-19 20:09 -------- d-----w- c:\users\Faposlav\AppData\Roaming\Might & Magic Heroes VI
2013-04-14 15:55 . 2013-04-16 04:37 -------- d-----w- c:\users\Faposlav\AppData\Roaming\GarenaPlus
2013-04-14 15:54 . 2013-04-14 15:54 -------- d-----w- c:\program files (x86)\Garena Plus
2013-04-14 15:54 . 2013-04-16 04:37 -------- d-----w- c:\programdata\GarenaMessenger
2013-04-12 08:56 . 2011-05-23 21:29 3673600 ----a-w- c:\windows\system32\DxtoryCodec64.dll
2013-04-12 07:56 . 2013-04-21 11:13 -------- d-----w- C:\Nahrávání
2013-04-12 07:55 . 2013-04-25 15:13 -------- d-----w- c:\users\Faposlav\AppData\Local\Dxtory Software
2013-04-12 07:55 . 2013-02-15 20:44 8043008 ----a-w- c:\windows\system32\DxtoryCodec.dll
2013-04-12 07:55 . 2011-05-23 21:23 3166720 ----a-w- c:\windows\SysWow64\DxtoryCodec.dll
2013-04-12 07:55 . 2013-04-12 07:55 -------- d-----w- c:\program files (x86)\Dxtory Software
2013-04-10 18:42 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 18:42 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 18:42 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 18:42 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-10 18:42 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-10 18:42 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 18:42 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-10 18:42 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-04-10 13:55 . 2013-04-10 14:47 -------- d-----w- c:\users\Faposlav\AppData\Roaming\Bioshock
2013-04-07 11:16 . 2013-04-07 11:16 -------- d-----w- c:\users\Faposlav\AppData\Local\Evernote
2013-04-07 11:16 . 2013-04-07 11:16 -------- d-----w- c:\program files (x86)\Evernote
2013-04-06 14:12 . 2013-04-06 14:13 -------- d-----w- c:\program files (x86)\3DO
2013-04-06 14:12 . 2013-04-06 14:13 -------- d-----w- c:\program files (x86)\Common Files\3DO Shared
2013-04-06 14:12 . 1998-10-29 14:45 306688 ----a-w- c:\windows\IsUninst.exe
2013-03-29 15:11 . 2013-03-29 15:11 -------- d-----w- c:\users\Faposlav\AppData\Roaming\com.northwayGames.Incredipede
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-27 15:30 . 2012-10-26 10:42 281032 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-04-27 15:30 . 2012-10-26 10:35 281032 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-04-27 07:10 . 2012-10-26 10:35 281032 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-04-10 18:58 . 2012-11-10 09:46 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-04-05 20:15 . 2012-10-26 10:34 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-03-25 13:19 . 2013-03-25 13:20 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-03-25 13:19 . 2013-03-25 13:20 130016 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-03-25 13:19 . 2013-03-25 13:20 100712 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-03-15 05:53 . 2013-02-25 22:32 26956576 ----a-w- c:\windows\system32\nvoglv64.dll
2013-03-15 05:53 . 2012-10-07 10:17 15508512 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-03-15 05:53 . 2012-10-07 10:17 1118776 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-03-15 05:53 . 2012-10-07 10:17 2864144 ----a-w- c:\windows\system32\nvapi64.dll
2013-03-15 05:53 . 2012-10-07 10:17 2539128 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-03-15 05:53 . 2012-10-07 10:17 15042928 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-03-15 04:16 . 2009-09-29 09:37 3477280 ----a-w- c:\windows\system32\nvsvc64.dll
2013-03-15 04:16 . 2009-09-29 09:37 6398240 ----a-w- c:\windows\system32\nvcpl.dll
2013-03-15 04:16 . 2009-09-29 09:38 877856 ----a-w- c:\windows\system32\nvvsvc.exe
2013-03-15 04:16 . 2009-09-29 09:37 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-03-15 04:16 . 2009-09-29 09:37 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-03-14 20:07 . 2013-03-14 20:07 559904 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-03-13 16:43 . 2012-10-30 18:55 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-13 16:43 . 2012-10-30 18:55 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-13 16:24 . 2012-10-07 10:18 3065455 ----a-w- c:\windows\system32\nvcoproc.bin
2013-02-25 22:32 . 2012-10-07 10:17 1814304 ----a-w- c:\windows\system32\nvdispco64.dll
2013-02-25 22:32 . 2012-10-07 10:17 1510176 ----a-w- c:\windows\system32\nvdispgenco64.dll
2013-02-12 05:45 . 2013-03-13 15:24 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 15:24 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 15:24 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 15:24 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 15:24 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 15:24 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-12 04:12 . 2013-03-26 06:17 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OscarEditor"="c:\program files (x86)\OSCAR Editor X7\OscarEditor.exe" [2010-07-22 2636800]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2013-04-21 802136]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-04-19 1631144]
"GarenaPlus"="c:\program files (x86)\Garena Plus\GarenaMessenger.exe" [2013-04-10 9802032]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"KB350e"="c:\program files (x86)\KB350e\MagicKey.exe" [2007-12-12 184320]
"ADSK DLMSession"="c:\program files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe" [2012-07-23 1632216]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-03-25 345312]
.
c:\users\Faposlav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2013-3-19 1086816]
MultiSkypeLauncher.lnk - c:\program files (x86)\MultiSkypeLauncher\MultiSkypeLauncher.exe [2011-6-13 114176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~3\BROWSE~1\261125~1.80\{C16C1~1\BrowserProtect.dll
.
R1 VD_FileDisk;VD_FileDisk; [x]
R2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-10-08 1432400]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2013-03-20 746392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-07 1255736]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-03-25 28600]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-04-21 283200]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2013-03-25 86752]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
S3 ALSysIO;ALSysIO;c:\users\Faposlav\AppData\Local\Temp\ALSysIO64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 14915484
*NewlyCreated* - ALSYSIO
*Deregistered* - 14915484
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-13 16:20 1606760 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-30 16:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2012-02-05 415680]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
SharedReg
SharedReg
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www1.delta-search.com/?affID=119 ... FFAB183677
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.bing.com
mStart Page = hxxp://www.bing.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Clip selection - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
IE: Clip URL - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Nová poznámka - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
IE: Od&eslat do aplikace OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105
TCP: Interfaces\{7966A922-4635-436E-A27D-B04CB0B4CEEC}: NameServer = 192.168.200.4,192.168.200.5
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-Uplay - c:\program files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe
AddRemove-Zombies - c:\hry\Zombies\uninstall.exe
AddRemove-{0C863753-A6B2-4D53-B465-AFFDC6844E7D}_is1 - c:\hry\XCOM Enemy Unknown\unins000.exe
AddRemove-{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1 - c:\hry\World_of_Tanks\unins000.exe
AddRemove-{1EAC1D02-C6AC-4FA6-9A44-96258C37C813}_is1 - c:\hry\World of Warplanes\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
Celkový čas: 2013-04-28 11:37:45
ComboFix-quarantined-files.txt 2013-04-28 09:37
.
Před spuštěním: 523 790 630 912 bytes free
Po spuštění: 524 097 388 544 bytes free
.
- - End Of File - - A46E0B709ECC570C331B8115C4041F87

Reklama

Příspěvekod **jaro3** » 29 dub 2013 09:41

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
Folder::
c:\users\Faposlav\AppData\Roaming\Babylon
c:\programdata\Babylon
c:\progra~3\BROWSE~1
c:\program files (x86)\Skype\Updater

Driver::
SkypeUpdate

Registry::
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=-
"AppInit_DLLs"=""

DDS::
uStart Page = hxxp://www1.delta-search.com/?affID=119 ... FFAB183677
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Faposlav · Příspěvekod **Faposlav** » 29 dub 2013 16:54

ComboFix 13-04-27.04 - Faposlav 29.04.2013 14:46:07.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1033.18.4095.1708 [GMT 2:00]
Spuštěný z: c:\users\Faposlav\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Faposlav\Desktop\CFScript.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\progra~3\BROWSE~1
c:\progra~3\BROWSE~1\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl
c:\progra~3\BROWSE~1\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx
c:\progra~3\BROWSE~1\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll
c:\progra~3\BROWSE~1\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
c:\progra~3\BROWSE~1\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.settings
c:\progra~3\BROWSE~1\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-3.6.xpt
c:\progra~3\BROWSE~1\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js
c:\progra~3\BROWSE~1\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\overlay.xul
c:\progra~3\BROWSE~1\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\chrome.manifest
c:\progra~3\BROWSE~1\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\install.rdf
c:\progra~3\BROWSE~1\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00
c:\progra~3\BROWSE~1\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01
c:\progra~3\BROWSE~1\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02
c:\progra~3\BROWSE~1\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03
c:\progra~3\BROWSE~1\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10
c:\progra~3\BROWSE~1\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11
c:\progra~3\BROWSE~1\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12
c:\progra~3\BROWSE~1\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13
c:\progra~3\BROWSE~1\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20
c:\progra~3\BROWSE~1\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21
c:\progra~3\BROWSE~1\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22
c:\progra~3\BROWSE~1\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23
c:\progra~3\BROWSE~1\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\programdata\Babylon
c:\users\Faposlav\AppData\Roaming\Babylon
c:\users\Faposlav\AppData\Roaming\Babylon\log_file.txt
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-28 do 2013-04-29 )))))))))))))))))))))))))))))))
.
.
2013-04-29 13:02 . 2013-04-29 13:02 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-04-29 13:02 . 2013-04-29 13:02 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-04-29 13:02 . 2013-04-29 13:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-27 13:56 . 2013-04-27 13:56 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-04-27 13:56 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-04-25 15:42 . 2013-04-29 12:59 -------- d-----r- c:\program files (x86)\Skype
2013-04-25 15:42 . 2013-04-25 15:42 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-04-24 16:03 . 2013-04-24 16:03 -------- d-----w- c:\users\Faposlav\AppData\Local\Chromium
2013-04-24 15:33 . 2013-04-24 15:33 -------- d-----w- c:\users\Faposlav\AppData\Local\NVIDIA
2013-04-24 13:20 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-21 07:28 . 2013-04-21 07:28 -------- d-----w- c:\windows\SysWow64\searchplugins
2013-04-21 07:28 . 2013-04-21 07:28 -------- d-----w- c:\windows\SysWow64\Extensions
2013-04-21 07:28 . 2013-04-21 07:43 -------- d-----w- c:\users\Faposlav\AppData\Roaming\BabSolution
2013-04-21 07:27 . 2013-04-21 07:27 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-04-21 07:27 . 2013-04-21 07:27 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2013-04-20 08:36 . 2013-04-20 08:38 -------- d-----w- c:\users\Faposlav\AppData\Local\Darksiders
2013-04-19 13:06 . 2013-04-19 13:06 1 ----a-w- c:\windows\SysWow64\SI.bin
2013-04-19 13:06 . 2001-09-05 04:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2013-04-19 13:06 . 2001-09-05 04:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2013-04-19 13:06 . 2001-09-05 04:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2013-04-19 13:06 . 2001-09-05 04:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2013-04-15 13:10 . 2013-04-19 20:09 -------- d-----w- c:\users\Faposlav\AppData\Roaming\Might & Magic Heroes VI
2013-04-14 15:55 . 2013-04-16 04:37 -------- d-----w- c:\users\Faposlav\AppData\Roaming\GarenaPlus
2013-04-14 15:54 . 2013-04-14 15:54 -------- d-----w- c:\program files (x86)\Garena Plus
2013-04-14 15:54 . 2013-04-16 04:37 -------- d-----w- c:\programdata\GarenaMessenger
2013-04-12 08:56 . 2011-05-23 21:29 3673600 ----a-w- c:\windows\system32\DxtoryCodec64.dll
2013-04-12 07:56 . 2013-04-21 11:13 -------- d-----w- C:\Nahrávání
2013-04-12 07:55 . 2013-04-25 15:13 -------- d-----w- c:\users\Faposlav\AppData\Local\Dxtory Software
2013-04-12 07:55 . 2013-02-15 20:44 8043008 ----a-w- c:\windows\system32\DxtoryCodec.dll
2013-04-12 07:55 . 2011-05-23 21:23 3166720 ----a-w- c:\windows\SysWow64\DxtoryCodec.dll
2013-04-12 07:55 . 2013-04-12 07:55 -------- d-----w- c:\program files (x86)\Dxtory Software
2013-04-10 18:42 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 18:42 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 18:42 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 18:42 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-10 18:42 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-10 18:42 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 18:42 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-10 18:42 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-04-10 13:55 . 2013-04-10 14:47 -------- d-----w- c:\users\Faposlav\AppData\Roaming\Bioshock
2013-04-07 11:16 . 2013-04-07 11:16 -------- d-----w- c:\users\Faposlav\AppData\Local\Evernote
2013-04-07 11:16 . 2013-04-07 11:16 -------- d-----w- c:\program files (x86)\Evernote
2013-04-06 14:12 . 2013-04-06 14:13 -------- d-----w- c:\program files (x86)\3DO
2013-04-06 14:12 . 2013-04-06 14:13 -------- d-----w- c:\program files (x86)\Common Files\3DO Shared
2013-04-06 14:12 . 1998-10-29 14:45 306688 ----a-w- c:\windows\IsUninst.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-27 15:30 . 2012-10-26 10:42 281032 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-04-27 15:30 . 2012-10-26 10:35 281032 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-04-27 07:10 . 2012-10-26 10:35 281032 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-04-10 18:58 . 2012-11-10 09:46 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-04-05 20:15 . 2012-10-26 10:34 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-03-25 13:19 . 2013-03-25 13:20 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-03-25 13:19 . 2013-03-25 13:20 130016 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-03-25 13:19 . 2013-03-25 13:20 100712 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-03-15 05:53 . 2013-02-25 22:32 26956576 ----a-w- c:\windows\system32\nvoglv64.dll
2013-03-15 05:53 . 2012-10-07 10:17 15508512 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-03-15 05:53 . 2012-10-07 10:17 1118776 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-03-15 05:53 . 2012-10-07 10:17 2864144 ----a-w- c:\windows\system32\nvapi64.dll
2013-03-15 05:53 . 2012-10-07 10:17 2539128 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-03-15 05:53 . 2012-10-07 10:17 15042928 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-03-15 04:16 . 2009-09-29 09:37 3477280 ----a-w- c:\windows\system32\nvsvc64.dll
2013-03-15 04:16 . 2009-09-29 09:37 6398240 ----a-w- c:\windows\system32\nvcpl.dll
2013-03-15 04:16 . 2009-09-29 09:38 877856 ----a-w- c:\windows\system32\nvvsvc.exe
2013-03-15 04:16 . 2009-09-29 09:37 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-03-15 04:16 . 2009-09-29 09:37 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-03-14 20:07 . 2013-03-14 20:07 559904 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-03-13 16:43 . 2012-10-30 18:55 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-13 16:43 . 2012-10-30 18:55 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-13 16:24 . 2012-10-07 10:18 3065455 ----a-w- c:\windows\system32\nvcoproc.bin
2013-02-25 22:32 . 2012-10-07 10:17 1814304 ----a-w- c:\windows\system32\nvdispco64.dll
2013-02-25 22:32 . 2012-10-07 10:17 1510176 ----a-w- c:\windows\system32\nvdispgenco64.dll
2013-02-12 05:45 . 2013-03-13 15:24 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 15:24 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 15:24 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 15:24 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 15:24 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 15:24 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-12 04:12 . 2013-03-26 06:17 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OscarEditor"="c:\program files (x86)\OSCAR Editor X7\OscarEditor.exe" [2010-07-22 2636800]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2013-04-21 802136]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-04-19 1631144]
"GarenaPlus"="c:\program files (x86)\Garena Plus\GarenaMessenger.exe" [2013-04-10 9802032]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"KB350e"="c:\program files (x86)\KB350e\MagicKey.exe" [2007-12-12 184320]
"ADSK DLMSession"="c:\program files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe" [2012-07-23 1632216]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-03-25 345312]
.
c:\users\Faposlav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2013-3-19 1086816]
MultiSkypeLauncher.lnk - c:\program files (x86)\MultiSkypeLauncher\MultiSkypeLauncher.exe [2011-6-13 114176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R1 VD_FileDisk;VD_FileDisk; [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-10-08 1432400]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2013-03-20 746392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-07 1255736]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-03-25 28600]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-04-21 283200]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2013-03-25 86752]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
S3 ALSysIO;ALSysIO;c:\users\Faposlav\AppData\Local\Temp\ALSysIO64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-13 16:20 1606760 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-30 16:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2012-02-05 415680]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
SharedReg
SharedReg
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mDefault_Page_URL = hxxp://www.bing.com
mStart Page = hxxp://www.bing.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Clip selection - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
IE: Clip URL - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Nová poznámka - c:\program files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
IE: Od&eslat do aplikace OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105
TCP: Interfaces\{7966A922-4635-436E-A27D-B04CB0B4CEEC}: NameServer = 192.168.200.4,192.168.200.5
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-Uplay - c:\program files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe
AddRemove-Zombies - c:\hry\Zombies\uninstall.exe
AddRemove-{0C863753-A6B2-4D53-B465-AFFDC6844E7D}_is1 - c:\hry\XCOM Enemy Unknown\unins000.exe
AddRemove-{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} - c:\programdata\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe
AddRemove-{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1 - c:\hry\World_of_Tanks\unins000.exe
AddRemove-{1EAC1D02-C6AC-4FA6-9A44-96258C37C813}_is1 - c:\hry\World of Warplanes\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
c:\windows\SysWOW64\DllHost.exe
.
**************************************************************************
.
Celkový čas: 2013-04-29 15:19:52 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-04-29 13:19
ComboFix2.txt 2013-04-28 09:37
.
Před spuštěním: 524 122 890 240 bytes free
Po spuštění: 524 053 344 256 bytes free
.
- - End Of File - - 2888995EAFB79490FE2B8C1D125BBA84

Faposlav · Příspěvekod **Faposlav** » 29 dub 2013 16:55

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:55:00, on 29.4.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Faposlav\Downloads\hijackthis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
O4 - HKLM\..\Run: [KB350e] C:\Program Files (x86)\KB350e\MagicKey.exe
O4 - HKLM\..\Run: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [GarenaPlus] "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: MultiSkypeLauncher.lnk = C:\Program Files (x86)\MultiSkypeLauncher\MultiSkypeLauncher.exe
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{7966A922-4635-436E-A27D-B04CB0B4CEEC}: NameServer = 192.168.200.4,192.168.200.5
O17 - HKLM\System\CS1\Services\Tcpip\..\{7966A922-4635-436E-A27D-B04CB0B4CEEC}: NameServer = 192.168.200.4,192.168.200.5
O17 - HKLM\System\CS2\Services\Tcpip\..\{7966A922-4635-436E-A27D-B04CB0B4CEEC}: NameServer = 192.168.200.4,192.168.200.5
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12234 bytes

Faposlav · Příspěvekod **Faposlav** » 29 dub 2013 16:57

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-29 16:56:00
-----------------------------
16:56:00.114 OS Version: Windows x64 6.1.7601 Service Pack 1
16:56:00.114 Number of processors: 4 586 0x502
16:56:00.115 ComputerName: FAPIQUVMILACEK UserName: Faposlav
16:56:05.096 Initialize success
16:56:27.206 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005b
16:56:27.209 Disk 0 Vendor: WDC_WD10 01.0 Size: 953869MB BusType: 3
16:56:27.432 Disk 0 MBR read successfully
16:56:27.438 Disk 0 MBR scan
16:56:27.444 Disk 0 unknown MBR code
16:56:27.451 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
16:56:27.465 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 940851 MB offset 206911
16:56:27.506 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 12915 MB offset 1927071744
16:56:27.559 Disk 0 scanning C:\Windows\system32\drivers
16:56:37.713 Service scanning
16:56:56.018 Modules scanning
16:56:56.117 Disk 0 trace - called modules:
16:56:56.176 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
16:56:56.188 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800459c060]
16:56:56.226 3 CLASSPNP.SYS[fffff880018a643f] -> nt!IofCallDriver -> [0xfffffa8003e7cd20]
16:56:56.232 5 ACPI.sys[fffff88000e0b7a1] -> nt!IofCallDriver -> \Device\0000005b[0xfffffa8004334060]
16:56:56.252 Scan finished successfully
16:57:02.809 Disk 0 MBR has been saved successfully to "C:\Users\Faposlav\Desktop\MBR.dat"
16:57:02.814 The log file has been saved successfully to "C:\Users\Faposlav\Desktop\aswMBR.txt"

Příspěvekod **jaro3** » 30 dub 2013 09:45

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

Jak to vypadá nyní?

Faposlav · Příspěvekod **Faposlav** » 08 kvě 2013 11:34

Omlouvám se, musel jsem někam odjet.

Pc je teď o dost svižnější, Načítání widowsu aspoň dvojnásob rychlejší. Teď by to už jenom chtělo SSD a budu vysmátej.

Díky za pomoc.

Příspěvekod **jaro3** » 09 kvě 2013 10:19

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

Prosím kontrolu logu . Vyřešeno

Re: Prosím kontrolu logu . Vyřešeno

Re: Prosím kontrolu logu .

Re: Prosím kontrolu logu .

Re: Prosím kontrolu logu .

Re: Prosím kontrolu logu .

Re: Prosím kontrolu logu .

Re: Prosím kontrolu logu .

Re: Prosím kontrolu logu .

Kdo je online