preventivní kontrola logu

Příspěvekod **jaro3** » 16 pro 2013 10:25

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files\Skype\Updater
c:\program files\Google\Update

Driver::
SkypeUpdate

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Reklama

OndraP. · Příspěvekod **OndraP.** » 25 pro 2013 12:52

ComboFix 13-12-13.01 - Ondra 25.12.2013 12:35:31.2.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2026.1114 [GMT 1:00]
Spuštěný z: c:\users\Ondra\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Ondra\Desktop\CFScript.txt
AV: ESET Smart Security 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
FW: ESET personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
SP: ESET Smart Security 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.22.3\GoogleUpdate.exe
c:\program files\Google\Update\1.3.22.3\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.22.3\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.22.3\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.22.3\goopdate.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_am.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ar.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_bg.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_bn.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ca.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_cs.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_da.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_de.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_el.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_en.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_es.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_et.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_fa.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_fi.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_fil.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_fr.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_gu.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_hi.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_hr.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_hu.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_id.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_is.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_it.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_iw.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ja.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_kn.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ko.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_lt.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_lv.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ml.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_mr.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ms.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_nl.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_no.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_pl.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ro.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ru.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_sk.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_sl.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_sr.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_sv.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_sw.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ta.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_te.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_th.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_tr.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_uk.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_ur.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_vi.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.22.3\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.22.3\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.22.3\psmachine.dll
c:\program files\Google\Update\1.3.22.3\psuser.dll
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.3\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\31.0.1650.63\31.0.1650.63_31.0.1650.57_chrome_updater.exe
c:\program files\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\7.1.2.2041\GoogleEarth-Win-Bundle-7.1.2.2041.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-25 do 2013-12-25 )))))))))))))))))))))))))))))))
.
.
2013-12-25 11:43 . 2013-08-06 07:28 7166848 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A1281AE6-DC45-473A-B382-6CC694DACD21}\mpengine.dll
2013-12-25 11:41 . 2013-12-25 11:41 -------- d-----w- c:\users\Ondra\AppData\Local\temp
2013-12-25 11:41 . 2013-12-25 11:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-24 15:29 . 2013-12-04 02:57 7760024 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{315A3BEC-F822-43E9-9B81-5C04468CBED5}\mpengine.dll
2013-12-12 00:11 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-12 00:11 . 2013-05-10 03:48 164864 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-11 18:46 . 2013-12-11 18:46 -------- d-----w- c:\windows\ERUNT
2013-12-11 16:36 . 2013-10-12 02:04 121856 ----a-w- c:\windows\system32\wshom.ocx
2013-12-11 16:36 . 2013-10-12 02:03 163840 ----a-w- c:\windows\system32\scrrun.dll
2013-12-11 16:36 . 2013-10-12 01:15 141824 ----a-w- c:\windows\system32\wscript.exe
2013-12-11 16:36 . 2013-10-12 01:15 126976 ----a-w- c:\windows\system32\cscript.exe
2013-12-11 16:36 . 2013-10-19 01:36 159232 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-11 16:36 . 2013-10-30 02:19 301568 ----a-w- c:\windows\system32\msieftp.dll
2013-12-11 16:36 . 2013-11-23 18:26 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-11 16:36 . 2013-11-12 02:07 2048 ----a-w- c:\windows\system32\tzres.dll
2013-12-11 16:36 . 2013-10-30 01:27 2349056 ----a-w- c:\windows\system32\win32k.sys
2013-12-11 16:36 . 2013-10-04 01:49 81408 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-11 16:36 . 2013-10-04 01:17 177152 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-08 19:40 . 2013-12-08 19:40 -------- d-----w- c:\users\Ondra\AppData\Roaming\Malwarebytes
2013-12-08 19:40 . 2013-12-08 19:40 -------- d-----w- c:\programdata\Malwarebytes
2013-12-08 19:40 . 2013-12-08 19:40 -------- d-----w- c:\users\Ondra\AppData\Local\Programs
2013-12-08 19:35 . 2013-12-11 18:40 -------- d-----w- C:\AdwCleaner
2013-12-08 19:31 . 2013-12-13 17:58 -------- d-----w- c:\users\Ondra\AppData\Local\Adobe
2013-12-07 13:29 . 2013-12-07 13:29 -------- d-----w- C:\Trend Micro
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-19 02:33 . 2012-11-08 18:05 230048 ------w- c:\windows\system32\MpSigStub.exe
2013-11-11 22:19 . 2013-11-11 22:19 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-11 22:19 . 2013-11-11 22:19 194048 ----a-w- c:\windows\system32\elshyph.dll
2013-11-11 22:19 . 2013-11-11 22:19 86016 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-11 22:19 . 2013-11-11 22:19 74240 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-11 22:19 . 2013-11-11 22:19 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-11 22:19 . 2013-11-11 22:19 645120 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-11 22:19 . 2013-11-11 22:19 62464 ----a-w- c:\windows\system32\tdc.ocx
2013-11-11 22:19 . 2013-11-11 22:19 61952 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-11 22:19 . 2013-11-11 22:19 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-11 22:19 . 2013-11-11 22:19 454656 ----a-w- c:\windows\system32\vbscript.dll
2013-11-11 22:19 . 2013-11-11 22:19 36352 ----a-w- c:\windows\system32\imgutil.dll
2013-11-11 22:19 . 2013-11-11 22:19 34816 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-11 22:19 . 2013-11-11 22:19 337408 ----a-w- c:\windows\system32\html.iec
2013-11-11 22:19 . 2013-11-11 22:19 24576 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-11 22:19 . 2013-11-11 22:19 182272 ----a-w- c:\windows\system32\msls31.dll
2013-11-11 22:19 . 2013-11-11 22:19 151552 ----a-w- c:\windows\system32\iexpress.exe
2013-11-11 22:19 . 2013-11-11 22:19 139264 ----a-w- c:\windows\system32\wextract.exe
2013-11-11 22:19 . 2013-11-11 22:19 13312 ----a-w- c:\windows\system32\mshta.exe
2013-11-11 22:19 . 2013-11-11 22:19 111616 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-11 22:19 . 2013-11-11 22:19 1051136 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-10-12 02:03 . 2013-11-13 18:17 656896 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:01 . 2013-11-13 18:17 679424 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:01 . 2013-11-13 18:17 216576 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-05 19:57 . 2013-11-13 18:17 1168384 ----a-w- c:\windows\system32\crypt32.dll
2013-10-04 01:58 . 2013-11-13 18:18 152576 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-10-04 01:56 . 2013-11-13 18:18 168960 ----a-w- c:\windows\system32\credui.dll
2013-10-04 01:56 . 2013-11-13 18:18 1796096 ----a-w- c:\windows\system32\authui.dll
2013-10-03 01:58 . 2013-11-13 18:17 305152 ----a-w- c:\windows\system32\gdi32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2013-05-29 449248]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE" [2013-02-18 774168]
"Infium"="c:\qip\QIP 2012\qip.exe" [2011-12-28 7318992]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-02-06 2021400]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-01-27 9914984]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]
"RemoteControl10"="c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe" [2010-02-02 87336]
"BDRegion"="c:\program files\Cyberlink\Shared files\brs.exe" [2010-03-13 75048]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-10-10 1982312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2013-06-19 12400]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-11-26 108032]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-11-08 1343400]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-11 242240]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2012/11/08 21:37];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 11:58 87536]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2009-02-06 727720]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-02-06 38240]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2010-09-22 110752]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2012-07-13 769432]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-24 2656280]
S3 MEI;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECI.sys [2011-01-24 41088]
S3 netr28;Ralink 802.11n – bezdrátový ovladač pro systém Windows Vista;c:\windows\system32\DRIVERS\netr28.sys [2009-07-13 530944]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 10:18 1210320 ----a-w- c:\program files\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 83.240.0.214 83.240.0.136
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2013-12-25 12:45:59 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-12-25 11:45
ComboFix2.txt 2013-12-15 20:46
.
Před spuštěním: Volných bajtů: 33 097 637 888
Po spuštění: Volných bajtů: 32 770 867 200
.
- - End Of File - - 3CB3C1254847FA0C4C3528D49D23D41A
A36C5E4F47E84449FF07ED3517B43A31

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:52:00, on 25.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
O4 - HKCU\..\Run: [Infium] "C:\QIP\QIP 2012\qip.exe" /autorun
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Intel Corporation - C:\Windows\system32\IProsetMonitor.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

--
End of file - 7118 bytes

OndraP. · Příspěvekod **OndraP.** » 25 pro 2013 12:55

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-12-25 12:53:48
-----------------------------
12:53:48.756 OS Version: Windows 6.1.7601 Service Pack 1
12:53:48.756 Number of processors: 4 586 0x2A07
12:53:48.756 ComputerName: ONDRA-PC UserName: Ondra
12:53:49.614 Initialize success
12:53:55.196 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:53:55.212 Disk 0 Vendor: ST380815AS 4.AAB Size: 76319MB BusType: 3
12:53:55.212 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-2
12:53:55.212 Disk 1 Vendor: ST3320620AS 3.AAE Size: 305245MB BusType: 3
12:53:55.321 Disk 0 MBR read successfully
12:53:55.321 Disk 0 MBR scan
12:53:55.321 Disk 0 Windows 7 default MBR code
12:53:55.337 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
12:53:55.337 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 76217 MB offset 206848
12:53:55.352 Disk 0 scanning sectors +156299264
12:53:55.415 Disk 0 scanning C:\Windows\system32\drivers
12:54:01.702 Service scanning
12:54:13.854 Modules scanning
12:54:23.105 Disk 0 trace - called modules:
12:54:23.120 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
12:54:23.120 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85ac62a8]
12:54:23.136 3 CLASSPNP.SYS[88db759e] -> nt!IofCallDriver -> [0x8597b918]
12:54:23.136 5 ACPI.sys[888c53d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84c8f908]
12:54:23.152 Scan finished successfully
12:55:36.082 Disk 0 MBR has been saved successfully to "C:\Users\Ondra\Desktop\MBR.dat"
12:55:36.097 The log file has been saved successfully to "C:\Users\Ondra\Desktop\aswMBR.txt"

Příspěvekod **jaro3** » 26 pro 2013 09:44

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

preventivní kontrola logu Vyřešeno

Re: preventivní kontrola logu

Re: preventivní kontrola logu

Re: preventivní kontrola logu

Re: preventivní kontrola logu Vyřešeno

Kdo je online