Kontrola Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

martin386
Level 2.5
Level 2.5
Příspěvky: 277
Registrován: listopad 11
Bydliště: Jihomoravský Kraj
Pohlaví: Muž
Stav:
Offline

Re: Kontrola

Příspěvekod martin386 » 31 led 2013 22:53

ComboFix 13-01-31.03 - Martin 31.01.2013 22:42:00.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8030.6017 [GMT 1:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Martin\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\AutoKMS.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2266661873-3249443866-184451718-1002Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2266661873-3249443866-184451718-1002UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.21.124\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.21.124\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.21.124\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.21.124\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.21.124\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.21.124\goopdate.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.21.124\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.21.124\psmachine.dll
c:\program files (x86)\Google\Update\1.3.21.124\psuser.dll
c:\program files (x86)\Google\Update\Download\{2BF2CA35-CCAF-4E58-BAB7-4163BFA03B88}\0.0.0.0\GoogleEarth-Win-Plugin-7.0.1.8244.exe
c:\program files (x86)\Google\Update\Download\{2BF2CA35-CCAF-4E58-BAB7-4163BFA03B88}\0.0.0.0\GoogleEarth-Win-Plugin-7.0.2.8415.exe
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.125\GoogleUpdateB6998767.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\24.0.1312.57\24.0.1312.57_24.0.1312.56_chrome_updater.exe
c:\program files (x86)\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\0.0.0.0\GoogleEarth-Win-Bundle-7.0.2.8415.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\windows\AutoKMS
c:\windows\AutoKMS\AutoKMS.exe
c:\windows\AutoKMS\AutoKMS.ini
c:\windows\AutoKMS\AutoKMS.log
c:\windows\Tasks\AutoKMS.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-28 do 2013-01-31 )))))))))))))))))))))))))))))))
.
.
2013-01-31 21:46 . 2013-01-31 21:46 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-01-31 21:46 . 2013-01-31 21:46 -------- d-----w- c:\users\UpdatusUser.Martin-PC\AppData\Local\temp
2013-01-29 16:08 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9C68E334-B568-4215-AB1F-68D86D0927B7}\mpengine.dll
2013-01-28 11:51 . 2013-01-31 15:04 -------- d-----w- c:\users\Martin\AppData\Local\Adobe
2013-01-27 19:22 . 2013-01-27 19:22 -------- d-----w- c:\users\Martin\AppData\Roaming\Malwarebytes
2013-01-27 19:22 . 2013-01-27 19:22 -------- d-----w- c:\programdata\Malwarebytes
2013-01-24 06:07 . 2013-01-12 02:30 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-20 06:07 . 2013-01-20 06:07 42696 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
2013-01-15 07:30 . 2013-01-15 07:30 -------- d-----w- c:\users\Martin\radek
2013-01-12 21:25 . 2013-01-12 23:39 -------- d-----w- c:\programdata\Electronic Arts
2013-01-12 21:03 . 2013-01-12 21:03 -------- d-----w- c:\program files (x86)\Microsoft WSE
2013-01-12 20:52 . 2013-01-12 21:04 -------- d-----w- c:\program files (x86)\Electronic Arts
2013-01-12 20:50 . 2013-01-12 20:50 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-01-12 20:50 . 2013-01-12 20:50 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2013-01-10 19:44 . 2013-01-10 19:44 42184 ----a-w- c:\windows\system32\drivers\taphss6.sys
2013-01-10 06:16 . 2013-01-10 06:18 -------- d-----w- c:\users\Martin\AppData\Roaming\IrfanView
2013-01-10 06:01 . 2013-01-10 06:01 -------- d-----w- c:\program files (x86)\Zoner
2013-01-10 06:01 . 2013-01-10 06:01 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2013-01-10 05:56 . 2013-01-10 06:01 -------- d-----w- C:\Multimedia Files
2013-01-09 07:44 . 2012-11-30 05:41 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-01-09 07:43 . 2012-11-30 05:38 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-09 07:56 . 2012-10-09 05:27 67599240 ----a-w- c:\windows\system32\MRT.exe
2013-01-09 07:36 . 2012-03-26 07:06 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-09 07:36 . 2012-03-26 07:06 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-24 19:27 . 2012-12-24 19:27 61440 ----a-r- c:\users\Martin\AppData\Roaming\Microsoft\Installer\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}\ARPPRODUCTICON.exe
2012-12-24 19:26 . 2012-12-24 19:26 106496 ----a-w- c:\windows\SysWow64\ATL71.DLL
2012-12-22 13:49 . 2012-12-22 13:49 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-12-22 13:49 . 2012-12-22 13:49 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-12-16 17:11 . 2012-12-22 02:00 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-22 02:00 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-22 02:00 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-22 02:00 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-11-30 04:45 . 2013-01-09 07:44 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-23 18:41 . 2012-11-23 18:41 33344 ----a-w- c:\windows\system32\drivers\hamachi.sys
2012-11-15 17:28 . 2012-11-02 18:45 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-11-15 17:28 . 2012-11-02 18:45 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-11-14 07:06 . 2012-12-13 07:02 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-13 07:02 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-13 07:03 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-13 07:03 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-13 07:02 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-13 07:03 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-13 07:03 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-13 07:02 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-13 07:02 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-13 07:02 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-13 07:03 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-13 07:02 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-13 07:02 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-13 07:03 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-13 07:03 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-13 07:03 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-13 07:02 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-13 07:03 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-13 07:02 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-13 07:03 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-13 07:03 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-13 07:03 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-12 18:09 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-12 18:09 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-04 19:40 . 2012-11-04 19:40 393216 ----a-w- c:\windows\p3core.dll
2012-11-03 21:29 . 2012-11-03 21:29 62976 ----a-w- c:\windows\system32\TSWbPrxy.exe
2012-11-03 21:29 . 2012-11-03 21:29 57856 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2012-11-03 21:29 . 2012-11-03 21:29 5773824 ----a-w- c:\windows\system32\mstscax.dll
2012-11-03 21:29 . 2012-11-03 21:29 54272 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2012-11-03 21:29 . 2012-11-03 21:29 4916224 ----a-w- c:\windows\SysWow64\mstscax.dll
2012-11-03 21:29 . 2012-11-03 21:29 46592 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll
2012-11-03 21:29 . 2012-11-03 21:29 44032 ----a-w- c:\windows\system32\tsgqec.dll
2012-11-03 21:29 . 2012-11-03 21:29 43520 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2012-11-03 21:29 . 2012-11-03 21:29 384000 ----a-w- c:\windows\system32\wksprt.exe
2012-11-03 21:29 . 2012-11-03 21:29 37376 ----a-w- c:\windows\SysWow64\tsgqec.dll
2012-11-03 21:29 . 2012-11-03 21:29 322560 ----a-w- c:\windows\system32\aaclient.dll
2012-11-03 21:29 . 2012-11-03 21:29 3174912 ----a-w- c:\windows\system32\rdpcorets.dll
2012-11-03 21:29 . 2012-11-03 21:29 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2012-11-03 21:29 . 2012-11-03 21:29 269312 ----a-w- c:\windows\SysWow64\aaclient.dll
2012-11-03 21:29 . 2012-11-03 21:29 243200 ----a-w- c:\windows\system32\rdpudd.dll
2012-11-03 21:29 . 2012-11-03 21:29 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2012-11-03 21:29 . 2012-11-03 21:29 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2012-11-03 21:29 . 2012-11-03 21:29 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2012-11-03 21:29 . 2012-11-03 21:29 18432 ----a-w- c:\windows\system32\wksprtPS.dll
2012-11-03 21:29 . 2012-11-03 21:29 16896 ----a-w- c:\windows\SysWow64\wksprtPS.dll
2012-11-03 21:29 . 2012-11-03 21:29 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2012-11-03 21:29 . 2012-11-03 21:29 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-11-03 21:29 . 2012-11-03 21:29 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-11-03 21:29 . 2012-11-03 21:29 1123840 ----a-w- c:\windows\system32\mstsc.exe
2012-11-03 21:29 . 2012-11-03 21:29 1048064 ----a-w- c:\windows\SysWow64\mstsc.exe
2012-11-03 21:28 . 2012-11-03 21:28 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-11-03 21:28 . 2012-11-03 21:28 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2012-11-03 21:28 . 2012-11-03 21:28 340992 ----a-w- c:\windows\system32\schannel.dll
2012-11-03 21:28 . 2012-11-03 21:28 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2012-11-03 21:28 . 2012-11-03 21:28 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-11-03 21:28 . 2012-11-03 21:28 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-11-03 21:28 . 2012-11-03 21:28 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2012-11-03 21:27 . 2012-11-03 21:27 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-11-03 21:27 . 2012-11-03 21:27 366592 ----a-w- c:\windows\system32\qdvd.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2013-01-11 20:50 233288 ----a-w- c:\program files (x86)\Hotspot Shield\HssIE\HssIE.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-01-08 3674320]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-09-20 341360]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2012-01-05 296984]
"Dolby Home Theater v4"="c:\dolby pcee4\pcee4.exe" [2011-06-01 506712]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2012-03-23 1105488]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-27 291608]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2011-10-30 571392]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-3-21 1390368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2012-03-21 163368]
R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2012-03-21 594472]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2012-03-21 39976]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-03 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-11-03 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-11-03 30208]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.5;c:\program files\Intel\TurboBoost\TurboBoost.exe [2012-01-20 149504]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-09 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-02-27 16152]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-02 30056]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-01-12 283200]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys [2013-01-20 42696]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2012-03-26 22648]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2012-03-26 20520]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-03-26 62776]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2012-03-23 355920]
S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2012-02-07 871296]
S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\openvpnas.exe [2013-01-23 534824]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [2013-01-22 389928]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-02-01 13592]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-08 161560]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2012-02-07 255376]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2012-01-05 256536]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2012-01-20 16128]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-08 363800]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys [2011-11-04 68648]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys [2011-11-04 19496]
S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys [2012-10-08 21568]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys [2011-09-02 51752]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys [2012-05-03 81928]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2012-03-07 238384]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-02-27 356120]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-02-27 788760]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2012-01-18 435240]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys [2013-01-10 42184]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-31 08:29 1607120 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-26 07:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ------w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-04-23 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-04-23 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-04-23 439064]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-27 12343400]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe" [2012-10-08 7138816]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2012-02-07 1829768]
"InstantUpdate"="c:\program files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe" [2012-04-06 124520]
"AutoKMS"="c:\windows\AutoKMS.exe" [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel
IE: Od&eslat do aplikace OneNote
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Launch Manager\LMutilps32.exe
c:\program files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Celkový čas: 2013-01-31 22:51:24 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-01-31 21:51
ComboFix2.txt 2013-01-31 15:36
.
Před spuštěním: Volných bajtů: 584 002 695 168
Po spuštění: Volných bajtů: 583 746 945 024
.
- - End Of File - - AFDCB0F6D7086AF0E13919537C026AE6

Reklama
martin386
Level 2.5
Level 2.5
Příspěvky: 277
Registrován: listopad 11
Bydliště: Jihomoravský Kraj
Pohlaví: Muž
Stav:
Offline

Re: Kontrola

Příspěvekod martin386 » 31 led 2013 22:54

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:53:45, on 31.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Users\Martin\Downloads\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.5 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12151 bytes

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola

Příspěvekod jaro3 » 31 led 2013 22:56

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.


Jaké to jsou složky??

Kdy si naposledy čistil od prachu?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

martin386
Level 2.5
Level 2.5
Příspěvky: 277
Registrován: listopad 11
Bydliště: Jihomoravský Kraj
Pohlaví: Muž
Stav:
Offline

Re: Kontrola

Příspěvekod martin386 » 31 led 2013 22:57

Ty podtržené složky tam vůbec nebyly
Přílohy
Bez názvu.jpg

martin386
Level 2.5
Level 2.5
Příspěvky: 277
Registrován: listopad 11
Bydliště: Jihomoravský Kraj
Pohlaví: Muž
Stav:
Offline

Re: Kontrola

Příspěvekod martin386 » 31 led 2013 22:58

Od prachu jsem to v neděli vysál.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola

Příspěvekod jaro3 » 31 led 2013 23:03

Až na Multi media Files , je to OK , mrkni tam , co tam je.

Stáhni si HD Tune
http://www.slunecnice.cz/sw/hd-tune/
-nainstaluj, spusť program, klikni na záložku Error scan
Spusť Start a počkej , až skončí svojí práci. Pokud budou všechny čtverečky zelené je disk OK , pokud budou některá červená , disk odchází.

Zkus HWInfo:
http://www.slunecnice.cz/sw/hwinfo/
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

martin386
Level 2.5
Level 2.5
Příspěvky: 277
Registrován: listopad 11
Bydliště: Jihomoravský Kraj
Pohlaví: Muž
Stav:
Offline

Re: Kontrola

Příspěvekod martin386 » 31 led 2013 23:10

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-31 22:59:12
-----------------------------
22:59:12.746 OS Version: Windows x64 6.1.7601 Service Pack 1
22:59:12.746 Number of processors: 4 586 0x3A09
22:59:12.746 ComputerName: MARTIN-PC UserName: Martin
22:59:15.086 Initialize success
22:59:15.195 AVAST engine defs: 13013100
22:59:16.412 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:59:16.412 Disk 0 Vendor: Hitachi_ JE4O Size: 715404MB BusType: 3
22:59:16.428 Disk 0 MBR read successfully
22:59:16.428 Disk 0 MBR scan
22:59:16.428 Disk 0 Windows 7 default MBR code
22:59:16.428 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 18432 MB offset 2048
22:59:16.443 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 37750784
22:59:16.459 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 696870 MB offset 37955584
22:59:16.475 Disk 0 scanning C:\Windows\system32\drivers
22:59:24.150 Service scanning
22:59:48.408 Modules scanning
22:59:48.408 Disk 0 trace - called modules:
22:59:48.439 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
22:59:48.439 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800a604060]
22:59:48.439 3 CLASSPNP.SYS[fffff88001a0143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007e51050]
22:59:49.968 AVAST engine scan C:\Windows
22:59:53.057 AVAST engine scan C:\Windows\system32
23:02:16.093 AVAST engine scan C:\Windows\system32\drivers
23:02:25.812 AVAST engine scan C:\Users\Martin
23:08:51.928 AVAST engine scan C:\ProgramData
23:09:26.171 Scan finished successfully
23:09:34.735 Disk 0 MBR has been saved successfully to "C:\Users\Martin\Desktop\MBR.dat"
23:09:34.735 The log file has been saved successfully to "C:\Users\Martin\Desktop\aswMBR.txt"

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola

Příspěvekod jaro3 » 31 led 2013 23:18

Log OK , pokračuj viz výše.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

martin386
Level 2.5
Level 2.5
Příspěvky: 277
Registrován: listopad 11
Bydliště: Jihomoravský Kraj
Pohlaví: Muž
Stav:
Offline

Re: Kontrola

Příspěvekod martin386 » 31 led 2013 23:21

Multimedia- je tam složka My Media a ta je prázdná

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola

Příspěvekod jaro3 » 31 led 2013 23:27

Tak je to OK. , ostatní znám a jsou OK.

Udělej co jsem psal výše.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

martin386
Level 2.5
Level 2.5
Příspěvky: 277
Registrován: listopad 11
Bydliště: Jihomoravský Kraj
Pohlaví: Muž
Stav:
Offline

Re: Kontrola

Příspěvekod martin386 » 31 led 2013 23:29

Ano, děkuji :-) Scan už probíhá, hned jak se ukončí, dám vědět.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola

Příspěvekod jaro3 » 31 led 2013 23:31

Fajn.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 69 hostů