Prosím o kontrolu logu win7

creativ718 · Příspěvekod **creativ718** » 05 srp 2013 11:41

RogueKiller log po smazání

RogueKiller V8.6.4 _x64_ [Jul 29 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Luboš [Práva správce]
Mód : Odebrat -- Datum : 08/04/2013 23:11:42
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 1 ¤¤¤
[V2][SUSP PATH] ASC6_PerformanceMonitor : C:\Users\Luboš\Desktop\IObit\Advanced SystemCare 6\Monitor.exe [x] -> VYMAZÁNO

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST500DM002-1BD142 ATA Device +++++
--- User ---
[MBR] 622a485acbc0b7dd9cbf05e74b9550a0
[BSP] 414333c7364f7edc7c9619f4a4ecc565 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_08042013_231142.txt >>
RKreport[0]_S_08042013_231136.txt

--------------------------------------------------------------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------------------------------------------------------------

Combofix log

ComboFix 13-08-04.01 - Luboš 04.08.2013 23:16:36.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8126.6761 [GMT 2:00]
Spuštěný z: c:\users\LuboÜ\Desktop\ComboFix.exe
AV: AVG Internet Security 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2013 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\BasicServe
c:\program files (x86)\BasicServe\uninstall.exe
c:\programdata\2b3b36353b3b2f453930_c
c:\programdata\BasicServe
c:\windows\inf\ntvdm.vbe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Run
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-07-04 do 2013-08-04 )))))))))))))))))))))))))))))))
.
.
2013-08-04 16:56 . 2013-08-04 20:40 -------- d-----w- C:\Fraps
2013-08-04 16:56 . 2013-08-04 16:56 499708 ----a-w- c:\windows\SysWow64\phatk121016Bonairev1w256l4.bin
2013-08-04 16:56 . 2013-08-04 16:56 -------- d-----w- c:\program files (x86)\Fraps-full version
2013-08-04 14:34 . 2013-08-04 14:34 -------- d-----w- c:\program files (x86)\Sony
2013-08-04 14:34 . 2012-01-20 12:14 18816 ----a-w- c:\windows\system32\roboot64.exe
2013-08-04 14:21 . 2013-08-04 14:21 -------- d-----w- c:\windows\ERUNT
2013-08-04 11:56 . 2013-08-04 14:34 -------- d-----w- c:\program files\Sony
2013-08-04 11:56 . 2013-08-04 11:56 -------- d-----w- c:\programdata\Sony
2013-08-03 17:27 . 2013-08-03 17:28 -------- d-----w- c:\programdata\AVG2013
2013-08-03 17:27 . 2013-08-03 17:27 -------- d-----w- C:\$AVG
2013-08-03 17:26 . 2013-08-03 17:26 -------- d-----w- c:\program files (x86)\AVG
2013-08-03 17:24 . 2013-08-04 20:45 -------- d-----w- c:\programdata\MFAData
2013-08-03 11:38 . 2013-08-03 11:38 -------- d-----w- c:\programdata\TuneUp Software
2013-08-03 11:38 . 2013-08-03 11:43 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-08-03 11:37 . 2013-08-03 11:37 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2013-08-02 17:19 . 2013-08-02 17:19 -------- d-----w- c:\program files (x86)\Opera
2013-08-02 09:27 . 2013-08-02 09:27 -------- d-----w- c:\program files (x86)\Shifters Anticheat
2013-08-01 07:11 . 2013-08-01 07:11 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-08-01 07:11 . 2013-08-01 07:11 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-31 21:23 . 2013-07-31 21:23 -------- d-----w- c:\windows\SysWow64\Macromed
2013-07-31 21:23 . 2013-07-31 21:23 -------- d-----w- c:\windows\system32\Macromed
2013-07-31 20:10 . 2013-08-01 07:11 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-07-31 20:10 . 2013-08-01 07:11 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-07-31 20:09 . 2013-07-31 20:09 -------- d-----w- c:\program files (x86)\Java
2013-07-31 16:20 . 2013-07-31 16:20 -------- d-----w- c:\program files (x86)\Trend Micro
2013-07-31 15:57 . 2013-08-04 09:23 -------- d-----w- c:\program files (x86)\BitLord 2
2013-07-31 14:10 . 2013-07-31 14:10 -------- d-----w- c:\program files (x86)\OpenOffice.org 3
2013-07-31 13:53 . 2013-07-31 13:53 -------- d-----w- c:\windows\SysWow64\Wat
2013-07-31 13:53 . 2013-07-31 13:53 -------- d-----w- c:\windows\system32\Wat
2013-07-31 12:08 . 2013-06-23 22:41 78185248 ----a-w- c:\windows\system32\MRT.exe
2013-07-31 11:52 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-07-31 11:52 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-07-31 11:52 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-07-31 11:52 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-07-31 11:52 . 2010-09-30 10:41 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-07-31 11:52 . 2010-09-30 06:47 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-07-31 11:49 . 2013-07-15 01:34 9460976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{68D5C1D8-01E6-421F-8285-889BAD679F70}\mpengine.dll
2013-07-31 11:48 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-07-31 11:48 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-07-31 11:48 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-07-31 11:48 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-07-31 11:48 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-07-31 11:42 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-31 11:42 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-07-31 11:40 . 2010-12-23 10:42 1118720 ----a-w- c:\windows\system32\sbe.dll
2013-07-31 11:39 . 2012-06-02 05:50 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2013-07-31 11:38 . 2012-11-20 05:48 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-07-31 11:37 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2013-07-31 11:37 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2013-07-31 11:37 . 2012-08-24 18:05 220160 ----a-w- c:\windows\system32\wintrust.dll
2013-07-31 11:37 . 2012-08-24 16:57 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-31 11:37 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2013-07-31 11:37 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2013-07-31 11:37 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2013-07-31 11:35 . 2012-06-06 06:05 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2013-07-30 18:54 . 2013-07-30 18:54 -------- d-----w- c:\users\Luboç
2013-07-30 18:25 . 2013-07-30 18:25 -------- d-----w- c:\users\Owner
2013-07-30 18:09 . 2013-07-30 18:09 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-07-30 18:09 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-07-30 17:44 . 2013-07-30 17:44 -------- d-----w- c:\program files (x86)\ObviousIdea
2013-07-30 15:25 . 2013-08-03 19:27 -------- d-----w- c:\program files (x86)\SpeedFan
2013-07-30 14:57 . 2013-07-30 14:57 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-07-30 14:57 . 2013-07-30 14:57 -------- d-----r- c:\program files (x86)\Skype
2013-07-30 14:57 . 2013-07-30 14:57 -------- d-----w- c:\programdata\Skype
2013-07-30 14:55 . 2013-07-30 14:55 -------- d-----w- c:\program files (x86)\Webteh
2013-07-30 13:43 . 2008-07-31 08:41 68616 ----a-w- c:\windows\SysWow64\XAPOFX1_1.dll
2013-07-30 13:43 . 2008-07-31 08:40 509448 ----a-w- c:\windows\SysWow64\XAudio2_2.dll
2013-07-30 13:43 . 2008-07-12 06:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2013-07-30 13:43 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2013-07-30 13:43 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2013-07-30 13:42 . 2013-07-30 13:42 -------- d-----w- C:\Riot Games
2013-07-30 13:39 . 2013-08-04 15:20 -------- d-----w- c:\programdata\PMB Files
2013-07-30 13:39 . 2013-07-30 13:39 -------- d-----w- c:\program files (x86)\Pando Networks
2013-07-30 13:09 . 2013-07-30 13:09 -------- d-----w- c:\programdata\Malwarebytes
2013-07-30 13:08 . 2013-07-30 13:08 -------- d-----w- C:\vcs5BGEffects
2013-07-30 13:07 . 2013-07-30 18:25 -------- d-----w- c:\programdata\IObit
2013-07-30 13:07 . 2013-07-30 13:07 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-07-30 12:56 . 2013-07-30 12:56 -------- d-----w- c:\program files (x86)\IObit
2013-07-30 11:45 . 2013-08-04 20:45 -------- d-----w- c:\program files (x86)\Steam
2013-07-30 11:45 . 2013-07-30 11:54 -------- d-----w- c:\program files (x86)\Common Files\Steam
2013-07-30 11:38 . 2013-07-30 11:38 -------- d-----w- c:\program files (x86)\TeamViewer
2013-07-30 11:25 . 2013-07-30 11:25 -------- d-----w- c:\program files\CCleaner
2013-07-30 10:27 . 2013-07-31 12:01 -------- d-----w- c:\program files (x86)\TeamSpeak 3 Client
2013-07-30 10:21 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2013-07-30 10:21 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2013-07-30 10:21 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-07-30 10:18 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-07-30 10:18 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-07-30 10:18 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-07-30 10:18 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-07-30 10:18 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2013-07-30 10:18 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2013-07-30 10:18 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2013-07-30 10:18 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-07-30 10:18 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2013-07-30 10:14 . 2012-05-22 00:25 19264 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys
2013-07-30 10:14 . 2012-05-22 00:25 789824 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys
2013-07-30 10:14 . 2012-05-22 00:25 357184 ----a-w- c:\windows\system32\drivers\iusb3hub.sys
2013-07-30 10:13 . 2012-12-26 17:26 805088 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2013-07-30 10:13 . 2012-12-26 17:26 74344 ----a-w- c:\windows\system32\RtNicProp64.dll
2013-07-30 10:13 . 2012-12-26 17:26 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2013-07-30 10:10 . 2011-12-08 07:55 53248 ----a-r- c:\windows\SysWow64\CSVer.dll
2013-07-30 10:10 . 2013-07-30 10:14 -------- d-----w- c:\program files (x86)\Intel
2013-07-30 10:07 . 2013-07-30 10:07 -------- d-----w- c:\windows\Chipset
2013-07-30 10:07 . 2013-07-30 10:07 16896 ----a-w- c:\windows\AsTaskSched.dll
2013-07-30 10:07 . 2011-02-25 06:25 296320 ----a-w- c:\windows\system32\drivers\volsnap.sys
2013-07-30 10:04 . 2013-07-30 10:04 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-07-30 10:04 . 2013-07-30 18:01 -------- d-----w- c:\program files (x86)\DAEMON Tools Pro
2013-07-30 10:03 . 2013-08-03 12:23 -------- d-----w- c:\programdata\DAEMON Tools Pro
2013-07-30 09:58 . 2013-07-30 09:58 -------- d-----w- c:\programdata\WinZip
2013-07-30 09:58 . 2013-07-30 09:58 -------- d-----w- c:\program files\WinZip
2013-07-30 09:57 . 2013-07-30 09:57 -------- d-----w- c:\program files (x86)\Real
2013-07-30 09:55 . 2013-07-30 09:55 -------- d-----w- c:\programdata\ASUS WebStorage
2013-07-30 09:53 . 2013-07-30 09:53 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-07-30 09:50 . 2012-03-22 14:10 14848 ----a-w- c:\windows\SysWow64\drivers\AiCharger.sys
2013-07-30 09:46 . 2013-07-30 09:46 -------- d-----w- c:\program files\ASUS
2013-07-30 09:45 . 2012-05-31 03:06 32400 ----a-r- c:\windows\system32\drivers\ndisrd.sys
2013-07-30 09:44 . 2008-12-02 18:05 184320 ----a-w- c:\windows\SysWow64\drivers\UpdateHelper.dll
2013-07-30 09:43 . 2013-07-30 09:43 -------- d-----w- c:\programdata\ASUS
2013-07-30 09:43 . 2013-07-30 09:55 -------- d-----w- c:\program files (x86)\ASUS
2013-07-30 09:43 . 2012-08-22 09:54 15232 ----a-r- c:\windows\SysWow64\drivers\AsIO.sys
2013-07-30 09:43 . 2010-06-29 07:41 28672 ----a-r- c:\windows\SysWow64\AsIO.dll
2013-07-30 09:43 . 2013-07-30 09:43 -------- d-----w- c:\windows\SysWow64\drivers\MFDLL
2013-07-30 09:43 . 2008-01-04 11:34 11832 ----a-w- c:\windows\SysWow64\drivers\AsInsHelp64.sys
2013-07-30 09:42 . 2012-07-03 12:32 58512 ----a-r- c:\windows\system32\drivers\RtTeam620.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-31 16:20 . 2013-07-31 16:20 388096 ----a-r- c:\users\Luboš\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-07-31 16:20 . 2013-07-31 16:20 388096 ----a-r- c:\users\Luboš\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-07-30 17:44 . 2010-03-18 07:15 773712 ----a-w- c:\windows\SysWow64\msvcr100.dll
2013-07-30 17:44 . 2010-03-18 07:15 420944 ----a-w- c:\windows\SysWow64\msvcp100.dll
2013-06-30 23:45 . 2013-06-30 23:45 116536 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2013-06-07 11:45 . 2013-08-04 16:56 84992 --s-a-w- c:\windows\inf\msijuih\zlib1.dll
2013-06-07 11:45 . 2013-08-04 16:56 612352 --s-a-w- c:\windows\inf\msijuih\libcurl.dll
2013-06-07 11:45 . 2013-08-04 16:56 568334 --s-a-w- c:\windows\inf\msijuih\msijuih.exe
2013-06-07 11:45 . 2013-08-04 16:56 364544 --s-a-w- c:\windows\inf\msijuih\ssleay32.dll
2013-06-07 11:45 . 2013-08-04 16:56 279955 --s-a-w- c:\windows\inf\msijuih\libidn-11.dll
2013-06-07 11:45 . 2013-08-04 16:56 183382 --s-a-w- c:\windows\inf\msijuih\librtmp.dll
2013-06-07 11:45 . 2013-08-04 16:56 171008 --s-a-w- c:\windows\inf\msijuih\libssh2.dll
2013-06-07 11:45 . 2013-08-04 16:56 1704448 --s-a-w- c:\windows\inf\msijuih\libeay32.dll
2013-06-07 11:45 . 2013-08-04 16:56 110094 --s-a-w- c:\windows\inf\msijuih\libusb-1.0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2012-10-03 3111264]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-06-30 4411440]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GIGABYTE OC_GURU.lnk - c:\program files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe [2013-3-1 21946368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"3212083974"= 504b0304c239b7f8068374bfb511000000400000e269f63d73594f6202c9694280cc96a28bbd63516fe3c2d5f7a2ff87ac3a990c3ec3b2ed7b07716237a0dfb1dfb651f67e31cb2e7649f98d5e55e9b25b1a579794989b176c357bdcc11226bd6ecb7de8a63ea2165f6b31ead6b0a2a96a6e9d04b9b39f194ef52d48b088d4b6597f685a70ff6912914f86d8235681747da26cfd83223d3d248872c51095484634ebf976e4595f734bd35caf42b38dcf9e878af0be0a5e84b22940f721e8bbcdcbaa3e53607359252db16c0d6c38a142261bb4896d12a48c006cc3c21fdf717c155b2af0375d2545ee286c2aecb2955206ef25c82dc686f7eb83bb3072e94e1e59254b11a2e3628e1d98e177375b54e682a1c77f986e1907ffcb784accacb124189751d7ebbafc91d3a127f134a85e27f8c201d9082f621f5fffac09d2aab94a62f90bd74d6c96a8db6d42e4e98316449d202a4e24857673e2a50b7dfd9d5af72a21a19a922acc9675ba933a1c6ad4e0a11470fbb82eed7a79c5ca2dbb0bec5b2b43baa37373d3ef494726d7cf4a4aa8a3d6a5c206ced49148c0100bfa96b707be91b855151d8da8e0723dd1303325011b3951c9df7b10e9b153bced98376c4d7517f2e0e23a986914b2b0f978454441c47b5797d924ce9cd186d74d308099ee52f226e92de6b50e4a0691f75cfa9ce733494b8cafaeb4be4c65f6c9dffa34a3c2ed9d14f5844164be79b7a90495290350177b03aefa777ff519b624e3c75c219260ac447bba9a6db56f34b340a5f75837fab3c33831a3bc39c2914aeb87a39545bd7ed52450eb7e94d5380e2babce3f8ee6e3cdc9d4ed54d9889d9dbd0dc879caa2b121048a308a7f873252dad24ea8f8911ea0a3b202de930a9fc882cf1349ffe229016b2ebfd7821b8986d31deccbc296ba54fd6d864c915f1d77ac0734d96fe0ba43a669fab128026c7f90e9e1e0a7047f5a2378e4de0966eb6c217b3483194b2b21a3fa8a1cbef1d66a3fc8a5c863bcea6157981a11449bae3357f3287501cb9c24e0afb156f5ddfd6855cd8b7b43feabd9412c1c208b5de2330c469a59de5b490cc06bfd5a4900cb121eb967bc7185a9f00112a5b1e8d8028ca02b0f2b194af03cc1e172b70c9b88643e3c064b5406cf184ad9eba26736ef6feb30dac8ba400933a32a3c03230bd732fcbe16c4b3bdcc0b501616ce956d968b8da68b4a9a64238601e81e78095961580431361a4dd9fe963d3ceba5c21bba416c1cc9d94bb842c25b2fd12c8bf42c35948272965a3fecf6e9b92d32d7e84a402a0b6214a412a23427e4852ce607fd9f7ff8559bbb96a9ae577df0c19d108587d372470be0d3e27ed61feb442c2d65e55bac81c2786cf6b837eebc1b5af35634b29fd5d96347b5f9c747c8a9a83e7cb3c188d9042f08fbd4edeebd65de7c04b275b7fd74067a0ae3033752aa55a45a05355811416ea4a5101511e99305b700bd44742cbd6a9272b5cf4001505c4057866b57e4de5ef0ee9f88b41986a80119c962594972011fc0c39b4a74b74747f5116d896a0ebcbb4387685672899af54b80ae07008971ea1c997a898e33aab769e4e52fbbec97ebf199ce76454badbd4eab272f1d1caabb3b49b3aafc1e67d09ee8feb0580e414eb45f3f0c25fe88872312fec2341e7a6100b2e04ed25fce13a146098dce98446b2f3875ecb269a886795698619d337da612f19bf8d4fe3028e79a26548128d1595af0bf98ff320dc73d873f05ebd07c87cae28df067c00de3e53cc77e801e1304192ca7bf78ab28db40564328a108f9f0ddd8e1b0baeccf16bf1deb3cc5c4b5f5140f6b8a256e9128c203418aa3d93e3f08078977667dc02d830bb6869de92f29a65ac6d2689d0a5a90887a8643119dc9a68b5b00bd59d45da9d7ed5dae6ee6da6119243f77f51b263200f90abbb61cce9a951781ea2012a2c8d7200906439b08e7e76cf9c9536b2e6b560afd7cbaa5044791ee17ded45adfd9d359dac0a9f4ed15bf2cb2ea9b12b7cb11b597cf2e6e750a6c636fe2c4b144f6ff43ccffddae787be160b0a8b4282b35a6aeece165814e95ce7adbe416ef4e51860cb4f5d50af2a86aa4ee602a30aa54850e0cb4a38dc3a1c711b5d03b6a53ee102ac68e553d11e5fb3d0a8e0ef34266263ca4a3e0b76c55a92f75f921cd61a5363e5db7737874d57c653d63457260b67b1df330827b2921c29fda0045bbe7404e40985039f7db153f52b2c941a56
a0de317ffbf927f42782fa48270f2c969563b183a4b0112f3497dd3c2a423ec83498bdbaac928910a9fb7fe5788e454c027a28f4a91af2bf09e261f85b0eee4f7929e63c4062496cb09534bb6d03ff69ed2915d0ea215b4fb3d1044e86eb87dfb4898bcbd50e5c4ddfbdb83b9410e1adf91446c43c959e0e341d67a5a7ef8712586de3b8b9c5b6f80f42f235bf68900ebfe6304bb0d9f67408b76201ec26180b4bd76500de4f0df86df4a063aececca69ddf8a162b67a4b9800fa7570d5b551ac2703adc0ffced00650a96cd81ec4187b90c6b2140ce99c1937c40587ea72899897e628115bcab73b3d9f425860b109a67347b8a121f65d0968d56a3dde6b8171cea61b08ae568b9d03c398977ce86f75055230ef370cabf67c9cf97c3223719555403f3e0bd2af0e1e8742decb05fadb0227f15d40ee2d6dc5a49fe1e6bc9e6cedde74294c3bb6fd5c5fedfad672df1dffd219bd8bc1ec39158eab507998755f553441d01cd26a5501f6fb2db4f3597510f85b93a542514c8013eedbbfc913dcce8b20a5759665bdfd9919eb22a89163d8656386d857c5bfc7c241c1d726cd94ab0f92d5b0fefcf1d4abdd26fbc6c17a4ccacf2d31e5e713059de93c59d3b8d3e8d03b5d663f9dfadb03e093cb84fcf500a1f0e2e5ba1c9d81db12cc799c6539af0cc35682d95cb789c745a452bd8b38e6cf08e0579da1ab43ad0858d0305f961b15a79c1090f4867040ea2bd36cf6512aab44ce5a1098efe039134f23bf057777fef3e68e45827b0487924cad4e5f0b1c3b4f5a0e3853b39640eb0782d78888fe92c3b68624e84ff6a5eded87be62d34ce858f34e5fffbba75f014df0f648988b51a72de1ff54d5c7a4b8ecb10c5e9ef51de98c01ef8c406f9824a0c15a29e16b5a53e3643b0065a4263ecae50d2cb976d3d2ea6255a65f1c6cc86167f1784a27b832037db4ce1e262475334f3b2430f86c7a24456eea82ab678aba91bb4c0cc82c877b80b6d3574007257272c3e126c17a8b36aa8aa9431ff01bf658f82d8153eddea6804cdc564a3f5e9967b08feeb823d3db9356a4acdd80e883ca58a1c661d01d145f80a3ab67e8036c0bae1bb7bc43204eb0cf38214bc74a9aef036a31d5a9c552d93a25c0e84057bce5437b1634680d04a77472d631432d2baa7a3acd64220efcf9e7848f8fd9801bef7561a470a1822032160eb59edc0f977882dce4fb2872d89d27ff076dba74a9672f86909956579c28853fa8de7002cc8458d09256d42a39f1a4bdb6b56d36d51488e7368686e54c1bbbfff48884e0d536be362e59bd7f18329a4b82aed396e4f92865f594d0da38f7cace7a4603af60c1a53bdfd19476094aac6e4a8f31fc1257d48d03bb0ef515d8460b9441532c8b5043d0531d5881adb6d997bb184fd8caf4d8e6c759c3f7143b9e32bc7a0ec6234b68adf4111ca1d136721438e5e6d7125d480ce982d84aea7703b4010cd27867d6ddc5e0c970385196f020e48eddb24c56972f9e61e6cc29c1712551583828f899534aacfffc66f99999ea2ba2731d52a7fd2fa262a22b075da52a5aa58f5b41aa9cdc9181406717f3f75e7c475090121966838125236e4dc6291ae3874968e8208b983aadb03ca60acd935e6da1b829407f70a77340e4439f22fdc2fc4218de0f25d2f886c0aaeb693c2b23db0eab9953bf806c2173e0bc9d0d7ef0e763775bc1432ff48d6035b1214294c81b71cd98c42831014090cd99cb74929ae853f88132e559104d4fea98ad40f17da4100a909a6981bad9efb240a79520927aa12232a56f4d8893bff92bfc2bd42cf3dc09bdc484dfdba3a10c609186104ce33e3024f44000be34814ff5dc9872d44b4157fb3a6655b985f6cc5ef4586f2abfee12dcbdb90181b396f95fe3213f094d1f3dd3d7fed800f4ed21290f613b62048e0fc1f1328d9f87a5653b489d36f727be9d755523def0472f1c1d5ac90ee665379ff39d06e863c244890f5333a0b89b92022c1a8198029fe5f8c203b3dd211d4398958ee190108dd50b7850e20d8abe2b927d53d28f3b8ca26be81bc6b83c0e2b3b1dda28066c63860cea89df82708ef21d4d36b84663e87b4385a3e37bd3ff1eb2bf64184c44723490669af4da092d45ba21a569a352e513d9a9b43e9cd4b812055822626efc55f950009232b8b3bb2d63d44a8b0bd9bd4e84c5a724496a2326f63c97dbcb235366ec0cf6096b5f4988d073c34bd3a084130cea8d6ee22e542b411c1e18599667b3fd6dde0669ad82c85a1c10ca5862213cb1bb277e6c4f6564f20a9bcea1b48170504c47235d78ed0a0441987c8c17d90d7b56cf487c46733ba4a6848fec42b97ce4048f3c6d9c493322f052ef93f02f142b3940a10921bd15c911e7a97aa4a20dc383c62cd288d252ba937b3f60761e6653568a01241bb573664de04811cf3f59b4c2d7e8a6c55da16f468383456aa751697697397c2a5e5abfa0f1099d80447d49da509aa1347f3943ee9baa1fdad2a0e69410b34253ad4991282d0e952260f52ab9f02a3d00b37098cf60354424f862066e45e92ac475c99a00e7380766e589abf66271619142795cf7a7fbd138a6cc5bd7e135122341d1f06eb5b436c59be0adedc71bc03d7c63c16751ad56c69e36decfe9e8214c719fcdf2e9fe2dc971f03c1c2ad6b6d368fe8b11d0389650c73d1c7e73708145fa05992a150e6a909656ea786e244bdf1cd71f4b0fd05b1335d703182ffa9d96c99108297b1fe327a83bf4f69d2a9c3d1eb73a9dd8cee2b3220904ac31011fd6407a5ba427facb46227fdedb13d1ca6443ded3dc3b6cf06a59dc9b9226fbf357334abf58412605fd206e7b6125fa19e5d68f75783fa08205b05c0a12d1830068317f6105958c4eb37bcb1beae6a401c267641aa58274a410d76b4d2a03e418020869b6886bb81964761b3fcd8ea68050ad6cff99649cde8fa53f04b0c96e271c0b092e24d81ea2d723775799e713ea9da6967ef57aaafe1c6732f2f047556027f021c65fc20c1c3bcb392acf8ff7a9e14d9728a5aaacd255fc3866b041e9c96dcf592083d78c9e405ddd7991d2e2536d2eb1ba0f0ece3dfb6a34c2665cfac2d1850fd478f617fdd4e9dd4492c553bd375cfd33f4744d642006f3a5216a1ff7d73643ed751caecdfdcb56247aa2f66fbcb8315daaa86006a99e0350a72d5d5260d6bb77ac53cdd7abacb859586c279b7facdf076c922ac27f3e907fb3b4ec977ca634a28df064162165222dcce674dab60a4e9d48e7fcea267abb1f8e0a2012aa6db532a4ce74fbaf583e2c292fa1b56be585d14ee073cdafe3fc0c19050e698ec41b9d27f5db41a779208118a5d3f8f74333b2ad2fe3cee273bbfea485ead817effedf1260c1a125070589b6f0f31984ed498cbd273e84a718f54c82cbc2747e678f8437dde23c9ea3c877823034b7c70731c2d01cc09d11d3364e7945b6480b9b416acb54cd1194b46c6d2e147619ac1c1fa915af80a5098647247ebcf0449634f69c96afc740bce61993228183d98d0f85406d8ffd934
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 ASFLTDrv.sys;ASFLTDrv.sys;c:\program files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys;c:\program files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.20);c:\windows\system32\DRIVERS\RtTeam620.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam620.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan620.sys;c:\windows\SYSNATIVE\DRIVERS\RtVlan620.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [x]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R4 ASDiskUnlocker;ASDiskUnlocker;c:\program files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe;c:\program files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe [x]
R4 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.01.06\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.01.06\AsusFanControlService.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 ndisrd;WinpkFilter LightWeight Filter;c:\windows\system32\DRIVERS\ndisrd.sys;c:\windows\SYSNATIVE\DRIVERS\ndisrd.sys [x]
S1 VDiskBus;ASUS Disk Unlocker;c:\windows\system32\DRIVERS\VDiskBus64.sys;c:\windows\SYSNATIVE\DRIVERS\VDiskBus64.sys [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [x]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2013\avgfws.exe;c:\program files (x86)\AVG\AVG2013\avgfws.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys;c:\windows\SYSNATIVE\DRIVERS\RtNdPt60.sys [x]
S3 AiCharger;AiCharger;SysWow64\drivers\AiCharger.sys;SysWow64\drivers\AiCharger.sys [x]
S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2012-03-13 09:23 1500672 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2012-03-13 09:23 1500672 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-03-13 09:23 1500672 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\AsusWSShellExt64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-NtVdmSrv - c:\windows\inf\ntvdm.vbe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\AI Suite II\AsRoutineController.exe
c:\program files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
c:\program files (x86)\ASUS\AI Suite II\AI Suite II.exe
c:\program files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
.
**************************************************************************
.
Celkový čas: 2013-08-04 23:23:50 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-08-04 21:23
.
Před spuštěním: Volných bajtů: 418 921 594 880
Po spuštění: Volných bajtů: 419 074 764 800
.
- - End Of File - - 939852601E612745E860645C2D2B6905
A36C5E4F47E84449FF07ED3517B43A31

Reklama

Příspěvekod **memphisto** » 05 srp 2013 17:03

Dej to do jedné odpovědi... Takhle to nejde přešíst a ještě je to přes dvě strany...

creativ718 · Příspěvekod **creativ718** » 05 srp 2013 17:28

Tak máš to upraveno do jednoho, ty zbytečné posty můžeš smazat.

/díky. memphisto

Příspěvekod **jaro3** » 05 srp 2013 19:50

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::

Folder::
c:\program files (x86)\Skype\Updater

Driver::
SkypeUpdate

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"3212083974"=-

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

creativ718 · Příspěvekod **creativ718** » 05 srp 2013 21:29

ComboFix 13-08-05.03 - Luboš 05.08.2013 20:20:26.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8126.6960 [GMT 2:00]
Spuštěný z: c:\users\LuboÜ\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\LuboÜ\Desktop\CFScript.txt
AV: AVG Internet Security 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-07-05 do 2013-08-05 )))))))))))))))))))))))))))))))
.
.
2013-08-05 18:24 . 2013-08-05 18:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-05 10:18 . 2013-08-05 15:42 -------- d--h--w- c:\windows\msdownld.tmp
2013-08-05 10:18 . 2013-08-05 10:18 -------- d-----w- C:\Games
2013-08-04 16:56 . 2013-08-04 20:40 -------- d-----w- C:\Fraps
2013-08-04 16:56 . 2013-08-04 16:56 499708 ----a-w- c:\windows\SysWow64\phatk121016Bonairev1w256l4.bin
2013-08-04 16:56 . 2013-08-04 16:56 -------- d-----w- c:\program files (x86)\Fraps-full version
2013-08-04 14:34 . 2013-08-04 14:34 -------- d-----w- c:\program files (x86)\Sony
2013-08-04 14:34 . 2012-01-20 12:14 18816 ----a-w- c:\windows\system32\roboot64.exe
2013-08-04 14:21 . 2013-08-04 14:21 -------- d-----w- c:\windows\ERUNT
2013-08-04 11:56 . 2013-08-04 14:34 -------- d-----w- c:\program files\Sony
2013-08-04 11:56 . 2013-08-04 11:56 -------- d-----w- c:\programdata\Sony
2013-08-03 17:27 . 2013-08-03 17:28 -------- d-----w- c:\programdata\AVG2013
2013-08-03 17:27 . 2013-08-03 17:27 -------- d-----w- C:\$AVG
2013-08-03 17:26 . 2013-08-03 17:26 -------- d-----w- c:\program files (x86)\AVG
2013-08-03 17:24 . 2013-08-05 17:43 -------- d-----w- c:\programdata\MFAData
2013-08-03 11:38 . 2013-08-03 11:38 -------- d-----w- c:\programdata\TuneUp Software
2013-08-03 11:38 . 2013-08-03 11:43 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-08-03 11:37 . 2013-08-03 11:37 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2013-08-02 17:19 . 2013-08-02 17:19 -------- d-----w- c:\program files (x86)\Opera
2013-08-02 09:27 . 2013-08-02 09:27 -------- d-----w- c:\program files (x86)\Shifters Anticheat
2013-08-01 07:11 . 2013-08-01 07:11 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-08-01 07:11 . 2013-08-01 07:11 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-31 21:23 . 2013-07-31 21:23 -------- d-----w- c:\windows\SysWow64\Macromed
2013-07-31 21:23 . 2013-07-31 21:23 -------- d-----w- c:\windows\system32\Macromed
2013-07-31 20:10 . 2013-08-01 07:11 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-07-31 20:10 . 2013-08-01 07:11 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-07-31 20:09 . 2013-07-31 20:09 -------- d-----w- c:\program files (x86)\Java
2013-07-31 16:20 . 2013-07-31 16:20 -------- d-----w- c:\program files (x86)\Trend Micro
2013-07-31 15:57 . 2013-08-04 09:23 -------- d-----w- c:\program files (x86)\BitLord 2
2013-07-31 14:10 . 2013-07-31 14:10 -------- d-----w- c:\program files (x86)\OpenOffice.org 3
2013-07-31 13:53 . 2013-07-31 13:53 -------- d-----w- c:\windows\SysWow64\Wat
2013-07-31 13:53 . 2013-07-31 13:53 -------- d-----w- c:\windows\system32\Wat
2013-07-31 12:08 . 2013-06-23 22:41 78185248 ----a-w- c:\windows\system32\MRT.exe
2013-07-31 11:52 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-07-31 11:52 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-07-31 11:52 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-07-31 11:52 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-07-31 11:52 . 2010-09-30 10:41 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-07-31 11:52 . 2010-09-30 06:47 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-07-31 11:49 . 2013-07-15 01:34 9460976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{68D5C1D8-01E6-421F-8285-889BAD679F70}\mpengine.dll
2013-07-31 11:48 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-07-31 11:48 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-07-31 11:48 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-07-31 11:48 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-07-31 11:48 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-07-31 11:42 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-31 11:42 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-07-31 11:40 . 2010-12-23 10:42 1118720 ----a-w- c:\windows\system32\sbe.dll
2013-07-31 11:39 . 2012-06-02 05:50 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2013-07-31 11:38 . 2012-11-20 05:48 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-07-31 11:37 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2013-07-31 11:37 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2013-07-31 11:37 . 2012-08-24 18:05 220160 ----a-w- c:\windows\system32\wintrust.dll
2013-07-31 11:37 . 2012-08-24 16:57 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-31 11:37 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2013-07-31 11:37 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2013-07-31 11:37 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2013-07-31 11:35 . 2012-06-06 06:05 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2013-07-30 18:54 . 2013-07-30 18:54 -------- d-----w- c:\users\Luboç
2013-07-30 18:25 . 2013-08-04 21:23 -------- d-----w- c:\users\Owner
2013-07-30 18:09 . 2013-07-30 18:09 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-07-30 18:09 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-07-30 17:44 . 2013-07-30 17:44 -------- d-----w- c:\program files (x86)\ObviousIdea
2013-07-30 15:25 . 2013-08-03 19:27 -------- d-----w- c:\program files (x86)\SpeedFan
2013-07-30 14:57 . 2013-07-30 14:57 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-07-30 14:57 . 2013-07-30 14:57 -------- d-----r- c:\program files (x86)\Skype
2013-07-30 14:57 . 2013-07-30 14:57 -------- d-----w- c:\programdata\Skype
2013-07-30 14:55 . 2013-07-30 14:55 -------- d-----w- c:\program files (x86)\Webteh
2013-07-30 13:43 . 2008-07-31 08:41 68616 ----a-w- c:\windows\SysWow64\XAPOFX1_1.dll
2013-07-30 13:43 . 2008-07-31 08:40 509448 ----a-w- c:\windows\SysWow64\XAudio2_2.dll
2013-07-30 13:43 . 2008-07-12 06:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2013-07-30 13:43 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2013-07-30 13:43 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2013-07-30 13:42 . 2013-07-30 13:42 -------- d-----w- C:\Riot Games
2013-07-30 13:39 . 2013-08-04 15:20 -------- d-----w- c:\programdata\PMB Files
2013-07-30 13:39 . 2013-07-30 13:39 -------- d-----w- c:\program files (x86)\Pando Networks
2013-07-30 13:09 . 2013-07-30 13:09 -------- d-----w- c:\programdata\Malwarebytes
2013-07-30 13:08 . 2013-07-30 13:08 -------- d-----w- C:\vcs5BGEffects
2013-07-30 13:07 . 2013-07-30 18:25 -------- d-----w- c:\programdata\IObit
2013-07-30 13:07 . 2013-07-30 13:07 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-07-30 12:56 . 2013-07-30 12:56 -------- d-----w- c:\program files (x86)\IObit
2013-07-30 11:45 . 2013-08-05 15:34 -------- d-----w- c:\program files (x86)\Steam
2013-07-30 11:45 . 2013-07-30 11:54 -------- d-----w- c:\program files (x86)\Common Files\Steam
2013-07-30 11:38 . 2013-07-30 11:38 -------- d-----w- c:\program files (x86)\TeamViewer
2013-07-30 11:25 . 2013-07-30 11:25 -------- d-----w- c:\program files\CCleaner
2013-07-30 10:27 . 2013-07-31 12:01 -------- d-----w- c:\program files (x86)\TeamSpeak 3 Client
2013-07-30 10:21 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2013-07-30 10:21 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2013-07-30 10:21 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-07-30 10:18 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-07-30 10:18 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-07-30 10:18 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-07-30 10:18 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-07-30 10:18 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2013-07-30 10:18 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2013-07-30 10:18 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2013-07-30 10:18 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-07-30 10:18 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2013-07-30 10:14 . 2012-05-22 00:25 19264 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys
2013-07-30 10:14 . 2012-05-22 00:25 789824 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys
2013-07-30 10:14 . 2012-05-22 00:25 357184 ----a-w- c:\windows\system32\drivers\iusb3hub.sys
2013-07-30 10:13 . 2012-12-26 17:26 805088 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2013-07-30 10:13 . 2012-12-26 17:26 74344 ----a-w- c:\windows\system32\RtNicProp64.dll
2013-07-30 10:13 . 2012-12-26 17:26 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2013-07-30 10:10 . 2011-12-08 07:55 53248 ----a-r- c:\windows\SysWow64\CSVer.dll
2013-07-30 10:10 . 2013-07-30 10:14 -------- d-----w- c:\program files (x86)\Intel
2013-07-30 10:07 . 2013-07-30 10:07 -------- d-----w- c:\windows\Chipset
2013-07-30 10:07 . 2013-07-30 10:07 16896 ----a-w- c:\windows\AsTaskSched.dll
2013-07-30 10:07 . 2011-02-25 06:25 296320 ----a-w- c:\windows\system32\drivers\volsnap.sys
2013-07-30 10:04 . 2013-07-30 10:04 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-07-30 10:04 . 2013-07-30 18:01 -------- d-----w- c:\program files (x86)\DAEMON Tools Pro
2013-07-30 10:03 . 2013-08-03 12:23 -------- d-----w- c:\programdata\DAEMON Tools Pro
2013-07-30 09:58 . 2013-07-30 09:58 -------- d-----w- c:\programdata\WinZip
2013-07-30 09:58 . 2013-07-30 09:58 -------- d-----w- c:\program files\WinZip
2013-07-30 09:57 . 2013-07-30 09:57 -------- d-----w- c:\program files (x86)\Real
2013-07-30 09:55 . 2013-07-30 09:55 -------- d-----w- c:\programdata\ASUS WebStorage
2013-07-30 09:53 . 2013-07-30 09:53 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-07-30 09:50 . 2012-03-22 14:10 14848 ----a-w- c:\windows\SysWow64\drivers\AiCharger.sys
2013-07-30 09:46 . 2013-07-30 09:46 -------- d-----w- c:\program files\ASUS
2013-07-30 09:45 . 2012-05-31 03:06 32400 ----a-r- c:\windows\system32\drivers\ndisrd.sys
2013-07-30 09:44 . 2008-12-02 18:05 184320 ----a-w- c:\windows\SysWow64\drivers\UpdateHelper.dll
2013-07-30 09:43 . 2013-07-30 09:43 -------- d-----w- c:\programdata\ASUS
2013-07-30 09:43 . 2013-07-30 09:55 -------- d-----w- c:\program files (x86)\ASUS
2013-07-30 09:43 . 2012-08-22 09:54 15232 ----a-r- c:\windows\SysWow64\drivers\AsIO.sys
2013-07-30 09:43 . 2010-06-29 07:41 28672 ----a-r- c:\windows\SysWow64\AsIO.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-31 16:20 . 2013-07-31 16:20 388096 ----a-r- c:\users\Luboš\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-07-31 16:20 . 2013-07-31 16:20 388096 ----a-r- c:\users\Luboš\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-07-30 17:44 . 2010-03-18 07:15 773712 ----a-w- c:\windows\SysWow64\msvcr100.dll
2013-07-30 17:44 . 2010-03-18 07:15 420944 ----a-w- c:\windows\SysWow64\msvcp100.dll
2013-06-30 23:45 . 2013-06-30 23:45 116536 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2013-06-07 11:45 . 2013-08-04 16:56 84992 --s-a-w- c:\windows\inf\msijuih\zlib1.dll
2013-06-07 11:45 . 2013-08-04 16:56 612352 --s-a-w- c:\windows\inf\msijuih\libcurl.dll
2013-06-07 11:45 . 2013-08-04 16:56 568334 --s-a-w- c:\windows\inf\msijuih\msijuih.exe
2013-06-07 11:45 . 2013-08-04 16:56 364544 --s-a-w- c:\windows\inf\msijuih\ssleay32.dll
2013-06-07 11:45 . 2013-08-04 16:56 279955 --s-a-w- c:\windows\inf\msijuih\libidn-11.dll
2013-06-07 11:45 . 2013-08-04 16:56 183382 --s-a-w- c:\windows\inf\msijuih\librtmp.dll
2013-06-07 11:45 . 2013-08-04 16:56 171008 --s-a-w- c:\windows\inf\msijuih\libssh2.dll
2013-06-07 11:45 . 2013-08-04 16:56 1704448 --s-a-w- c:\windows\inf\msijuih\libeay32.dll
2013-06-07 11:45 . 2013-08-04 16:56 110094 --s-a-w- c:\windows\inf\msijuih\libusb-1.0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2012-10-03 3111264]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-06-30 4411440]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GIGABYTE OC_GURU.lnk - c:\program files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe [2013-3-1 21946368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"3212083974"= 504b0304c239b7f8068374bfb511000000400000e269f63d73594f6202c9694280cc96a28bbd63516fe3c2d5f7a2ff87ac3a990c3ec3b2ed7b07716237a0dfb1dfb651f67e31cb2e7649f98d5e55e9b25b1a579794989b176c357bdcc11226bd6ecb7de8a63ea2165f6b31ead6b0a2a96a6e9d04b9b39f194ef52d48b088d4b6597f685a70ff6912914f86d8235681747da26cfd83223d3d248872c51095484634ebf976e4595f734bd35caf42b38dcf9e878af0be0a5e84b22940f721e8bbcdcbaa3e53607359252db16c0d6c38a142261bb4896d12a48c006cc3c21fdf717c155b2af0375d2545ee286c2aecb2955206ef25c82dc686f7eb83bb3072e94e1e59254b11a2e3628e1d98e177375b54e682a1c77f986e1907ffcb784accacb124189751d7ebbafc91d3a127f134a85e27f8c201d9082f621f5fffac09d2aab94a62f90bd74d6c96a8db6d42e4e98316449d202a4e24857673e2a50b7dfd9d5af72a21a19a922acc9675ba933a1c6ad4e0a11470fbb82eed7a79c5ca2dbb0bec5b2b43baa37373d3ef494726d7cf4a4aa8a3d6a5c206ced49148c0100bfa96b707be91b855151d8da8e0723dd1303325011b3951c9df7b10e9b153bced98376c4d7517f2e0e23a986914b2b0f978454441c47b5797d924ce9cd186d74d308099ee52f226e92de6b50e4a0691f75cfa9ce733494b8cafaeb4be4c65f6c9dffa34a3c2ed9d14f5844164be79b7a90495290350177b03aefa777ff519b624e3c75c219260ac447bba9a6db56f34b340a5f75837fab3c33831a3bc39c2914aeb87a39545bd7ed52450eb7e94d5380e2babce3f8ee6e3cdc9d4ed54d9889d9dbd0dc879caa2b121048a308a7f873252dad24ea8f8911ea0a3b202de930a9fc882cf1349ffe229016b2ebfd7821b8986d31deccbc296ba54fd6d864c915f1d77ac0734d96fe0ba43a669fab128026c7f90e9e1e0a7047f5a2378e4de0966eb6c217b3483194b2b21a3fa8a1cbef1d66a3fc8a5c863bcea6157981a11449bae3357f3287501cb9c24e0afb156f5ddfd6855cd8b7b43feabd9412c1c208b5de2330c469a59de5b490cc06bfd5a4900cb121eb967bc7185a9f00112a5b1e8d8028ca02b0f2b194af03cc1e172b70c9b88643e3c064b5406cf184ad9eba26736ef6feb30dac8ba400933a32a3c03230bd732fcbe16c4b3bdcc0b501616ce956d968b8da68b4a9a64238601e81e78095961580431361a4dd9fe963d3ceba5c21bba416c1cc9d94bb842c25b2fd12c8bf42c35948272965a3fecf6e9b92d32d7e84a402a0b6214a412a23427e4852ce607fd9f7ff8559bbb96a9ae577df0c19d108587d372470be0d3e27ed61feb442c2d65e55bac81c2786cf6b837eebc1b5af35634b29fd5d96347b5f9c747c8a9a83e7cb3c188d9042f08fbd4edeebd65de7c04b275b7fd74067a0ae3033752aa55a45a05355811416ea4a5101511e99305b700bd44742cbd6a9272b5cf4001505c4057866b57e4de5ef0ee9f88b41986a80119c962594972011fc0c39b4a74b74747f5116d896a0ebcbb4387685672899af54b80ae07008971ea1c997a898e33aab769e4e52fbbec97ebf199ce76454badbd4eab272f1d1caabb3b49b3aafc1e67d09ee8feb0580e414eb45f3f0c25fe88872312fec2341e7a6100b2e04ed25fce13a146098dce98446b2f3875ecb269a886795698619d337da612f19bf8d4fe3028e79a26548128d1595af0bf98ff320dc73d873f05ebd07c87cae28df067c00de3e53cc77e801e1304192ca7bf78ab28db40564328a108f9f0ddd8e1b0baeccf16bf1deb3cc5c4b5f5140f6b8a256e9128c203418aa3d93e3f08078977667dc02d830bb6869de92f29a65ac6d2689d0a5a90887a8643119dc9a68b5b00bd59d45da9d7ed5dae6ee6da6119243f77f51b263200f90abbb61cce9a951781ea2012a2c8d7200906439b08e7e76cf9c9536b2e6b560afd7cbaa5044791ee17ded45adfd9d359dac0a9f4ed15bf2cb2ea9b12b7cb11b597cf2e6e750a6c636fe2c4b144f6ff43ccffddae787be160b0a8b4282b35a6aeece165814e95ce7adbe416ef4e51860cb4f5d50af2a86aa4ee602a30aa54850e0cb4a38dc3a1c711b5d03b6a53ee102ac68e553d11e5fb3d0a8e0ef34266263ca4a3e0b76c55a92f75f921cd61a5363e5db7737874d57c653d63457260b67b1df330827b2921c29fda0045bbe7404e40985039f7db153f52b2c941a56e922dcfb60b89dbee327ed6f5c1e438270f766a6ed1730fc581a4aebcfe3b7726b27d6b092cf5a0b6954196cb4cc2788b8722338ee189d9e22692595f0d5b333b0f715cb8d94a08afb631dbb1be79a773e8f1a4eaf7220c24222dda431b91d9175dfa0c6ae81e8c4c879d64446cf56faefe1487ca6739a776aee42ef8be40a612f95cde3b1feeac1e1e41a24c92ed8b0152e247239e5a8bc903679ca8c7b94659ad5b1d10551f460d924fb60882fc90508c3723420f86f4cf100387e808133cc429883c0e3ace91651c075cd19d106e0b437b0363048ca1feaaf929b87aed90afde281edca0fa0cc7b5a7f03807fa5ac41b1ed73130eac1117c631c1818142f24d420f6776cb53d4d0326b9fc3008c3ca03fc649d87d37fa617b74f2865c75298bed54b7d8dc676e2210374d8bf194ae2feda62b4798933c764ccddf845330721fc21e68c0695ca73285103e22ae68da440326dfef9a80d17d0a7c3f920e7b0aa806ee9b7549ed9878b6cfb505ac69e8e8d3cfa718675764cfb03861d32afaae1d918be87f6a9ac0d815c57ad3e167d642f5fcddc25d4ba3ac3e67c26a4deaa17797b3c0654f271eaaa442a71cbe19372adcbde3df8b3fe491e5a76a79d1291a0de317ffbf927f42782fa48270f2c969563b183a4b0112f3497dd3c2a423ec83498bdbaac928910a9fb7fe5788e454c027a28f4a91af2bf09e261f85b0eee4f7929e63c4062496cb09534bb6d03ff69ed2915d0ea215b4fb3d1044e86eb87dfb4898bcbd50e5c4ddfbdb83b9410e1adf91446c43c959e0e341d67a5a7ef8712586de3b8b9c5b6f80f42f235bf68900ebfe6304bb0d9f67408b76201ec26180b4bd76500de4f0df86df4a063aececca69ddf8a162b67a4b9800fa7570d5b551ac2703adc0ffced00650a96cd81ec4187b90c6b2140ce99c1937c40587ea72899897e628115bcab73b3d9f425860b109a67347b8a121f65d0968d56a3dde6b8171cea61b08ae568b9d03c398977ce86f75055230ef370cabf67c9cf97c3223719555403f3e0bd2af0e1e8742decb05fadb0227f15d40ee2d6dc5a49fe1e6bc9e6cedde74294c3bb6fd5c5fedfad672df1dffd219bd8bc1ec39158eab507998755f553441d01cd26a5501f6fb2db4f3597510f85b93a542514c8013eedbbfc913dcce8b20a5759665bdfd9919eb22a89163d8656386d857c5bfc7c241c1d726cd94ab0f92d5b0fefcf1d4abdd26fbc6c17a4ccacf2d31e5e713059de93c59d3b8d3e8d03b5d663f9dfadb03e093cb84fcf500a1f0e2e5ba1c9d81db12cc799c6539af0cc35682d95cb789c745a452bd8b38e6cf08e0579da1ab43ad0858d0305f961b15a79c1090f4867040ea2bd36cf6512aab44ce5a1098efe039134f23bf057777
fef3e68e45827b0487924cad4e5f0b1c3b4f5a0e3853b39640eb0782d78888fe92c3b68624e84ff6a5eded87be62d34ce858f34e5fffbba75f014df0f648988b51a72de1ff54d5c7a4b8ecb10c5e9ef51de98c01ef8c406f9824a0c15a29e16b5a53e3643b0065a4263ecae50d2cb976d3d2ea6255a65f1c6cc86167f1784a27b832037db4ce1e262475334f3b2430f86c7a24456eea82ab678aba91bb4c0cc82c877b80b6d3574007257272c3e126c17a8b36aa8aa9431ff01bf658f82d8153eddea6804cdc564a3f5e9967b08feeb823d3db9356a4acdd80e883ca58a1c661d01d145f80a3ab67e8036c0bae1bb7bc43204eb0cf38214bc74a9aef036a31d5a9c552d93a25c0e84057bce5437b1634680d04a77472d631432d2baa7a3acd64220efcf9e7848f8fd9801bef7561a470a1822032160eb59edc0f977882dce4fb2872d89d27ff076dba74a9672f86909956579c28853fa8de7002cc8458d09256d42a39f1a4bdb6b56d36d51488e7368686e54c1bbbfff48884e0d536be362e59bd7f18329a4b82aed396e4f92865f594d0da38f7cace7a4603af60c1a53bdfd19476094aac6e4a8f31fc1257d48d03bb0ef515d8460b9441532c8b5043d0531d5881adb6d997bb184fd8caf4d8e6c759c3f7143b9e32bc7a0ec6234b68adf4111ca1d136721438e5e6d7125d480ce982d84aea7703b4010cd27867d6ddc5e0c970385196f020e48eddb24c56972f9e61e6cc29c1712551583828f899534aacfffc66f99999ea2ba2731d52a7fd2fa262a22b075da52a5aa58f5b41aa9cdc9181406717f3f75e7c475090121966838125236e4dc6291ae3874968e8208b983aadb03ca60acd935e6da1b829407f70a77340e4439f22fdc2fc4218de0f25d2f886c0aaeb693c2b23db0eab9953bf806c2173e0bc9d0d7ef0e763775bc1432ff48d6035b1214294c81b71cd98c42831014090cd99cb74929ae853f88132e559104d4fea98ad40f17da4100a909a6981bad9efb240a79520927aa12232a56f4d8893bff92bfc2bd42cf3dc09bdc484dfdba3a10c609186104ce33e3024f44000be34814ff5dc9872d44b4157fb3a6655b985f6cc5ef4586f2abfee12dcbdb90181b396f95fe3213f094d1f3dd3d7fed800f4ed21290f613b62048e0fc1f1328d9f87a5653b489d36f727be9d755523def0472f1c1d5ac90ee665379ff39d06e863c244890f5333a0b89b92022c1a8198029fe5f8c203b3dd211d4398958ee190108dd50b7850e20d8abe2b927d53d28f3b8ca26be81bc6b83c0e2b3b1dda28066c63860cea89df82708ef21d4d36b84663e87b4385a3e37bd3ff1eb2bf64184c44723490669af4da092d45ba21a569a352e513d9a9b43e9cd4b812055822626efc55f950009232b8b3bb2d63d44a8b0bd9bd4e84c5a724496a2326f63c97dbcb235366ec0cf6096b5f4988d073c34bd3a084130cea8d6ee22e542b411c1e18599667b3fd6dde0669ad82c85a1c10ca5862213cb1bb277e6c4f6564f20a9bcea1b48170504c47235d78ed0a0441987c8c17d90d7b56cf487c46733ba4a6848fec42b97ce4048f3c6d9c493322f052ef93f02f142b3940a10921bd15c911e7a97aa4a20dc383c62cd288d252ba937b3f60761e6653568a01241bb573664de04811cf3f59b4c2d7e8a6c55da16f468383456aa751697697397c2a5e5abfa0f1099d80447d49da509aa1347f3943ee9baa1fdad2a0e69410b34253ad4991282d0e952260f52ab9f02a3d00b37098cf60354424f862066e45e92ac475c99a00e7380766e589abf66271619142795cf7a7fbd138a6cc5bd7e135122341d1f06eb5b436c59be0adedc71bc03d7c63c16751ad56c69e36decfe9e8214c719fcdf2e9fe2dc971f03c1c2ad6b6d368fe8b11d0389650c73d1c7e73708145fa05992a150e6a909656ea786e244bdf1cd71f4b0fd05b1335d703182ffa9d96c99108297b1fe327a83bf4f69d2a9c3d1eb73a9dd8cee2b3220904ac31011fd6407a5ba427facb46227fdedb13d1ca6443ded3dc3b6cf06a59dc9b9226fbf357334abf58412605fd206e7b6125fa19e5d68f75783fa08205b05c0a12d1830068317f6105958c4eb37bcb1beae6a401c267641aa58274a410d76b4d2a03e418020869b6886bb81964761b3fcd8ea68050ad6cff99649cde8fa53f04b0c96e271c0b092e24d81ea2d723775799e713ea9da6967ef57aaafe1c6732f2f047556027f021c65fc20c1c3bcb392acf8ff7a9e14d9728a5aaacd255fc3866b041e9c96dcf592083d78c9e405ddd7991d2e2536d2eb1ba0f0ece3dfb6a34c2665cfac2d1850fd478f617fdd4e9dd4492c553bd375cfd33f4744d642006f3a5216a1ff7d73643ed751caecdfdcb56247aa2f66fbcb8315daaa86006a99e0350a72d5d5260d6bb77ac53cdd7abacb859586c279b7facdf076c922ac27f3e907fb3b4ec977ca634a28df064162165222dcce674dab60a4e9d48e7fcea267abb1f8e0a2012aa6db532a4ce74fbaf583e2c292fa1b56be585d14ee073cdafe3fc0c19050e698ec41b9d27f5db41a779208118a5d3f8f74333b2ad2fe3cee273bbfea485ead817effedf1260c1a125070589b6f0f31984ed498cbd273e84a718f54c82cbc2747e678f8437dde23c9ea3c877823034b7c70731c2d01cc09d11d3364e7945b6480b9b416acb54cd1194b46c6d2e147619ac1c1fa915af80a5098647247ebcf0449634f69c96afc740bce61993228183d98d0f85406d8ffd934
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2013\avgfws.exe;c:\program files (x86)\AVG\AVG2013\avgfws.exe [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 ASFLTDrv.sys;ASFLTDrv.sys;c:\program files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys;c:\program files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.20);c:\windows\system32\DRIVERS\RtTeam620.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam620.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan620.sys;c:\windows\SYSNATIVE\DRIVERS\RtVlan620.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [x]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R4 ASDiskUnlocker;ASDiskUnlocker;c:\program files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe;c:\program files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe [x]
R4 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.01.06\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.01.06\AsusFanControlService.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files
(x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 ndisrd;WinpkFilter LightWeight Filter;c:\windows\system32\DRIVERS\ndisrd.sys;c:\windows\SYSNATIVE\DRIVERS\ndisrd.sys [x]
S1 VDiskBus;ASUS Disk Unlocker;c:\windows\system32\DRIVERS\VDiskBus64.sys;c:\windows\SYSNATIVE\DRIVERS\VDiskBus64.sys [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys;c:\windows\SYSNATIVE\DRIVERS\RtNdPt60.sys [x]
S3 AiCharger;AiCharger;SysWow64\drivers\AiCharger.sys;SysWow64\drivers\AiCharger.sys [x]
S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2012-03-13 09:23 1500672 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2012-03-13 09:23 1500672 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-03-13 09:23 1500672 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\AsusWSShellExt64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-08-05 20:25:20
ComboFix-quarantined-files.txt 2013-08-05 18:25
ComboFix2.txt 2013-08-05 18:09
ComboFix3.txt 2013-08-04 21:23
.
Před spuštěním: Volných bajtů: 402 586 546 176
Po spuštění: Volných bajtů: 402 518 102 016
.
- - End Of File - - EEAE167164CC6243C4CFA142EDF1D351
A36C5E4F47E84449FF07ED3517B43A31

creativ718 · Příspěvekod **creativ718** » 05 srp 2013 21:30

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:28:11, on 5.8.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - Global Startup: GIGABYTE OC_GURU.lnk = C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 5307 bytes

creativ718 · Příspěvekod **creativ718** » 05 srp 2013 21:30

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-08-05 21:26:36
-----------------------------
21:26:36.323 OS Version: Windows x64 6.1.7601 Service Pack 1
21:26:36.323 Number of processors: 2 586 0x3A09
21:26:36.323 ComputerName: CREATIV-PC UserName: Luboš
21:26:40.145 Initialize success
21:26:47.307 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:26:47.307 Disk 0 Vendor: ST500DM002-1BD142 KC48 Size: 476940MB BusType: 11
21:26:47.447 Disk 0 MBR read successfully
21:26:47.447 Disk 0 MBR scan
21:26:47.447 Disk 0 Windows 7 default MBR code
21:26:47.463 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
21:26:47.463 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
21:26:47.478 Disk 0 scanning C:\Windows\system32\drivers
21:26:51.269 Service scanning
21:26:59.927 Modules scanning
21:26:59.927 Disk 0 trace - called modules:
21:26:59.943 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
21:26:59.943 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800765b790]
21:26:59.943 3 CLASSPNP.SYS[fffff8800189443f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800710e680]
21:27:00.442 Scan finished successfully
21:27:21.533 Disk 0 MBR has been saved successfully to "C:\Users\Luboš\Desktop\MBR.dat"
21:27:21.533 The log file has been saved successfully to "C:\Users\Luboš\Desktop\aswMBR.txt"

creativ718 · Příspěvekod **creativ718** » 05 srp 2013 21:31

Vysvětlivky:

1. post - log z combofixu
2. post - novy log z HJT
3. post - log z aswMBR

Příspěvekod **memphisto** » 06 srp 2013 07:29

Toto otestuj na Virustotal
c:\windows\inf\msijuih\msijuih.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

creativ718 · Příspěvekod **creativ718** » 06 srp 2013 10:40

Tohle mi to píše, když kliknu na "reanalyse"

Příspěvekod **memphisto** » 06 srp 2013 16:56

Jaro3 měl stejný problém. Zkus tu analýzu udělat v IE

creativ718 · Příspěvekod **creativ718** » 06 srp 2013 21:32

https://www.virustotal.com/cs/file/26c7 ... 375817399/

Prosím o kontrolu logu win7 Vyřešeno

Re: Prosím o kontrolu logu win7

Re: Prosím o kontrolu logu win7

Re: Prosím o kontrolu logu win7

Re: Prosím o kontrolu logu win7

Re: Prosím o kontrolu logu win7

Re: Prosím o kontrolu logu win7

Re: Prosím o kontrolu logu win7

Re: Prosím o kontrolu logu win7

Re: Prosím o kontrolu logu win7

Re: Prosím o kontrolu logu win7

Re: Prosím o kontrolu logu win7

Re: Prosím o kontrolu logu win7

Kdo je online