Prevence Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Ervussus
Level 3
Level 3
Příspěvky: 408
Registrován: duben 10
Pohlaví: Muž
Stav:
Offline

Prevence

Příspěvekod Ervussus » 19 bře 2013 07:14

Dobrý den,
chtěl bych pěkně poprosit o kontrolu logu :)
Předem děkuji.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:14:21, on 19.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Program Files (x86)\WinRAR\WinRAR.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mp3tubetoolbar.com/?tmp=toolbar_ ... bae0880bcd
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Mp3Tube Toolbar - {46897C77-E7A6-4c33-BFFB-E9C2E2718942} - "C:\Program Files (x86)\Mp3Tube Toolbar\mp3tubetb.DLL" (file missing)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6927 bytes

Reklama
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Prevence

Příspěvekod memphisto » 19 bře 2013 07:38

v logu fixni:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mp3tubetoolbar.com/?tmp=toolbar_ ... bae0880bcd
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O3 - Toolbar: Mp3Tube Toolbar - {46897C77-E7A6-4c33-BFFB-E9C2E2718942} - "C:\Program Files (x86)\Mp3Tube Toolbar\mp3tubetb.DLL" (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

Ervussus
Level 3
Level 3
Příspěvky: 408
Registrován: duben 10
Pohlaví: Muž
Stav:
Offline

Re: Prevence

Příspěvekod Ervussus » 19 bře 2013 16:07

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org

Verze: v2013.03.19.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Kubiňák :: KUBIŇÁK-PC [administrátor]

Ochrana: Povolena

19.3.2013 16:00:39
MBAM-log-2013-03-19 (16-07-39).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 216272
Uplynulý čas: 5 minut, 57 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 4
HKCR\CLSID\{46897C77-E7A6-4c33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{46897C77-E7A6-4C33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Mp3Tube (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IspAssistant-Mp3Tube (Adware.Adware.MP3TubeToolBar) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 2
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{46897C77-E7A6-4C33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Data: -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{46897C77-E7A6-4c33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Data: -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 7
C:\Program Files (x86)\Mp3Tube Toolbar (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 78
C:\Program Files (x86)\Mp3Tube Toolbar\mp3tubetb.dll (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\Mp3Tube.xml (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mp3Tube Toolbar\ffmpeg.exe (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mp3Tube Toolbar\Mp3TubeSvc.exe (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mp3Tube Toolbar\Mp3TubeVideoToMp3.exe (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mp3Tube Toolbar\ShowMsg.exe (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mp3Tube Toolbar\uninstall.exe (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome.manifest (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\install.rdf (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\constants.js (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\convertvideo.js (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\convertvideodlg.js (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\convertvideodlg.xul (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\events.js (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\savetomp3popup.js (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\savetomp3popup.xul (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\tbcore.js (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\toolbar.xul (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\weather.js (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\weatherLoc.js (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\content\weatherLoc.xul (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\arrow-grey.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\arrow_partner.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\arrow_small.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\bg.jpg (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\feeditem.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\logo.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\news_refresh.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\popupSearchMp3.css (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\popupWindow.css (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\SaveMp3_bg_hover.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\SaveMp3_bg_normal.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\savetomp3PopUp.css (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\Thumbs.db (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\toolbar.css (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\arrow.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\arrow_big.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\btn_close.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\dailyhotdeals.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\divider.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\facebook.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\games.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\icon-RSS.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\news.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\plainbutton.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\savemp3.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\savemp3popup-musicicon.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\savemp3popup.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\savemp3_disabled.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\saveyoutubevideos.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\screensaver.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\search.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\searchbar-grey-250.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\searchbox.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\separator_line.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\shopping.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\Thumbs.db (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\watermark.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\buttons\youtube.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\chance_of_rain.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\chance_of_snow.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\chance_of_storm.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\chance_of_tstorm.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\cloudy.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\flurries.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\hazy.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\mist.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\mostly_cloudy.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\mostly_sunny.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\rain.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\sleet.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\snow.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\storm.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\sunny.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\Thumbs.db (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\thunderstorm.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\weatherbug.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\Mozilla Firefox\extensions\mp3tubetoolbar@mp3tubetoolbar.com\chrome\skin\weather\windy.png (Adware.Mp3Tube) -> Nebyla provedena žádná instrukce.

(konec)

Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Prevence

Příspěvekod memphisto » 19 bře 2013 16:11

Tak v Mbam nech vše smazat a dodej ten druhý log z AdwCleaner
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

Ervussus
Level 3
Level 3
Příspěvky: 408
Registrován: duben 10
Pohlaví: Muž
Stav:
Offline

Re: Prevence

Příspěvekod Ervussus » 19 bře 2013 17:19

# AdwCleaner v2.115 - Log vytvooen 19/03/2013 v 17:19:23
# Aktualizováno 17/03/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Kubiňák - KUBIŇÁK-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Kubiňák\Downloads\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Program Files (x86)\AVG Secure Search
Složka Nalezeno : C:\Program Files (x86)\Common Files\AVG Secure Search
Složka Nalezeno : C:\Program Files (x86)\Conduit
Složka Nalezeno : C:\ProgramData\AVG Secure Search
Složka Nalezeno : C:\Users\Kubiňák\AppData\Local\AVG Secure Search
Složka Nalezeno : C:\Users\Kubiňák\AppData\Local\Conduit
Složka Nalezeno : C:\Users\Kubiňák\AppData\Local\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Složka Nalezeno : C:\Users\Kubiňák\AppData\Local\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Složka Nalezeno : C:\Users\Kubiňák\AppData\LocalLow\AVG Secure Search
Složka Nalezeno : C:\Users\Kubiňák\AppData\LocalLow\Conduit
Soubor Nalezeno : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml

***** [Registry] *****

Hodnota Nalezeno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\Mp3Tube
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Nalezeno : HKCU\Software\AVG Secure Search
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Klíe Nalezeno : HKCU\Software\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Klíe Nalezeno : HKCU\Software\ilivid
Klíe Nalezeno : HKLM\Software\AVG Secure Search
Klíe Nalezeno : HKLM\Software\AVG Security Toolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Klíe Nalezeno : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar.CT3225826
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v19.0.2 (cs)

Soubor : C:\Users\Kubiňák\AppData\Roaming\Mozilla\Firefox\Profiles\m1k73yzu.default-1361307352107\prefs.js

[OK] Soubor je eistý.

-\\ Google Chrome v25.0.1364.172

Soubor : C:\Users\Kubiňák\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

-\\ Opera v12.14.1738.0

Soubor : C:\Users\Kubiňák\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [5992 octets] - [19/03/2013 17:19:23]

########## EOF - C:\AdwCleaner[R1].txt - [6052 octets] ##########

Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Prevence

Příspěvekod memphisto » 19 bře 2013 20:58

Tak Mbam i AdwCleaner nech vše smazat a dodej logy

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

Ervussus
Level 3
Level 3
Příspěvky: 408
Registrován: duben 10
Pohlaví: Muž
Stav:
Offline

Re: Prevence

Příspěvekod Ervussus » 19 bře 2013 21:38

Z Anti-Malware asi nedodám, odstranil jsem, ale restartoval jsem PC. Nemůžu ten log najít.


# AdwCleaner v2.115 - Log vytvooen 19/03/2013 v 21:34:49
# Aktualizováno 17/03/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Kubiňák - KUBIŇÁK-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Kubiňák\Downloads\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Vymazáno poi restartu : C:\Program Files (x86)\Common Files\AVG Secure Search
Vymazáno poi restartu : C:\ProgramData\AVG Secure Search

***** [Registry] *****


***** [Internetové prohlížeee] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v19.0.2 (cs)

Soubor : C:\Users\Kubiňák\AppData\Roaming\Mozilla\Firefox\Profiles\m1k73yzu.default-1361307352107\prefs.js

[OK] Soubor je eistý.

-\\ Google Chrome v25.0.1364.172

Soubor : C:\Users\Kubiňák\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

-\\ Opera v12.14.1738.0

Soubor : C:\Users\Kubiňák\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [6111 octets] - [19/03/2013 17:19:23]
AdwCleaner[R2].txt - [1355 octets] - [19/03/2013 21:34:39]
AdwCleaner[S1].txt - [6049 octets] - [19/03/2013 21:33:00]
AdwCleaner[S2].txt - [1296 octets] - [19/03/2013 21:34:49]

########## EOF - C:\AdwCleaner[S2].txt - [1356 octets] ##########

Ervussus
Level 3
Level 3
Příspěvky: 408
Registrován: duben 10
Pohlaví: Muž
Stav:
Offline

Re: Prevence

Příspěvekod Ervussus » 19 bře 2013 21:47

21:46:08.0166 4892 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:46:10.0225 4892 ============================================================
21:46:10.0225 4892 Current date / time: 2013/03/19 21:46:10.0225
21:46:10.0225 4892 SystemInfo:
21:46:10.0225 4892
21:46:10.0225 4892 OS Version: 6.1.7601 ServicePack: 1.0
21:46:10.0225 4892 Product type: Workstation
21:46:10.0225 4892 ComputerName: KUBIŇÁK-PC
21:46:10.0225 4892 UserName: Kubiňák
21:46:10.0225 4892 Windows directory: C:\Windows
21:46:10.0225 4892 System windows directory: C:\Windows
21:46:10.0225 4892 Running under WOW64
21:46:10.0225 4892 Processor architecture: Intel x64
21:46:10.0225 4892 Number of processors: 4
21:46:10.0225 4892 Page size: 0x1000
21:46:10.0225 4892 Boot type: Normal boot
21:46:10.0225 4892 ============================================================
21:46:12.0097 4892 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:46:12.0128 4892 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
21:46:12.0144 4892 ============================================================
21:46:12.0144 4892 \Device\Harddisk0\DR0:
21:46:12.0144 4892 MBR partitions:
21:46:12.0144 4892 \Device\Harddisk1\DR1:
21:46:12.0144 4892 MBR partitions:
21:46:12.0144 4892 Initialize success
21:46:12.0144 4892 ============================================================
21:46:15.0220 5716 ============================================================
21:46:15.0220 5716 Scan started
21:46:15.0220 5716 Mode: Manual;
21:46:15.0220 5716 ============================================================
21:46:15.0438 5716 ================ Scan system memory ========================
21:46:15.0438 5716 System memory - ok
21:46:15.0438 5716 ================ Scan services =============================
21:46:15.0579 5716 1394ohci - ok
21:46:15.0688 5716 ACPI - ok
21:46:15.0735 5716 AcpiPmi - ok
21:46:15.0782 5716 AdobeARMservice - ok
21:46:15.0813 5716 AdobeFlashPlayerUpdateSvc - ok
21:46:15.0891 5716 adp94xx - ok
21:46:15.0922 5716 adpahci - ok
21:46:15.0938 5716 adpu320 - ok
21:46:15.0984 5716 AdvancedSystemCareService6 - ok
21:46:15.0984 5716 AeLookupSvc - ok
21:46:16.0094 5716 AFD - ok
21:46:16.0125 5716 agp440 - ok
21:46:16.0140 5716 ALG - ok
21:46:16.0203 5716 aliide - ok
21:46:16.0234 5716 AMD External Events Utility - ok
21:46:16.0281 5716 amdide - ok
21:46:16.0296 5716 AmdK8 - ok
21:46:16.0359 5716 amdkmdag - ok
21:46:16.0374 5716 amdkmdap - ok
21:46:16.0406 5716 AmdPPM - ok
21:46:16.0484 5716 amdsata - ok
21:46:16.0499 5716 amdsbs - ok
21:46:16.0530 5716 amdxata - ok
21:46:16.0562 5716 AppID - ok
21:46:16.0577 5716 AppIDSvc - ok
21:46:16.0577 5716 Appinfo - ok
21:46:16.0593 5716 arc - ok
21:46:16.0608 5716 arcsas - ok
21:46:16.0640 5716 aspnet_state - ok
21:46:16.0655 5716 AsyncMac - ok
21:46:16.0764 5716 atapi - ok
21:46:17.0092 5716 AtiHdmiService - ok
21:46:17.0170 5716 AudioEndpointBuilder - ok
21:46:17.0170 5716 AudioSrv - ok
21:46:17.0342 5716 Avgfwfd - ok
21:46:17.0373 5716 avgfws - ok
21:46:17.0404 5716 AVGIDSAgent - ok
21:46:17.0420 5716 AVGIDSDriver - ok
21:46:17.0466 5716 AVGIDSFilter - ok
21:46:17.0482 5716 AVGIDSHA - ok
21:46:17.0544 5716 Avgldx64 - ok
21:46:17.0560 5716 Avgmfx64 - ok
21:46:17.0591 5716 Avgrkx64 - ok
21:46:17.0607 5716 Avgtdia - ok
21:46:17.0607 5716 avgtp - ok
21:46:17.0622 5716 avgwd - ok
21:46:17.0669 5716 AxInstSV - ok
21:46:17.0732 5716 b06bdrv - ok
21:46:17.0778 5716 b57nd60a - ok
21:46:17.0825 5716 BDESVC - ok
21:46:17.0872 5716 Beep - ok
21:46:17.0903 5716 BFE - ok
21:46:17.0919 5716 BITS - ok
21:46:17.0934 5716 blbdrive - ok
21:46:17.0950 5716 bowser - ok
21:46:17.0966 5716 BrFiltLo - ok
21:46:17.0966 5716 BrFiltUp - ok
21:46:17.0981 5716 Browser - ok
21:46:17.0981 5716 Brserid - ok
21:46:17.0997 5716 BrSerWdm - ok
21:46:18.0012 5716 BrUsbMdm - ok
21:46:18.0028 5716 BrUsbSer - ok
21:46:18.0044 5716 BTHMODEM - ok
21:46:18.0075 5716 bthserv - ok
21:46:18.0090 5716 cdfs - ok
21:46:18.0090 5716 cdrom - ok
21:46:18.0106 5716 CertPropSvc - ok
21:46:18.0137 5716 circlass - ok
21:46:18.0137 5716 CLFS - ok
21:46:18.0153 5716 clr_optimization_v2.0.50727_32 - ok
21:46:18.0168 5716 clr_optimization_v2.0.50727_64 - ok
21:46:18.0293 5716 clr_optimization_v4.0.30319_32 - ok
21:46:18.0309 5716 clr_optimization_v4.0.30319_64 - ok
21:46:18.0309 5716 CmBatt - ok
21:46:18.0324 5716 cmdide - ok
21:46:18.0324 5716 CNG - ok
21:46:18.0340 5716 Compbatt - ok
21:46:18.0387 5716 CompositeBus - ok
21:46:18.0387 5716 COMSysApp - ok
21:46:18.0402 5716 crcdisk - ok
21:46:18.0418 5716 CryptSvc - ok
21:46:18.0418 5716 DcomLaunch - ok
21:46:18.0434 5716 defragsvc - ok
21:46:18.0434 5716 DfsC - ok
21:46:18.0449 5716 Dhcp - ok
21:46:18.0449 5716 discache - ok
21:46:18.0465 5716 Disk - ok
21:46:18.0480 5716 Dnscache - ok
21:46:18.0480 5716 dot3svc - ok
21:46:18.0496 5716 DPS - ok
21:46:18.0496 5716 drmkaud - ok
21:46:18.0512 5716 DXGKrnl - ok
21:46:18.0512 5716 EapHost - ok
21:46:18.0527 5716 ebdrv - ok
21:46:18.0527 5716 EFS - ok
21:46:18.0543 5716 ehRecvr - ok
21:46:18.0543 5716 ehSched - ok
21:46:18.0558 5716 elxstor - ok
21:46:18.0558 5716 ErrDev - ok
21:46:18.0574 5716 EventSystem - ok
21:46:18.0590 5716 exfat - ok
21:46:18.0590 5716 fastfat - ok
21:46:18.0605 5716 Fax - ok
21:46:18.0605 5716 fdc - ok
21:46:18.0621 5716 fdPHost - ok
21:46:18.0621 5716 FDResPub - ok
21:46:18.0636 5716 FileInfo - ok
21:46:18.0652 5716 Filetrace - ok
21:46:18.0652 5716 flpydisk - ok
21:46:18.0668 5716 FltMgr - ok
21:46:18.0699 5716 FontCache - ok
21:46:18.0699 5716 FontCache3.0.0.0 - ok
21:46:18.0714 5716 FsDepends - ok
21:46:18.0714 5716 Fs_Rec - ok
21:46:18.0730 5716 fvevol - ok
21:46:18.0730 5716 gagp30kx - ok
21:46:18.0761 5716 GMSIPCI - ok
21:46:18.0761 5716 gpsvc - ok
21:46:18.0792 5716 gupdate - ok
21:46:18.0792 5716 gupdatem - ok
21:46:18.0808 5716 hcw85cir - ok
21:46:18.0824 5716 HdAudAddService - ok
21:46:18.0824 5716 HDAudBus - ok
21:46:18.0839 5716 HidBatt - ok
21:46:18.0839 5716 HidBth - ok
21:46:18.0855 5716 HidIr - ok
21:46:18.0855 5716 hidserv - ok
21:46:18.0870 5716 HidUsb - ok
21:46:18.0870 5716 hkmsvc - ok
21:46:18.0886 5716 HomeGroupListener - ok
21:46:18.0886 5716 HomeGroupProvider - ok
21:46:18.0902 5716 HpSAMD - ok
21:46:18.0902 5716 HTTP - ok
21:46:18.0917 5716 hwpolicy - ok
21:46:18.0917 5716 i8042prt - ok
21:46:18.0948 5716 iaStorV - ok
21:46:18.0964 5716 IDriverT - ok
21:46:18.0980 5716 idsvc - ok
21:46:18.0980 5716 iirsp - ok
21:46:18.0995 5716 IKEEXT - ok
21:46:18.0995 5716 IntcAzAudAddService - ok
21:46:19.0011 5716 intelide - ok
21:46:19.0011 5716 intelppm - ok
21:46:19.0026 5716 IPBusEnum - ok
21:46:19.0026 5716 IpFilterDriver - ok
21:46:19.0042 5716 iphlpsvc - ok
21:46:19.0042 5716 IPMIDRV - ok
21:46:19.0058 5716 IPNAT - ok
21:46:19.0058 5716 IRENUM - ok
21:46:19.0073 5716 isapnp - ok
21:46:19.0073 5716 iScsiPrt - ok
21:46:19.0089 5716 kbdclass - ok
21:46:19.0089 5716 kbdhid - ok
21:46:19.0104 5716 KeyIso - ok
21:46:19.0104 5716 KSecDD - ok
21:46:19.0120 5716 KSecPkg - ok
21:46:19.0136 5716 ksthunk - ok
21:46:19.0151 5716 KtmRm - ok
21:46:19.0214 5716 LanmanServer - ok
21:46:19.0260 5716 LanmanWorkstation - ok
21:46:19.0307 5716 lltdio - ok
21:46:19.0307 5716 lltdsvc - ok
21:46:19.0323 5716 lmhosts - ok
21:46:19.0416 5716 LSI_FC - ok
21:46:19.0448 5716 LSI_SAS - ok
21:46:19.0463 5716 LSI_SAS2 - ok
21:46:19.0557 5716 LSI_SCSI - ok
21:46:19.0572 5716 luafv - ok
21:46:19.0650 5716 MBAMProtector - ok
21:46:19.0775 5716 MBAMScheduler - ok
21:46:19.0806 5716 MBAMService - ok
21:46:19.0806 5716 Mcx2Svc - ok
21:46:19.0822 5716 megasas - ok
21:46:19.0838 5716 MegaSR - ok
21:46:19.0853 5716 MMCSS - ok
21:46:19.0853 5716 Modem - ok
21:46:19.0869 5716 monitor - ok
21:46:19.0916 5716 mouclass - ok
21:46:19.0931 5716 mouhid - ok
21:46:19.0947 5716 mountmgr - ok
21:46:19.0962 5716 MozillaMaintenance - ok
21:46:19.0978 5716 mpio - ok
21:46:19.0978 5716 mpsdrv - ok
21:46:19.0994 5716 MpsSvc - ok
21:46:19.0994 5716 MRxDAV - ok
21:46:20.0009 5716 mrxsmb - ok
21:46:20.0009 5716 mrxsmb10 - ok
21:46:20.0025 5716 mrxsmb20 - ok
21:46:20.0025 5716 msahci - ok
21:46:20.0040 5716 msdsm - ok
21:46:20.0040 5716 MSDTC - ok
21:46:20.0072 5716 Msfs - ok
21:46:20.0087 5716 mshidkmdf - ok
21:46:20.0103 5716 msisadrv - ok
21:46:20.0150 5716 MSiSCSI - ok
21:46:20.0150 5716 msiserver - ok
21:46:20.0181 5716 MSKSSRV - ok
21:46:20.0259 5716 MSPCLOCK - ok
21:46:20.0321 5716 MSPQM - ok
21:46:20.0337 5716 MsRPC - ok
21:46:20.0352 5716 mssmbios - ok
21:46:20.0399 5716 MSTEE - ok
21:46:20.0415 5716 MTConfig - ok
21:46:20.0446 5716 Mup - ok
21:46:20.0462 5716 napagent - ok
21:46:20.0493 5716 NativeWifiP - ok
21:46:20.0493 5716 NDIS - ok
21:46:20.0508 5716 NdisCap - ok
21:46:20.0586 5716 NdisTapi - ok
21:46:20.0602 5716 Ndisuio - ok
21:46:20.0618 5716 NdisWan - ok
21:46:20.0680 5716 NDProxy - ok
21:46:20.0696 5716 NetBIOS - ok
21:46:20.0711 5716 NetBT - ok
21:46:20.0727 5716 Netlogon - ok
21:46:20.0742 5716 Netman - ok
21:46:20.0758 5716 NetMsmqActivator - ok
21:46:20.0774 5716 NetPipeActivator - ok
21:46:20.0789 5716 netprofm - ok
21:46:20.0976 5716 netr7364 - ok
21:46:21.0008 5716 NetTcpActivator - ok
21:46:21.0023 5716 NetTcpPortSharing - ok
21:46:21.0132 5716 nfrd960 - ok
21:46:21.0164 5716 NlaSvc - ok
21:46:21.0164 5716 Npfs - ok
21:46:21.0179 5716 nsi - ok
21:46:21.0179 5716 nsiproxy - ok
21:46:21.0195 5716 Ntfs - ok
21:46:21.0210 5716 Null - ok
21:46:21.0273 5716 NVENETFD - ok
21:46:21.0320 5716 NVNET - ok
21:46:21.0335 5716 nvraid - ok
21:46:21.0351 5716 nvstor - ok
21:46:21.0351 5716 nv_agp - ok
21:46:21.0366 5716 ohci1394 - ok
21:46:21.0444 5716 ose64 - ok
21:46:21.0476 5716 osppsvc - ok
21:46:21.0522 5716 p2pimsvc - ok
21:46:21.0538 5716 p2psvc - ok
21:46:21.0538 5716 Parport - ok
21:46:21.0554 5716 partmgr - ok
21:46:21.0569 5716 PcaSvc - ok
21:46:21.0585 5716 pci - ok
21:46:21.0585 5716 pciide - ok
21:46:21.0600 5716 pcmcia - ok
21:46:21.0616 5716 pcw - ok
21:46:21.0616 5716 PEAUTH - ok
21:46:21.0632 5716 PerfHost - ok
21:46:21.0647 5716 pla - ok
21:46:21.0663 5716 PlugPlay - ok
21:46:21.0741 5716 PnkBstrA - ok
21:46:21.0756 5716 PNRPAutoReg - ok
21:46:21.0772 5716 PNRPsvc - ok
21:46:21.0772 5716 PolicyAgent - ok
21:46:21.0788 5716 Power - ok
21:46:21.0803 5716 PptpMiniport - ok
21:46:21.0819 5716 Processor - ok
21:46:21.0819 5716 ProfSvc - ok
21:46:21.0834 5716 ProtectedStorage - ok
21:46:21.0881 5716 Psched - ok
21:46:21.0881 5716 ql2300 - ok
21:46:21.0897 5716 ql40xx - ok
21:46:21.0897 5716 QWAVE - ok
21:46:21.0912 5716 QWAVEdrv - ok
21:46:21.0912 5716 RasAcd - ok
21:46:22.0006 5716 RasAgileVpn - ok
21:46:22.0022 5716 RasAuto - ok
21:46:22.0053 5716 Rasl2tp - ok
21:46:22.0053 5716 RasMan - ok
21:46:22.0068 5716 RasPppoe - ok
21:46:22.0084 5716 RasSstp - ok
21:46:22.0084 5716 rdbss - ok
21:46:22.0100 5716 rdpbus - ok
21:46:22.0100 5716 RDPCDD - ok
21:46:22.0115 5716 RDPENCDD - ok
21:46:22.0131 5716 RDPREFMP - ok
21:46:22.0209 5716 RdpVideoMiniport - ok
21:46:22.0224 5716 RDPWD - ok
21:46:22.0240 5716 rdyboost - ok
21:46:22.0240 5716 RemoteAccess - ok
21:46:22.0256 5716 RemoteRegistry - ok
21:46:22.0256 5716 RpcEptMapper - ok
21:46:22.0271 5716 RpcLocator - ok
21:46:22.0271 5716 RpcSs - ok
21:46:22.0287 5716 rspndr - ok
21:46:22.0287 5716 SamSs - ok
21:46:22.0302 5716 sbp2port - ok
21:46:22.0302 5716 SCardSvr - ok
21:46:22.0318 5716 scfilter - ok
21:46:22.0318 5716 Schedule - ok
21:46:22.0334 5716 SCPolicySvc - ok
21:46:22.0334 5716 SDRSVC - ok
21:46:22.0349 5716 secdrv - ok
21:46:22.0349 5716 seclogon - ok
21:46:22.0365 5716 SENS - ok
21:46:22.0365 5716 SensrSvc - ok
21:46:22.0427 5716 Serenum - ok
21:46:22.0458 5716 Serial - ok
21:46:22.0474 5716 sermouse - ok
21:46:22.0505 5716 SessionEnv - ok
21:46:22.0521 5716 sffdisk - ok
21:46:22.0521 5716 sffp_mmc - ok
21:46:22.0536 5716 sffp_sd - ok
21:46:22.0536 5716 sfloppy - ok
21:46:22.0552 5716 SharedAccess - ok
21:46:22.0552 5716 ShellHWDetection - ok
21:46:22.0583 5716 SiSRaid2 - ok
21:46:22.0599 5716 SiSRaid4 - ok
21:46:22.0646 5716 SkypeUpdate - ok
21:46:22.0661 5716 Smb - ok
21:46:22.0739 5716 SNMPTRAP - ok
21:46:22.0755 5716 spldr - ok
21:46:22.0770 5716 Spooler - ok
21:46:22.0770 5716 sppsvc - ok
21:46:22.0786 5716 sppuinotify - ok
21:46:22.0786 5716 srv - ok
21:46:22.0802 5716 srv2 - ok
21:46:22.0802 5716 srvnet - ok
21:46:22.0833 5716 SSDPSRV - ok
21:46:22.0833 5716 SstpSvc - ok
21:46:22.0973 5716 Steam Client Service - ok
21:46:22.0989 5716 stexstor - ok
21:46:23.0004 5716 stisvc - ok
21:46:23.0020 5716 swenum - ok
21:46:23.0082 5716 SwitchBoard - ok
21:46:23.0098 5716 swprv - ok
21:46:23.0114 5716 SysMain - ok
21:46:23.0129 5716 TabletInputService - ok
21:46:23.0129 5716 TapiSrv - ok
21:46:23.0145 5716 TBS - ok
21:46:23.0160 5716 Tcpip - ok
21:46:23.0192 5716 TCPIP6 - ok
21:46:23.0207 5716 tcpipreg - ok
21:46:23.0270 5716 TDPIPE - ok
21:46:23.0270 5716 TDTCP - ok
21:46:23.0285 5716 tdx - ok
21:46:23.0301 5716 TermDD - ok
21:46:23.0301 5716 TermService - ok
21:46:23.0316 5716 Themes - ok
21:46:23.0316 5716 THREADORDER - ok
21:46:23.0332 5716 TrkWks - ok
21:46:23.0332 5716 TrustedInstaller - ok
21:46:23.0348 5716 tssecsrv - ok
21:46:23.0394 5716 TsUsbFlt - ok
21:46:23.0457 5716 tunnel - ok
21:46:23.0472 5716 uagp35 - ok
21:46:23.0472 5716 udfs - ok
21:46:23.0488 5716 UI0Detect - ok
21:46:23.0504 5716 uliagpkx - ok
21:46:23.0550 5716 umbus - ok
21:46:23.0566 5716 UmPass - ok
21:46:23.0582 5716 upnphost - ok
21:46:23.0582 5716 usbccgp - ok
21:46:23.0628 5716 usbcir - ok
21:46:23.0644 5716 usbehci - ok
21:46:23.0660 5716 usbhub - ok
21:46:23.0660 5716 usbohci - ok
21:46:23.0675 5716 usbprint - ok
21:46:23.0691 5716 USBSTOR - ok
21:46:23.0691 5716 usbuhci - ok
21:46:23.0706 5716 UxSms - ok
21:46:23.0706 5716 VaultSvc - ok
21:46:23.0753 5716 vdrvroot - ok
21:46:23.0769 5716 vds - ok
21:46:23.0784 5716 vga - ok
21:46:23.0800 5716 VgaSave - ok
21:46:23.0800 5716 vhdmp - ok
21:46:23.0816 5716 viaide - ok
21:46:23.0816 5716 volmgr - ok
21:46:23.0831 5716 volmgrx - ok
21:46:23.0831 5716 volsnap - ok
21:46:23.0909 5716 vsmraid - ok
21:46:23.0925 5716 VSS - ok
21:46:23.0940 5716 vToolbarUpdater15.0.0 - ok
21:46:23.0940 5716 vwifibus - ok
21:46:24.0003 5716 vwififlt - ok
21:46:24.0018 5716 W32Time - ok
21:46:24.0034 5716 WacomPen - ok
21:46:24.0050 5716 WANARP - ok
21:46:24.0065 5716 Wanarpv6 - ok
21:46:24.0065 5716 WatAdminSvc - ok
21:46:24.0081 5716 wbengine - ok
21:46:24.0081 5716 WbioSrvc - ok
21:46:24.0096 5716 wcncsvc - ok
21:46:24.0096 5716 WcsPlugInService - ok
21:46:24.0112 5716 Wd - ok
21:46:24.0112 5716 Wdf01000 - ok
21:46:24.0128 5716 WdiServiceHost - ok
21:46:24.0128 5716 WdiSystemHost - ok
21:46:24.0143 5716 WebClient - ok
21:46:24.0143 5716 Wecsvc - ok
21:46:24.0159 5716 wercplsupport - ok
21:46:24.0190 5716 WerSvc - ok
21:46:24.0221 5716 WfpLwf - ok
21:46:24.0221 5716 WIMMount - ok
21:46:24.0237 5716 WinDefend - ok
21:46:24.0252 5716 WinHttpAutoProxySvc - ok
21:46:24.0268 5716 Winmgmt - ok
21:46:24.0268 5716 WinRM - ok
21:46:24.0299 5716 Wlansvc - ok
21:46:24.0315 5716 WmiAcpi - ok
21:46:24.0315 5716 wmiApSrv - ok
21:46:24.0362 5716 WMPNetworkSvc - ok
21:46:24.0377 5716 WPCSvc - ok
21:46:24.0377 5716 WPDBusEnum - ok
21:46:24.0393 5716 ws2ifsl - ok
21:46:24.0393 5716 wscsvc - ok
21:46:24.0471 5716 WSDPrintDevice - ok
21:46:24.0502 5716 WSDScan - ok
21:46:24.0518 5716 WSearch - ok
21:46:24.0533 5716 wuauserv - ok
21:46:24.0533 5716 WudfPf - ok
21:46:24.0580 5716 WUDFRd - ok
21:46:24.0580 5716 wudfsvc - ok
21:46:24.0596 5716 WwanSvc - ok
21:46:24.0705 5716 ================ Scan global ===============================
21:46:24.0705 5716 [Global] - ok
21:46:24.0720 5716 ================ Scan MBR ==================================
21:46:24.0752 5716 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:46:25.0438 5716 \Device\Harddisk0\DR0 - ok
21:46:25.0469 5716 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
21:46:25.0547 5716 \Device\Harddisk1\DR1 - ok
21:46:25.0547 5716 ================ Scan VBR ==================================
21:46:25.0547 5716 ============================================================
21:46:25.0547 5716 Scan finished
21:46:25.0547 5716 ============================================================
21:46:25.0578 2840 Detected object count: 0
21:46:25.0578 2840 Actual detected object count: 0
21:46:38.0916 5460 Deinitialize success

Ervussus
Level 3
Level 3
Příspěvky: 408
Registrován: duben 10
Pohlaví: Muž
Stav:
Offline

Re: Prevence

Příspěvekod Ervussus » 19 bře 2013 22:19

ComboFix 13-03-19.01 - Kubiňák 19.03.2013 21:53:10.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4094.2747 [GMT 1:00]
Spuštěný z: c:\users\Kubi˛ßk\Desktop\ComboFix.exe
AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Internet Security 2012 *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-19 do 2013-03-19 )))))))))))))))))))))))))))))))
.
.
2013-03-19 20:33 . 2013-03-19 20:35 412 ----a-w- c:\windows\DeleteOnReboot.bat
2013-03-19 19:18 . 2013-03-19 19:18 -------- d-----w- c:\windows\AutoKMS
2013-03-19 19:18 . 2013-03-19 19:18 -------- d-----w- c:\users\Kubiňák\AppData\Local\Microsoft Toolkit
2013-03-19 19:02 . 2013-03-19 19:02 -------- d-----w- c:\program files\Common Files\DESIGNER
2013-03-19 19:02 . 2013-03-19 19:02 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
2013-03-19 19:02 . 2013-03-19 19:02 -------- d-----w- c:\program files\Microsoft.NET
2013-03-19 19:02 . 2013-03-19 19:02 -------- d-----w- c:\programdata\regid.1991-06.com.microsoft
2013-03-19 19:01 . 2013-03-19 19:01 -------- d-----w- c:\windows\PCHEALTH
2013-03-19 19:01 . 2013-03-19 19:02 -------- d-----w- c:\program files\Microsoft SQL Server
2013-03-19 18:57 . 2013-03-19 18:57 -------- d-----w- c:\program files\Microsoft Analysis Services
2013-03-19 18:57 . 2013-03-19 18:57 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2013-03-19 18:56 . 2013-03-19 18:56 -------- d-----w- c:\users\Kubiňák\AppData\Local\Microsoft Help
2013-03-19 18:56 . 2013-03-19 19:01 -------- d-----w- c:\program files\Microsoft Office
2013-03-19 18:56 . 2013-03-19 19:05 -------- d-----w- c:\programdata\Microsoft Help
2013-03-19 18:55 . 2013-03-19 18:55 -------- d-----r- C:\MSOCache
2013-03-19 18:31 . 2013-03-19 18:31 -------- d-----w- c:\windows\SysWow64\Adobe
2013-03-19 14:58 . 2013-03-19 14:58 -------- d-----w- c:\users\Kubiňák\AppData\Roaming\Malwarebytes
2013-03-19 14:58 . 2013-03-19 14:58 -------- d-----w- c:\programdata\Malwarebytes
2013-03-19 14:58 . 2013-03-19 14:58 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-03-19 14:58 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-19 14:50 . 2013-03-19 14:55 -------- d-----w- c:\program files (x86)\FIFA 12
2013-03-19 06:19 . 2013-03-19 06:19 -------- d-----w- c:\users\Kubiňák\AppData\Roaming\AVG2012
2013-03-19 06:18 . 2013-03-19 06:18 -------- d-----w- c:\users\Kubiňák\AppData\Roaming\TuneUp Software
2013-03-19 06:18 . 2013-03-19 06:17 39768 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-03-19 06:18 . 2013-03-19 20:33 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2013-03-19 06:17 . 2013-03-19 06:17 -------- d-----w- c:\windows\SysWow64\drivers\AVG
2013-03-19 06:17 . 2013-03-19 18:14 -------- d-----w- c:\windows\system32\drivers\AVG
2013-03-19 06:17 . 2013-03-19 09:54 -------- d-----w- c:\programdata\AVG2012
2013-03-19 06:17 . 2013-03-19 06:17 -------- d-----w- C:\$AVG
2013-03-19 06:13 . 2013-03-19 06:13 388096 ----a-r- c:\users\Kubiňák\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-03-19 06:13 . 2013-03-19 06:13 -------- d-----w- c:\program files (x86)\Trend Micro
2013-03-19 05:53 . 2013-03-19 05:53 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1AAFD196-E0AC-43BD-9EB2-624ECBF5610D}\offreg.dll
2013-03-18 21:28 . 2013-03-18 21:28 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2013-03-18 21:28 . 2013-03-18 21:28 -------- d--h--w- c:\programdata\CanonBJ
2013-03-18 21:28 . 2012-03-14 04:00 99840 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPPAS.DLL
2013-03-18 21:28 . 2012-03-14 04:00 30208 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNMPDAS.DLL
2013-03-18 21:28 . 2012-03-14 04:00 385024 ----a-w- c:\windows\system32\CNMLMAS.DLL
2013-03-18 13:20 . 2013-02-08 00:28 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1AAFD196-E0AC-43BD-9EB2-624ECBF5610D}\mpengine.dll
2013-03-16 17:07 . 2013-03-16 17:09 -------- d-----w- C:\Stranded II
2013-03-15 15:27 . 2013-03-15 15:27 -------- d-----w-aves c:\users\KUBIWS~1
2013-03-15 15:08 . 2013-03-15 15:08 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2013-03-15 15:08 . 2013-03-15 15:08 -------- d-----w- c:\windows\SysWow64\xlive
2013-03-15 15:01 . 2013-03-15 15:01 -------- d-----w- c:\program files (x86)\Capcom
2013-03-14 21:04 . 2013-03-14 21:06 -------- d-----w- c:\program files (x86)\Google
2013-03-14 21:03 . 2013-03-14 21:06 -------- d-----w- c:\users\Kubiňák\AppData\Local\Google
2013-03-12 19:11 . 2013-03-12 19:11 -------- d-----w- C:\totalcmd
2013-03-12 19:11 . 2013-03-12 19:11 -------- d-----w- c:\users\Kubiňák\AppData\Roaming\GHISLER
2013-03-10 22:26 . 2013-03-10 22:26 -------- d-----w- c:\program files (x86)\MSXML 4.0
2013-03-10 12:00 . 2013-03-19 14:21 -------- d-----w- c:\users\Kubiňák\AppData\Roaming\.minecraft
2013-03-09 16:27 . 2013-03-09 16:27 -------- d-----w- c:\program files (x86)\Microsoft Games
2013-03-09 15:53 . 2013-03-09 15:53 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-09 15:52 . 2013-03-09 15:52 -------- d-----w- c:\program files (x86)\Java
2013-03-07 16:35 . 2013-03-07 16:35 -------- d-----w- c:\program files (x86)\Valve
2013-03-05 19:47 . 2013-03-05 20:27 -------- d-----w- c:\users\Kubiňák\AppData\Roaming\Skype
2013-03-05 19:47 . 2013-03-05 19:47 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-03-05 19:47 . 2013-03-05 19:47 -------- d-----r- c:\program files (x86)\Skype
2013-03-05 19:46 . 2013-03-05 19:47 -------- d-----w- c:\programdata\Skype
2013-03-03 17:10 . 2013-03-03 17:10 -------- d-----w- c:\users\Kubiňák\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2013-02-27 20:26 . 2013-02-28 13:28 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2013-02-27 20:24 . 2013-02-27 20:24 -------- d-----w- c:\program files\Adobe
2013-02-27 20:21 . 2013-02-27 20:25 -------- d-----w- c:\program files\Common Files\Adobe
2013-02-27 20:20 . 2013-02-27 20:20 -------- d-----w- c:\program files (x86)\Adobe Media Player
2013-02-27 20:18 . 2013-02-27 20:18 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2013-02-27 20:16 . 2013-03-19 19:15 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-02-27 20:11 . 2013-03-03 17:36 -------- d-----w- c:\users\Kubiňák\AppData\Local\Adobe
2013-02-26 20:47 . 2013-02-26 20:47 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-02-26 20:47 . 2013-02-26 20:47 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2013-02-26 20:47 . 2013-02-26 20:47 340992 ----a-w- c:\windows\system32\schannel.dll
2013-02-26 20:47 . 2013-02-26 20:47 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-02-26 20:47 . 2013-02-26 20:47 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-02-26 20:47 . 2013-02-26 20:47 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-02-26 20:47 . 2013-02-26 20:47 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2013-02-26 20:47 . 2013-02-26 20:47 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-02-26 20:47 . 2013-02-26 20:47 366592 ----a-w- c:\windows\system32\qdvd.dll
2013-02-26 20:46 . 2013-01-15 17:49 26432 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2013-02-26 20:39 . 2013-02-26 20:39 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-02-26 20:39 . 2013-02-26 20:41 -------- d-----w- c:\programdata\IObit
2013-02-26 20:39 . 2013-03-02 20:24 -------- d-----w- c:\users\Kubiňák\AppData\Roaming\IObit
2013-02-26 20:39 . 2013-02-26 20:39 -------- d-----w- c:\program files (x86)\IObit
2013-02-24 17:49 . 2013-02-24 17:50 1227264 ----a-w- c:\windows\SysWow64\dx8vb.dll
2013-02-23 18:43 . 2013-02-28 17:43 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-02-23 18:38 . 2013-03-13 14:17 -------- d-----w- c:\users\Kubiňák\AppData\Roaming\TS3Client
2013-02-23 18:33 . 2013-03-07 18:21 -------- d-----w- c:\program files\TeamSpeak 3 Client
2013-02-23 18:23 . 2013-02-23 18:33 -------- d-----w- c:\users\Kubiňák\AppData\Local\Microsoft Games
2013-02-23 12:13 . 2013-02-23 12:13 -------- d-----w- c:\program files (x86)\GamePark
2013-02-23 11:44 . 2013-02-23 11:44 -------- d-----w- c:\users\Kubiňák\AppData\Local\PunkBuster
2013-02-22 17:46 . 2013-02-28 17:43 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-02-22 17:46 . 2013-02-28 15:31 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-02-22 17:46 . 2013-02-23 14:41 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-02-22 17:46 . 2013-03-09 16:45 -------- d-----w- c:\program files (x86)\InstallShield Installation Information
2013-02-22 17:42 . 2013-02-22 17:42 -------- d-----w- c:\program files (x86)\Activision
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-19 06:13 . 2013-03-19 06:13 388096 ----a-r- c:\users\Kubiňák\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-03-19 06:13 . 2013-03-19 06:13 388096 ----a-r- c:\users\Kubiňák\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-03-13 14:30 . 2013-01-28 18:59 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-03-13 07:46 . 2013-01-28 20:16 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-13 07:46 . 2013-01-28 20:16 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-11 16:02 . 2013-01-29 16:06 419840 ----a-w- c:\windows\system32\systemcpl.dll
2013-03-11 16:02 . 2013-01-29 16:06 14848 ----a-w- c:\windows\system32\slwga.dll
2013-03-11 16:02 . 2013-01-29 16:06 13824 ----a-w- c:\windows\SysWow64\slwga.dll
2013-03-11 16:02 . 2013-01-29 16:07 1008640 ----a-w- c:\windows\system32\user32.dll
2013-03-11 16:02 . 2013-01-29 16:07 833024 ----a-w- c:\windows\SysWow64\user32.dll
2013-03-09 15:53 . 2013-01-30 17:50 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-09 15:53 . 2013-01-30 17:50 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-02-26 20:47 . 2013-02-26 20:47 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-02-12 05:45 . 2013-03-13 07:09 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 07:09 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 07:09 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 07:09 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 07:09 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 07:09 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-01-31 13:07 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-01-31 13:07 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-01-28 18:40 . 2013-01-28 18:40 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-01-28 18:40 . 2013-01-28 18:40 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-01-28 18:40 . 2013-01-28 18:40 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-01-28 18:40 . 2013-01-28 18:40 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-01-28 18:40 . 2013-01-28 18:40 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2013-01-28 18:40 . 2013-01-28 18:40 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-01-28 18:40 . 2013-01-28 18:40 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-01-28 18:40 . 2013-01-28 18:40 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-01-28 18:40 . 2013-01-28 18:40 367104 ----a-w- c:\windows\SysWow64\html.iec
2013-01-28 18:40 . 2013-01-28 18:40 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-01-28 18:40 . 2013-01-28 18:40 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-01-28 18:40 . 2013-01-28 18:40 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2013-01-28 18:40 . 2013-01-28 18:40 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-01-28 18:40 . 2013-01-28 18:40 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2013-01-28 18:40 . 2013-01-28 18:40 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2013-01-28 18:40 . 2013-01-28 18:40 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-01-28 18:40 . 2013-01-28 18:40 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-01-28 18:40 . 2013-01-28 18:40 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2013-01-28 18:40 . 2013-01-28 18:40 85504 ----a-w- c:\windows\system32\iesetup.dll
2013-01-28 18:40 . 2013-01-28 18:40 82432 ----a-w- c:\windows\system32\icardie.dll
2013-01-28 18:40 . 2013-01-28 18:40 76800 ----a-w- c:\windows\system32\tdc.ocx
2013-01-28 18:40 . 2013-01-28 18:40 65024 ----a-w- c:\windows\system32\pngfilt.dll
2013-01-28 18:40 . 2013-01-28 18:40 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-01-28 18:40 . 2013-01-28 18:40 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2013-01-28 18:40 . 2013-01-28 18:40 49664 ----a-w- c:\windows\system32\imgutil.dll
2013-01-28 18:40 . 2013-01-28 18:40 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-01-28 18:40 . 2013-01-28 18:40 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2013-01-28 18:40 . 2013-01-28 18:40 448512 ----a-w- c:\windows\system32\html.iec
2013-01-28 18:40 . 2013-01-28 18:40 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2013-01-28 18:40 . 2013-01-28 18:40 39936 ----a-w- c:\windows\system32\iernonce.dll
2013-01-28 18:40 . 2013-01-28 18:40 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-01-28 18:40 . 2013-01-28 18:40 282112 ----a-w- c:\windows\system32\dxtrans.dll
2013-01-28 18:40 . 2013-01-28 18:40 267776 ----a-w- c:\windows\system32\ieaksie.dll
2013-01-28 18:40 . 2013-01-28 18:40 222208 ----a-w- c:\windows\system32\msls31.dll
2013-01-28 18:40 . 2013-01-28 18:40 197120 ----a-w- c:\windows\system32\msrating.dll
2013-01-28 18:40 . 2013-01-28 18:40 163840 ----a-w- c:\windows\system32\ieakui.dll
2013-01-28 18:40 . 2013-01-28 18:40 160256 ----a-w- c:\windows\system32\ieakeng.dll
2013-01-28 18:40 . 2013-01-28 18:40 149504 ----a-w- c:\windows\system32\occache.dll
2013-01-28 18:40 . 2013-01-28 18:40 145920 ----a-w- c:\windows\system32\iepeers.dll
2013-01-28 18:40 . 2013-01-28 18:40 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-01-28 18:40 . 2013-01-28 18:40 12288 ----a-w- c:\windows\system32\mshta.exe
2013-01-28 18:40 . 2013-01-28 18:40 114176 ----a-w- c:\windows\system32\admparse.dll
2013-01-28 18:40 . 2013-01-28 18:40 111616 ----a-w- c:\windows\system32\iesysprep.dll
2013-01-28 18:40 . 2013-01-28 18:40 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2013-01-28 18:39 . 2013-01-28 18:39 30720 ----a-w- c:\windows\system32\licmgr10.dll
2013-01-28 18:39 . 2013-01-28 18:39 249344 ----a-w- c:\windows\system32\webcheck.dll
2013-01-28 18:39 . 2013-01-28 18:39 165888 ----a-w- c:\windows\system32\iexpress.exe
2013-01-28 18:39 . 2013-01-28 18:39 160256 ----a-w- c:\windows\system32\wextract.exe
2013-01-28 18:39 . 2013-01-28 18:39 103936 ----a-w- c:\windows\system32\inseng.dll
2013-01-17 00:28 . 2013-01-28 18:19 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-05 05:53 . 2013-02-12 21:30 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-05 05:00 . 2013-02-12 21:30 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00 . 2013-02-12 21:30 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-01-04 05:46 . 2013-02-12 21:30 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-01-04 04:51 . 2013-02-12 21:30 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-01-04 04:43 . 2013-02-12 21:30 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-01-04 03:26 . 2013-02-12 21:30 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-01-04 02:47 . 2013-02-12 21:30 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-01-04 02:47 . 2013-02-12 21:30 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-01-04 02:47 . 2013-02-12 21:30 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-01-04 02:47 . 2013-02-12 21:30 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-01-03 06:00 . 2013-02-12 21:30 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-03 06:00 . 2013-02-12 21:30 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-20 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[-] 2013-03-11 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
[-] 2013-03-11 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[7] 2010-11-20 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-10-01 19:38 1720976 ----a-w- c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-10-01 19:38 1720976 ----a-w- c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-10-01 19:38 1720976 ----a-w- c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2012-09-24 490880]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-06 102400]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-07 161384]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-02-26 19456]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-02-26 57856]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-01-28 1255736]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [2011-05-23 48992]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-11-08 307040]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-08-24 384352]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-03-19 39768]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-31 464256]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-04-07 202752]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2012-12-05 2321560]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe [2012-11-02 5174392]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 vToolbarUpdater15.0.0;vToolbarUpdater15.0.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe [2013-03-19 990896]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-12-10 127328]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr7364.sys [2011-10-05 729152]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-14 21:06 1629648 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-28 07:46]
.
2013-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-14 21:04]
.
2013-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-14 21:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-10-01 19:37 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-10-01 19:37 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-10-01 19:37 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-02-27 500208]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do Microsoft Excelu - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Od&eslat do OneNotu - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Kubiňák\AppData\Roaming\Mozilla\Firefox\Profiles\m1k73yzu.default-1361307352107\
FF - prefs.js: browser.startup.homepage - seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-vProt - c:\program files (x86)\AVG Secure Search\vprot.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
.
**************************************************************************
.
Celkový čas: 2013-03-19 22:05:45 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-03-19 21:05
.
Před spuštěním: Volných bajtů: 363 966 001 152
Po spuštění: Volných bajtů: 363 544 363 008
.
- - End Of File - - 525296C0D2F17C918AA01AC88EC1ACE2

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prevence

Příspěvekod jaro3 » 19 bře 2013 22:58

aves c:\users\KUBIWS~1---tuto složku znáš?

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Ervussus
Level 3
Level 3
Příspěvky: 408
Registrován: duben 10
Pohlaví: Muž
Stav:
Offline

Re: Prevence  Vyřešeno

Příspěvekod Ervussus » 20 bře 2013 07:15

Děkuji mockrát :)


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 118 hostů