Prosím o kontrolu logu win7

Příspěvekod **jaro3** » 07 srp 2013 09:44

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

Otestuj vše:
c:\windows\inf\msijuih\zlib1.dll
c:\windows\inf\msijuih\libcurl.dll
c:\windows\inf\msijuih\msijuih.exe
c:\windows\inf\msijuih\ssleay32.dll
c:\windows\inf\msijuih\libidn-11.dll
c:\windows\inf\msijuih\librtmp.dll
c:\windows\inf\msijuih\libssh2.dll
c:\windows\inf\msijuih\libeay32.dll
c:\windows\inf\msijuih\libusb-1.0.dll

Reklama

creativ718 · Příspěvekod **creativ718** » 07 srp 2013 12:02

Příspěvekod **jaro3** » 07 srp 2013 19:50

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

KillAll::
Collect::
c:\windows\inf\msijuih\msijuih.exe

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"3212083974"=-

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

creativ718 · Příspěvekod **creativ718** » 07 srp 2013 22:40

ComboFix 13-08-05.03 - Luboš 07.08.2013 22:29:01.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8126.7194 [GMT 2:00]
Spuštěný z: c:\users\LuboÜ\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\LuboÜ\Desktop\CFScript.txt
AV: AVG Internet Security 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2013 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-07-07 do 2013-08-07 )))))))))))))))))))))))))))))))
.
.
2013-08-07 20:32 . 2013-08-07 20:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-07 15:06 . 2013-08-07 15:06 -------- d-----w- c:\users\Public\Public Documents
2013-08-07 14:26 . 2013-08-07 14:26 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-08-07 14:26 . 2013-08-07 14:26 -------- d-----w- c:\program files (x86)\DAEMON Tools Pro
2013-08-07 14:13 . 2013-08-07 14:13 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2013-08-07 14:13 . 2013-08-07 14:13 -------- d-----w- c:\windows\SysWow64\xlive
2013-08-07 14:13 . 2013-08-07 14:13 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2013-08-07 13:51 . 2013-08-07 13:51 -------- d-----w- c:\program files (x86)\Rockstar Games
2013-08-05 10:18 . 2013-08-05 15:42 -------- d--h--w- c:\windows\msdownld.tmp
2013-08-05 10:18 . 2013-08-05 10:18 -------- d-----w- C:\Games
2013-08-04 16:56 . 2013-08-04 20:40 -------- d-----w- C:\Fraps
2013-08-04 16:56 . 2013-08-04 16:56 499708 ----a-w- c:\windows\SysWow64\phatk121016Bonairev1w256l4.bin
2013-08-04 16:56 . 2013-08-04 16:56 -------- d-----w- c:\program files (x86)\Fraps-full version
2013-08-04 14:34 . 2013-08-04 14:34 -------- d-----w- c:\program files (x86)\Sony
2013-08-04 14:34 . 2012-01-20 12:14 18816 ----a-w- c:\windows\system32\roboot64.exe
2013-08-04 14:21 . 2013-08-04 14:21 -------- d-----w- c:\windows\ERUNT
2013-08-04 11:56 . 2013-08-04 14:34 -------- d-----w- c:\program files\Sony
2013-08-04 11:56 . 2013-08-04 11:56 -------- d-----w- c:\programdata\Sony
2013-08-03 17:27 . 2013-08-03 17:28 -------- d-----w- c:\programdata\AVG2013
2013-08-03 17:27 . 2013-08-03 17:27 -------- d-----w- C:\$AVG
2013-08-03 17:26 . 2013-08-03 17:26 -------- d-----w- c:\program files (x86)\AVG
2013-08-03 17:24 . 2013-08-07 20:21 -------- d-----w- c:\programdata\MFAData
2013-08-03 11:38 . 2013-08-03 11:38 -------- d-----w- c:\programdata\TuneUp Software
2013-08-03 11:38 . 2013-08-03 11:43 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-08-03 11:37 . 2013-08-03 11:37 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2013-08-02 17:19 . 2013-08-02 17:19 -------- d-----w- c:\program files (x86)\Opera
2013-08-02 09:27 . 2013-08-02 09:27 -------- d-----w- c:\program files (x86)\Shifters Anticheat
2013-08-01 07:11 . 2013-08-01 07:11 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-08-01 07:11 . 2013-08-01 07:11 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-31 21:23 . 2013-07-31 21:23 -------- d-----w- c:\windows\SysWow64\Macromed
2013-07-31 21:23 . 2013-07-31 21:23 -------- d-----w- c:\windows\system32\Macromed
2013-07-31 20:10 . 2013-08-01 07:11 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-07-31 20:10 . 2013-08-01 07:11 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-07-31 20:09 . 2013-07-31 20:09 -------- d-----w- c:\program files (x86)\Java
2013-07-31 16:20 . 2013-07-31 16:20 -------- d-----w- c:\program files (x86)\Trend Micro
2013-07-31 15:57 . 2013-08-04 09:23 -------- d-----w- c:\program files (x86)\BitLord 2
2013-07-31 14:10 . 2013-07-31 14:10 -------- d-----w- c:\program files (x86)\OpenOffice.org 3
2013-07-31 13:53 . 2013-07-31 13:53 -------- d-----w- c:\windows\SysWow64\Wat
2013-07-31 13:53 . 2013-07-31 13:53 -------- d-----w- c:\windows\system32\Wat
2013-07-31 12:08 . 2013-06-23 22:41 78185248 ----a-w- c:\windows\system32\MRT.exe
2013-07-31 11:52 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-07-31 11:52 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-07-31 11:52 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-07-31 11:52 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-07-31 11:52 . 2010-09-30 10:41 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-07-31 11:52 . 2010-09-30 06:47 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-07-31 11:49 . 2013-07-15 01:34 9460976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{68D5C1D8-01E6-421F-8285-889BAD679F70}\mpengine.dll
2013-07-31 11:48 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-07-31 11:48 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-07-31 11:48 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-07-31 11:48 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-07-31 11:48 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-07-31 11:42 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-31 11:42 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-07-31 11:40 . 2010-12-23 10:42 1118720 ----a-w- c:\windows\system32\sbe.dll
2013-07-31 11:39 . 2012-06-02 05:50 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2013-07-31 11:38 . 2012-11-20 05:48 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-07-31 11:37 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2013-07-31 11:37 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2013-07-31 11:37 . 2012-08-24 18:05 220160 ----a-w- c:\windows\system32\wintrust.dll
2013-07-31 11:37 . 2012-08-24 16:57 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-31 11:37 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2013-07-31 11:37 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2013-07-31 11:37 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2013-07-31 11:35 . 2012-06-06 06:05 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2013-07-30 18:54 . 2013-07-30 18:54 -------- d-----w- c:\users\Luboç
2013-07-30 18:25 . 2013-08-04 21:23 -------- d-----w- c:\users\Owner
2013-07-30 18:09 . 2013-07-30 18:09 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-07-30 18:09 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-07-30 17:44 . 2013-07-30 17:44 -------- d-----w- c:\program files (x86)\ObviousIdea
2013-07-30 15:25 . 2013-08-03 19:27 -------- d-----w- c:\program files (x86)\SpeedFan
2013-07-30 14:57 . 2013-07-30 14:57 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-07-30 14:57 . 2013-07-30 14:57 -------- d-----r- c:\program files (x86)\Skype
2013-07-30 14:57 . 2013-07-30 14:57 -------- d-----w- c:\programdata\Skype
2013-07-30 14:55 . 2013-07-30 14:55 -------- d-----w- c:\program files (x86)\Webteh
2013-07-30 13:43 . 2008-07-31 08:41 68616 ----a-w- c:\windows\SysWow64\XAPOFX1_1.dll
2013-07-30 13:43 . 2008-07-31 08:40 509448 ----a-w- c:\windows\SysWow64\XAudio2_2.dll
2013-07-30 13:43 . 2008-07-12 06:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2013-07-30 13:43 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2013-07-30 13:43 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2013-07-30 13:42 . 2013-07-30 13:42 -------- d-----w- C:\Riot Games
2013-07-30 13:39 . 2013-08-04 15:20 -------- d-----w- c:\programdata\PMB Files
2013-07-30 13:39 . 2013-07-30 13:39 -------- d-----w- c:\program files (x86)\Pando Networks
2013-07-30 13:09 . 2013-07-30 13:09 -------- d-----w- c:\programdata\Malwarebytes
2013-07-30 13:08 . 2013-07-30 13:08 -------- d-----w- C:\vcs5BGEffects
2013-07-30 13:07 . 2013-07-30 18:25 -------- d-----w- c:\programdata\IObit
2013-07-30 13:07 . 2013-07-30 13:07 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-07-30 12:56 . 2013-07-30 12:56 -------- d-----w- c:\program files (x86)\IObit
2013-07-30 11:45 . 2013-08-07 13:49 -------- d-----w- c:\program files (x86)\Steam
2013-07-30 11:45 . 2013-07-30 11:54 -------- d-----w- c:\program files (x86)\Common Files\Steam
2013-07-30 11:38 . 2013-07-30 11:38 -------- d-----w- c:\program files (x86)\TeamViewer
2013-07-30 11:25 . 2013-07-30 11:25 -------- d-----w- c:\program files\CCleaner
2013-07-30 10:27 . 2013-08-07 11:42 -------- d-----w- c:\program files (x86)\TeamSpeak 3 Client
2013-07-30 10:21 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2013-07-30 10:21 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2013-07-30 10:21 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-07-30 10:18 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-07-30 10:18 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-07-30 10:18 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-07-30 10:18 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-07-30 10:18 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2013-07-30 10:18 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2013-07-30 10:18 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2013-07-30 10:18 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-07-30 10:18 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2013-07-30 10:14 . 2012-05-22 00:25 19264 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys
2013-07-30 10:14 . 2012-05-22 00:25 789824 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys
2013-07-30 10:14 . 2012-05-22 00:25 357184 ----a-w- c:\windows\system32\drivers\iusb3hub.sys
2013-07-30 10:13 . 2012-12-26 17:26 805088 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2013-07-30 10:13 . 2012-12-26 17:26 74344 ----a-w- c:\windows\system32\RtNicProp64.dll
2013-07-30 10:13 . 2012-12-26 17:26 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2013-07-30 10:10 . 2011-12-08 07:55 53248 ----a-r- c:\windows\SysWow64\CSVer.dll
2013-07-30 10:10 . 2013-07-30 10:14 -------- d-----w- c:\program files (x86)\Intel
2013-07-30 10:07 . 2013-07-30 10:07 -------- d-----w- c:\windows\Chipset
2013-07-30 10:07 . 2013-07-30 10:07 16896 ----a-w- c:\windows\AsTaskSched.dll
2013-07-30 10:07 . 2011-02-25 06:25 296320 ----a-w- c:\windows\system32\drivers\volsnap.sys
2013-07-30 10:03 . 2013-08-03 12:23 -------- d-----w- c:\programdata\DAEMON Tools Pro
2013-07-30 09:58 . 2013-07-30 09:58 -------- d-----w- c:\programdata\WinZip
2013-07-30 09:58 . 2013-07-30 09:58 -------- d-----w- c:\program files\WinZip
2013-07-30 09:57 . 2013-07-30 09:57 -------- d-----w- c:\program files (x86)\Real
2013-07-30 09:55 . 2013-07-30 09:55 -------- d-----w- c:\programdata\ASUS WebStorage
2013-07-30 09:53 . 2013-07-30 09:53 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-07-30 09:50 . 2012-03-22 14:10 14848 ----a-w- c:\windows\SysWow64\drivers\AiCharger.sys
2013-07-30 09:46 . 2013-07-30 09:46 -------- d-----w- c:\program files\ASUS
2013-07-30 09:45 . 2012-05-31 03:06 32400 ----a-r- c:\windows\system32\drivers\ndisrd.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-07 14:44 . 2013-08-07 14:44 15584 ----a-w- c:\users\Luboš\AppData\Roaming\Microsoft\IdentityCRL\production\ppcrlconfig.dll
2013-08-07 14:44 . 2013-08-07 14:44 15584 ----a-w- c:\users\Luboš\AppData\Roaming\Microsoft\IdentityCRL\production\ppcrlconfig.dll
2013-07-31 16:20 . 2013-07-31 16:20 388096 ----a-r- c:\users\Luboš\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-07-31 16:20 . 2013-07-31 16:20 388096 ----a-r- c:\users\Luboš\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-07-30 17:44 . 2010-03-18 07:15 773712 ----a-w- c:\windows\SysWow64\msvcr100.dll
2013-07-30 17:44 . 2010-03-18 07:15 420944 ----a-w- c:\windows\SysWow64\msvcp100.dll
2013-06-30 23:45 . 2013-06-30 23:45 116536 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2013-06-07 11:45 . 2013-08-04 16:56 84992 --s-a-w- c:\windows\inf\msijuih\zlib1.dll
2013-06-07 11:45 . 2013-08-04 16:56 612352 --s-a-w- c:\windows\inf\msijuih\libcurl.dll
2013-06-07 11:45 . 2013-08-04 16:56 568334 --s-a-w- c:\windows\inf\msijuih\msijuih.exe
2013-06-07 11:45 . 2013-08-04 16:56 364544 --s-a-w- c:\windows\inf\msijuih\ssleay32.dll
2013-06-07 11:45 . 2013-08-04 16:56 279955 --s-a-w- c:\windows\inf\msijuih\libidn-11.dll
2013-06-07 11:45 . 2013-08-04 16:56 183382 --s-a-w- c:\windows\inf\msijuih\librtmp.dll
2013-06-07 11:45 . 2013-08-04 16:56 171008 --s-a-w- c:\windows\inf\msijuih\libssh2.dll
2013-06-07 11:45 . 2013-08-04 16:56 1704448 --s-a-w- c:\windows\inf\msijuih\libeay32.dll
2013-06-07 11:45 . 2013-08-04 16:56 110094 --s-a-w- c:\windows\inf\msijuih\libusb-1.0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2013-05-13 3111456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-06-30 4411440]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GIGABYTE OC_GURU.lnk - c:\program files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe [2013-3-1 21946368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"3212083974"= 504b0304c239b7f8068374bfb511000000400000e269f63d73594f6202c9694280cc96a28bbd63516fe3c2d5f7a2ff87ac3a990c3ec3b2ed7b07716237a0dfb1dfb651f67e31cb2e7649f98d5e55e9b25b1a579794989b176c357bdcc11226bd6ecb7de8a63ea2165f6b31ead6b0a2a96a6e9d04b9b39f194ef52d48b088d4b6597f685a70ff6912914f86d8235681747da26cfd83223d3d248872c51095484634ebf976e4595f734bd35caf42b38dcf9e878af0be0a5e84b22940f721e8bbcdcbaa3e53607359252db16c0d6c38a142261bb4896d12a48c006cc3c21fdf717c155b2af0375d2545ee286c2aecb2955206ef25c82dc686f7eb83bb3072e94e1e59254b11a2e3628e1d98e177375b54e682a1c77f986e1907ffcb784accacb124189751d7ebbafc91d3a127f134a85e27f8c201d9082f621f5fffac09d2aab94a62f90bd74d6c96a8db6d42e4e98316449d202a4e24857673e2a50b7dfd9d5af72a21a19a922acc9675ba933a1c6ad4e0a11470fbb82eed7a79c5ca2dbb0bec5b2b43baa37373d3ef494726d7cf4a4aa8a3d6a5c206ced49148c0100bfa96b707be91b855151d8da8e0723dd1303325011b3951c9df7b10e9b153bced98376c4d7517f2e0e23a986914b2b0f978454441c47b5797d924ce9cd186d74d308099ee52f226e92de6b50e4a0691f75cfa9ce733494b8cafaeb4be4c65f6c9dffa34a3c2ed9d14f5844164be79b7a90495290350177b03aefa777ff519b624e3c75c219260ac447bba9a6db56f34b340a5f75837fab3c33831a3bc39c2914aeb87a39545bd7ed52450eb7e94d5380e2babce3f8ee6e3cdc9d4ed54d9889d9dbd0dc879caa2b121048a308a7f873252dad24ea8f8911ea0a3b202de930a9fc882cf1349ffe229016b2ebfd7821b8986d31deccbc296ba54fd6d864c915f1d77ac0734d96fe0ba43a669fab128026c7f90e9e1e0a7047f5a2378e4de0966eb6c217b3483194b2b21a3fa8a1cbef1d66a3fc8a5c863bcea6157981a11449bae3357f3287501cb9c24e0afb156f5ddfd6855cd8b7b43feabd9412c1c208b5de2330c469a59de5b490cc06bfd5a4900cb121eb967bc7185a9f00112a5b1e8d8028ca02b0f2b194af03cc1e172b70c9b88643e3c064b5406cf184ad9eba26736ef6feb30dac8ba400933a32a3c03230bd732fcbe16c4b3bdcc0b501616ce956d968b8da68b4a9a64238601e81e78095961580431361a4dd9fe963d3ceba5c21bba416c1cc9d94bb842c25b2fd12c8bf42c35948272965a3fecf6e9b92d32d7e84a402a0b6214a412a23427e4852ce607fd9f7ff8559bbb96a9ae577df0c19d108587d372470be0d3e27ed61feb442c2d65e55bac81c2786cf6b837eebc1b5af35634b29fd5d96347b5f9c747c8a9a83e7cb3c188d9042f08fbd4edeebd65de7c04b275b7fd74067a0ae3033752aa55a45a05355811416ea4a5101511e99305b700bd44742cbd6a9272b5cf4001505c4057866b57e4de5ef0ee9f88b41986a80119c962594972011fc0c39b4a74b74747f5116d896a0ebcbb4387685672899af54b80ae07008971ea1c997a898e33aab769e4e52fbbec97ebf199ce76454badbd4eab272f1d1caabb3b49b3aafc1e67d09ee8feb0580e414eb45f3f0c25fe88872312fec2341e7a6100b2e04ed25fce13a146098dce98446b2f3875ecb269a886795698619d337da612f19bf8d4fe3028e79a26548128d1595af0bf98ff320dc73d873f05ebd07c87cae28df067c00de3e53cc77e801e1304192ca7bf78ab28db40564328a108f9f0ddd8e1b0baeccf16bf1deb3cc5c4b5f5140f6b8a256e9128c203418aa3d93e3f08078977667dc02d830bb6869de92f29a65ac6d2689d0a5a90887a8643119dc9a68b5b00bd59d45da9d7ed5dae6ee6da6119243f77f51b263200f90abbb61cce9a951781ea2012a2c8d7200906439b08e7e76cf9c9536b2e6b560afd7cbaa5044791ee17ded45adfd9d359dac0a9f4ed15bf2cb2ea9b12b7cb11b597cf2e6e750a6c636fe2c4b144f6ff43ccffddae787be160b0a8b4282b35a6aeece165814e95ce7adbe416ef4e51860cb4f5d50af2a86aa4ee602a30aa54850e0cb4a38dc3a1c711b5d03b6a53ee102ac68e553d11e5fb3d0a8e0ef34266263ca4a3e0b76c55a92f75f921cd61a5363e5db7737874d57c653d63457260b67b1df330827b2921c29fda0045bbe7404e40985039f7db153f52b2c941a56e922dcfb60b89dbee327ed6f5c1e438270f766a6ed1730fc581a4aebcfe3b7726b27d6b092cf5a0b6954196cb4cc2788b8722338ee189d9e22692595f0d5b333b0f715cb8d94a08afb631dbb1be79a773e8f1a4eaf7220c24222dda431b91d9175dfa0c6ae81e8c4c879d64446cf56faefe1487ca6739a776aee42ef8be40a612f95cde3b1feeac1e1e41a24c92ed8b0152e247239e5a8bc903679ca8c7b94659ad5b1d10551f460d924fb60882fc90508c3723420f86f4cf100387e808133cc429883c0e3ace91651c075cd19d106e0b437b0363048ca1feaaf929b87aed90afde281edca0fa0cc7b5a7f03807fa5ac41b1ed73130eac1117c631c1818142f24d420f6776cb53d4d0326b9fc3008c3ca03fc649d87d37fa617b74f2865c75298bed54b7d8dc676e2210374d8bf194ae2feda62b4798933c764ccddf845330721fc21e68c0695ca73285103e22ae68da440326dfef9a80d17d0a7c3f920e7b0aa806ee9b7549ed9878b6cfb505ac69e8e8d3cfa718675764cfb03861d32afaae1d918be87f6a9ac0d815c57ad3e167d642f5fcddc25d4ba3ac3e67c26a4deaa17797b3c0654f271eaaa442a71cbe19372adcbde3df8b3fe491e5a76a79d1291a0de317ffbf927f42782fa48270f2c969563b183a4b0112f3497dd3c2a423ec83498bdbaac928910a9fb7fe5788e454c027a28f4a91af2bf09e261f85b0eee4f7929e63c4062496cb09534bb6d03ff69ed2915d0ea215b4fb3d1044e86eb87dfb4898bcbd50e5c4ddfbdb83b9410e1adf91446c43c959e0e341d67a5a7ef8712586de3b8b9c5b6f80f42f235bf68900ebfe6304bb0d9f67408b76201ec26180b4bd76500de4f0df86df4a063aececca69ddf8a162b67a4b9800fa7570d5b551ac2703adc0ffced00650a96cd81ec4187b90c6b2140ce99c1937c40587ea72899897e628115bcab73b3d9f425860b109a67347b8a121f65d0968d56a3dde6b8171cea61b08ae568b9d03c398977ce86f75055230ef370cabf67c9cf97c3223719555403f3e0bd2af0e1e8742decb05fadb0227f15d40ee2d6dc5a49fe1e6bc9e6cedde74294c3bb6fd5c5fedfad672df1dffd219bd8bc1ec39158eab507998755f553441d01cd26a5501f6fb2db4f3597510f85b93a542514c8013eedbbfc913dcce8b20a5759665bdfd9919eb22a89163d8656386d857c5bfc7c241c1d726cd94ab0f92d5b0fefcf1d4abdd26fbc6c17a4ccacf2d31e5e713059de93c59d3b8d3e8d03b5d663f9dfadb03e093cb84fcf500a1f0e2e5ba1c9d81db12cc799c6539af0cc35682d95cb789c745a452bd8b38e6cf08e0579da1ab43ad0858d0305f961b15a79c1090f4867040ea2bd36cf6512aab44ce5a1098efe039134f23bf057777fef3e68e45827b0487924cad4e5f0b1c3b4f5a0e3853b39640eb0782d78888fe92c3b68624e84ff6a5eded87be62d34ce858f34e5fffbba75f014df0f648988b51a72de1ff54d5c7a4b8ecb10c5e9ef51de98c01ef8c406f9824a0c15a29e16b5a53e3643b0065a4263ecae50d2cb976d3d2ea6255a65f1c6cc86167f1784a27b832037db4ce1e262475334f3b2430f86c7a24456eea82ab678aba91bb4c0cc82c877b80b6d3574007257272c3e126c17a8b36aa8aa9431ff01bf658f82d8153eddea6804cdc564a3f5e9967b08feeb823d3db9356a4acdd80e883ca58a1c661d01d145f80a3ab67e8036c0bae1bb7bc43204eb0cf38214bc74a9aef036a31d5a9c552d93a25c0e84057bce5437b1634680d04a77472d631432d2baa7a3acd64220efcf9e7848f8fd9801bef7561a470a1822032160eb59edc0f977882dce4fb2872d89d27ff076dba74a9672f86909956579c28853fa8de7002cc8458d09256d42a39f1a4bdb6b56d36d51488e7368686e54c1bbbfff48884e0d536be362e59bd7f18329a4b82aed396e4f92865f594d0da38f7cace7a4603af60c1a53bdfd19476094aac6e4a8f31fc1257d48d03bb0ef515d8460b9441532c8b5043d0531d5881adb6d997bb184fd8caf4d8e6c759c3f7143b9e32bc7a0ec6234b68adf4111ca1d136721438e5e6d7125d480ce982d84aea7703b4010cd27867d6ddc5e0c970385196f020e48eddb24c56972f

.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2013\avgfws.exe;c:\program files (x86)\AVG\AVG2013\avgfws.exe [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 ASFLTDrv.sys;ASFLTDrv.sys;c:\program files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys;c:\program files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.20);c:\windows\system32\DRIVERS\RtTeam620.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam620.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan620.sys;c:\windows\SYSNATIVE\DRIVERS\RtVlan620.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [x]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R4 ASDiskUnlocker;ASDiskUnlocker;c:\program files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe;c:\program files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe [x]
R4 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.01.06\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.01.06\AsusFanControlService.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 ndisrd;WinpkFilter LightWeight Filter;c:\windows\system32\DRIVERS\ndisrd.sys;c:\windows\SYSNATIVE\DRIVERS\ndisrd.sys [x]
S1 VDiskBus;ASUS Disk Unlocker;c:\windows\system32\DRIVERS\VDiskBus64.sys;c:\windows\SYSNATIVE\DRIVERS\VDiskBus64.sys [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys;c:\windows\SYSNATIVE\DRIVERS\RtNdPt60.sys [x]
S3 AiCharger;AiCharger;SysWow64\drivers\AiCharger.sys;SysWow64\drivers\AiCharger.sys [x]
S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2012-03-13 09:23 1500672 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2012-03-13 09:23 1500672 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-03-13 09:23 1500672 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\AsusWSShellExt64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4249556663-3849541836-846476634-1000\Software\SecuROM\License information*]
"datasecu"=hex:25,85,1f,bb,bb,2f,e1,e4,74,38,9b,91,9d,54,4d,ba,66,46,45,bd,eb,
21,2e,35,3f,be,95,00,90,fd,85,14,a4,1a,cb,12,7d,62,b8,b4,99,7b,75,7e,c0,8f,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-08-07 22:33:38
ComboFix-quarantined-files.txt 2013-08-07 20:33
ComboFix2.txt 2013-08-05 18:25
ComboFix3.txt 2013-08-05 18:09
ComboFix4.txt 2013-08-04 21:23
.
Před spuštěním: Volných bajtů: 368 689 270 784
Po spuštění: Volných bajtů: 368 646 713 344
.
- - End Of File - - 0B4B6C7B9ADD76DC2B74EC8E7AD827E7
A36C5E4F47E84449FF07ED3517B43A31

creativ718 · Příspěvekod **creativ718** » 07 srp 2013 22:46

HJT novy log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:35:00, on 7.8.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - Global Startup: GIGABYTE OC_GURU.lnk = C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 5103 bytes

Příspěvekod **memphisto** » 08 srp 2013 09:03

Udělej to znovu se stejným scriptem akorát v nouzovém režimu

creativ718 · Příspěvekod **creativ718** » 08 srp 2013 10:15

ComboFix:

ComboFix 13-08-05.03 - Luboš 08.08.2013 10:07:55.5.2 - x64 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8126.7077 [GMT 2:00]
Spuštěný z: c:\users\LuboÜ\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\LuboÜ\Desktop\CFScript.txt
AV: AVG Internet Security 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2013 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-07-08 do 2013-08-08 )))))))))))))))))))))))))))))))
.
.
2013-08-08 08:11 . 2013-08-08 08:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-08 07:41 . 2013-08-08 07:41 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-08 07:41 . 2013-08-08 07:41 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-07 15:06 . 2013-08-07 15:06 -------- d-----w- c:\users\Public\Public Documents
2013-08-07 14:26 . 2013-08-07 14:26 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-08-07 14:26 . 2013-08-07 14:26 -------- d-----w- c:\program files (x86)\DAEMON Tools Pro
2013-08-07 14:13 . 2013-08-07 14:13 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2013-08-07 14:13 . 2013-08-07 14:13 -------- d-----w- c:\windows\SysWow64\xlive
2013-08-07 14:13 . 2013-08-07 14:13 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2013-08-07 13:51 . 2013-08-07 13:51 -------- d-----w- c:\program files (x86)\Rockstar Games
2013-08-05 10:18 . 2013-08-05 15:42 -------- d--h--w- c:\windows\msdownld.tmp
2013-08-05 10:18 . 2013-08-05 10:18 -------- d-----w- C:\Games
2013-08-04 16:56 . 2013-08-04 20:40 -------- d-----w- C:\Fraps
2013-08-04 16:56 . 2013-08-04 16:56 499708 ----a-w- c:\windows\SysWow64\phatk121016Bonairev1w256l4.bin
2013-08-04 16:56 . 2013-08-04 16:56 -------- d-----w- c:\program files (x86)\Fraps-full version
2013-08-04 14:34 . 2013-08-04 14:34 -------- d-----w- c:\program files (x86)\Sony
2013-08-04 14:34 . 2012-01-20 12:14 18816 ----a-w- c:\windows\system32\roboot64.exe
2013-08-04 14:21 . 2013-08-04 14:21 -------- d-----w- c:\windows\ERUNT
2013-08-04 11:56 . 2013-08-04 14:34 -------- d-----w- c:\program files\Sony
2013-08-04 11:56 . 2013-08-04 11:56 -------- d-----w- c:\programdata\Sony
2013-08-03 17:27 . 2013-08-03 17:28 -------- d-----w- c:\programdata\AVG2013
2013-08-03 17:27 . 2013-08-03 17:27 -------- d-----w- C:\$AVG
2013-08-03 17:26 . 2013-08-03 17:26 -------- d-----w- c:\program files (x86)\AVG
2013-08-03 17:24 . 2013-08-08 07:46 -------- d-----w- c:\programdata\MFAData
2013-08-03 11:38 . 2013-08-03 11:38 -------- d-----w- c:\programdata\TuneUp Software
2013-08-03 11:38 . 2013-08-03 11:43 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-08-03 11:37 . 2013-08-03 11:37 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2013-08-02 17:19 . 2013-08-02 17:19 -------- d-----w- c:\program files (x86)\Opera
2013-08-02 09:27 . 2013-08-02 09:27 -------- d-----w- c:\program files (x86)\Shifters Anticheat
2013-08-01 07:11 . 2013-08-01 07:11 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-08-01 07:11 . 2013-08-01 07:11 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-31 21:23 . 2013-07-31 21:23 -------- d-----w- c:\windows\SysWow64\Macromed
2013-07-31 21:23 . 2013-07-31 21:23 -------- d-----w- c:\windows\system32\Macromed
2013-07-31 20:10 . 2013-08-01 07:11 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-07-31 20:10 . 2013-08-01 07:11 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-07-31 20:09 . 2013-07-31 20:09 -------- d-----w- c:\program files (x86)\Java
2013-07-31 16:20 . 2013-07-31 16:20 -------- d-----w- c:\program files (x86)\Trend Micro
2013-07-31 15:57 . 2013-08-04 09:23 -------- d-----w- c:\program files (x86)\BitLord 2
2013-07-31 14:10 . 2013-07-31 14:10 -------- d-----w- c:\program files (x86)\OpenOffice.org 3
2013-07-31 13:53 . 2013-07-31 13:53 -------- d-----w- c:\windows\SysWow64\Wat
2013-07-31 13:53 . 2013-07-31 13:53 -------- d-----w- c:\windows\system32\Wat
2013-07-31 12:08 . 2013-06-23 22:41 78185248 ----a-w- c:\windows\system32\MRT.exe
2013-07-31 11:52 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-07-31 11:52 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-07-31 11:52 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-07-31 11:52 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-07-31 11:52 . 2010-09-30 10:41 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-07-31 11:52 . 2010-09-30 06:47 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-07-31 11:49 . 2013-07-15 01:34 9460976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{68D5C1D8-01E6-421F-8285-889BAD679F70}\mpengine.dll
2013-07-31 11:48 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-07-31 11:48 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-07-31 11:48 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-07-31 11:48 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-07-31 11:48 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-07-31 11:42 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-31 11:42 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-07-31 11:40 . 2010-12-23 10:42 1118720 ----a-w- c:\windows\system32\sbe.dll
2013-07-31 11:39 . 2012-06-02 05:50 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2013-07-31 11:38 . 2012-11-20 05:48 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-07-31 11:37 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2013-07-31 11:37 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2013-07-31 11:37 . 2012-08-24 18:05 220160 ----a-w- c:\windows\system32\wintrust.dll
2013-07-31 11:37 . 2012-08-24 16:57 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-31 11:37 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2013-07-31 11:37 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2013-07-31 11:37 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2013-07-31 11:35 . 2012-06-06 06:05 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2013-07-30 18:54 . 2013-07-30 18:54 -------- d-----w- c:\users\Luboç
2013-07-30 18:25 . 2013-08-04 21:23 -------- d-----w- c:\users\Owner
2013-07-30 18:09 . 2013-07-30 18:09 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-07-30 18:09 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-07-30 17:44 . 2013-07-30 17:44 -------- d-----w- c:\program files (x86)\ObviousIdea
2013-07-30 15:25 . 2013-08-03 19:27 -------- d-----w- c:\program files (x86)\SpeedFan
2013-07-30 14:57 . 2013-07-30 14:57 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-07-30 14:57 . 2013-07-30 14:57 -------- d-----r- c:\program files (x86)\Skype
2013-07-30 14:57 . 2013-07-30 14:57 -------- d-----w- c:\programdata\Skype
2013-07-30 14:55 . 2013-07-30 14:55 -------- d-----w- c:\program files (x86)\Webteh
2013-07-30 13:43 . 2008-07-31 08:41 68616 ----a-w- c:\windows\SysWow64\XAPOFX1_1.dll
2013-07-30 13:43 . 2008-07-31 08:40 509448 ----a-w- c:\windows\SysWow64\XAudio2_2.dll
2013-07-30 13:43 . 2008-07-12 06:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2013-07-30 13:43 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2013-07-30 13:43 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2013-07-30 13:42 . 2013-07-30 13:42 -------- d-----w- C:\Riot Games
2013-07-30 13:39 . 2013-08-04 15:20 -------- d-----w- c:\programdata\PMB Files
2013-07-30 13:39 . 2013-07-30 13:39 -------- d-----w- c:\program files (x86)\Pando Networks
2013-07-30 13:09 . 2013-07-30 13:09 -------- d-----w- c:\programdata\Malwarebytes
2013-07-30 13:08 . 2013-07-30 13:08 -------- d-----w- C:\vcs5BGEffects
2013-07-30 13:07 . 2013-07-30 18:25 -------- d-----w- c:\programdata\IObit
2013-07-30 13:07 . 2013-07-30 13:07 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-07-30 12:56 . 2013-07-30 12:56 -------- d-----w- c:\program files (x86)\IObit
2013-07-30 11:45 . 2013-08-07 13:49 -------- d-----w- c:\program files (x86)\Steam
2013-07-30 11:45 . 2013-07-30 11:54 -------- d-----w- c:\program files (x86)\Common Files\Steam
2013-07-30 11:38 . 2013-07-30 11:38 -------- d-----w- c:\program files (x86)\TeamViewer
2013-07-30 11:25 . 2013-07-30 11:25 -------- d-----w- c:\program files\CCleaner
2013-07-30 10:27 . 2013-08-07 11:42 -------- d-----w- c:\program files (x86)\TeamSpeak 3 Client
2013-07-30 10:21 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2013-07-30 10:21 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2013-07-30 10:21 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-07-30 10:18 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-07-30 10:18 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-07-30 10:18 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-07-30 10:18 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-07-30 10:18 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2013-07-30 10:18 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2013-07-30 10:18 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2013-07-30 10:18 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-07-30 10:18 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2013-07-30 10:14 . 2012-05-22 00:25 19264 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys
2013-07-30 10:14 . 2012-05-22 00:25 789824 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys
2013-07-30 10:14 . 2012-05-22 00:25 357184 ----a-w- c:\windows\system32\drivers\iusb3hub.sys
2013-07-30 10:13 . 2012-12-26 17:26 805088 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2013-07-30 10:13 . 2012-12-26 17:26 74344 ----a-w- c:\windows\system32\RtNicProp64.dll
2013-07-30 10:13 . 2012-12-26 17:26 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2013-07-30 10:10 . 2011-12-08 07:55 53248 ----a-r- c:\windows\SysWow64\CSVer.dll
2013-07-30 10:10 . 2013-07-30 10:14 -------- d-----w- c:\program files (x86)\Intel
2013-07-30 10:07 . 2013-07-30 10:07 -------- d-----w- c:\windows\Chipset
2013-07-30 10:07 . 2013-07-30 10:07 16896 ----a-w- c:\windows\AsTaskSched.dll
2013-07-30 10:07 . 2011-02-25 06:25 296320 ----a-w- c:\windows\system32\drivers\volsnap.sys
2013-07-30 10:03 . 2013-08-03 12:23 -------- d-----w- c:\programdata\DAEMON Tools Pro
2013-07-30 09:58 . 2013-07-30 09:58 -------- d-----w- c:\programdata\WinZip
2013-07-30 09:58 . 2013-07-30 09:58 -------- d-----w- c:\program files\WinZip
2013-07-30 09:57 . 2013-07-30 09:57 -------- d-----w- c:\program files (x86)\Real
2013-07-30 09:55 . 2013-07-30 09:55 -------- d-----w- c:\programdata\ASUS WebStorage
2013-07-30 09:53 . 2013-07-30 09:53 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-07-30 09:50 . 2012-03-22 14:10 14848 ----a-w- c:\windows\SysWow64\drivers\AiCharger.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-07 14:44 . 2013-08-07 14:44 15584 ----a-w- c:\users\Luboš\AppData\Roaming\Microsoft\IdentityCRL\production\ppcrlconfig.dll
2013-08-07 14:44 . 2013-08-07 14:44 15584 ----a-w- c:\users\Luboš\AppData\Roaming\Microsoft\IdentityCRL\production\ppcrlconfig.dll
2013-07-31 16:20 . 2013-07-31 16:20 388096 ----a-r- c:\users\Luboš\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-07-31 16:20 . 2013-07-31 16:20 388096 ----a-r- c:\users\Luboš\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-07-30 17:44 . 2010-03-18 07:15 773712 ----a-w- c:\windows\SysWow64\msvcr100.dll
2013-07-30 17:44 . 2010-03-18 07:15 420944 ----a-w- c:\windows\SysWow64\msvcp100.dll
2013-06-30 23:45 . 2013-06-30 23:45 116536 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2013-06-07 11:45 . 2013-08-04 16:56 84992 --s-a-w- c:\windows\inf\msijuih\zlib1.dll
2013-06-07 11:45 . 2013-08-04 16:56 612352 --s-a-w- c:\windows\inf\msijuih\libcurl.dll
2013-06-07 11:45 . 2013-08-04 16:56 568334 --s-a-w- c:\windows\inf\msijuih\msijuih.exe
2013-06-07 11:45 . 2013-08-04 16:56 364544 --s-a-w- c:\windows\inf\msijuih\ssleay32.dll
2013-06-07 11:45 . 2013-08-04 16:56 279955 --s-a-w- c:\windows\inf\msijuih\libidn-11.dll
2013-06-07 11:45 . 2013-08-04 16:56 183382 --s-a-w- c:\windows\inf\msijuih\librtmp.dll
2013-06-07 11:45 . 2013-08-04 16:56 171008 --s-a-w- c:\windows\inf\msijuih\libssh2.dll
2013-06-07 11:45 . 2013-08-04 16:56 1704448 --s-a-w- c:\windows\inf\msijuih\libeay32.dll
2013-06-07 11:45 . 2013-08-04 16:56 110094 --s-a-w- c:\windows\inf\msijuih\libusb-1.0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2013-05-13 3111456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-06-30 4411440]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GIGABYTE OC_GURU.lnk - c:\program files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe [2013-3-1 21946368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"3212083974"= 504b0304c239b7f8068374bfb511000000400000e269f63d73594f6202c9694280cc96a28bbd63516fe3c2d5f7a2ff87ac3a990c3ec3b2ed7b07716237a0dfb1dfb651f67e31cb2e7649f98d5e55e9b25b1a579794989b176c357bdcc11226bd6ecb7de8a63ea2165f6b31ead6b0a2a96a6e9d04b9b39f194ef52d48b088d4b6597f685a70ff6912914f86d8235681747da26cfd83223d3d248872c51095484634ebf976e4595f734bd35caf42b38dcf9e878af0be0a5e84b22940f721e8bbcdcbaa3e53607359252db16c0d6c38a142261bb4896d12a48c006cc3c21fdf717c155b2af0375d2545ee286c2aecb2955206ef25c82dc686f7eb83bb3072e94e1e59254b11a2e3628e1d98e177375b54e682a1c77f986e1907ffcb784accacb124189751d7ebbafc91d3a127f134a85e27f8c201d9082f621f5fffac09d2aab94a62f90bd74d6c96a8db6d42e4e98316449d202a4e24857673e2a50b7dfd9d5af72a21a19a922acc9675ba933a1c6ad4e0a11470fbb82eed7a79c5ca2dbb0bec5b2b43baa37373d3ef494726d7cf4a4aa8a3d6a5c206ced49148c0100bfa96b707be91b855151d8da8e0723dd1303325011b3951c9df7b10e9b153bced98376c4d7517f2e0e23a986914b2b0f978454441c47b5797d924ce9cd186d74d308099ee52f226e92de6b50e4a0691f75cfa9ce733494b8cafaeb4be4c65f6c9dffa34a3c2ed9d14f5844164be79b7a90495290350177b03aefa777ff519b624e3c75c219260ac447bba9a6db56f34b340a5f75837fab3c33831a3bc39c2914aeb87a39545bd7ed52450eb7e94d5380e2babce3f8ee6e3cdc9d4ed54d9889d9dbd0dc879caa2b121048a308a7f873252dad24ea8f8911ea0a3b202de930a9fc882cf1349ffe229016b2ebfd7821b8986d31deccbc296ba54fd6d864c915f1d77ac0734d96fe0ba43a669fab128026c7f90e9e1e0a7047f5a2378e4de0966eb6c217b3483194b2b21a3fa8a1cbef1d66a3fc8a5c863bcea6157981a11449bae3357f3287501cb9c24e0afb156f5ddfd6855cd8b7b43feabd9412c1c208b5de2330c469a59de5b490cc06bfd5a4900cb121eb967bc7185a9f00112a5b1e8d8028ca02b0f2b194af03cc1e172b70c9b88643e3c064b5406cf184ad9eba26736ef6feb30dac8ba400933a32a3c03230bd732fcbe16c4b3bdcc0b501616ce956d968b8da68b4a9a64238601e81e78095961580431361a4dd9fe963d3ceba5c21bba416c1cc9d94bb842c25b2fd12c8bf42c35948272965a3fecf6e9b92d32d7e84a402a0b6214a412a23427e4852ce607fd9f7ff8559bbb96a9ae577df0c19d108587d372470be0d3e27ed61feb442c2d65e55bac81c2786cf6b837eebc1b5af35634b29fd5d96347b5f9c747c8a9a83e7cb3c188d9042f08fbd4edeebd65de7c04b275b7fd74067a0ae3033752aa55a45a05355811416ea4a5101511e99305b700bd44742cbd6a9272b5cf4001505c4057866b57e4de5ef0ee9f88b41986a80119c962594972011fc0c39b4a74b74747f5116d896a0ebcbb4387685672899af54b80ae07008971ea1c997a898e33aab769e4e52fbbec97ebf199ce76454badbd4eab272f1d1caabb3b49b3aafc1e67d09ee8feb0580e414eb45f3f0c25fe88872312fec2341e7a6100b2e04ed25fce13a146098dce98446b2f3875ecb269a886795698619d337da612f19bf8d4fe3028e79a26548128d1595af0bf98ff320dc73d873f05ebd07c87cae28df067c00de3e53cc77e801e1304192ca7bf78ab28db40564328a108f9f0ddd8e1b0baeccf16bf1deb3cc5c4b5f5140f6b8a256e9128c203418aa3d93e3f08078977667dc02d830bb6869de92f29a65ac6d2689d0a5a90887a8643119dc9a68b5b00bd59d45da9d7ed5dae6ee6da6119243f77f51b263200f90abbb61cce9a951781ea2012a2c8d7200906439b08e7e76cf9c9536b2e6b560afd7cbaa5044791ee17ded45adfd9d359dac0a9f4ed15bf2cb2ea9b12b7cb11b597cf2e6e750a6c636fe2c4b144f6ff43ccffddae787be160b0a8b4282b35a6aeece165814e95ce7adbe416ef4e51860cb4f5d50af2a86aa4ee602a30aa54850e0cb4a38dc3a1c711b5d03b6a53ee102ac68e553d11e5fb3d0a8e0ef34266263ca4a3e0b76c55a92f75f921cd61a5363e5db7737874d57c653d63457260b67b1df330827b2921c29fda0045bbe7404e40985039f7db153f52b2c941a56e922dcfb60b89dbee327ed6f5c1e438270f766a6ed1730fc581a4aebcfe3b7726b27d6b092cf5a0b6954196cb4cc2788b8722338ee189d9e22692595f0d5b333b0f715cb8d94a08afb631dbb1be79a773e8f1a4eaf7220c24222dda431b91d9175dfa0c6ae81e8c4c879d64446cf56faefe1487ca6739a776aee42ef8be40a612f95cde3b1feeac1e1e41a24c92ed8b0152e247239e5a8bc903679ca8c7b94659ad5b1d10551f460d924fb60882fc90508c3723420f86f4cf100387e808133cc429883c0e3ace91651c075cd19d106e0b437b0363048ca1feaaf929b87aed90afde281edca0fa0cc7b5a7f03807fa5ac41b1ed73130eac1117c631c1818142f24d420f6776cb53d4d0326b9fc3008c3ca03fc649d87d37fa617b74f2865c75298bed54b7d8dc676e2210374d8bf194ae2feda62b4798933c764ccddf845330721fc21e68c0695ca73285103e22ae68da440326dfef9a80d17d0a7c3f920e7b0aa806ee9b7549ed9878b6cfb505ac69e8e8d3cfa718675764cfb03861d32afaae1d918be87f6a9ac0d815c57ad3e167d642f5fcddc25d4ba3ac3e67c26a4deaa17797b3c0654f271eaaa442a71cbe19372adcbde3df8b3fe491e5a76a79d1291a0de317ffbf927f42782fa48270f2c969563b183a4b0112f3497dd3c2a423ec83498bdbaac928910a9fb7fe5788e454c027a28f4a91af2bf09e261f85b0eee4f7929e63c4062496cb09534bb6d03ff69ed2915d0ea215b4fb3d1044e86eb87dfb4898bcbd50e5c4ddfbdb83b9410e1adf91446c43c959e0e341d67a5a7ef8712586de3b8b9c5b6f80f42f235bf68900ebfe6304bb0d9f67408b76201ec26180b4bd76500de4f0df86df4a063aececca69ddf8a162b67a4b9800fa7570d5b551ac2703adc0ffced00650a96cd81ec4187b90c6b2140ce99c1937c40587ea72899897e628115bcab73b3d9f425860b109a67347b8a121f65d0968d56a3dde6b8171cea61b08ae568b9d03c398977ce86f75055230ef370cabf67c9cf97c3223719555403f3e0bd2af0e1e8742decb05fadb0227f15d40ee2d6dc5a49fe1e6bc9e6cedde74294c3bb6fd5c5fedfad672df1dffd219bd8bc1ec39158eab507998755f553441d01cd26a5501f6fb2db4f3597510f85b93a542514c8013eedbbfc913dcce8b20a5759665bdfd9919eb22a89163d8656386d857c5bfc7c241c1d726cd94ab0f92d5b0fefcf1d4abdd26fbc6c17a4ccacf2d31e5e713059de93c59d3b8d3e8d03b5d663f9dfadb03e093cb84fcf500a1f0e2e5ba1c9d81db12cc799c6539af0cc35682d95cb789c745a452bd8b38e6cf08e0579da1ab43ad0858d0305f961b15a79c1090f4867040ea2bd36cf6512aab44ce5a1098efe039134f23bf057777fef3e68e45827b0487924cad4e5f0b1c3b4f5a0e3853b39640eb0782d78888fe92c3b68624e84ff6a5eded87be62d34ce858f34e5fffbba75f014df0f648988b51a72de1ff54d5c7a4b8ecb10c5e9ef51de98c01ef8c406f9824a0c15a29e16b5a53e3643b0065a4263ecae50d2cb976d3d2ea6255a65f1c6cc86167f1784a27b832037db4ce1e262475334f3b2430f86c7a24456eea82ab678aba91bb4c0cc82c877b80b6d3574007257272c3e126c17a8b36aa8aa9431ff01bf658f82d8153eddea6804cdc564a3f5e9967b08feeb823d3db9356a4acdd80e883ca58a1c661d01d145f80a3ab67e8036c0bae1bb7bc43204eb0cf38214bc74a9aef036a31d5a9c552d93a25c0e84057bce5437b1634680d04a77472d631432d2baa7a3acd64220efcf9e7848f8fd9801bef7561a470a1822032160eb59edc0f977882dce4fb2872d89d27ff076dba74a9672f86909956579c28853fa8de7002cc8458d09256d42a39f1a4bdb6b56d36d51488e7368686e54c1bbbfff48884e0d536be362e59bd7f18329a4b82aed396e4f92865f594d0da38f7cace7a4603af60c1a53bdfd19476094aac6e4a8f31fc1257d48d03bb0ef515d8460b9441532c8b5043d0531d5881adb6d997bb184fd8caf4d8e6c759c3f7143b9e32bc7a0ec6234b68adf4111ca1d136721438e5e6d7125d480ce982d84aea7703b4010cd27867d6ddc5e0c970385196f020e48eddb24c56972f9e61e6cc29c1712551583828f899534aacfffc66f99999ea2ba2731d52a7fd2fa262a22b075da52a5aa58f5b41aa9cdc9
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
R1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
R1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
R1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
R1 ndisrd;WinpkFilter LightWeight Filter;c:\windows\system32\DRIVERS\ndisrd.sys;c:\windows\SYSNATIVE\DRIVERS\ndisrd.sys [x]
R1 VDiskBus;ASUS Disk Unlocker;c:\windows\system32\DRIVERS\VDiskBus64.sys;c:\windows\SYSNATIVE\DRIVERS\VDiskBus64.sys [x]
R2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [x]
R2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [x]
R2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [x]
R2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2013\avgfws.exe;c:\program files (x86)\AVG\AVG2013\avgfws.exe [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
R2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys;c:\windows\SYSNATIVE\DRIVERS\RtNdPt60.sys [x]
R3 ASFLTDrv.sys;ASFLTDrv.sys;c:\program files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys;c:\program files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.20);c:\windows\system32\DRIVERS\RtTeam620.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam620.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan620.sys;c:\windows\SYSNATIVE\DRIVERS\RtVlan620.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [x]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R4 ASDiskUnlocker;ASDiskUnlocker;c:\program files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe;c:\program files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe [x]
R4 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.01.06\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.01.06\AsusFanControlService.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 AiCharger;AiCharger;SysWow64\drivers\AiCharger.sys;SysWow64\drivers\AiCharger.sys [x]
S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2012-03-13 09:23 1500672 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2012-03-13 09:23 1500672 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-03-13 09:23 1500672 ----a-w- c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.11.125\AsusWSShellExt64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4249556663-3849541836-846476634-1000\Software\SecuROM\License information*]
"datasecu"=hex:25,85,1f,bb,bb,2f,e1,e4,74,38,9b,91,9d,54,4d,ba,66,46,45,bd,eb,
21,2e,35,3f,be,95,00,90,fd,85,14,a4,1a,cb,12,7d,62,b8,b4,99,7b,75,7e,c0,8f,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-08-08 10:12:35
ComboFix-quarantined-files.txt 2013-08-08 08:12
ComboFix2.txt 2013-08-07 20:33
ComboFix3.txt 2013-08-05 18:25
ComboFix4.txt 2013-08-05 18:09
ComboFix5.txt 2013-08-08 08:06
.
Před spuštěním: Volných bajtů: 368 326 545 408
Po spuštění: Volných bajtů: 368 160 907 264
.
- - End Of File - - 22B0B0D8267F65E5D496A48F0266AA05
A36C5E4F47E84449FF07ED3517B43A31

creativ718 · Příspěvekod **creativ718** » 08 srp 2013 10:24

HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:13:17, on 8.8.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16496)
Boot mode: Safe mode

Running processes:
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - Global Startup: GIGABYTE OC_GURU.lnk = C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 5235 bytes

Příspěvekod **jaro3** » 08 srp 2013 13:50

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

Script v Combofixu udělej znovu , v nouz. režimu.

creativ718 · Příspěvekod **creativ718** » 08 srp 2013 20:31

Když dám scan, tak mi to píše toto, ikdyž když dám ok, tak to jede.

creativ718 · Příspěvekod **creativ718** » 08 srp 2013 20:33

Když dám fix, tak mi to píše toto a po zmáčknutí ok se nic neděje.

creativ718 · Příspěvekod **creativ718** » 08 srp 2013 20:33

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm - tento mi to v HJT ani nenašlo.

Prosím o kontrolu logu win7 Vyřešeno

Re: Prosím o kontrolu logu win7

Re: Prosím o kontrolu logu win7

Re: Prosím o kontrolu logu win7

Re: Prosím o kontrolu logu win7

Re: Prosím o kontrolu logu win7

Re: Prosím o kontrolu logu win7

Re: Prosím o kontrolu logu win7

Re: Prosím o kontrolu logu win7

Re: Prosím o kontrolu logu win7

Re: Prosím o kontrolu logu win7

Re: Prosím o kontrolu logu win7

Re: Prosím o kontrolu logu win7

Kdo je online