Prosím kontrolu, zasekaný Chrom i PC

Příspěvekod **memphisto** » 09 srp 2013 21:48

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.

Reklama

Scanner · Příspěvekod **Scanner** » 10 srp 2013 14:47

ComboFix 13-08-09.02 - Zkuřka 10.08.2013 14:35:30.3.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4079.2776 [GMT 2:00]
Spuštěný z: c:\users\Zku°ka\Desktop\ComboFix.exe
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.dat
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-07-10 do 2013-08-10 )))))))))))))))))))))))))))))))
.
.
2013-08-10 12:39 . 2013-08-10 12:40 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-08-10 12:39 . 2013-08-10 12:39 -------- d-----w- c:\users\Simča\AppData\Local\temp
2013-08-10 12:39 . 2013-08-10 12:39 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-08-10 12:39 . 2013-08-10 12:39 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-08-10 12:39 . 2013-08-10 12:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-09 15:46 . 2013-08-09 15:46 -------- d-----w- c:\windows\ERUNT
2013-08-09 15:39 . 2013-08-09 15:39 173 ----a-w- c:\windows\DeleteOnReboot.bat
2013-08-07 20:38 . 2013-08-07 20:39 -------- d-----w- c:\users\Zkuřka\AppData\Local\CRE
2013-07-26 07:54 . 2013-08-07 14:08 -------- d-----w- c:\users\Zkuřka\AppData\Local\CrashDumps
2013-07-26 07:54 . 2013-07-26 07:54 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2013-07-25 22:31 . 2013-07-26 09:41 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-07-25 22:31 . 2013-07-25 22:31 -------- d-----w- c:\program files\Symantec
2013-07-25 22:31 . 2013-07-25 22:31 -------- d-----w- c:\program files\Common Files\Symantec Shared
2013-07-25 22:30 . 2013-07-26 09:42 -------- d-----w- c:\windows\system32\drivers\N360x64
2013-07-25 22:30 . 2013-07-25 22:31 -------- d-----w- c:\programdata\Norton
2013-07-25 22:30 . 2013-07-25 22:30 -------- d-----w- c:\program files (x86)\Norton 360
2013-07-25 22:30 . 2013-07-25 22:30 -------- d-----w- c:\program files (x86)\NortonInstaller
2013-07-23 10:18 . 2013-07-23 10:18 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E4260C79-CB6B-45F0-907E-6538C1A6349C}\offreg.dll
2013-07-23 09:34 . 2013-07-02 08:34 9460976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E4260C79-CB6B-45F0-907E-6538C1A6349C}\mpengine.dll
2013-07-22 20:16 . 2013-07-22 20:16 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2013-07-14 14:22 . 2013-08-01 13:54 -------- d-----w- c:\users\Zkuřka\AppData\Roaming\NVIDIA
2013-07-14 14:22 . 2013-07-14 14:22 -------- d-sh--w- c:\programdata\DSS
2013-07-14 14:20 . 2013-07-14 14:20 -------- d-----w- c:\users\Zkuřka\AppData\Roaming\Macromedia
2013-07-14 14:20 . 2013-07-14 14:20 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-14 14:20 . 2013-07-14 14:20 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-14 14:20 . 2013-07-14 14:20 -------- d-----w- c:\windows\SysWow64\Macromed
2013-07-14 14:20 . 2013-07-14 14:20 -------- d-----w- c:\windows\system32\Macromed
2013-07-11 19:04 . 2013-07-11 19:04 -------- d-----r- C:\MSOCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-02 19:15 . 2013-07-02 19:15 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-06-27 12:51 . 2013-06-27 12:51 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-27 12:51 . 2013-06-12 18:08 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-27 12:51 . 2013-06-12 18:08 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-25 11:12 . 2012-08-13 14:49 178448 ----a-w- c:\windows\system32\drivers\kneps.sys
2013-06-25 11:12 . 2013-06-25 10:54 90208 ----a-w- c:\windows\system32\drivers\klflt.sys
2013-06-25 11:12 . 2013-06-25 10:54 620128 ----a-w- c:\windows\system32\drivers\klif.sys
2013-06-25 11:12 . 2013-03-15 03:33 54368 ----a-w- c:\windows\system32\drivers\kltdi.sys
2013-06-23 22:57 . 2013-05-25 17:04 78277128 ----a-w- c:\windows\system32\MRT.exe
2013-06-21 12:06 . 2013-07-02 15:24 7641832 ----a-w- c:\windows\system32\nvopencl.dll
2013-06-21 12:06 . 2013-07-02 15:24 6324360 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-06-21 12:06 . 2013-07-02 15:24 572704 ----a-w- c:\windows\system32\NvFBC64.dll
2013-06-21 12:06 . 2013-07-02 15:24 570656 ----a-w- c:\windows\system32\NvIFR64.dll
2013-06-21 12:06 . 2013-07-02 15:24 467232 ----a-w- c:\windows\SysWow64\NvIFR.dll
2013-06-21 12:06 . 2013-07-02 15:24 465184 ----a-w- c:\windows\SysWow64\NvFBC.dll
2013-06-21 12:06 . 2013-07-02 15:24 2953504 ----a-w- c:\windows\system32\nvcuvid.dll
2013-06-21 12:06 . 2013-07-02 15:24 27781920 ----a-w- c:\windows\system32\nvoglv64.dll
2013-06-21 12:06 . 2013-07-02 15:24 2777888 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-06-21 12:06 . 2013-07-02 15:24 2363680 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-06-21 12:06 . 2013-07-02 15:24 21102368 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-06-21 12:06 . 2013-07-02 15:24 2002720 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-06-21 12:06 . 2013-07-02 15:24 1832224 ----a-w- c:\windows\system32\nvdispco6432049.dll
2013-06-21 12:06 . 2013-07-02 15:24 15144928 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-06-21 12:06 . 2013-07-02 15:24 1511712 ----a-w- c:\windows\system32\nvdispgenco6432049.dll
2013-06-21 12:06 . 2013-07-02 15:24 13411896 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-06-21 12:06 . 2013-07-02 15:24 11235104 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-06-21 12:06 . 2013-07-02 15:24 9239344 ----a-w- c:\windows\system32\nvcuda.dll
2013-06-21 12:06 . 2013-07-02 15:24 7687592 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-06-21 12:06 . 2013-07-02 15:24 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2013-06-21 12:06 . 2013-07-02 15:24 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-06-21 12:06 . 2013-05-25 15:56 2597856 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-06-21 12:06 . 2013-05-25 15:56 15920536 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-06-21 12:06 . 2013-05-25 15:56 12427240 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-06-21 12:06 . 2013-02-25 22:32 2936208 ----a-w- c:\windows\system32\nvapi64.dll
2013-06-21 10:23 . 2010-10-08 08:04 6496544 ----a-w- c:\windows\system32\nvcpl.dll
2013-06-21 10:23 . 2010-10-08 08:04 3514656 ----a-w- c:\windows\system32\nvsvc64.dll
2013-06-21 10:23 . 2010-10-08 08:04 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-06-21 10:23 . 2010-10-08 08:04 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-06-21 10:23 . 2010-10-08 08:04 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-06-21 10:23 . 2010-10-08 08:04 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-06-21 03:16 . 2013-06-21 03:16 566048 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-06-11 23:43 . 2013-07-11 05:03 1767936 ----a-w- c:\windows\SysWow64\wininet.dll
2013-06-11 23:43 . 2013-07-11 05:04 2877440 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-06-11 23:42 . 2013-07-11 05:04 61440 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-06-11 23:42 . 2013-07-11 05:04 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-06-11 23:26 . 2013-07-11 05:04 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2013-06-11 23:26 . 2013-07-11 05:03 2241024 ----a-w- c:\windows\system32\wininet.dll
2013-06-11 23:26 . 2013-07-11 05:04 1365504 ----a-w- c:\windows\system32\urlmon.dll
2013-06-11 23:25 . 2013-07-11 05:03 19238912 ----a-w- c:\windows\system32\mshtml.dll
2013-06-11 23:25 . 2013-07-11 05:04 603136 ----a-w- c:\windows\system32\msfeeds.dll
2013-06-11 23:25 . 2013-07-11 05:04 855552 ----a-w- c:\windows\system32\jscript.dll
2013-06-11 23:25 . 2013-07-11 05:04 3958784 ----a-w- c:\windows\system32\jscript9.dll
2013-06-11 23:25 . 2013-07-11 05:03 53248 ----a-w- c:\windows\system32\jsproxy.dll
2013-06-11 23:25 . 2013-07-11 05:04 526336 ----a-w- c:\windows\system32\ieui.dll
2013-06-11 23:25 . 2013-07-11 05:04 67072 ----a-w- c:\windows\system32\iesetup.dll
2013-06-11 23:25 . 2013-07-11 05:04 39936 ----a-w- c:\windows\system32\iernonce.dll
2013-06-11 23:25 . 2013-07-11 05:04 136704 ----a-w- c:\windows\system32\iesysprep.dll
2013-06-11 23:25 . 2013-07-11 05:04 2648576 ----a-w- c:\windows\system32\iertutil.dll
2013-06-11 23:25 . 2013-07-11 05:03 15404032 ----a-w- c:\windows\system32\ieframe.dll
2013-06-11 22:51 . 2013-07-11 05:04 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50 . 2013-07-11 05:04 89600 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-06-07 03:22 . 2013-07-11 05:04 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-06-07 02:37 . 2013-07-11 05:04 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-06-05 03:34 . 2013-07-10 20:19 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 06:00 . 2013-07-10 20:19 624128 ----a-w- c:\windows\system32\qedit.dll
2013-06-04 04:53 . 2013-07-10 20:19 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2013-05-26 17:33 . 2012-07-17 12:37 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-25 19:49 . 2013-05-25 19:49 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-25 19:49 . 2013-05-25 19:49 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-05-25 19:49 . 2013-05-25 19:49 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-05-25 19:49 . 2013-05-25 19:49 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-05-25 19:49 . 2013-05-25 19:49 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-05-25 19:49 . 2013-05-25 19:49 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-05-25 19:49 . 2013-05-25 19:49 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-05-25 19:49 . 2013-05-25 19:49 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-05-25 19:49 . 2013-05-25 19:49 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-05-25 19:49 . 2013-05-25 19:49 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-05-25 19:49 . 2013-05-25 19:49 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-05-25 19:49 . 2013-05-25 19:49 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-05-25 19:49 . 2013-05-25 19:49 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-05-25 19:49 . 2013-05-25 19:49 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-05-25 19:49 . 2013-05-25 19:49 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-05-25 19:49 . 2013-05-25 19:49 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-05-25 19:49 . 2013-05-25 19:49 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-05-25 19:49 . 2013-05-25 19:49 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-25 19:49 . 2013-05-25 19:49 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-05-25 19:49 . 2013-05-25 19:49 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-05-25 19:49 . 2013-05-25 19:49 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-05-25 19:49 . 2013-05-25 19:49 81408 ----a-w- c:\windows\system32\icardie.dll
2013-05-25 19:49 . 2013-05-25 19:49 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-05-25 19:49 . 2013-05-25 19:49 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-05-25 19:49 . 2013-05-25 19:49 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-05-25 19:49 . 2013-05-25 19:49 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-05-25 19:49 . 2013-05-25 19:49 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-05-25 19:49 . 2013-05-25 19:49 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-05-25 19:49 . 2013-05-25 19:49 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-05-25 19:49 . 2013-05-25 19:49 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-05-25 19:49 . 2013-05-25 19:49 441856 ----a-w- c:\windows\system32\html.iec
2013-05-25 19:49 . 2013-05-25 19:49 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-05-25 19:49 . 2013-05-25 19:49 27648 ----a-w- c:\windows\system32\licmgr10.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-21 19875432]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [2008-01-22 152872]
"DAEMON Tools Lite"="e:\daemon tools lite\DTLite.exe" [2013-03-14 3672640]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;e:\malwarebytes' anti-malware\mbamservice.exe;e:\malwarebytes' anti-malware\mbamservice.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1404000.028\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1404000.028\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [x]
S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\ccSetx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130808.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130808.001\IDSvia64.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\N360x64\1404000.028\SYMNETS.SYS [x]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;e:\advanced systemcare 6\ASCService.exe;e:\advanced systemcare 6\ASCService.exe [x]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe;c:\program files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS;c:\windows\SYSNATIVE\DRIVERS\PFC027.SYS [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-28 06:59 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.63\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-03 1028896]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - e:\micros~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 77.48.254.254 77.48.100.254
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Celkový čas: 2013-08-10 14:43:42 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-08-10 12:43
.
Před spuštěním: Volných bajtů: 110 931 660 800
Po spuštění: Volných bajtů: 111 216 615 424
.
- - End Of File - - 13CDE2706C553986A6A17116F877112C
A36C5E4F47E84449FF07ED3517B43A31

Příspěvekod **memphisto** » 10 srp 2013 15:24

Teď máš Nortona nebo Kasperského?

Scanner · Příspěvekod **Scanner** » 10 srp 2013 23:06

Měl jsem zkušební verzi Kasperského, teď mám zkušební verzi Nortona.

Příspěvekod **memphisto** » 10 srp 2013 23:34

Je tam ještě spousta zbytků Kasperského. Použij tenhle nástroj a pak znovu Combofix

http://support.kaspersky.com/common/ser ... px?el=1464

Scanner · Příspěvekod **Scanner** » 11 srp 2013 00:09

ComboFix 13-08-09.02 - Zkuřka 10.08.2013 23:58:20.4.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4079.2998 [GMT 2:00]
Spuštěný z: c:\users\Zku°ka\Desktop\ComboFix.exe
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.dat
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-07-10 do 2013-08-10 )))))))))))))))))))))))))))))))
.
.
2013-08-10 22:02 . 2013-08-10 22:02 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-08-10 22:02 . 2013-08-10 22:02 -------- d-----w- c:\users\Simča\AppData\Local\temp
2013-08-10 22:02 . 2013-08-10 22:02 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-08-10 22:02 . 2013-08-10 22:02 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-08-10 22:02 . 2013-08-10 22:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-09 15:46 . 2013-08-09 15:46 -------- d-----w- c:\windows\ERUNT
2013-08-09 15:39 . 2013-08-09 15:39 173 ----a-w- c:\windows\DeleteOnReboot.bat
2013-08-07 20:38 . 2013-08-07 20:39 -------- d-----w- c:\users\Zkuřka\AppData\Local\CRE
2013-07-26 07:54 . 2013-08-07 14:08 -------- d-----w- c:\users\Zkuřka\AppData\Local\CrashDumps
2013-07-26 07:54 . 2013-07-26 07:54 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2013-07-25 22:31 . 2013-07-26 09:41 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-07-25 22:31 . 2013-07-25 22:31 -------- d-----w- c:\program files\Symantec
2013-07-25 22:31 . 2013-07-25 22:31 -------- d-----w- c:\program files\Common Files\Symantec Shared
2013-07-25 22:30 . 2013-07-26 09:42 -------- d-----w- c:\windows\system32\drivers\N360x64
2013-07-25 22:30 . 2013-07-25 22:31 -------- d-----w- c:\programdata\Norton
2013-07-25 22:30 . 2013-07-25 22:30 -------- d-----w- c:\program files (x86)\Norton 360
2013-07-25 22:30 . 2013-07-25 22:30 -------- d-----w- c:\program files (x86)\NortonInstaller
2013-07-23 10:18 . 2013-07-23 10:18 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E4260C79-CB6B-45F0-907E-6538C1A6349C}\offreg.dll
2013-07-23 09:34 . 2013-07-02 08:34 9460976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E4260C79-CB6B-45F0-907E-6538C1A6349C}\mpengine.dll
2013-07-22 20:16 . 2013-07-22 20:16 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2013-07-14 14:22 . 2013-08-01 13:54 -------- d-----w- c:\users\Zkuřka\AppData\Roaming\NVIDIA
2013-07-14 14:22 . 2013-07-14 14:22 -------- d-sh--w- c:\programdata\DSS
2013-07-14 14:20 . 2013-07-14 14:20 -------- d-----w- c:\users\Zkuřka\AppData\Roaming\Macromedia
2013-07-14 14:20 . 2013-07-14 14:20 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-14 14:20 . 2013-07-14 14:20 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-14 14:20 . 2013-07-14 14:20 -------- d-----w- c:\windows\SysWow64\Macromed
2013-07-14 14:20 . 2013-07-14 14:20 -------- d-----w- c:\windows\system32\Macromed
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-02 19:15 . 2013-07-02 19:15 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-06-27 12:51 . 2013-06-27 12:51 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-27 12:51 . 2013-06-12 18:08 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-27 12:51 . 2013-06-12 18:08 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-23 22:57 . 2013-05-25 17:04 78277128 ----a-w- c:\windows\system32\MRT.exe
2013-06-21 12:06 . 2013-07-02 15:24 7641832 ----a-w- c:\windows\system32\nvopencl.dll
2013-06-21 12:06 . 2013-07-02 15:24 6324360 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-06-21 12:06 . 2013-07-02 15:24 572704 ----a-w- c:\windows\system32\NvFBC64.dll
2013-06-21 12:06 . 2013-07-02 15:24 570656 ----a-w- c:\windows\system32\NvIFR64.dll
2013-06-21 12:06 . 2013-07-02 15:24 467232 ----a-w- c:\windows\SysWow64\NvIFR.dll
2013-06-21 12:06 . 2013-07-02 15:24 465184 ----a-w- c:\windows\SysWow64\NvFBC.dll
2013-06-21 12:06 . 2013-07-02 15:24 2953504 ----a-w- c:\windows\system32\nvcuvid.dll
2013-06-21 12:06 . 2013-07-02 15:24 27781920 ----a-w- c:\windows\system32\nvoglv64.dll
2013-06-21 12:06 . 2013-07-02 15:24 2777888 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-06-21 12:06 . 2013-07-02 15:24 2363680 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-06-21 12:06 . 2013-07-02 15:24 21102368 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-06-21 12:06 . 2013-07-02 15:24 2002720 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-06-21 12:06 . 2013-07-02 15:24 1832224 ----a-w- c:\windows\system32\nvdispco6432049.dll
2013-06-21 12:06 . 2013-07-02 15:24 15144928 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-06-21 12:06 . 2013-07-02 15:24 1511712 ----a-w- c:\windows\system32\nvdispgenco6432049.dll
2013-06-21 12:06 . 2013-07-02 15:24 13411896 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-06-21 12:06 . 2013-07-02 15:24 11235104 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-06-21 12:06 . 2013-07-02 15:24 9239344 ----a-w- c:\windows\system32\nvcuda.dll
2013-06-21 12:06 . 2013-07-02 15:24 7687592 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-06-21 12:06 . 2013-07-02 15:24 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2013-06-21 12:06 . 2013-07-02 15:24 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-06-21 12:06 . 2013-05-25 15:56 2597856 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-06-21 12:06 . 2013-05-25 15:56 15920536 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-06-21 12:06 . 2013-05-25 15:56 12427240 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-06-21 12:06 . 2013-02-25 22:32 2936208 ----a-w- c:\windows\system32\nvapi64.dll
2013-06-21 10:23 . 2010-10-08 08:04 6496544 ----a-w- c:\windows\system32\nvcpl.dll
2013-06-21 10:23 . 2010-10-08 08:04 3514656 ----a-w- c:\windows\system32\nvsvc64.dll
2013-06-21 10:23 . 2010-10-08 08:04 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-06-21 10:23 . 2010-10-08 08:04 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-06-21 10:23 . 2010-10-08 08:04 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-06-21 10:23 . 2010-10-08 08:04 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-06-21 03:16 . 2013-06-21 03:16 566048 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-06-11 23:43 . 2013-07-11 05:03 1767936 ----a-w- c:\windows\SysWow64\wininet.dll
2013-06-11 23:43 . 2013-07-11 05:04 2877440 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-06-11 23:42 . 2013-07-11 05:04 61440 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-06-11 23:42 . 2013-07-11 05:04 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-06-11 23:26 . 2013-07-11 05:04 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2013-06-11 23:26 . 2013-07-11 05:03 2241024 ----a-w- c:\windows\system32\wininet.dll
2013-06-11 23:26 . 2013-07-11 05:04 1365504 ----a-w- c:\windows\system32\urlmon.dll
2013-06-11 23:25 . 2013-07-11 05:03 19238912 ----a-w- c:\windows\system32\mshtml.dll
2013-06-11 23:25 . 2013-07-11 05:04 603136 ----a-w- c:\windows\system32\msfeeds.dll
2013-06-11 23:25 . 2013-07-11 05:04 855552 ----a-w- c:\windows\system32\jscript.dll
2013-06-11 23:25 . 2013-07-11 05:04 3958784 ----a-w- c:\windows\system32\jscript9.dll
2013-06-11 23:25 . 2013-07-11 05:03 53248 ----a-w- c:\windows\system32\jsproxy.dll
2013-06-11 23:25 . 2013-07-11 05:04 526336 ----a-w- c:\windows\system32\ieui.dll
2013-06-11 23:25 . 2013-07-11 05:04 67072 ----a-w- c:\windows\system32\iesetup.dll
2013-06-11 23:25 . 2013-07-11 05:04 39936 ----a-w- c:\windows\system32\iernonce.dll
2013-06-11 23:25 . 2013-07-11 05:04 136704 ----a-w- c:\windows\system32\iesysprep.dll
2013-06-11 23:25 . 2013-07-11 05:04 2648576 ----a-w- c:\windows\system32\iertutil.dll
2013-06-11 23:25 . 2013-07-11 05:03 15404032 ----a-w- c:\windows\system32\ieframe.dll
2013-06-11 22:51 . 2013-07-11 05:04 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50 . 2013-07-11 05:04 89600 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-06-07 03:22 . 2013-07-11 05:04 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-06-07 02:37 . 2013-07-11 05:04 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-06-05 03:34 . 2013-07-10 20:19 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 06:00 . 2013-07-10 20:19 624128 ----a-w- c:\windows\system32\qedit.dll
2013-06-04 04:53 . 2013-07-10 20:19 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2013-05-26 17:33 . 2012-07-17 12:37 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-25 19:49 . 2013-05-25 19:49 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-25 19:49 . 2013-05-25 19:49 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-05-25 19:49 . 2013-05-25 19:49 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-05-25 19:49 . 2013-05-25 19:49 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-05-25 19:49 . 2013-05-25 19:49 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-05-25 19:49 . 2013-05-25 19:49 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-05-25 19:49 . 2013-05-25 19:49 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-05-25 19:49 . 2013-05-25 19:49 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-05-25 19:49 . 2013-05-25 19:49 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-05-25 19:49 . 2013-05-25 19:49 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-05-25 19:49 . 2013-05-25 19:49 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-05-25 19:49 . 2013-05-25 19:49 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-05-25 19:49 . 2013-05-25 19:49 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-05-25 19:49 . 2013-05-25 19:49 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-05-25 19:49 . 2013-05-25 19:49 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-05-25 19:49 . 2013-05-25 19:49 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-05-25 19:49 . 2013-05-25 19:49 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-05-25 19:49 . 2013-05-25 19:49 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-25 19:49 . 2013-05-25 19:49 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-05-25 19:49 . 2013-05-25 19:49 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-05-25 19:49 . 2013-05-25 19:49 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-05-25 19:49 . 2013-05-25 19:49 81408 ----a-w- c:\windows\system32\icardie.dll
2013-05-25 19:49 . 2013-05-25 19:49 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-05-25 19:49 . 2013-05-25 19:49 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-05-25 19:49 . 2013-05-25 19:49 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-05-25 19:49 . 2013-05-25 19:49 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-05-25 19:49 . 2013-05-25 19:49 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-05-25 19:49 . 2013-05-25 19:49 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-05-25 19:49 . 2013-05-25 19:49 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-05-25 19:49 . 2013-05-25 19:49 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-05-25 19:49 . 2013-05-25 19:49 441856 ----a-w- c:\windows\system32\html.iec
2013-05-25 19:49 . 2013-05-25 19:49 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-05-25 19:49 . 2013-05-25 19:49 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-25 19:49 . 2013-05-25 19:49 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-05-25 19:49 . 2013-05-25 19:49 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-05-25 19:49 . 2013-05-25 19:49 235008 ----a-w- c:\windows\system32\url.dll
2013-05-25 19:49 . 2013-05-25 19:49 216064 ----a-w- c:\windows\system32\msls31.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-21 19875432]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [2008-01-22 152872]
"DAEMON Tools Lite"="e:\daemon tools lite\DTLite.exe" [2013-03-14 3672640]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;e:\malwarebytes' anti-malware\mbamservice.exe;e:\malwarebytes' anti-malware\mbamservice.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1404000.028\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1404000.028\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [x]
S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\ccSetx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130809.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130809.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\N360x64\1404000.028\SYMNETS.SYS [x]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;e:\advanced systemcare 6\ASCService.exe;e:\advanced systemcare 6\ASCService.exe [x]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe;c:\program files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS;c:\windows\SYSNATIVE\DRIVERS\PFC027.SYS [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-28 06:59 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.63\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-03 1028896]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - e:\micros~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 77.48.254.254 77.48.100.254
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-08-11 00:03:51
ComboFix-quarantined-files.txt 2013-08-10 22:03
ComboFix2.txt 2013-08-10 12:43
.
Před spuštěním: Volných bajtů: 110 271 336 448
Po spuštění: Volných bajtů: 110 099 574 784
.
- - End Of File - - 6A2A4EA9CCBE32632ECE47BAB3861A8E
A36C5E4F47E84449FF07ED3517B43A31

Příspěvekod **memphisto** » 11 srp 2013 16:34

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

Scanner · Příspěvekod **Scanner** » 11 srp 2013 18:49

ComboFix 13-08-09.02 - Zkuřka 11.08.2013 18:37:44.5.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4079.3048 [GMT 2:00]
Spuštěný z: c:\users\Zku°ka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Zku°ka\Desktop\CFScript.txt
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-07-11 do 2013-08-11 )))))))))))))))))))))))))))))))
.
.
2013-08-11 16:41 . 2013-08-11 16:42 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-08-11 16:41 . 2013-08-11 16:41 -------- d-----w- c:\users\Simča\AppData\Local\temp
2013-08-11 16:41 . 2013-08-11 16:41 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-08-11 16:41 . 2013-08-11 16:41 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-08-11 16:41 . 2013-08-11 16:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-09 15:46 . 2013-08-09 15:46 -------- d-----w- c:\windows\ERUNT
2013-08-09 15:39 . 2013-08-09 15:39 173 ----a-w- c:\windows\DeleteOnReboot.bat
2013-08-07 20:38 . 2013-08-07 20:39 -------- d-----w- c:\users\Zkuřka\AppData\Local\CRE
2013-07-26 07:54 . 2013-08-07 14:08 -------- d-----w- c:\users\Zkuřka\AppData\Local\CrashDumps
2013-07-26 07:54 . 2013-07-26 07:54 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2013-07-25 22:31 . 2013-07-26 09:41 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-07-25 22:31 . 2013-07-25 22:31 -------- d-----w- c:\program files\Symantec
2013-07-25 22:31 . 2013-07-25 22:31 -------- d-----w- c:\program files\Common Files\Symantec Shared
2013-07-25 22:30 . 2013-07-26 09:42 -------- d-----w- c:\windows\system32\drivers\N360x64
2013-07-25 22:30 . 2013-07-25 22:31 -------- d-----w- c:\programdata\Norton
2013-07-25 22:30 . 2013-07-25 22:30 -------- d-----w- c:\program files (x86)\Norton 360
2013-07-25 22:30 . 2013-07-25 22:30 -------- d-----w- c:\program files (x86)\NortonInstaller
2013-07-23 10:18 . 2013-07-23 10:18 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E4260C79-CB6B-45F0-907E-6538C1A6349C}\offreg.dll
2013-07-23 09:34 . 2013-07-02 08:34 9460976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E4260C79-CB6B-45F0-907E-6538C1A6349C}\mpengine.dll
2013-07-22 20:16 . 2013-07-22 20:16 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2013-07-14 14:22 . 2013-08-01 13:54 -------- d-----w- c:\users\Zkuřka\AppData\Roaming\NVIDIA
2013-07-14 14:22 . 2013-07-14 14:22 -------- d-sh--w- c:\programdata\DSS
2013-07-14 14:20 . 2013-07-14 14:20 -------- d-----w- c:\users\Zkuřka\AppData\Roaming\Macromedia
2013-07-14 14:20 . 2013-07-14 14:20 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-14 14:20 . 2013-07-14 14:20 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-14 14:20 . 2013-07-14 14:20 -------- d-----w- c:\windows\SysWow64\Macromed
2013-07-14 14:20 . 2013-07-14 14:20 -------- d-----w- c:\windows\system32\Macromed
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-02 19:15 . 2013-07-02 19:15 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-06-27 12:51 . 2013-06-27 12:51 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-27 12:51 . 2013-06-12 18:08 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-27 12:51 . 2013-06-12 18:08 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-23 22:57 . 2013-05-25 17:04 78277128 ----a-w- c:\windows\system32\MRT.exe
2013-06-21 12:06 . 2013-07-02 15:24 7641832 ----a-w- c:\windows\system32\nvopencl.dll
2013-06-21 12:06 . 2013-07-02 15:24 6324360 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-06-21 12:06 . 2013-07-02 15:24 572704 ----a-w- c:\windows\system32\NvFBC64.dll
2013-06-21 12:06 . 2013-07-02 15:24 570656 ----a-w- c:\windows\system32\NvIFR64.dll
2013-06-21 12:06 . 2013-07-02 15:24 467232 ----a-w- c:\windows\SysWow64\NvIFR.dll
2013-06-21 12:06 . 2013-07-02 15:24 465184 ----a-w- c:\windows\SysWow64\NvFBC.dll
2013-06-21 12:06 . 2013-07-02 15:24 2953504 ----a-w- c:\windows\system32\nvcuvid.dll
2013-06-21 12:06 . 2013-07-02 15:24 27781920 ----a-w- c:\windows\system32\nvoglv64.dll
2013-06-21 12:06 . 2013-07-02 15:24 2777888 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-06-21 12:06 . 2013-07-02 15:24 2363680 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-06-21 12:06 . 2013-07-02 15:24 21102368 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-06-21 12:06 . 2013-07-02 15:24 2002720 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-06-21 12:06 . 2013-07-02 15:24 1832224 ----a-w- c:\windows\system32\nvdispco6432049.dll
2013-06-21 12:06 . 2013-07-02 15:24 15144928 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-06-21 12:06 . 2013-07-02 15:24 1511712 ----a-w- c:\windows\system32\nvdispgenco6432049.dll
2013-06-21 12:06 . 2013-07-02 15:24 13411896 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-06-21 12:06 . 2013-07-02 15:24 11235104 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-06-21 12:06 . 2013-07-02 15:24 9239344 ----a-w- c:\windows\system32\nvcuda.dll
2013-06-21 12:06 . 2013-07-02 15:24 7687592 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-06-21 12:06 . 2013-07-02 15:24 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2013-06-21 12:06 . 2013-07-02 15:24 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-06-21 12:06 . 2013-05-25 15:56 2597856 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-06-21 12:06 . 2013-05-25 15:56 15920536 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-06-21 12:06 . 2013-05-25 15:56 12427240 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-06-21 12:06 . 2013-02-25 22:32 2936208 ----a-w- c:\windows\system32\nvapi64.dll
2013-06-21 10:23 . 2010-10-08 08:04 6496544 ----a-w- c:\windows\system32\nvcpl.dll
2013-06-21 10:23 . 2010-10-08 08:04 3514656 ----a-w- c:\windows\system32\nvsvc64.dll
2013-06-21 10:23 . 2010-10-08 08:04 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-06-21 10:23 . 2010-10-08 08:04 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-06-21 10:23 . 2010-10-08 08:04 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-06-21 10:23 . 2010-10-08 08:04 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-06-21 03:16 . 2013-06-21 03:16 566048 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-06-11 23:43 . 2013-07-11 05:03 1767936 ----a-w- c:\windows\SysWow64\wininet.dll
2013-06-11 23:43 . 2013-07-11 05:04 2877440 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-06-11 23:42 . 2013-07-11 05:04 61440 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-06-11 23:42 . 2013-07-11 05:04 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-06-11 23:26 . 2013-07-11 05:04 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2013-06-11 23:26 . 2013-07-11 05:03 2241024 ----a-w- c:\windows\system32\wininet.dll
2013-06-11 23:26 . 2013-07-11 05:04 1365504 ----a-w- c:\windows\system32\urlmon.dll
2013-06-11 23:25 . 2013-07-11 05:03 19238912 ----a-w- c:\windows\system32\mshtml.dll
2013-06-11 23:25 . 2013-07-11 05:04 603136 ----a-w- c:\windows\system32\msfeeds.dll
2013-06-11 23:25 . 2013-07-11 05:04 855552 ----a-w- c:\windows\system32\jscript.dll
2013-06-11 23:25 . 2013-07-11 05:04 3958784 ----a-w- c:\windows\system32\jscript9.dll
2013-06-11 23:25 . 2013-07-11 05:03 53248 ----a-w- c:\windows\system32\jsproxy.dll
2013-06-11 23:25 . 2013-07-11 05:04 526336 ----a-w- c:\windows\system32\ieui.dll
2013-06-11 23:25 . 2013-07-11 05:04 67072 ----a-w- c:\windows\system32\iesetup.dll
2013-06-11 23:25 . 2013-07-11 05:04 39936 ----a-w- c:\windows\system32\iernonce.dll
2013-06-11 23:25 . 2013-07-11 05:04 136704 ----a-w- c:\windows\system32\iesysprep.dll
2013-06-11 23:25 . 2013-07-11 05:04 2648576 ----a-w- c:\windows\system32\iertutil.dll
2013-06-11 23:25 . 2013-07-11 05:03 15404032 ----a-w- c:\windows\system32\ieframe.dll
2013-06-11 22:51 . 2013-07-11 05:04 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50 . 2013-07-11 05:04 89600 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-06-07 03:22 . 2013-07-11 05:04 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-06-07 02:37 . 2013-07-11 05:04 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-06-05 03:34 . 2013-07-10 20:19 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 06:00 . 2013-07-10 20:19 624128 ----a-w- c:\windows\system32\qedit.dll
2013-06-04 04:53 . 2013-07-10 20:19 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2013-05-26 17:33 . 2012-07-17 12:37 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-25 19:49 . 2013-05-25 19:49 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-25 19:49 . 2013-05-25 19:49 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-05-25 19:49 . 2013-05-25 19:49 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-05-25 19:49 . 2013-05-25 19:49 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-05-25 19:49 . 2013-05-25 19:49 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-05-25 19:49 . 2013-05-25 19:49 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-05-25 19:49 . 2013-05-25 19:49 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-05-25 19:49 . 2013-05-25 19:49 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-05-25 19:49 . 2013-05-25 19:49 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-05-25 19:49 . 2013-05-25 19:49 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-05-25 19:49 . 2013-05-25 19:49 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-05-25 19:49 . 2013-05-25 19:49 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-05-25 19:49 . 2013-05-25 19:49 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-05-25 19:49 . 2013-05-25 19:49 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-05-25 19:49 . 2013-05-25 19:49 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-05-25 19:49 . 2013-05-25 19:49 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-05-25 19:49 . 2013-05-25 19:49 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-05-25 19:49 . 2013-05-25 19:49 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-25 19:49 . 2013-05-25 19:49 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-05-25 19:49 . 2013-05-25 19:49 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-05-25 19:49 . 2013-05-25 19:49 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-05-25 19:49 . 2013-05-25 19:49 81408 ----a-w- c:\windows\system32\icardie.dll
2013-05-25 19:49 . 2013-05-25 19:49 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-05-25 19:49 . 2013-05-25 19:49 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-05-25 19:49 . 2013-05-25 19:49 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-05-25 19:49 . 2013-05-25 19:49 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-05-25 19:49 . 2013-05-25 19:49 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-05-25 19:49 . 2013-05-25 19:49 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-05-25 19:49 . 2013-05-25 19:49 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-05-25 19:49 . 2013-05-25 19:49 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-05-25 19:49 . 2013-05-25 19:49 441856 ----a-w- c:\windows\system32\html.iec
2013-05-25 19:49 . 2013-05-25 19:49 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-05-25 19:49 . 2013-05-25 19:49 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-25 19:49 . 2013-05-25 19:49 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-05-25 19:49 . 2013-05-25 19:49 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-05-25 19:49 . 2013-05-25 19:49 235008 ----a-w- c:\windows\system32\url.dll
2013-05-25 19:49 . 2013-05-25 19:49 216064 ----a-w- c:\windows\system32\msls31.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-21 19875432]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [2008-01-22 152872]
"DAEMON Tools Lite"="e:\daemon tools lite\DTLite.exe" [2013-03-14 3672640]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;e:\malwarebytes' anti-malware\mbamservice.exe;e:\malwarebytes' anti-malware\mbamservice.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1404000.028\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1404000.028\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [x]
S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\ccSetx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130809.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130809.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\N360x64\1404000.028\SYMNETS.SYS [x]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;e:\advanced systemcare 6\ASCService.exe;e:\advanced systemcare 6\ASCService.exe [x]
S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe;c:\program files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS;c:\windows\SYSNATIVE\DRIVERS\PFC027.SYS [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-28 06:59 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.63\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-03 1028896]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - e:\micros~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 77.48.254.254 77.48.100.254
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Celkový čas: 2013-08-11 18:44:50 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-08-11 16:44
ComboFix2.txt 2013-08-10 22:03
ComboFix3.txt 2013-08-10 12:43
.
Před spuštěním: Volných bajtů: 108 769 579 008
Po spuštění: Volných bajtů: 108 780 081 152
.
- - End Of File - - 1804711227AFA24DFF0DB298D95E7B6D
A36C5E4F47E84449FF07ED3517B43A31

Příspěvekod **jaro3** » 11 srp 2013 19:33

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Co problémy?

Scanner · Příspěvekod **Scanner** » 11 srp 2013 23:39

Toolbary a stránky na pozadí jsou pryč. CF my nejde odinstalovat a pořád my nefunguje update Chromu (kód chyby 3: 0x80040154 -- system level). Nějaký způsob jak to opravit?

Scanner · Příspěvekod **Scanner** » 11 srp 2013 23:47

Tak nakonec dobré, projel jsem trochu net a stačilo nainstalovat alternativu Chromu. https://support.google.com/chrome/answer/111996?hl=cs#
Teď už PC mám čisté jenom ten CF my nejde odinstalovat.

Příspěvekod **jaro3** » 12 srp 2013 10:59

Máš Combofix na ploše?

Udělej tohle:
Stáhni si ToolsCleaner2( by de A.Rothstein & Dj Quiou & překlad: Damned
http://www.edisk.cz/stahni/15040/ToolsC ... .76KB.html
Na plochu a spusť ho.
Klikni na Bod obnovení a poté na OK , OK.
Klikni na Koš a poté na OK.
Klikni na Dočasné soubory a poté na OK.
Klikni na Vyhledat[b] a nech Cleaner pracovat. Může se během čištění zastavit (neodpovídá), ale nech ho pokračovat.
Když program skončí , klikni na [b]Odstranit a odstraň nalezené.
Zavři program.
Program maže i všechny nástroje na odvirování a vytváření logů , které se zde používají (HJT, Combofix, OTM, OTL, OTS atd.)

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

Prosím kontrolu, zasekaný Chrom i PC Vyřešeno

Re: Prosím kontrolu, zasekaný Chrom i PC

Re: Prosím kontrolu, zasekaný Chrom i PC

Re: Prosím kontrolu, zasekaný Chrom i PC

Re: Prosím kontrolu, zasekaný Chrom i PC

Re: Prosím kontrolu, zasekaný Chrom i PC

Re: Prosím kontrolu, zasekaný Chrom i PC

Re: Prosím kontrolu, zasekaný Chrom i PC

Re: Prosím kontrolu, zasekaný Chrom i PC

Re: Prosím kontrolu, zasekaný Chrom i PC

Re: Prosím kontrolu, zasekaný Chrom i PC

Re: Prosím kontrolu, zasekaný Chrom i PC

Re: Prosím kontrolu, zasekaný Chrom i PC

Kdo je online