Prosím o kontrolu- zpomalené ntb

T0m1k · Příspěvekod **T0m1k** » 17 zář 2013 21:07

combofix:
ComboFix 13-09-16.01 - Lam . 09. 2013 20:30:44.2.4 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.8048.6318 [GMT 2:00]
Spuštěný z: c:\users\Lam\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Lam\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\SysWOW64\Drivers\X6va012"
"c:\windows\SysWOW64\Drivers\X6va013"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-908574775-679172992-511979433-1002Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-908574775-679172992-511979433-1002UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.21.153\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.21.153\goopdate.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.21.153\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.21.153\psmachine.dll
c:\program files (x86)\Google\Update\1.3.21.153\psuser.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.153\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\29.0.1547.66\29.0.1547.66_29.0.1547.62_chrome_updater.exe
c:\program files (x86)\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\7.1.1.1888\GoogleEarth-Win-Bundle-7.1.1.1888.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Seznam.cz
c:\users\Lam\AppData\Local\Facebook\Update
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\FacebookCrashHandler.exe
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdate.exe
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdateHelper.msi
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ar.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bg.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bn.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ca.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_cs.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_da.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_de.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_el.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en-GB.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es-419.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_et.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fa.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fi.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fil.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fr.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_gu.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hi.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hr.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hu.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_id.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_is.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_it.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_iw.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ja.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_kn.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ko.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lt.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lv.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ml.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_mr.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ms.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_nl.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_no.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_or.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pl.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-BR.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-PT.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ro.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ru.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sk.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sl.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sr.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sv.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ta.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_te.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_th.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_tr.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_uk.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ur.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_vi.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-CN.dll
c:\users\Lam\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-TW.dll
c:\users\Lam\AppData\Local\Facebook\Update\FacebookUpdate.exe
c:\users\Lam\AppData\Roaming\Seznam.cz
c:\users\Lam\AppData\Roaming\Seznam.cz\~~erase-239084140-6548-69288.$$$
c:\users\Lam\AppData\Roaming\Seznam.cz\~~erase-239084171-6548-51766.$$$
c:\users\Lam\AppData\Roaming\Seznam.cz\~~erase-239084328-6548-77742.$$$\~~erase-239084265-6548-47813.$$$
c:\users\Lam\AppData\Roaming\Seznam.cz\~~erase-239084328-6548-77742.$$$\~~erase-239084265-6548-48030.$$$
c:\users\Lam\AppData\Roaming\Seznam.cz\install.log
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-908574775-679172992-511979433-1002Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-908574775-679172992-511979433-1002UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_X6va012
-------\Service_X6va013
-------\Legacy_gupdate
-------\Legacy_gupdatem
-------\Legacy_gupdate
-------\Legacy_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-17 do 2013-09-17 )))))))))))))))))))))))))))))))
.
.
2013-09-17 18:33 . 2013-09-17 18:36 -------- d-----w- c:\users\Lam\AppData\Local\temp
2013-09-17 18:33 . 2013-09-17 18:33 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-09-17 18:33 . 2013-09-17 18:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-15 06:24 . 2013-09-15 06:24 -------- d-----w- c:\windows\ERUNT
2013-09-15 06:15 . 2013-09-15 06:15 -------- d-----w- c:\users\Lam\AppData\Local\BMExplorer
2013-09-15 06:14 . 2013-09-15 06:14 -------- d-----w- c:\users\Lam\AppData\Local\Adobe
2013-09-14 18:49 . 2013-09-15 06:10 -------- d-----w- C:\AdwCleaner
2013-09-14 18:37 . 2013-09-14 18:37 -------- d-----w- c:\users\Lam\AppData\Roaming\Malwarebytes
2013-09-14 18:36 . 2013-09-14 18:36 -------- d-----w- c:\programdata\Malwarebytes
2013-09-14 18:36 . 2013-09-14 18:36 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-09-14 18:36 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-13 17:37 . 2013-09-13 17:37 388096 ----a-r- c:\users\Lam\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-09-13 17:37 . 2013-09-13 17:37 -------- d-----w- c:\program files (x86)\Trend Micro
2013-09-12 05:46 . 2013-09-12 05:46 265392 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10216.bin
2013-09-12 05:40 . 2013-09-12 05:40 -------- d-----w- C:\CherryDeGames
2013-09-11 19:21 . 2013-09-05 20:09 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-11 19:21 . 2013-09-05 20:09 694232 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-11 12:48 . 2013-08-21 05:53 775256 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2013-09-06 08:31 . 2013-09-06 08:31 -------- d-----w- c:\program files (x86)\MP3 Voice Recorder
2013-09-06 08:31 . 2004-03-08 19:30 212240 ----a-w- c:\windows\SysWow64\richtx32.ocx
2013-09-05 17:35 . 2013-09-12 20:03 -------- d-----w- c:\users\Lam\AppData\Roaming\vlc
2013-09-05 17:31 . 2013-09-05 17:31 -------- d-----w- c:\program files (x86)\Free Media Player
2013-09-04 04:39 . 2013-09-05 03:39 -------- d-----w- c:\program files (x86)\Common Files\Steam
2013-08-25 04:34 . 2013-08-25 04:52 -------- d-----w- c:\users\Lam\AppData\Local\Pokki
2013-08-25 04:27 . 2013-08-25 04:38 -------- d-----w- c:\program files (x86)\Real
2013-08-19 03:27 . 2013-08-19 03:27 -------- d-----w- c:\users\Lam\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-17 11:34 . 2013-06-24 23:47 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-09-11 17:32 . 2013-06-24 12:50 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-07-13 06:18 . 2013-08-14 08:53 337408 ----a-w- c:\windows\system32\wintrust.dll
2013-07-13 06:16 . 2013-08-14 08:53 1889280 ----a-w- c:\windows\system32\crypt32.dll
2013-07-13 06:16 . 2013-08-14 08:53 68096 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-13 06:15 . 2013-08-14 08:53 98304 ----a-w- c:\windows\system32\apprepsync.dll
2013-07-13 06:15 . 2013-08-14 08:53 124416 ----a-w- c:\windows\system32\apprepapi.dll
2013-07-13 04:24 . 2013-08-14 08:53 261120 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-13 04:23 . 2013-08-14 08:53 1568256 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-13 04:23 . 2013-08-14 08:53 87040 ----a-w- c:\windows\SysWow64\apprepapi.dll
2013-07-13 04:23 . 2013-08-14 08:53 74240 ----a-w- c:\windows\SysWow64\apprepsync.dll
2013-07-09 06:07 . 2013-08-14 08:58 2233168 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-07-02 17:13 . 2013-07-02 17:09 528726415 ----a-w- c:\program files (x86)\top2_setup_1.0.64.exe
2013-07-02 00:44 . 2013-08-14 08:59 36288 ----a-w- c:\windows\system32\drivers\WdBoot.sys
2013-07-01 22:08 . 2013-08-14 08:59 247216 ----a-w- c:\windows\system32\drivers\WdFilter.sys
2013-06-28 05:02 . 2013-06-25 03:35 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-06-28 05:02 . 2013-06-25 03:35 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-28 05:02 . 2013-06-25 03:35 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-25 03:44 . 2013-06-25 03:36 671261856 ----a-w- c:\program files\S4_League.exe
2013-06-25 03:39 . 2013-06-25 03:35 528726415 ----a-w- C:\top2_setup_1.0.64.exe
2013-06-24 23:48 . 2013-06-24 23:48 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2013-06-24 23:43 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{1C46A0DD-D53E-46C4-A435-CA11103E255E}"= "c:\program files (x86)\Industriya\privitize\1.8.21.6\privitizeTlbr.dll" [BU]
.
[HKEY_CLASSES_ROOT\clsid\{1c46a0dd-d53e-46c4-a435-ca11103e255e}]
[HKEY_CLASSES_ROOT\privitize.privitizedskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\privitize.privitizedskBnd]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2012-07-26 508656]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2012-07-27 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2012-07-27 167024]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2012-04-19 217088]
"RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
"IntellingentTouchpad"="c:\program files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe" [2012-07-23 673336]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R3 1394hub;1394 Enabled Hub;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys;c:\windows\SYSNATIVE\drivers\AcpiVpc.sys [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 rtsuvc;Lenovo EasyCamera;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-05 09:10 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-25 17:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-12 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-12 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-12 441888]
"RtsFT"="RTFTrack.exe" [2012-08-27 6334096]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-10-26 13213840]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-10-29 1234064]
"BtPreLoad"="c:\program files (x86)\Bluetooth Suite\BtPreLoad.exe" [2012-09-30 64640]
"OnekeyStudio"="c:\program files\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-09-14 4196432]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-12-05 17080376]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-12-05 191544]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{3BAD0226-4627-422F-B092-A25EE250FE75}: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\
FF - prefs.js: browser.startup.homepage -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-privitize - c:\program files (x86)\Industriya\privitize\1.8.21.6\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Celkový čas: 2013-09-17 20:41:09 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-17 18:41
ComboFix2.txt 2013-09-17 11:50
.
Před spuštěním: 833 233 838 080 bytes free
Po spuštění: 832 974 696 448 bytes free
.
- - End Of File - - 5C2740D2A97E34A10DD761629A181E16

aswMBR:
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-09-17 20:47:26
-----------------------------
20:47:26.030 OS Version: Windows x64 6.2.9200
20:47:26.030 Number of processors: 4 586 0x3A09
20:47:26.030 ComputerName: MANTIK UserName: Lam
20:47:26.030 Initialze error 1
20:47:26.108 AVAST engine defs: 13091700
20:47:33.515 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000003a
20:47:33.515 Disk 0 Vendor: ST1000LM024_HN-M101MBB 2AR10001 Size: 953869MB BusType: 11
20:47:33.530 Disk 0 MBR read successfully
20:47:33.530 Disk 0 MBR scan
20:47:33.858 Disk 0 unknown MBR code
20:47:33.874 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
20:47:34.999 Disk 0 scanning C:\windows\system32\drivers
20:47:34.999 Service scanning
20:47:35.812 Modules scanning
20:47:35.812 Disk 0 trace - called modules:
20:47:35.827 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys
20:47:35.843 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009382570]
20:47:35.843 3 CLASSPNP.SYS[fffff88001d13e0a] -> nt!IofCallDriver -> \Device\0000003a[0xfffffa80079ae060]
20:47:35.858 AVAST engine scan C:\windows
20:47:35.858 AVAST engine scan C:\windows\system32
20:47:35.874 AVAST engine scan C:\windows\system32\drivers
20:47:35.874 AVAST engine scan C:\Users\Lam
20:47:35.874 AVAST engine scan C:\ProgramData
20:47:35.874 Scan finished successfully
20:48:08.454 Disk 0 MBR has been saved successfully to "C:\Users\Lam\Desktop\MBR.dat"
20:48:08.454 The log file has been saved successfully to "C:\Users\Lam\Desktop\aswMBR.txt"

https://www.virustotal.com/cs/file/4ae0 ... 379444550/

soubor: "C:\top2_setup_1.0.64.exe" je příliš velký na to, aby mohl být testován

Reklama

Příspěvekod **jaro3** » 18 zář 2013 11:01

soubor: "C:\top2_setup_1.0.64.exe" je příliš velký na to, aby mohl být testován

a znáš to?

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

KillAll::
File::
c:\program files (x86)\Industriya\privitize\1.8.21.6\privitizeTlbr.dll

Folder::
c:\program files (x86)\Industriya\privitize

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{1C46A0DD-D53E-46C4-A435-CA11103E255E}"=-
[-HKEY_CLASSES_ROOT\clsid\{1c46a0dd-d53e-46c4-a435-ca11103e255e}]
[-HKEY_CLASSES_ROOT\privitize.privitizedskBnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[-HKEY_CLASSES_ROOT\privitize.privitizedskBnd]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si Security Check by screen317 z některého odkazu
http://screen317.spywareinfoforum.org/SecurityCheck.exe
http://screen317.changelog.fr/SecurityCheck.exe

ulož si ho na plochu, poklepej na něj a postupuj podle instrukcí v černém okně. Potom se automaticky otevře pozn. Blok, bude mít název checkup.txt. Jeho obsah sem prosím zkopíruj.

T0m1k · Příspěvekod **T0m1k** » 19 zář 2013 05:42

"C:\top2_setup_1.0.64.exe" je intal. program k jedné mmo hře stažené z officiálních stránek. Pokud to bude nutné, mohu to smazat.

combofix:
ComboFix 13-09-16.01 - Lam . 09. 2013 20:47:37.3.4 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.8048.6374 [GMT 2:00]
Spuštěný z: c:\users\Lam\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Lam\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files (x86)\Industriya\privitize\1.8.21.6\privitizeTlbr.dll"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-18 do 2013-09-18 )))))))))))))))))))))))))))))))
.
.
2013-09-18 19:07 . 2013-09-18 19:09 -------- d-----w- c:\users\Lam\AppData\Local\temp
2013-09-18 19:07 . 2013-09-18 19:07 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-09-18 19:07 . 2013-09-18 19:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-17 18:47 . 2013-09-17 18:47 -------- d-----w- c:\users\Lam\AppData\Local\CrashDumps
2013-09-15 06:24 . 2013-09-15 06:24 -------- d-----w- c:\windows\ERUNT
2013-09-15 06:15 . 2013-09-15 06:15 -------- d-----w- c:\users\Lam\AppData\Local\BMExplorer
2013-09-15 06:14 . 2013-09-15 06:14 -------- d-----w- c:\users\Lam\AppData\Local\Adobe
2013-09-14 18:49 . 2013-09-15 06:10 -------- d-----w- C:\AdwCleaner
2013-09-14 18:37 . 2013-09-14 18:37 -------- d-----w- c:\users\Lam\AppData\Roaming\Malwarebytes
2013-09-14 18:36 . 2013-09-14 18:36 -------- d-----w- c:\programdata\Malwarebytes
2013-09-14 18:36 . 2013-09-14 18:36 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-09-14 18:36 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-13 17:37 . 2013-09-13 17:37 388096 ----a-r- c:\users\Lam\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-09-13 17:37 . 2013-09-13 17:37 -------- d-----w- c:\program files (x86)\Trend Micro
2013-09-12 05:46 . 2013-09-12 05:46 265392 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10216.bin
2013-09-12 05:40 . 2013-09-12 05:40 -------- d-----w- C:\CherryDeGames
2013-09-11 19:21 . 2013-09-05 20:09 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-11 19:21 . 2013-09-05 20:09 694232 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-11 12:48 . 2013-08-21 05:53 775256 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2013-09-06 08:31 . 2013-09-06 08:31 -------- d-----w- c:\program files (x86)\MP3 Voice Recorder
2013-09-06 08:31 . 2004-03-08 19:30 212240 ----a-w- c:\windows\SysWow64\richtx32.ocx
2013-09-05 17:35 . 2013-09-12 20:03 -------- d-----w- c:\users\Lam\AppData\Roaming\vlc
2013-09-05 17:31 . 2013-09-05 17:31 -------- d-----w- c:\program files (x86)\Free Media Player
2013-09-04 04:39 . 2013-09-05 03:39 -------- d-----w- c:\program files (x86)\Common Files\Steam
2013-08-25 04:34 . 2013-08-25 04:52 -------- d-----w- c:\users\Lam\AppData\Local\Pokki
2013-08-25 04:27 . 2013-08-25 04:38 -------- d-----w- c:\program files (x86)\Real
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-17 11:34 . 2013-06-24 23:47 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-09-11 17:32 . 2013-06-24 12:50 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-07-13 06:18 . 2013-08-14 08:53 337408 ----a-w- c:\windows\system32\wintrust.dll
2013-07-13 06:16 . 2013-08-14 08:53 1889280 ----a-w- c:\windows\system32\crypt32.dll
2013-07-13 06:16 . 2013-08-14 08:53 68096 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-13 06:15 . 2013-08-14 08:53 98304 ----a-w- c:\windows\system32\apprepsync.dll
2013-07-13 06:15 . 2013-08-14 08:53 124416 ----a-w- c:\windows\system32\apprepapi.dll
2013-07-13 04:24 . 2013-08-14 08:53 261120 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-13 04:23 . 2013-08-14 08:53 1568256 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-13 04:23 . 2013-08-14 08:53 87040 ----a-w- c:\windows\SysWow64\apprepapi.dll
2013-07-13 04:23 . 2013-08-14 08:53 74240 ----a-w- c:\windows\SysWow64\apprepsync.dll
2013-07-09 06:07 . 2013-08-14 08:58 2233168 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-07-02 17:13 . 2013-07-02 17:09 528726415 ----a-w- c:\program files (x86)\top2_setup_1.0.64.exe
2013-07-02 00:44 . 2013-08-14 08:59 36288 ----a-w- c:\windows\system32\drivers\WdBoot.sys
2013-07-01 22:08 . 2013-08-14 08:59 247216 ----a-w- c:\windows\system32\drivers\WdFilter.sys
2013-06-28 05:02 . 2013-06-25 03:35 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-06-28 05:02 . 2013-06-25 03:35 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-28 05:02 . 2013-06-25 03:35 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-25 03:44 . 2013-06-25 03:36 671261856 ----a-w- c:\program files\S4_League.exe
2013-06-25 03:39 . 2013-06-25 03:35 528726415 ----a-w- C:\top2_setup_1.0.64.exe
2013-06-24 23:48 . 2013-06-24 23:48 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2013-06-24 23:43 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2012-07-26 508656]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2012-07-27 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2012-07-27 167024]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2012-04-19 217088]
"RemoteControl10"="c:\program files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
"IntellingentTouchpad"="c:\program files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe" [2012-07-23 673336]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R3 1394hub;1394 Enabled Hub;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R3 X6va013;X6va013;c:\windows\SysWOW64\Drivers\X6va013;c:\windows\SysWOW64\Drivers\X6va013 [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys;c:\windows\SYSNATIVE\drivers\AcpiVpc.sys [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 rtsuvc;Lenovo EasyCamera;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-05 09:10 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-25 17:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-12 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-12 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-12 441888]
"RtsFT"="RTFTrack.exe" [2012-08-27 6334096]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-10-26 13213840]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-10-29 1234064]
"BtPreLoad"="c:\program files (x86)\Bluetooth Suite\BtPreLoad.exe" [2012-09-30 64640]
"OnekeyStudio"="c:\program files\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-09-14 4196432]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-12-05 17080376]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-12-05 191544]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{3BAD0226-4627-422F-B092-A25EE250FE75}: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\Lam\AppData\Roaming\Mozilla\Firefox\Profiles\jgia5n34.default\
FF - prefs.js: browser.startup.homepage -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-privitize - c:\program files (x86)\Industriya\privitize\1.8.21.6\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\X6va013]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va013"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Celkový čas: 2013-09-18 21:13:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-18 19:13
ComboFix2.txt 2013-09-17 18:41
ComboFix3.txt 2013-09-17 11:50
.
Před spuštěním: 832 343 212 032 bytes free
Po spuštění: 832 526 110 720 bytes free
.
- - End Of File - - 3D245FCE4270D842FBCDFDE37AE37DD6

HJT:Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:36:30, on 19. 9. 2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16688)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [IntellingentTouchpad] C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{3BAD0226-4627-422F-B092-A25EE250FE75}: NameServer = 8.8.8.8,8.8.4.4
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 8745 bytes

SecurityCheck:
Results of screen317's Security Check version 0.99.73
x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Windows Defender
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
hosts
Adobe Flash Player 11.8.800.168
Google Chrome 29.0.1547.62
Google Chrome 29.0.1547.66
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

Příspěvekod **jaro3** » 19 zář 2013 11:03

Tu instalačku tam ponechej.

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

Dva antiviry a dvě antispywarové ochrany..

U win8 , je součástí Windows Defender , je to antivir a antispyware..

Tak bys měl jeden odinstalovat.

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Co problémy?

T0m1k · Příspěvekod **T0m1k** » 19 zář 2013 16:36

Děkuji za pomoc, žádné problémy nemám.

Prosím o kontrolu- zpomalené ntb Vyřešeno

Re: Prosím o kontrolu- zpomalený ntb

Re: Prosím o kontrolu- zpomalené ntb

Re: Prosím o kontrolu- zpomalené ntb

Re: Prosím o kontrolu- zpomalené ntb

Re: Prosím o kontrolu- zpomalené ntb Vyřešeno

Kdo je online