Kontrola Logu, předem děkuji.

Příspěvekod **jaro3** » 15 lis 2013 21:23

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Reklama

Badicek · Příspěvekod **Badicek** » 15 lis 2013 23:56

ComboFix 13-11-15.01 - kuba 15.11.2013 23:23:18.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8099.6543 [GMT 1:00]
Spuštěný z: c:\users\kuba\Desktop\Downloads\ComboFix.exe
AV: ESET Smart Security 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\programdata\Roaming
c:\windows\SysWow64\FlashPlayerApp.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-15 do 2013-11-15 )))))))))))))))))))))))))))))))
.
.
2013-11-15 22:34 . 2013-11-15 22:34 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-11-15 22:34 . 2013-11-15 22:34 -------- d-----w- c:\users\hedev\AppData\Local\temp
2013-11-15 22:34 . 2013-11-15 22:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-15 22:34 . 2013-11-15 22:34 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-11-15 22:29 . 2013-11-15 22:29 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3221B478-3899-4461-9854-79A1D4CE300B}\offreg.dll
2013-11-15 08:51 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3221B478-3899-4461-9854-79A1D4CE300B}\mpengine.dll
2013-11-14 14:50 . 2013-11-14 14:50 -------- d-----w- c:\windows\ERUNT
2013-11-13 13:08 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-11-13 13:08 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-11-13 13:08 . 2013-09-28 01:09 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2013-11-13 13:06 . 2013-11-14 14:44 -------- d-----w- C:\AdwCleaner
2013-11-12 21:46 . 2013-11-12 21:46 -------- d-----w- c:\users\kuba\AppData\Roaming\Malwarebytes
2013-11-12 21:46 . 2013-11-12 21:46 -------- d-----w- c:\programdata\Malwarebytes
2013-11-12 21:46 . 2013-11-12 21:46 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-11-12 21:46 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-11-12 21:33 . 2013-11-12 21:33 388096 ----a-r- c:\users\kuba\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-11-12 21:33 . 2013-11-12 21:33 -------- d-----w- c:\program files (x86)\Trend Micro
2013-11-12 10:23 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-11-10 20:34 . 2013-11-10 20:34 -------- d-----w- c:\program files\ESET
2013-11-02 14:21 . 2013-11-02 14:21 -------- d-----w- c:\programdata\Firefly Studios
2013-11-02 14:11 . 2004-10-22 01:16 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2013-11-02 13:36 . 2013-11-02 13:36 -------- d-----w- c:\users\kuba\AppData\Local\ElevatedDiagnostics
2013-11-02 13:09 . 2004-10-22 01:17 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2013-11-02 13:09 . 2004-10-22 01:17 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2013-11-02 13:09 . 2004-10-22 01:16 180224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2013-11-02 13:09 . 2004-10-22 01:18 749568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2013-11-02 13:09 . 2013-11-02 13:09 192644 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2013-11-02 13:09 . 2013-11-02 13:09 323716 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2013-11-01 15:39 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-11-01 15:39 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-11-01 15:39 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-11-01 15:39 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-11-01 15:39 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-11-01 15:39 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-11-01 15:39 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-10-30 19:49 . 2013-10-30 19:49 -------- d-----w- c:\users\kuba\AppData\Roaming\BANDISOFT
2013-10-30 14:18 . 2013-10-30 14:18 -------- d-----w- c:\users\kuba\AppData\Roaming\PlayClaw5
2013-10-30 14:18 . 2013-10-30 15:24 -------- d-----w- c:\program files (x86)\PlayClaw 5
2013-10-30 14:18 . 2013-10-30 14:18 -------- d-----w- c:\users\kuba\AppData\Local\Programs
2013-10-28 19:46 . 2013-10-28 19:46 -------- d-----w- c:\users\kuba\AppData\Local\Zoner
2013-10-28 19:46 . 2013-10-28 19:46 -------- d-----w- c:\programdata\Zoner
2013-10-28 19:46 . 2013-10-28 19:46 -------- d-----w- c:\program files\Zoner
2013-10-26 08:33 . 2013-10-26 08:33 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-26 08:33 . 2013-10-26 08:33 -------- d-----w- c:\program files\iTunes
2013-10-26 08:33 . 2013-10-26 08:33 -------- d-----w- c:\program files (x86)\iTunes
2013-10-26 08:33 . 2013-10-26 08:33 -------- d-----w- c:\program files\iPod
2013-10-21 07:07 . 2013-10-21 07:07 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2013-10-20 18:37 . 2013-10-21 07:09 -------- d-----w- c:\program files (x86)\Microsoft Works
2013-10-20 18:36 . 2013-10-20 18:36 -------- d-----w- c:\windows\PCHEALTH
2013-10-20 18:35 . 2013-10-20 18:35 -------- d-----w- c:\program files\Microsoft Office
2013-10-20 18:35 . 2013-10-20 18:35 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2013-10-20 18:34 . 2013-10-20 18:34 -------- d-----r- C:\MSOCache
2013-10-20 15:42 . 2013-10-20 15:42 -------- d-----w- c:\users\kuba\AppData\Local\Microsoft Help
2013-10-20 15:42 . 2013-11-14 04:24 -------- d-----w- c:\programdata\Microsoft Help
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-14 04:21 . 2012-05-29 19:46 82896128 ----a-w- c:\windows\system32\MRT.exe
2013-10-30 14:30 . 2012-05-14 16:04 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-10-30 14:30 . 2012-05-14 16:04 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-10-10 17:38 . 2012-05-29 19:40 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-25 02:22 . 2013-11-13 13:07 340992 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 01:57 . 2013-11-13 13:07 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-17 14:17 . 2013-09-17 14:17 62136 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2013-09-17 14:17 . 2013-09-17 14:17 44120 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2013-09-17 14:17 . 2013-09-17 14:17 239320 ----a-w- c:\windows\system32\drivers\eamonm.sys
2013-09-17 14:17 . 2013-09-17 14:17 239296 ----a-w- c:\windows\system32\drivers\edevmon.sys
2013-09-17 14:17 . 2013-09-17 14:17 220232 ----a-w- c:\windows\system32\drivers\epfw.sys
2013-09-17 14:17 . 2013-09-17 14:17 168256 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2013-09-08 02:30 . 2013-10-10 22:11 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-10 22:11 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-10 22:11 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-09-03 12:35 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 02:17 . 2013-10-10 22:11 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-10 22:11 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-10 22:11 243712 ----a-w- c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-10 22:11 859648 ----a-w- c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-10 22:11 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-10 22:11 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-10 22:11 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-10 22:11 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-10 22:11 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-10 22:11 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-10 22:11 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-10 22:11 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-29 01:29 . 2013-10-10 22:11 33280 ----a-w- c:\windows\system32\drivers\usbser.sys
2013-08-29 00:49 . 2013-10-10 22:11 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-10 22:11 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-10 22:11 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-10 22:11 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-08-28 01:21 . 2013-10-10 22:11 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-08-28 01:12 . 2013-10-10 22:11 461312 ----a-w- c:\windows\system32\scavengeui.dll
2013-06-23 11:30 . 2013-06-23 11:30 1045072 ----a-w- c:\program files (x86)\uTorrent.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-04-15 113288]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-11-18 1351680]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
.
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel(R) Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-10-8 198656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"UpdReg"=c:\windows\UpdReg.EXE
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MGHwCtrl;MGHwCtrl;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\PlayClaw 5\WinRing0x64.sys;c:\program files (x86)\PlayClaw 5\WinRing0x64.sys [x]
R4 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\S-Bar\MSIService.exe;c:\program files (x86)\S-Bar\MSIService.exe [x]
S2 MSI Foundation Service;MSI Foundation Service;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 02687739
*NewlyCreated* - 61771966
*Deregistered* - 02687739
*Deregistered* - 61771966
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-29 17:38]
.
2013-11-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1430785021-3194933450-91964841-1001Core.job
- c:\users\kuba\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-28 18:47]
.
2013-11-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1430785021-3194933450-91964841-1001UA.job
- c:\users\kuba\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-28 18:47]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-04 11780712]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5618456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
mSearchAssistant =
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
Toolbar-Locked - (no file)
Notify-igfxcui - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1430785021-3194933450-91964841-1001\Software\SecuROM\License information*]
"datasecu"=hex:ec,e9,84,3c,f8,d9,51,e3,da,f8,40,de,9d,1c,ca,8f,a7,0e,c0,a6,30,
d2,90,a5,8a,39,b6,5f,aa,1b,16,b3,c9,c9,50,b3,b2,a5,cd,b4,b8,7a,68,55,ec,97,\
"rkeysecu"=hex:66,5d,fe,ba,1b,e5,b2,ff,6f,c6,bc,1b,a5,c6,18,31
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-11-15 23:54:10
ComboFix-quarantined-files.txt 2013-11-15 22:54
.
Před spuštěním: Volných bajtů: 197 896 192 000
Po spuštění: Volných bajtů: 197 467 512 832
.
- - End Of File - - 6861A9AA2069170771CDED87FD78DDC4

Příspěvekod **jaro3** » 16 lis 2013 09:00

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\system32\IEUDINIT.EXE

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Badicek · Příspěvekod **Badicek** » 17 lis 2013 12:19

Mam bohuzel problem. Zmineny soubor v PC muzu najit, ale jakmile kliknu na odkaz virustotal a hledam ho pres nej, uz zde neni.
Nejspise to je tim, ze jsem nezvladl tuto instrukci: "V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému"

Poradne jsem nepochopil o jakou slozku se jedna(system32??) a dale jak mam vlezt do moznosti slozky. Nasel jsem jen vlastnosti slozky(pravym kliknutim), ale zde takova moznost nebyla.

Příspěvekod **memphisto** » 17 lis 2013 20:18

Je úplně jedno v jaké složce. Je to všeobecné nastavení pro všechny složky

Klik na Start - Ovládací panely - vpravo nahoře Velké ikony - Možnosti složky - záložka Zobrazení a tam to nastavíš

Badicek · Příspěvekod **Badicek** » 17 lis 2013 20:42

Moznosti slozky jsem nasel, udelal jsem podle navodu. System se me i zeptal, jestli opravdu chci tuhle moznost, ze muzu ohrozit chod pocitace, ale stale kdyz hledam dany soubor pres Virustotal nebo virscan, tak po napsaní zacatku souboru (v mem pripade "IEU") se najde par jinych souboru a slozek zacinajicich stejnymi pismeny, ale IEUDINT.exe se tam nezobrazi. Kdyz udelam stejny postup normalne pres pocitac a napisu stejna pismena, soubor to najde. Napadlo me, ze je moc veliky, ale pres 64MB nema, ma sotva par desitek kb.

Příspěvekod **jaro3** » 18 lis 2013 09:49

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
Suspect::
c:\windows\system32\IEUDINIT.EXE

File::
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1430785021-3194933450-91964841-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1430785021-3194933450-91964841-1001UA.job

Folder::
c:\program files (x86)\Skype\Updater
c:\users\kuba\AppData\Local\Google\Update

Driver::
SkypeUpdate

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Na disku C se ti vytvoří adresář/složka pojmenovaná Qoobox a v ní bude další adresář Quarantine a v ní najdeš archiv v podobném tvaru [4]-Submit a_2013-04-16@14.14.zip kde čísla za @ znamenají aktuální čas vytvoření souboru. Pošli mi ho jako přílohu přes SZ.

+
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Badicek · Příspěvekod **Badicek** » 18 lis 2013 12:25

1. ČÁST:

ComboFix 13-11-16.01 - kuba 18.11.2013 11:31:22.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8099.6070 [GMT 1:00]
Spuštěný z: c:\users\kuba\Desktop\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\kuba\Desktop\CFScript.txt
AV: ESET Smart Security 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1430785021-3194933450-91964841-1001Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1430785021-3194933450-91964841-1001UA.job"
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\users\kuba\AppData\Local\Google\Update
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\GoogleCrashHandler.exe
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\GoogleUpdate.exe
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\GoogleUpdateBroker.exe
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\GoogleUpdateHelper.msi
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\GoogleUpdateOnDemand.exe
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\GoogleUpdateSetup.exe
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdate.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_am.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_ar.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_bg.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_bn.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_ca.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_cs.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_da.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_de.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_el.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_en-GB.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_en.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_es-419.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_es.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_et.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_fa.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_fi.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_fil.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_fr.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_gu.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_hi.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_hr.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_hu.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_id.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_is.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_it.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_iw.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_ja.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_kn.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_ko.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_lt.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_lv.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_ml.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_mr.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_ms.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_nl.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_no.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_pl.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_pt-BR.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_pt-PT.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_ro.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_ru.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_sk.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_sl.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_sr.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_sv.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_sw.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_ta.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_te.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_th.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_tr.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_uk.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_ur.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_vi.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_zh-CN.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\goopdateres_zh-TW.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\psmachine.dll
c:\users\kuba\AppData\Local\Google\Update\1.3.21.165\psuser.dll
c:\users\kuba\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.165\GoogleUpdateSetup.exe
c:\users\kuba\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\31.0.1650.57\31.0.1650.57_30.0.1599.101_chrome_updater.exe
c:\users\kuba\AppData\Local\Google\Update\GoogleUpdate.exe
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1430785021-3194933450-91964841-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1430785021-3194933450-91964841-1001UA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-18 do 2013-11-18 )))))))))))))))))))))))))))))))
.
.
2013-11-18 10:50 . 2013-11-18 10:50 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-11-18 10:50 . 2013-11-18 10:50 -------- d-----w- c:\users\hedev\AppData\Local\temp
2013-11-18 10:50 . 2013-11-18 10:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-18 10:50 . 2013-11-18 10:50 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-11-17 17:28 . 2013-11-17 17:28 -------- d-----w- c:\program files\iPod
2013-11-17 17:28 . 2013-11-17 17:28 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-17 17:28 . 2013-11-17 17:28 -------- d-----w- c:\program files\iTunes
2013-11-17 17:28 . 2013-11-17 17:28 -------- d-----w- c:\program files (x86)\iTunes
2013-11-17 17:25 . 2013-11-17 17:25 -------- d-----w- c:\program files\Common Files\Apple
2013-11-15 08:51 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3221B478-3899-4461-9854-79A1D4CE300B}\mpengine.dll
2013-11-14 14:50 . 2013-11-14 14:50 -------- d-----w- c:\windows\ERUNT
2013-11-13 13:08 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-11-13 13:08 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-11-13 13:08 . 2013-09-28 01:09 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2013-11-13 13:06 . 2013-11-14 14:44 -------- d-----w- C:\AdwCleaner
2013-11-12 21:46 . 2013-11-12 21:46 -------- d-----w- c:\users\kuba\AppData\Roaming\Malwarebytes
2013-11-12 21:46 . 2013-11-12 21:46 -------- d-----w- c:\programdata\Malwarebytes
2013-11-12 21:46 . 2013-11-12 21:46 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-11-12 21:46 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-11-12 21:33 . 2013-11-12 21:33 388096 ----a-r- c:\users\kuba\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-11-12 21:33 . 2013-11-12 21:33 -------- d-----w- c:\program files (x86)\Trend Micro
2013-11-12 10:23 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-11-10 20:34 . 2013-11-10 20:34 -------- d-----w- c:\program files\ESET
2013-11-02 14:21 . 2013-11-02 14:21 -------- d-----w- c:\programdata\Firefly Studios
2013-11-02 14:11 . 2004-10-22 01:16 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2013-11-02 13:36 . 2013-11-02 13:36 -------- d-----w- c:\users\kuba\AppData\Local\ElevatedDiagnostics
2013-11-02 13:09 . 2004-10-22 01:17 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2013-11-02 13:09 . 2004-10-22 01:17 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2013-11-02 13:09 . 2004-10-22 01:16 180224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2013-11-02 13:09 . 2004-10-22 01:18 749568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2013-11-02 13:09 . 2013-11-02 13:09 192644 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2013-11-02 13:09 . 2013-11-02 13:09 323716 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2013-11-01 15:39 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-11-01 15:39 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-11-01 15:39 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-11-01 15:39 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-11-01 15:39 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-11-01 15:39 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-11-01 15:39 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-10-30 19:49 . 2013-10-30 19:49 -------- d-----w- c:\users\kuba\AppData\Roaming\BANDISOFT
2013-10-30 14:18 . 2013-10-30 14:18 -------- d-----w- c:\users\kuba\AppData\Roaming\PlayClaw5
2013-10-30 14:18 . 2013-10-30 15:24 -------- d-----w- c:\program files (x86)\PlayClaw 5
2013-10-30 14:18 . 2013-10-30 14:18 -------- d-----w- c:\users\kuba\AppData\Local\Programs
2013-10-28 19:46 . 2013-10-28 19:46 -------- d-----w- c:\users\kuba\AppData\Local\Zoner
2013-10-28 19:46 . 2013-10-28 19:46 -------- d-----w- c:\programdata\Zoner
2013-10-28 19:46 . 2013-10-28 19:46 -------- d-----w- c:\program files\Zoner
2013-10-21 07:07 . 2013-10-21 07:07 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2013-10-20 18:37 . 2013-10-21 07:09 -------- d-----w- c:\program files (x86)\Microsoft Works
2013-10-20 18:36 . 2013-10-20 18:36 -------- d-----w- c:\windows\PCHEALTH
2013-10-20 18:35 . 2013-10-20 18:35 -------- d-----w- c:\program files\Microsoft Office
2013-10-20 18:35 . 2013-10-20 18:35 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2013-10-20 18:34 . 2013-10-20 18:34 -------- d-----r- C:\MSOCache
2013-10-20 15:42 . 2013-10-20 15:42 -------- d-----w- c:\users\kuba\AppData\Local\Microsoft Help
2013-10-20 15:42 . 2013-11-14 04:24 -------- d-----w- c:\programdata\Microsoft Help

Badicek · Příspěvekod **Badicek** » 18 lis 2013 12:25

2. ČÁST:

(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-14 04:21 . 2012-05-29 19:46 82896128 ----a-w- c:\windows\system32\MRT.exe
2013-10-30 14:30 . 2012-05-14 16:04 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-10-30 14:30 . 2012-05-14 16:04 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-10-10 17:38 . 2012-05-29 19:40 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-25 02:22 . 2013-11-13 13:07 340992 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 01:57 . 2013-11-13 13:07 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-17 14:17 . 2013-09-17 14:17 62136 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2013-09-17 14:17 . 2013-09-17 14:17 44120 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2013-09-17 14:17 . 2013-09-17 14:17 239320 ----a-w- c:\windows\system32\drivers\eamonm.sys
2013-09-17 14:17 . 2013-09-17 14:17 239296 ----a-w- c:\windows\system32\drivers\edevmon.sys
2013-09-17 14:17 . 2013-09-17 14:17 220232 ----a-w- c:\windows\system32\drivers\epfw.sys
2013-09-17 14:17 . 2013-09-17 14:17 168256 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2013-09-08 02:30 . 2013-10-10 22:11 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-10 22:11 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-10 22:11 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-09-03 12:35 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 02:17 . 2013-10-10 22:11 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-10 22:11 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-10 22:11 243712 ----a-w- c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-10 22:11 859648 ----a-w- c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-10 22:11 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-10 22:11 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-10 22:11 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-10 22:11 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-10 22:11 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-10 22:11 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-10 22:11 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-10 22:11 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-29 01:29 . 2013-10-10 22:11 33280 ----a-w- c:\windows\system32\drivers\usbser.sys
2013-08-29 00:49 . 2013-10-10 22:11 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-10 22:11 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-10 22:11 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-10 22:11 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-08-28 01:21 . 2013-10-10 22:11 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-08-28 01:12 . 2013-10-10 22:11 461312 ----a-w- c:\windows\system32\scavengeui.dll
2013-06-23 11:30 . 2013-06-23 11:30 1045072 ----a-w- c:\program files (x86)\uTorrent.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-04-15 113288]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-11-18 1351680]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
.
c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel(R) Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-10-8 198656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\igfxcui]
[BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"UpdReg"=c:\windows\UpdReg.EXE
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MGHwCtrl;MGHwCtrl;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys;c:\program files\MSI\MSI Software Install\MGHwCtrl.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\PlayClaw 5\WinRing0x64.sys;c:\program files (x86)\PlayClaw 5\WinRing0x64.sys [x]
R4 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\S-Bar\MSIService.exe;c:\program files (x86)\S-Bar\MSIService.exe [x]
S2 MSI Foundation Service;MSI Foundation Service;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe;c:\program files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-29 17:38]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-04 11780712]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5618456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
mSearchAssistant =
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1430785021-3194933450-91964841-1001\Software\SecuROM\License information*]
"datasecu"=hex:ec,e9,84,3c,f8,d9,51,e3,da,f8,40,de,9d,1c,ca,8f,a7,0e,c0,a6,30,
d2,90,a5,8a,39,b6,5f,aa,1b,16,b3,c9,c9,50,b3,b2,a5,cd,b4,b8,7a,68,55,ec,97,\
"rkeysecu"=hex:66,5d,fe,ba,1b,e5,b2,ff,6f,c6,bc,1b,a5,c6,18,31
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2013-11-18 12:18:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-11-18 11:18
ComboFix2.txt 2013-11-15 22:54
.
Před spuštěním: Volných bajtů: 206 291 881 984
Po spuštění: Volných bajtů: 205 554 679 808
.
- - End Of File - - 4F6939E62C63063F3ACC8622630842F3

Badicek · Příspěvekod **Badicek** » 18 lis 2013 12:27

Příloha:

Badicek · Příspěvekod **Badicek** » 18 lis 2013 12:31

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-11-18 12:29:44
-----------------------------
12:29:44.452 OS Version: Windows x64 6.1.7601 Service Pack 1
12:29:44.452 Number of processors: 8 586 0x2A07
12:29:44.452 ComputerName: KUBA-MSI UserName: kuba
12:29:45.513 Initialize success
12:29:53.933 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:29:53.933 Disk 0 Vendor: WDC_WD75 01.0 Size: 715404MB BusType: 3
12:29:54.026 Disk 0 MBR read successfully
12:29:54.026 Disk 0 MBR scan
12:29:54.026 Disk 0 Windows 7 default MBR code
12:29:54.042 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13008 MB offset 2048
12:29:54.058 Disk 0 Partition 2 80 (A) 27 Hidden NTFS WinRE NTFS 100 MB offset 26642432
12:29:54.073 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 421373 MB offset 26847232
12:29:54.089 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 280921 MB offset 889819302
12:29:54.104 Disk 0 scanning C:\windows\system32\drivers
12:30:02.856 Service scanning
12:30:13.417 Modules scanning
12:30:13.433 Disk 0 trace - called modules:
12:30:13.448 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys sptd.sys hal.dll
12:30:13.464 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007e29790]
12:30:13.480 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007b36050]
12:30:13.495 Scan finished successfully
12:30:50.951 Disk 0 MBR has been saved successfully to "C:\Users\kuba\Desktop\MBR.dat"
12:30:50.951 The log file has been saved successfully to "C:\Users\kuba\Desktop\aswMBR.txt"

Badicek · Příspěvekod **Badicek** » 18 lis 2013 14:02

A zde tedy finalni log z HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:01:48, on 18.11.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Users\kuba\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\kuba\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\kuba\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\kuba\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\kuba\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\kuba\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\kuba\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\SysWOW64\msiexec.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msi.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Bluetooth 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files (x86)\S-Bar\MSIService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: MSI Foundation Service - MSI - C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11284 bytes

Kontrola Logu, předem děkuji. Vyřešeno

Re: Kontrola Logu, předem děkuji.

Re: Kontrola Logu, předem děkuji.

Re: Kontrola Logu, předem děkuji.

Re: Kontrola Logu, předem děkuji.

Re: Kontrola Logu, předem děkuji.

Re: Kontrola Logu, předem děkuji.

Re: Kontrola Logu, předem děkuji.

Re: Kontrola Logu, předem děkuji.

Re: Kontrola Logu, předem děkuji.

Re: Kontrola Logu, předem děkuji.

Re: Kontrola Logu, předem děkuji.

Re: Kontrola Logu, předem děkuji.

Kdo je online