ComboFix 14-11-25.01 - Honza 01.12.2014 8:13.2.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.1917.1016 [GMT 1:00]
Spuštěný z: c:\users\Honza\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Honza\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.25.11\GoogleUpdate.exe
c:\program files\Google\Update\1.3.25.11\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe
c:\program files\Google\Update\1.3.25.11\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.25.11\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.25.11\goopdate.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_am.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_ar.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_bg.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_bn.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_ca.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_cs.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_da.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_de.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_el.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_en.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_es.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_et.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_fa.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_fi.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_fil.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_fr.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_gu.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_hi.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_hr.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_hu.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_id.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_is.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_it.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_iw.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_ja.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_kn.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_ko.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_lt.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_lv.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_ml.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_mr.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_ms.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_nl.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_no.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_pl.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_ro.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_ru.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_sk.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_sl.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_sr.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_sv.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_sw.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_ta.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_te.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_th.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_tr.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_uk.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_ur.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_vi.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.25.11\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.25.11\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.25.11\psmachine.dll
c:\program files\Google\Update\1.3.25.11\psmachine_64.dll
c:\program files\Google\Update\1.3.25.11\psuser.dll
c:\program files\Google\Update\1.3.25.11\psuser_64.dll
c:\program files\Google\Update\Download\{2C6B2FBA-0525-4FE8-B236-26845DBB4A20}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.11\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\39.0.2171.71\39.0.2171.71_39.0.2171.65_chrome_updater.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-01 do 2014-12-01 )))))))))))))))))))))))))))))))
.
.
2014-12-01 07:21 . 2014-12-01 07:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-12-01 07:18 . 2014-12-01 07:18 -------- d-----w- c:\users\Honza\AppData\Local\Apple
2014-11-28 07:19 . 2014-11-02 04:17 8941456 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5F61A46F-9B09-4952-A21F-F10E0082EDFE}\mpengine.dll
2014-11-28 07:09 . 2014-12-01 07:21 -------- d-----w- c:\users\Honza\AppData\Local\temp
2014-11-27 10:42 . 2014-11-27 10:13 24064 ----a-w- c:\windows\zoek-delete.exe
2014-11-27 10:13 . 2014-11-27 10:40 -------- d-----w- C:\zoek_backup
2014-11-27 08:27 . 2014-11-02 04:17 8941456 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-11-21 07:16 . 2014-09-17 16:05 908840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F858DB56-238C-4893-99CF-734BDAE29A06}\gapaengine.dll
2014-11-19 07:12 . 2014-11-11 02:44 186880 ----a-w- c:\windows\system32\pku2u.dll
2014-11-19 07:12 . 2014-11-11 02:44 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-11-13 07:25 . 2014-11-13 07:25 -------- d-sh--w- c:\users\Honza\AppData\Local\EmieBrowserModeList
2014-11-12 07:32 . 2014-11-06 02:20 1155072 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-12 07:32 . 2014-11-06 03:10 64000 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-12 07:32 . 2014-11-06 02:36 817664 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2014-11-12 07:32 . 2014-11-06 03:13 501248 ----a-w- c:\windows\system32\vbscript.dll
2014-11-12 07:32 . 2014-11-06 02:21 4298240 ----a-w- c:\windows\system32\jscript9.dll
2014-11-06 07:32 . 2014-11-06 07:32 -------- d-----w- c:\windows\system32\%LOCALAPPDATA%
2014-11-05 06:58 . 2014-11-05 06:58 -------- d-----w- c:\program files\LogMeIn Hamachi
2014-11-03 07:42 . 2014-11-03 07:42 -------- d-----w- c:\program files\iPod
2014-11-03 07:42 . 2014-11-14 07:30 -------- d-----w- c:\program files\iTunes
2014-11-03 07:42 . 2014-11-03 07:43 -------- d-----w- c:\programdata\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-27 10:02 . 2014-10-06 15:26 34808 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-11-27 09:49 . 2014-10-06 13:27 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-11-26 10:05 . 2012-03-29 15:16 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-11-26 10:05 . 2011-06-30 08:06 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-10-30 11:24 . 2010-12-06 20:37 229000 ------w- c:\windows\system32\MpSigStub.exe
2014-10-06 12:44 . 2014-01-06 10:53 13464 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2014-10-01 10:11 . 2014-06-03 11:31 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-01 10:11 . 2014-06-03 11:31 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-01 10:11 . 2014-06-03 11:31 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-25 01:40 . 2014-10-06 12:13 519680 ----a-w- c:\windows\system32\qdvd.dll
2014-09-17 16:05 . 2013-03-12 07:54 908840 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-09-09 21:47 . 2014-10-06 12:13 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-04 05:04 . 2014-10-15 06:23 372736 ----a-w- c:\windows\system32\rastls.dll
2013-06-19 05:26 . 2013-06-19 05:26 125328 ----a-w- c:\program files\mozilla firefox\plugins\CCMSDK.dll
2013-06-19 06:08 . 2013-06-19 06:08 14224 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll
2013-06-19 05:28 . 2013-06-19 05:28 71560 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll
2013-06-19 05:27 . 2013-06-19 05:27 92560 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll
2013-06-19 05:26 . 2013-06-19 05:26 23432 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll
2013-06-19 05:25 . 2013-06-19 05:25 256400 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll
2013-06-19 05:27 . 2013-06-19 05:27 32656 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll
2013-06-19 05:28 . 2013-06-19 05:28 41352 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll
2013-06-19 03:28 . 2013-06-19 03:28 932224 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll
2013-06-19 05:28 . 2013-06-19 05:28 24968 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\programdata\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB ----
.
2014-11-03 07:43 . 2014-11-03 07:43 3982 ----a-w- c:\programdata\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB\x86\DIFxInstallLog.txt
2012-10-08 15:19 . 2012-10-08 15:19 115672 ----a-w- c:\programdata\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB\x86\DifXInst32.exe
2012-10-08 15:19 . 2012-10-08 15:19 1977816 ----a-w- c:\programdata\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB\GEARDIFx.exe
2012-10-03 15:14 . 2012-10-03 15:14 323464 ----a-w- c:\programdata\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB\x86\DIFxAPI.dll
2012-10-03 15:14 . 2012-10-03 15:14 106928 ----a-w- c:\programdata\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB\x86\GEARAspi.dll
2012-10-03 15:14 . 2012-10-03 15:14 2704 ----a-w- c:\programdata\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB\x86\GEARAspiWDM.inf
2012-10-03 15:14 . 2012-10-03 15:14 7587 ----a-w- c:\programdata\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB\x86\gearaspiwdmx86.cat
2012-10-03 15:14 . 2012-10-03 15:14 26840 ----a-w- c:\programdata\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB\x86\x86\GEARAspiWDM.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2014-10-14 720064]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
"iCloudServices"="c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-11-20 59720]
"ApplePhotoStreams"="c:\program files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-11-20 59720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PWMTRV"="c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2010-03-03 626688]
"Power Manager Power Agenda"="c:\progra~1\ThinkPad\UTILIT~1\DPMHost.exe" [2010-03-05 72256]
"Skd8821"="c:\program files\Lenovo\Lenovo Slim USB Keyboard\SKD8821.exe" [2010-06-02 286208]
"DkStartup"="c:\program files\SafeNet\BSecClient\dkstartup.exe" [2010-02-04 54560]
"AxMonitor"="c:\program files\SafeNet\BSecClient\axmonitor.exe" [2010-02-04 455968]
"DkAutoReg"="c:\program files\SafeNet\BSecClient\DkAutoReg.exe" [2010-02-04 259360]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 974432]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-10-11 60712]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-11-03 3835728]
"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2013-06-19 309648]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2014-09-12 09:43 959176 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Message Center Plus]
2009-05-28 05:09 49976 ------w- c:\program files\Lenovo\Message Center Plus\MCPLaunch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileConnect]
2009-09-18 15:48 2412032 ----a-w- c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
.
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2009-07-23 112128]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-11-06 102912]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 95920]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2014-08-22 288120]
R3 PCDSRVC{3037D694-FD904ACA-06020000}_0;PCDSRVC{3037D694-FD904ACA-06020000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc.pkms [2010-05-07 21360]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2014-10-06 13464]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-08 1343400]
R4 Sks8821;Skdaemon Service;c:\program files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe [2010-05-04 125952]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2013-05-02 64800]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-26 242240]
S2 DkVcm;SafeNet Virtual Channel Monitor;c:\windows\system32\dkvcm.exe [2010-02-04 128288]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2014-11-03 1894224]
S2 JuniperAccessService;Juniper Unified Network Service;c:\program files\Common Files\Juniper Networks\JUNS\dsAccessService.exe [2009-11-13 132392]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-10-21 411920]
S2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.EXE [2010-03-05 72256]
S2 TeamViewer9;TeamViewer 9;c:\program files\TeamViewer\Version9\TeamViewer_Service.exe [2014-09-12 4799760]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-09-18 9216]
S3 iKeyEnum;Rainbow iKey Enumerator;c:\windows\system32\DRIVERS\ikeyenum.sys [2009-10-29 11616]
S3 iKeyIFD;Rainbow iKey Virtual Reader;c:\windows\system32\DRIVERS\ikeyifd.sys [2009-10-29 18080]
S3 RnbToken;Rainbow iKey Token Service;c:\windows\system32\DRIVERS\rnbtoken.sys [2009-10-29 21472]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-11-27 233472]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-27 08:08 1087304 ----a-w- c:\program files\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-11-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 10:05]
.
2014-07-21 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\uaclauncher.exe [2010-05-07 19:46]
.
2014-11-28 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\pcdrcui.exe [2010-05-08 00:50]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.138
DPF: {4CC726C6-6FC0-4FA7-B017-91BA0362BD6F} - hxxp://90.180.11.96:8081/UltraMJCamX.cab
DPF: {53049A9A-1122-4673-B8D4-12F545AE3285} - hxxp://90.176.23.87/AVC_AX_764.cab
DPF: {9B479D7B-916A-45B0-B042-D42865A60E21} - hxxp://88.102.5.154/DvrOcx.cab
FF - ProfilePath - c:\users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\q28hcqyp.default-1400136547654\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{3037D694-FD904ACA-06020000}_0]
"ImagePath"="\??\c:\program files\pc-doctor\pcdsrvc.pkms"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\taskhost.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\dklog.exe
c:\windows\system32\conhost.exe
c:\windows\system32\dkcktkn.exe
c:\windows\System32\rundll32.exe
c:\program files\ThinkPad\Utilities\SCHTASK.EXE
c:\program files\Citrix\ICA Client\wfcrun32.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Common Files\Apple\Internet Services\APSDaemon.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2014-12-01 08:26:05 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-12-01 07:26
ComboFix2.txt 2014-11-28 07:09
.
Před spuštěním: Volných bajtů: 378 065 608 704
Po spuštění: Volných bajtů: 377 770 237 952
.
- - End Of File - - D3FA45288BEE92088687E05E92438EE4
B37872370C8A8C96F32097D533D3FA28
Kontrola
-
masterbill
- Level 2.5
- Příspěvky: 349
- Registrován: březen 08
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Kontrola
Asus IPIBL-LA (Berkeley), Intel Core 2 Quatro Q 6600 2.40 GHz, RAM 4 x 1 GB DDR2 667 SDRAM, Nvidia GeForce GTX 680, Realtek ALC1200 (integr.), Hitachi HDT725050VLA360 500GB, Windows 7 64 bit -> W10
-
masterbill
- Level 2.5
- Příspěvky: 349
- Registrován: březen 08
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Kontrola
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2014-12-02 08:03:56
-----------------------------
08:03:56.981 OS Version: Windows 6.1.7601 Service Pack 1
08:03:56.981 Number of processors: 2 586 0x170A
08:03:56.981 ComputerName: HONZA-THINK UserName: Honza
08:04:22.877 Initialize success
08:04:22.908 VM: initialized successfully
08:04:22.924 VM: Intel CPU supported
08:04:31.706 VM: supported disk I/O ataport.SYS
08:04:38.196 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
08:04:38.212 Disk 0 Vendor: ST3500418AS CC66 Size: 476940MB BusType: 3
08:04:38.290 VM: Disk 0 MBR read successfully
08:04:38.290 Disk 0 MBR scan
08:04:38.290 Disk 0 unknown MBR code
08:04:38.305 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1200 MB offset 2048
08:04:38.305 Disk 0 Boot: NTFS code=1
08:04:38.321 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 465737 MB offset 2459648
08:04:38.352 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 10000 MB offset 956291072
08:04:38.368 Disk 0 scanning sectors +976771072
08:04:38.414 Disk 0 scanning C:\Windows\system32\drivers
08:04:46.558 Service scanning
08:05:01.159 Modules scanning
08:05:01.159 Disk 0 trace - called modules:
08:05:01.206 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys
08:05:01.206 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85d641c0]
08:05:01.222 3 CLASSPNP.SYS[88dca59e] -> nt!IofCallDriver -> [0x8589c918]
08:05:01.222 5 ACPI.sys[88a433d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85c89030]
08:05:01.237 Disk 0 statistics 87240/0/278 @ 6,81 MB/s
08:05:01.253 Scan finished successfully
08:06:33.138 Disk 0 MBR has been saved successfully to "C:\Users\Honza\Desktop\MBR.dat"
08:06:33.154 The log file has been saved successfully to "C:\Users\Honza\Desktop\aswMBR.txt"
Run date: 2014-12-02 08:03:56
-----------------------------
08:03:56.981 OS Version: Windows 6.1.7601 Service Pack 1
08:03:56.981 Number of processors: 2 586 0x170A
08:03:56.981 ComputerName: HONZA-THINK UserName: Honza
08:04:22.877 Initialize success
08:04:22.908 VM: initialized successfully
08:04:22.924 VM: Intel CPU supported
08:04:31.706 VM: supported disk I/O ataport.SYS
08:04:38.196 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
08:04:38.212 Disk 0 Vendor: ST3500418AS CC66 Size: 476940MB BusType: 3
08:04:38.290 VM: Disk 0 MBR read successfully
08:04:38.290 Disk 0 MBR scan
08:04:38.290 Disk 0 unknown MBR code
08:04:38.305 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1200 MB offset 2048
08:04:38.305 Disk 0 Boot: NTFS code=1
08:04:38.321 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 465737 MB offset 2459648
08:04:38.352 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 10000 MB offset 956291072
08:04:38.368 Disk 0 scanning sectors +976771072
08:04:38.414 Disk 0 scanning C:\Windows\system32\drivers
08:04:46.558 Service scanning
08:05:01.159 Modules scanning
08:05:01.159 Disk 0 trace - called modules:
08:05:01.206 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys
08:05:01.206 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85d641c0]
08:05:01.222 3 CLASSPNP.SYS[88dca59e] -> nt!IofCallDriver -> [0x8589c918]
08:05:01.222 5 ACPI.sys[88a433d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85c89030]
08:05:01.237 Disk 0 statistics 87240/0/278 @ 6,81 MB/s
08:05:01.253 Scan finished successfully
08:06:33.138 Disk 0 MBR has been saved successfully to "C:\Users\Honza\Desktop\MBR.dat"
08:06:33.154 The log file has been saved successfully to "C:\Users\Honza\Desktop\aswMBR.txt"
Asus IPIBL-LA (Berkeley), Intel Core 2 Quatro Q 6600 2.40 GHz, RAM 4 x 1 GB DDR2 667 SDRAM, Nvidia GeForce GTX 680, Realtek ALC1200 (integr.), Hitachi HDT725050VLA360 500GB, Windows 7 64 bit -> W10
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Kontrola
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Vlož nový log z HJT + info o problémech.
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Vlož nový log z HJT + info o problémech.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 109 hostů