Padá mi router - ESET SMART SECURITY 7

[Grazy]

ZDE JE SCREEN

[Grazy]

PS: pada mi to jen nekdy .. potom poslu screen az to spadne..

[Grazy]

ZDe je plocha

[Grazy]

IP jsem z toho logu vymazal

[Grazy]

Prosil bych vas treba o skype ci nejaky jinyprogram pro dohodu :/.. nechtej se mi sem ty veci na verejnou stranku davat.. popripade team viever

[Grazy]

PC mam jiz spusten v nouzovem rezimu s podporou site, combofix mi hlasi ze muze dojit k poskozeni pc, ze ma rezidentni stity a firewall eset zaply.. nevim si rady.. :'(

[Grazy]

Tisíckrát děkuji.. Zde je log:


ComboFix 13-12-07.01 - Patrik 08.12.2013 13:25:01.2.8 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8088.7093 [GMT 1:00]
Spuštěný z: c:\users\Patrik\Videos\Downloads\ComboFix.exe
AV: ESET Smart Security 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_bbohlimhkgnnphbdkghkbcjojoafohoa_0
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_bbohlimhkgnnphbdkghkbcjojoafohoa_0\3
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_bbohlimhkgnnphbdkghkbcjojoafohoa_0\4
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.20.27_0\background.html
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.20.27_0\crossriderManifest.json
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.20.27_0\icons\actions\icon1.png
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.20.27_0\icons\icon128.png
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.20.27_0\icons\icon16.png
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.20.27_0\icons\icon48.png
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.20.27_0\js\api\cookie.js
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.20.27_0\js\api\chrome.js
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.20.27_0\js\api\message.js
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.20.27_0\js\background.js
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.20.27_0\js\lib\app_api.js
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.20.27_0\js\lib\async_api.js
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.20.27_0\js\lib\bg_app_api.js
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.20.27_0\js\lib\cookie_store.js
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.20.27_0\js\lib\data_store.js
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.20.27_0\js\lib\delegate.js
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.20.27_0\js\lib\events.js
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.20.27_0\js\lib\onBGDocumentLoad.js
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.20.27_0\js\lib\reports.js
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.20.27_0\js\lib\util.js
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.20.27_0\manifest.json
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.20.27_0\popup.html
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbohlimhkgnnphbdkghkbcjojoafohoa_0.localstorage-journal
c:\users\Boruvka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbohlimhkgnnphbdkghkbcjojoafohoa_0.localstorage
c:\windows\SysWow64\frapsvid.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-08 do 2013-12-08 )))))))))))))))))))))))))))))))
.
.
2013-12-08 12:30 . 2013-12-08 12:30 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-12-08 12:30 . 2013-12-08 12:30 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-12-08 12:30 . 2013-12-08 12:30 -------- d-----w- c:\users\Filip\AppData\Local\temp
2013-12-08 12:30 . 2013-12-08 12:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-08 12:30 . 2013-12-08 12:30 -------- d-----w- c:\users\Boruvka\AppData\Local\temp
2013-12-07 16:12 . 2013-12-07 16:18 -------- d-----w- c:\users\Patrik\AppData\Roaming\ICQ-Profile
2013-12-07 16:12 . 2013-12-07 16:12 -------- d-----w- c:\users\Patrik\AppData\Roaming\ICQM
2013-12-06 12:03 . 2013-11-08 03:12 10285968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EAA4D814-FDCE-4B02-831A-26CF58BA7FB9}\mpengine.dll
2013-11-27 18:46 . 2013-11-27 18:46 -------- d-----w- c:\programdata\Caphyon
2013-11-27 18:46 . 2013-11-28 20:12 -------- d-----w- c:\program files (x86)\QuadCoreM2
2013-11-27 18:38 . 2013-11-27 18:38 -------- d-----w- c:\users\Patrik\AppData\Roaming\Quadcore Games
2013-11-22 16:30 . 2013-11-22 16:30 -------- d-----w- c:\program files (x86)\Ventrilo
2013-11-21 18:40 . 2013-11-22 16:34 -------- d-----w- c:\users\Patrik\AppData\Roaming\Ventrilo
2013-11-19 20:40 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-11-19 20:37 . 2013-11-19 20:37 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-19 20:37 . 2013-11-19 20:37 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-19 20:37 . 2013-11-19 20:37 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-19 20:37 . 2013-11-19 20:37 1836544 ----a-w- c:\program files\Internet Explorer\MemoryAnalyzer.dll
2013-11-19 20:37 . 2013-11-19 20:37 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-19 15:57 . 2013-11-19 15:57 -------- d-----w- c:\users\Patrik\AppData\Roaming\openvr
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-08 12:11 . 2012-06-23 17:13 34752 ----a-w- c:\windows\system32\drivers\WPRO_41_2001.sys
2013-12-06 14:02 . 2013-04-15 18:09 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-12-06 14:02 . 2012-08-23 07:39 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-12-06 14:02 . 2013-04-15 18:09 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-11-13 20:24 . 2012-06-23 19:24 82896128 ----a-w- c:\windows\system32\MRT.exe
2013-11-11 04:50 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-18 14:17 . 2012-08-23 07:30 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-10-09 16:46 . 2012-06-23 12:20 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-09 16:46 . 2012-06-23 12:20 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-09 16:46 . 2013-10-09 16:46 17813896 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-09-25 02:22 . 2013-11-13 15:51 340992 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 01:57 . 2013-11-13 15:51 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-17 14:17 . 2013-09-17 14:17 62136 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2013-09-17 14:17 . 2013-09-17 14:17 44120 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2013-09-17 14:17 . 2013-09-17 14:17 239320 ----a-w- c:\windows\system32\drivers\eamonm.sys
2013-09-17 14:17 . 2013-09-17 14:17 239296 ----a-w- c:\windows\system32\drivers\edevmon.sys
2013-09-17 14:17 . 2013-09-17 14:17 220232 ----a-w- c:\windows\system32\drivers\epfw.sys
2013-09-17 14:17 . 2013-09-17 14:17 168256 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2012-10-21 17:48 . 2012-10-21 17:40 393216 ----a-w- c:\program files (x86)\ZipForge.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{FE69C007-C452-4d3e-86D2-1730DF8BC871}"= "c:\program files (x86)\SimilarSites\similarsites.dll" [2012-12-03 320888]
.
[HKEY_CLASSES_ROOT\clsid\{fe69c007-c452-4d3e-86d2-1730df8bc871}]
[HKEY_CLASSES_ROOT\similarsites.toolbar.1]
[HKEY_CLASSES_ROOT\similarsites.toolbar]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{FE69C007-C452-4d3e-86D2-1730DF8BC871}"= "c:\program files (x86)\SimilarSites\similarsites.dll" [2012-12-03 320888]
.
[HKEY_CLASSES_ROOT\clsid\{fe69c007-c452-4d3e-86d2-1730df8bc871}]
[HKEY_CLASSES_ROOT\similarsites.toolbar.1]
[HKEY_CLASSES_ROOT\similarsites.toolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Dxtory Update Checker 2.0"="c:\program files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe" [2010-10-17 93696]
"Clownfish"="c:\program files (x86)\Clownfish\Clownfish.exe" [2013-11-15 1279224]
"icq"="c:\users\Patrik\AppData\Roaming\ICQM\icq.exe" [2013-12-07 29919576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-26 291608]
"THX TruStudio NB Settings"="c:\program files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" [2011-05-19 909824]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"STCAgent"="c:\program files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe" [2011-01-21 776064]
"ZyngaGamesAgent"="c:\program files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe" [2010-11-15 841544]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"RoccatIsku"="c:\program files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE" [2012-11-09 542560]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2013-09-03 2237328]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\NVIDIA~1\NVSTRE~1\rxinput.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
R1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AsrAppCharger.sys [x]
R1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
R1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
R2 fsrt;Fortres Security Runtime;c:\program files (x86)\Fortres Grand\Fortres Security Runtime 6.0\FSRT.EXE;c:\program files (x86)\Fortres Grand\Fortres Security Runtime 6.0\FSRT.EXE [x]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
R2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
R2 ISCTAgent;ISCT Always Updated Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
R2 SCBackService;Splashtop Connect Service;c:\program files (x86)\Splashtop\Splashtop Connect\BackService.exe;c:\program files (x86)\Splashtop\Splashtop Connect\BackService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
R2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R2 WCUService_STC_IE;Splashtop Connect IE Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe;c:\program files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [x]
R3 AsrIbDrv;AsrIbDrv;c:\windows\SysWOW64\Drivers\AsrIbDrv.sys;c:\windows\SysWOW64\Drivers\AsrIbDrv.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 FGCWL;FGCWL;c:\program files (x86)\Fortres Grand\Virtual Sandbox\FGCWL.sys;c:\program files (x86)\Fortres Grand\Virtual Sandbox\FGCWL.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys;c:\windows\SYSNATIVE\drivers\WPRO_41_2001.sys [x]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys;c:\windows\SYSNATIVE\DRIVERS\asahci64.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 12:46 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-26 16:46]
.
2013-12-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-23 18:39]
.
2013-12-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-23 18:39]
.
2013-12-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-700816946-2485566959-80516750-1003Core.job
- c:\users\Patrik\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-23 07:49]
.
2013-12-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-700816946-2485566959-80516750-1003UA.job
- c:\users\Patrik\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-23 07:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2013-08-30 08:01 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2013-08-30 08:01 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2013-08-30 08:01 3358064 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-12 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-12 398104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-12 440600]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-10-17 13307496]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2011-05-13 26624]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-27 1028896]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-06-13 472984]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5618456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\progra~1\NVIDIA~1\NVSTRE~1\rxinput.dll c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
IE: {{45d8438c-b51d-47a8-aeea-9061535f25f1} - {b52d0735-ec19-448a-abde-e01b5bd275d2} -
IE: {{807DF5E0-4EF7-48a8-A405-239F3E29FFA9} - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - c:\program files (x86)\SimilarSites\similarsites.dll
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\bhmq748t.default\
FF - prefs.js: browser.search.selectedEngine - Delta Search
FF - prefs.js: browser.startup.homepage - hxxp://www1.delta-search.com/?affID=119529&babsrc=HP_ss&mntrId=AAA1BC5FF435834F
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-{48586425-6bb7-4f51-8dc6-38c88e3ebb58} - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-12-08 13:31:51
ComboFix-quarantined-files.txt 2013-12-08 12:31
ComboFix2.txt 2013-04-17 16:18
.
Před spuštěním: Volných bajtů: 22 604 517 376
Po spuštění: Volných bajtů: 23 169 753 088
.
- - End Of File - - BCAC2CD30335FB55E9F5FCA2B719D89A
A36C5E4F47E84449FF07ED3517B43A31

[Grazy]

Ale problemy bezi nadale :/

[Johny_ESET]

Jak postupovat, pokud ESS detekuje stejnou adresu v síti je popsáno zde:

https://servis.eset.cz/index.php?/Knowl ... esa-v-siti