Prosim o kontrolu logu asi zavirovaneho PC

Zpráva

mikkiste · #1 Příspěvek od **mikkiste** » 17 zář 2013 21:22

Zdravím všechny odborníky,
chtěl bych Vás poprosit o kontrolu logu z combofixu, děkuji moc:

ComboFix 13-09-17.01 - Majkl 17.09.2013 20:19:43.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4094.2980 [GMT 2:00]
Spuštěný z: c:\users\Majkl\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Outdated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Outdated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\background.jpg
c:\users\Majkl\AppData\Local\Temp\ae201572-4813-4010-9ed2-ee29ddec066a\CliSecureRT.dll
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\local.txt
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-17 do 2013-09-17 )))))))))))))))))))))))))))))))
.
.
2013-09-17 05:31 . 2013-09-17 05:31 9310 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2013-09-05 19:54 . 2013-09-06 04:31 -------- d-----w- c:\users\Majkl\AppData\Local\ElevatedDiagnostics
2013-09-04 16:54 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6B0790BE-18B0-45B8-82CB-8415B4C8EF58}\mpengine.dll
2013-09-03 08:01 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-08-29 12:11 . 2013-08-29 12:11 70 ----a-w- c:\programdata\jjcsxqqvaylmadlxlwt.bat
2013-08-29 12:11 . 2013-08-29 12:11 165 ----a-w- c:\programdata\jjcsxqqvaylmadlxlwt.reg
2013-08-27 17:56 . 2013-08-27 17:56 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2013-08-27 17:56 . 2013-08-27 17:56 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-08-26 23:09 . 2013-07-26 05:12 19239424 ----a-w- c:\windows\system32\mshtml.dll
2013-08-26 23:09 . 2013-07-26 05:12 15405056 ----a-w- c:\windows\system32\ieframe.dll
2013-08-26 12:19 . 2013-08-26 12:17 941720 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B1041FEC-78B7-486D-8A4A-E7458C86B8CF}\gapaengine.dll
2013-08-26 12:19 . 2013-07-24 20:17 941720 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-26 23:02 . 2011-02-11 23:34 78161360 ----a-w- c:\windows\system32\MRT.exe
2013-08-26 12:23 . 2012-04-11 19:09 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-26 12:23 . 2011-12-06 17:04 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-02 12:06 . 2012-11-25 10:13 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-07-02 12:06 . 2012-11-25 10:11 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-07-02 08:34 . 2013-07-23 16:13 9460976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A5E684E3-5E1C-467D-B594-447683D09FD0}\mpengine.dll
2013-07-01 21:35 . 2013-07-01 21:35 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-07-01 21:35 . 2013-07-01 21:35 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-07-01 21:35 . 2013-07-01 21:35 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-07-01 21:35 . 2013-07-01 21:35 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-07-01 21:35 . 2013-07-01 21:35 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-07-01 21:35 . 2013-07-01 21:35 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-07-01 21:35 . 2013-07-01 21:35 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-07-01 21:35 . 2013-07-01 21:35 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-07-01 21:35 . 2013-07-01 21:35 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-07-01 21:35 . 2013-07-01 21:35 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-07-01 21:35 . 2013-07-01 21:35 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-07-01 21:35 . 2013-07-01 21:35 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-07-01 21:35 . 2013-07-01 21:35 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-07-01 21:35 . 2013-07-01 21:35 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-07-01 21:35 . 2013-07-01 21:35 81408 ----a-w- c:\windows\system32\icardie.dll
2013-07-01 21:35 . 2013-07-01 21:35 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-07-01 21:35 . 2013-07-01 21:35 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-07-01 21:35 . 2013-07-01 21:35 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-07-01 21:35 . 2013-07-01 21:35 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-07-01 21:35 . 2013-07-01 21:35 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-07-01 21:35 . 2013-07-01 21:35 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-07-01 21:35 . 2013-07-01 21:35 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-07-01 21:35 . 2013-07-01 21:35 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-07-01 21:35 . 2013-07-01 21:35 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-07-01 21:35 . 2013-07-01 21:35 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-07-01 21:35 . 2013-07-01 21:35 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-07-01 21:35 . 2013-07-01 21:35 441856 ----a-w- c:\windows\system32\html.iec
2013-07-01 21:35 . 2013-07-01 21:35 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-07-01 21:35 . 2013-07-01 21:35 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-07-01 21:35 . 2013-07-01 21:35 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-07-01 21:35 . 2013-07-01 21:35 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-07-01 21:35 . 2013-07-01 21:35 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-07-01 21:35 . 2013-07-01 21:35 235008 ----a-w- c:\windows\system32\url.dll
2013-07-01 21:35 . 2013-07-01 21:35 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-07-01 21:35 . 2013-07-01 21:35 216064 ----a-w- c:\windows\system32\msls31.dll
2013-07-01 21:35 . 2013-07-01 21:35 197120 ----a-w- c:\windows\system32\msrating.dll
2013-07-01 21:35 . 2013-07-01 21:35 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-07-01 21:35 . 2013-07-01 21:35 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-07-01 21:35 . 2013-07-01 21:35 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-07-01 21:35 . 2013-07-01 21:35 149504 ----a-w- c:\windows\system32\occache.dll
2013-07-01 21:35 . 2013-07-01 21:35 144896 ----a-w- c:\windows\system32\wextract.exe
2013-07-01 21:35 . 2013-07-01 21:35 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-07-01 21:35 . 2013-07-01 21:35 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-07-01 21:35 . 2013-07-01 21:35 13824 ----a-w- c:\windows\system32\mshta.exe
2013-07-01 21:35 . 2013-07-01 21:35 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-07-01 21:35 . 2013-07-01 21:35 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-07-01 21:35 . 2013-07-01 21:35 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-07-01 21:35 . 2013-07-01 21:35 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-07-01 21:35 . 2013-07-01 21:35 102912 ----a-w- c:\windows\system32\inseng.dll
2013-07-01 21:34 . 2013-07-01 21:34 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-01 21:34 . 2013-07-01 21:34 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-01 21:34 . 2013-07-01 21:34 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-07-01 21:34 . 2013-07-01 21:34 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-07-01 21:34 . 2013-07-01 21:34 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-01 21:34 . 2013-07-01 21:34 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-01 21:34 . 2013-07-01 21:34 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-01 21:34 . 2013-07-01 21:34 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-01 21:34 . 2013-07-01 21:34 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-07-01 21:34 . 2013-07-01 21:34 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-07-01 21:34 . 2013-07-01 21:34 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-07-01 21:34 . 2013-07-01 21:34 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-01 21:34 . 2013-07-01 21:34 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-01 21:34 . 2013-07-01 21:34 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-07-01 21:34 . 2013-07-01 21:34 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-07-01 21:34 . 2013-07-01 21:34 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-07-01 21:34 . 2013-07-01 21:34 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-01 21:34 . 2013-07-01 21:34 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-01 21:34 . 2013-07-01 21:34 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-07-01 21:34 . 2013-07-01 21:34 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-07-01 21:34 . 2013-07-01 21:34 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-01 21:34 . 2013-07-01 21:34 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-01 21:34 . 2013-07-01 21:34 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-01 21:34 . 2013-07-01 21:34 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-01 21:34 . 2013-07-01 21:34 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-07-01 21:34 . 2013-07-01 21:34 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-07-01 21:34 . 2013-07-01 21:34 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-07-01 21:34 . 2013-07-01 21:34 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-07-01 21:34 . 2013-07-01 21:34 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-01 21:34 . 2013-07-01 21:34 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-01 21:34 . 2013-07-01 21:34 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-07-01 21:34 . 2013-07-01 21:34 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-07-01 21:34 . 2013-07-01 21:34 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-07-01 21:34 . 2013-07-01 21:34 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-07-01 21:34 . 2013-07-01 21:34 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-07-01 21:34 . 2013-07-01 21:34 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-07-01 21:34 . 2013-07-01 21:34 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-07-01 21:34 . 2013-07-01 21:34 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-07-01 21:34 . 2013-07-01 21:34 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-07-01 21:34 . 2013-07-01 21:34 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2013-07-01 21:34 . 2013-07-01 21:34 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-07-01 21:34 . 2013-07-01 21:34 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-07-01 21:34 . 2013-07-01 21:34 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-07-01 21:34 . 2013-07-01 21:34 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-07-01 21:34 . 2013-07-01 21:34 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\uTorrentBar\prxtbuTo0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2010-12-21 1483264]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-09-29 20880]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-09-29 929680]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-12-06 39408]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-08-11 2472048]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-09-29 929680]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-09-29 3508112]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-18 152392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys;c:\windows\SYSNATIVE\DRIVERS\mv91xx.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-04 05:59 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 12:23]
.
2013-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-06 17:04]
.
2013-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-06 17:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-09-29 929680]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-09-29 3508112]
"Zune Launcher"="c:\program files (x86)\ZuneLauncher.exe" [2011-08-05 163552]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-06-20 1356240]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_bc2.exe
AddRemove-{52D1D62C-FEAB-4580-849E-1DB624BADBBD} - c:\program files (x86)\InstallShield Installation Information\{52D1D62C-FEAB-4580-849E-1DB624BADBBD}\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2757368311-612427337-2350609889-1001\Software\AppDataLow\Software\Conduit\Community Alerts\Settings\Locales\e*n**§=q]
"LP_LastUpdateTime"="0"
"LP_LastCheckTime"=dword:4f25d204
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\program files (x86)\PC Connectivity Solution\ServiceLayer.exe
c:\program files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Celkový čas: 2013-09-17 20:29:36 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-17 18:29
.
Před spuštěním: Volných bajtů: 120 035 168 256
Po spuštění: Volných bajtů: 120 077 971 456
.
- - End Of File - - 4EBE63A5A66891612F004FAC26274872
A36C5E4F47E84449FF07ED3517B43A31

#2 Příspěvek od **Rudy** » 17 zář 2013 21:45

Zdravím!
1. Proč používáte ComboFix, utilitu určnou pouze profesinálům, bez doporučení rádce? Chcete si nabořit systém, nebo nějakou aplikaci?
2. Jak je to s legalitou vašeho oper. systému?

mikkiste · #3 Příspěvek od **mikkiste** » 19 zář 2013 14:58

Zdravim,
minule jsem sem pridaval log z RSITu a pak mi hned nekdo radil pustit ComboFix a ja jsem si neuvedomil, ze asi ten RSIT log nejdrive prohlizel, nez mi poradil ComboFix, tak jsem to ted pustil hned

. Ohledne toho systemu nevim jiste, protoze to je pocitac znameho, ale je mozne, ze legalni nebude.
Diky

#4 Příspěvek od **Rudy** » 19 zář 2013 18:06

Pokud není legální není, máte smůlu. Toto fórum nepodporuje softwarové pirátství. Na skříni PC by měla být COA nálepka s textem:

Windows 7 Ultimate

a příslušným CDKey. Pokud tam není, nebo ja na ni jiný text, je vysoce pravděpodobné, že systém není legální.

VIRY.CZ

Prosim o kontrolu logu asi zavirovaneho PC

Prosim o kontrolu logu asi zavirovaneho PC

Re: Prosim o kontrolu logu asi zavirovaneho PC

Re: Prosim o kontrolu logu asi zavirovaneho PC

Re: Prosim o kontrolu logu asi zavirovaneho PC