Tu je log
ComboFix 14-01-16.03 - rado 21/01/2014 19:31:54.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.353.1029.18.2038.702 [GMT 0:00]
Running from: c:\users\rado\Downloads\ComboFix.exe
Command switches used :: c:\users\rado\Desktop\CFScript.txt.txt
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\KMSEmulator.exe"
"c:\windows\Tasks\AutoKMSDaily.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\KMSEmulator.exe
c:\windows\Tasks\AutoKMSDaily.job
.
.
((((((((((((((((((((((((( Files Created from 2013-12-21 to 2014-01-21 )))))))))))))))))))))))))))))))
.
.
2014-01-21 19:47 . 2014-01-21 19:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-21 19:21 . 2014-01-21 19:21 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9C6D3A81-B25C-4FA3-A4BB-10BF5E31CCE7}\offreg.dll
2014-01-21 13:03 . 2013-12-04 02:57 7760024 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9C6D3A81-B25C-4FA3-A4BB-10BF5E31CCE7}\mpengine.dll
2014-01-20 20:36 . 2014-01-20 20:36 -------- d-----w- c:\programdata\ALM
2014-01-20 17:23 . 2014-01-20 17:23 -------- d-----w- c:\users\rado\AppData\Local\ElevatedDiagnostics
2014-01-19 09:58 . 2014-01-19 09:58 -------- d-----w- c:\users\rado\AppData\Roaming\AVAST Software
2014-01-19 09:49 . 2014-01-19 12:04 64168 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-01-18 18:10 . 2014-01-18 18:12 -------- d-----w- C:\AdwCleaner
2014-01-18 16:52 . 2014-01-18 19:47 -------- d-----w- c:\program files\trend micro
2014-01-15 20:15 . 2013-11-26 10:10 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-01-15 20:15 . 2013-11-26 11:11 240576 ----a-w- c:\windows\system32\drivers\netio.sys
2014-01-15 20:15 . 2013-11-27 01:13 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-15 20:15 . 2013-11-27 01:13 43520 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-15 20:15 . 2013-11-27 01:14 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-15 20:15 . 2013-11-27 01:13 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-15 20:14 . 2013-11-27 01:13 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-15 20:14 . 2013-11-27 01:13 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-15 20:14 . 2013-11-27 01:13 6016 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-08 16:12 . 2014-01-08 16:12 999936 ----a-w- c:\program files\Internet Explorer\networkinspection.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-19 09:49 . 2013-03-30 00:32 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-01-19 09:49 . 2013-03-30 00:32 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-01-19 09:49 . 2011-11-24 22:16 410528 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-01-19 09:49 . 2011-11-24 22:16 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-01-19 09:49 . 2011-11-24 22:16 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-01-19 09:49 . 2012-03-30 10:01 79720 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-01-19 09:49 . 2011-11-24 22:08 43152 ----a-w- c:\windows\avastSS.scr
2014-01-19 09:49 . 2011-11-24 22:08 270240 ----a-w- c:\windows\system32\aswBoot.exe
2013-12-19 13:11 . 2011-11-24 22:16 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-12-18 06:13 . 2011-11-24 22:17 231584 ------w- c:\windows\system32\MpSigStub.exe
2013-12-11 16:13 . 2012-04-04 09:05 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-11 16:13 . 2011-11-24 22:06 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-23 18:26 . 2013-12-11 12:36 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-12 02:07 . 2013-12-11 12:36 2048 ----a-w- c:\windows\system32\tzres.dll
2013-10-30 02:19 . 2013-12-11 12:36 301568 ----a-w- c:\windows\system32\msieftp.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-19 09:49 259464 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2013-10-31 449760]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"NBAgent"="c:\program files\Nero\Nero 11\Nero BackItUp\NBAgent.exe" [2011-09-20 1493288]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-19 3764024]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"AdobeCS6ServiceManager"="c:\program files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"20131224"="c:\program files\AVAST Software\Avast\setup\emupdate\0d80507d-6e30-4548-a5fc-9c1e0962f3f7.exe" [2014-01-21 181136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-03-22 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-06-06 12:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\aliim]
2013-08-22 06:37 293272 ----a-w- c:\program files\TradeManager\AliIM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-11-10 09:17 3514176 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2009-09-23 19:30 173592 ----a-w- c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2009-09-23 19:30 141848 ----a-w- c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-07-13 12:33 17418928 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-06-07 160944]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-01-19 64168]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2013-01-11 12400]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-11-26 108032]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Ser2plx86;Prolific Serial port WDF driver;c:\windows\system32\DRIVERS\ser2pl.sys [2013-02-22 134144]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt; [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-07-13 56496]
S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 12464]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-01-19 775952]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-01-19 410528]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-28 239168]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-01-19 67824]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2011-09-23 641832]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-02 2673064]
S3 RTL8167;Ovladac Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 - sítový adaptér;c:\windows\system32\DRIVERS\RTL8187B.sys [2009-07-13 347136]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-16 18:22 1211672 ----a-w- c:\program files\Google\Chrome\Application\32.0.1700.76\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 16:13]
.
2014-01-21 c:\windows\Tasks\AutoKMSDaily.job
- c:\windows\AutoKMS.exe [2012-02-14 21:13]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://
www.google.com/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
Trusted Zone: alipay.com
Trusted Zone: alisoft.com
Trusted Zone: line6.net
Trusted Zone: taobao.com
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\rado\AppData\Roaming\Mozilla\Firefox\Profiles\07yntbs1.default\
.
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\windows\system32\taskhost.exe
c:\program files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
c:\windows\system32\conhost.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2014-01-21 19:56:36 - machine was rebooted
ComboFix-quarantined-files.txt 2014-01-21 19:56
ComboFix2.txt 2014-01-20 22:42
.
Pre-Run: 17,502,789,632 bytes free
Post-Run: 17,452,802,048 bytes free
.
- - End Of File - - 834E73D2258377964FCF6F4FBD2320E7
A36C5E4F47E84449FF07ED3517B43A31
Přispějete na provoz fóra?