Modrá smrt

Zpráva

SkankxD · #16 Příspěvek od **SkankxD** » 02 úno 2014 17:50

ComboFix 14-02-01.01 - Tomy 02.02.2014 17:44:25.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8130.5909 [GMT 1:00]
Spuštěný z: c:\users\Tomy\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Tomy\Desktop\CFScript.txt.txt
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-01-02 do 2014-02-02 )))))))))))))))))))))))))))))))
.
.
2014-02-02 16:48 . 2014-02-02 16:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-02 14:26 . 2014-02-02 14:26 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2014-02-02 09:11 . 2014-02-02 13:49 -------- d-----w- C:\FRST
2014-01-31 12:11 . 2014-01-31 12:11 -------- d-----w- c:\program files (x86)\G9G11_ScreenCapture
2014-01-31 12:11 . 2014-01-31 12:11 -------- d-----w- c:\program files (x86)\OfficeShuttle Software
2014-01-31 11:01 . 2014-01-31 11:01 -------- d-----w- c:\users\Tomy\AppData\Roaming\AVAST Software
2014-01-31 11:00 . 2014-01-31 11:00 -------- d-----w- c:\programdata\RoboForm
2014-01-31 11:00 . 2014-01-31 11:00 -------- d-----w- c:\program files (x86)\Siber Systems
2014-01-31 11:00 . 2014-01-31 11:01 79672 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-01-31 11:00 . 2014-01-31 11:00 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-01-31 11:00 . 2014-01-31 11:00 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-01-31 11:00 . 2014-01-31 11:00 422216 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-01-31 11:00 . 2014-01-31 11:00 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-01-31 11:00 . 2014-01-31 11:00 1034464 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-01-31 11:00 . 2014-01-31 11:00 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-01-31 11:00 . 2014-01-31 11:00 43152 ----a-w- c:\windows\avastSS.scr
2014-01-31 11:00 . 2014-01-31 11:00 334136 ----a-w- c:\windows\system32\aswBoot.exe
2014-01-31 11:00 . 2014-01-31 11:00 -------- d-----w- c:\program files\AVAST Software
2014-01-31 10:59 . 2014-01-31 10:59 -------- d-----w- c:\programdata\AVAST Software
2014-01-31 10:14 . 2014-02-02 16:48 94656 ----a-w- c:\windows\system32\WPRO_41_2001woem.tmp
2014-01-31 09:57 . 2014-01-31 09:57 -------- d-----w- c:\users\Tomy\AppData\Local\FileViewPro
2014-01-31 09:57 . 2014-01-31 09:57 -------- d-----w- c:\users\Tomy\AppData\Roaming\IsolatedStorage
2014-01-31 09:57 . 2014-01-31 09:57 -------- d-----w- c:\programdata\IsolatedStorage
2014-01-31 09:56 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2014-01-31 09:56 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2014-01-31 09:56 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2014-01-31 09:56 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2014-01-31 09:55 . 2014-01-31 09:55 -------- d-----w- c:\windows\system32\SPReview
2014-01-31 09:55 . 2014-01-31 09:55 -------- d-----w- c:\windows\system32\EventProviders
2014-01-31 09:54 . 2014-01-31 09:54 -------- d-----w- C:\Spacekace
2014-01-31 09:52 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2014-01-31 09:52 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2014-01-31 09:52 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2014-01-31 09:52 . 2013-02-15 06:08 44032 ----a-w- c:\windows\system32\tsgqec.dll
2014-01-31 09:52 . 2013-02-15 06:06 3717632 ----a-w- c:\windows\system32\mstscax.dll
2014-01-31 09:52 . 2013-02-15 06:02 158720 ----a-w- c:\windows\system32\aaclient.dll
2014-01-31 09:52 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-01-31 09:52 . 2013-02-15 04:34 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2014-01-31 09:52 . 2013-02-15 03:25 36864 ----a-w- c:\windows\SysWow64\tsgqec.dll
2014-01-31 09:17 . 2014-01-31 09:17 -------- d-----w- c:\users\Tomy\AppData\Local\Octodad
2014-01-31 09:16 . 2014-01-31 10:30 -------- d-----w- c:\program files (x86)\Octodad
2014-01-25 00:54 . 2014-01-25 00:54 -------- d-----w- c:\users\Tomy\AppData\Roaming\NVIDIA
2014-01-24 16:27 . 2009-03-18 16:35 33856 ---ha-w- c:\windows\system32\hamachi.sys
2014-01-24 16:27 . 2014-01-24 16:27 -------- d-----w- c:\users\Tomy\AppData\Local\LogMeIn
2014-01-24 16:27 . 2014-01-24 16:27 -------- d-----w- c:\programdata\LogMeIn
2014-01-23 12:14 . 2013-12-27 18:42 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-01-23 12:14 . 2013-12-27 18:42 33056 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-01-23 12:13 . 2014-01-23 12:14 -------- d-----w- c:\users\Tomy\AppData\Local\NVIDIA Corporation
2014-01-23 12:13 . 2014-01-21 02:53 1048152 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-01-23 12:13 . 2014-01-21 02:53 1179576 ----a-w- c:\windows\system32\nvspcap64.dll
2014-01-23 12:12 . 2014-02-02 16:48 -------- d-----w- c:\programdata\NVIDIA
2014-01-23 12:12 . 2013-12-19 18:53 6671648 ----a-w- c:\windows\system32\nvcpl.dll
2014-01-23 12:12 . 2013-12-19 18:53 3490080 ----a-w- c:\windows\system32\nvsvc64.dll
2014-01-23 12:12 . 2013-12-19 18:53 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2014-01-23 12:12 . 2013-12-19 18:53 63776 ----a-w- c:\windows\system32\nvshext.dll
2014-01-23 12:12 . 2013-12-19 18:53 386336 ----a-w- c:\windows\system32\nvmctray.dll
2014-01-23 12:12 . 2013-12-19 18:53 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2014-01-23 12:12 . 2013-12-19 05:01 3539040 ----a-w- c:\windows\system32\nvcoproc.bin
2014-01-23 12:12 . 2013-12-19 20:33 61216 ----a-w- c:\windows\system32\OpenCL.dll
2014-01-23 12:12 . 2013-12-19 20:33 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-01-23 06:24 . 2014-01-23 06:24 -------- d-----w- c:\users\Tomy\AppData\Roaming\OBS
2014-01-23 06:24 . 2014-01-23 06:24 -------- d-----w- c:\program files\OBS
2014-01-23 06:24 . 2014-01-23 06:24 -------- d-----w- c:\program files (x86)\OBS
2014-01-16 07:02 . 2014-01-16 07:02 -------- d-----w- C:\Games (x86)
2014-01-10 09:34 . 2008-07-12 07:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2014-01-10 09:34 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2014-01-10 09:34 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2014-01-10 09:34 . 2014-01-10 09:34 -------- d-----w- C:\Riot Games
2014-01-10 09:34 . 2014-02-01 16:33 -------- d-----w- c:\users\Tomy\AppData\Local\PMB Files
2014-01-10 09:34 . 2014-02-01 15:38 -------- d-----w- c:\programdata\PMB Files
2014-01-10 09:34 . 2014-01-10 09:34 -------- d-----w- c:\program files (x86)\Pando Networks
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-02 16:48 . 2012-11-12 14:51 34752 ----a-w- c:\windows\system32\drivers\WPRO_41_2001.sys
2014-01-31 10:06 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-01-31 10:06 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-01-18 20:11 . 2013-10-04 13:01 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-01-18 19:51 . 2012-11-13 03:01 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-01-06 15:20 . 2013-08-15 08:51 86054176 ----a-w- c:\windows\system32\MRT.exe
2013-12-19 11:20 . 2013-12-19 11:20 590112 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-12-11 08:13 . 2013-10-25 02:47 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 08:13 . 2013-10-25 02:47 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-29 11:22 . 2013-11-29 11:22 116440 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2013-11-29 07:53 . 2013-11-29 07:53 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"uTorrent"="c:\users\Tomy\AppData\Roaming\uTorrent\uTorrent.exe" [2013-03-18 1051984]
"OscarEditor"="c:\program files (x86)\G9G11_ScreenCapture\ScreenCapture.exe" [2012-05-18 3538944]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"RoboForm"="c:\program files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2014-01-31 100200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe" [2011-09-20 115048]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-26 291608]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2011-08-29 1517056]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe" [2012-07-27 495616]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-31 3764024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 e1yexpress;Ovladač gigabitových síťových připojení Intel(R);c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 MSICDSetup;MSICDSetup;d:\cdriver64.sys;d:\CDriver64.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;d:\ntiolib_x64.sys;d:\NTIOLib_X64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 XFDriver64;XFDriver64;c:\program files (x86)\Xfire2\XFDriver64.sys;c:\program files (x86)\Xfire2\XFDriver64.sys [x]
R4 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 ISCTAgent;ISCT Always Updated Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MSI_OTPService;MSI_OTPService;c:\program files (x86)\MSI\OTPService\OTPService.exe;c:\program files (x86)\MSI\OTPService\OTPService.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NTIOLib_1_0_T;NTIOLib_1_0_T;c:\program files (x86)\MSI\OTPService\NTIOLib_X64.sys;c:\program files (x86)\MSI\OTPService\NTIOLib_X64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);c:\windows\system32\DRIVERS\rusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\rusb3hub.sys [x]
S3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);c:\windows\system32\DRIVERS\rusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\rusb3xhc.sys [x]
S3 SaiK1705;SaiK1705;c:\windows\system32\DRIVERS\SaiK1705.sys;c:\windows\SYSNATIVE\DRIVERS\SaiK1705.sys [x]
S3 SaiU1705;SaiU1705;c:\windows\system32\DRIVERS\SaiU1705.sys;c:\windows\SYSNATIVE\DRIVERS\SaiU1705.sys [x]
S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys;c:\windows\SYSNATIVE\drivers\WPRO_41_2001.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-28 20:16 1211672 ----a-w- c:\program files (x86)\Google\Chrome\Application\32.0.1700.102\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-02-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-25 08:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-31 11:00 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-05-15 792704]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2012-05-15 658048]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2010-09-14 25600]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"ProfilerU"="c:\program files\SmartTechnology\Software\ProfilerU.exe" [2013-04-16 454144]
"SaiMfd"="c:\program files\SmartTechnology\Software\SaiMfd.exe" [2013-04-16 158208]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-01-21 2234144]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-01-21 1179576]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
SearchIndexer
SearchIndexer
SearchIndexer
SearchIndexer
SearchIndexer
SearchIndexer
SearchIndexer
SearchIndexer
.
------- Doplňkový sken -------
.
uLocal Page =
uStart Page =
mDefault_Search_URL =
mDefault_Page_URL =
mStart Page =
mLocal Page =
mSearch Page =
IE: Customize Menu - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Save Forms - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Show avast! EasyPass Toolbar - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
Trusted Zone: 4game.com
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
.
**************************************************************************
.
Celkový čas: 2014-02-02 17:49:56 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-02-02 16:49
ComboFix2.txt 2014-02-02 16:30
.
Před spuštěním: Volných bajtů: 22 554 927 104
Po spuštění: Volných bajtů: 17 729 163 264
.
- - End Of File - - B506C2436BE25D5DD5D35EC2FE83A378
A36C5E4F47E84449FF07ED3517B43A31

#17 Příspěvek od **Rudy** » 02 úno 2014 19:49

Zkuste ještě jednou. Skript bylo chybně uložen (jako CFScript.txt.txt). Musí být uložen jako CFScript.txt .

SkankxD · #18 Příspěvek od **SkankxD** » 03 úno 2014 07:36

ComboFix 14-02-01.01 - Tomy 03.02.2014 7:30.3.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8130.6118 [GMT 1:00]
Spuštěný z: c:\users\Tomy\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Tomy\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-01-03 do 2014-02-03 )))))))))))))))))))))))))))))))
.
.
2014-02-03 06:33 . 2014-02-03 06:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-02 14:26 . 2014-02-02 14:26 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2014-02-02 09:11 . 2014-02-02 13:49 -------- d-----w- C:\FRST
2014-01-31 12:11 . 2014-01-31 12:11 -------- d-----w- c:\program files (x86)\G9G11_ScreenCapture
2014-01-31 12:11 . 2014-01-31 12:11 -------- d-----w- c:\program files (x86)\OfficeShuttle Software
2014-01-31 11:01 . 2014-01-31 11:01 -------- d-----w- c:\users\Tomy\AppData\Roaming\AVAST Software
2014-01-31 11:00 . 2014-01-31 11:00 -------- d-----w- c:\programdata\RoboForm
2014-01-31 11:00 . 2014-01-31 11:00 -------- d-----w- c:\program files (x86)\Siber Systems
2014-01-31 11:00 . 2014-01-31 11:01 79672 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-01-31 11:00 . 2014-01-31 11:00 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-01-31 11:00 . 2014-01-31 11:00 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-01-31 11:00 . 2014-01-31 11:00 422216 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-01-31 11:00 . 2014-01-31 11:00 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-01-31 11:00 . 2014-01-31 11:00 1034464 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-01-31 11:00 . 2014-01-31 11:00 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-01-31 11:00 . 2014-01-31 11:00 43152 ----a-w- c:\windows\avastSS.scr
2014-01-31 11:00 . 2014-01-31 11:00 334136 ----a-w- c:\windows\system32\aswBoot.exe
2014-01-31 11:00 . 2014-01-31 11:00 -------- d-----w- c:\program files\AVAST Software
2014-01-31 10:59 . 2014-01-31 10:59 -------- d-----w- c:\programdata\AVAST Software
2014-01-31 10:14 . 2014-02-03 06:34 94656 ----a-w- c:\windows\system32\WPRO_41_2001woem.tmp
2014-01-31 09:57 . 2014-01-31 09:57 -------- d-----w- c:\users\Tomy\AppData\Local\FileViewPro
2014-01-31 09:57 . 2014-01-31 09:57 -------- d-----w- c:\users\Tomy\AppData\Roaming\IsolatedStorage
2014-01-31 09:57 . 2014-01-31 09:57 -------- d-----w- c:\programdata\IsolatedStorage
2014-01-31 09:56 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2014-01-31 09:56 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2014-01-31 09:56 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2014-01-31 09:56 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2014-01-31 09:55 . 2014-01-31 09:55 -------- d-----w- c:\windows\system32\SPReview
2014-01-31 09:55 . 2014-01-31 09:55 -------- d-----w- c:\windows\system32\EventProviders
2014-01-31 09:54 . 2014-01-31 09:54 -------- d-----w- C:\Spacekace
2014-01-31 09:52 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2014-01-31 09:52 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2014-01-31 09:52 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2014-01-31 09:52 . 2013-02-15 06:08 44032 ----a-w- c:\windows\system32\tsgqec.dll
2014-01-31 09:52 . 2013-02-15 06:06 3717632 ----a-w- c:\windows\system32\mstscax.dll
2014-01-31 09:52 . 2013-02-15 06:02 158720 ----a-w- c:\windows\system32\aaclient.dll
2014-01-31 09:52 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-01-31 09:52 . 2013-02-15 04:34 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2014-01-31 09:52 . 2013-02-15 03:25 36864 ----a-w- c:\windows\SysWow64\tsgqec.dll
2014-01-31 09:17 . 2014-01-31 09:17 -------- d-----w- c:\users\Tomy\AppData\Local\Octodad
2014-01-31 09:16 . 2014-01-31 10:30 -------- d-----w- c:\program files (x86)\Octodad
2014-01-25 00:54 . 2014-01-25 00:54 -------- d-----w- c:\users\Tomy\AppData\Roaming\NVIDIA
2014-01-24 16:27 . 2009-03-18 16:35 33856 ---ha-w- c:\windows\system32\hamachi.sys
2014-01-24 16:27 . 2014-01-24 16:27 -------- d-----w- c:\users\Tomy\AppData\Local\LogMeIn
2014-01-24 16:27 . 2014-01-24 16:27 -------- d-----w- c:\programdata\LogMeIn
2014-01-23 12:14 . 2013-12-27 18:42 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-01-23 12:14 . 2013-12-27 18:42 33056 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-01-23 12:13 . 2014-01-23 12:14 -------- d-----w- c:\users\Tomy\AppData\Local\NVIDIA Corporation
2014-01-23 12:13 . 2014-01-21 02:53 1048152 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-01-23 12:13 . 2014-01-21 02:53 1179576 ----a-w- c:\windows\system32\nvspcap64.dll
2014-01-23 12:12 . 2014-02-03 06:34 -------- d-----w- c:\programdata\NVIDIA
2014-01-23 12:12 . 2013-12-19 18:53 6671648 ----a-w- c:\windows\system32\nvcpl.dll
2014-01-23 12:12 . 2013-12-19 18:53 3490080 ----a-w- c:\windows\system32\nvsvc64.dll
2014-01-23 12:12 . 2013-12-19 18:53 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2014-01-23 12:12 . 2013-12-19 18:53 63776 ----a-w- c:\windows\system32\nvshext.dll
2014-01-23 12:12 . 2013-12-19 18:53 386336 ----a-w- c:\windows\system32\nvmctray.dll
2014-01-23 12:12 . 2013-12-19 18:53 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2014-01-23 12:12 . 2013-12-19 05:01 3539040 ----a-w- c:\windows\system32\nvcoproc.bin
2014-01-23 12:12 . 2013-12-19 20:33 61216 ----a-w- c:\windows\system32\OpenCL.dll
2014-01-23 12:12 . 2013-12-19 20:33 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-01-23 06:24 . 2014-01-23 06:24 -------- d-----w- c:\users\Tomy\AppData\Roaming\OBS
2014-01-23 06:24 . 2014-01-23 06:24 -------- d-----w- c:\program files\OBS
2014-01-23 06:24 . 2014-01-23 06:24 -------- d-----w- c:\program files (x86)\OBS
2014-01-16 07:02 . 2014-01-16 07:02 -------- d-----w- C:\Games (x86)
2014-01-10 09:34 . 2008-07-12 07:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2014-01-10 09:34 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2014-01-10 09:34 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2014-01-10 09:34 . 2014-01-10 09:34 -------- d-----w- C:\Riot Games
2014-01-10 09:34 . 2014-02-01 16:33 -------- d-----w- c:\users\Tomy\AppData\Local\PMB Files
2014-01-10 09:34 . 2014-02-01 15:38 -------- d-----w- c:\programdata\PMB Files
2014-01-10 09:34 . 2014-01-10 09:34 -------- d-----w- c:\program files (x86)\Pando Networks
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-03 06:34 . 2012-11-12 14:51 34752 ----a-w- c:\windows\system32\drivers\WPRO_41_2001.sys
2014-01-31 10:06 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-01-31 10:06 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-01-18 20:11 . 2013-10-04 13:01 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-01-18 19:51 . 2012-11-13 03:01 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-01-06 15:20 . 2013-08-15 08:51 86054176 ----a-w- c:\windows\system32\MRT.exe
2013-12-19 11:20 . 2013-12-19 11:20 590112 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-12-11 08:13 . 2013-10-25 02:47 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 08:13 . 2013-10-25 02:47 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-29 11:22 . 2013-11-29 11:22 116440 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2013-11-29 07:53 . 2013-11-29 07:53 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"uTorrent"="c:\users\Tomy\AppData\Roaming\uTorrent\uTorrent.exe" [2013-03-18 1051984]
"OscarEditor"="c:\program files (x86)\G9G11_ScreenCapture\ScreenCapture.exe" [2012-05-18 3538944]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"RoboForm"="c:\program files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2014-01-31 100200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe" [2011-09-20 115048]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-26 291608]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2011-08-29 1517056]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe" [2012-07-27 495616]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-31 3764024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 e1yexpress;Ovladač gigabitových síťových připojení Intel(R);c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 MSICDSetup;MSICDSetup;d:\cdriver64.sys;d:\CDriver64.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;d:\ntiolib_x64.sys;d:\NTIOLib_X64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 XFDriver64;XFDriver64;c:\program files (x86)\Xfire2\XFDriver64.sys;c:\program files (x86)\Xfire2\XFDriver64.sys [x]
R4 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 ISCTAgent;ISCT Always Updated Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MSI_OTPService;MSI_OTPService;c:\program files (x86)\MSI\OTPService\OTPService.exe;c:\program files (x86)\MSI\OTPService\OTPService.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NTIOLib_1_0_T;NTIOLib_1_0_T;c:\program files (x86)\MSI\OTPService\NTIOLib_X64.sys;c:\program files (x86)\MSI\OTPService\NTIOLib_X64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);c:\windows\system32\DRIVERS\rusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\rusb3hub.sys [x]
S3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);c:\windows\system32\DRIVERS\rusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\rusb3xhc.sys [x]
S3 SaiK1705;SaiK1705;c:\windows\system32\DRIVERS\SaiK1705.sys;c:\windows\SYSNATIVE\DRIVERS\SaiK1705.sys [x]
S3 SaiU1705;SaiU1705;c:\windows\system32\DRIVERS\SaiU1705.sys;c:\windows\SYSNATIVE\DRIVERS\SaiU1705.sys [x]
S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys;c:\windows\SYSNATIVE\drivers\WPRO_41_2001.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-28 20:16 1211672 ----a-w- c:\program files (x86)\Google\Chrome\Application\32.0.1700.102\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-02-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-25 08:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-31 11:00 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-05-15 792704]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2012-05-15 658048]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
"THXCfg64"="c:\windows\system32\THXCfg64.dll" [2010-09-14 25600]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"ProfilerU"="c:\program files\SmartTechnology\Software\ProfilerU.exe" [2013-04-16 454144]
"SaiMfd"="c:\program files\SmartTechnology\Software\SaiMfd.exe" [2013-04-16 158208]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-01-21 2234144]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-01-21 1179576]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
SearchIndexer
SearchIndexer
SearchIndexer
SearchIndexer
SearchIndexer
SearchIndexer
SearchIndexer
SearchIndexer
.
------- Doplňkový sken -------
.
uLocal Page =
uStart Page =
mDefault_Search_URL =
mDefault_Page_URL =
mStart Page =
mLocal Page =
mSearch Page =
IE: Customize Menu - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Save Forms - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Show avast! EasyPass Toolbar - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
Trusted Zone: 4game.com
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
.
**************************************************************************
.
Celkový čas: 2014-02-03 07:35:22 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-02-03 06:35
ComboFix2.txt 2014-02-02 16:49
ComboFix3.txt 2014-02-02 16:30
.
Před spuštěním: Volných bajtů: 17 697 542 144
Po spuštění: Volných bajtů: 17 705 017 344
.
- - End Of File - - 2F629D61BB8CE543E89B51FD75A94B65
A36C5E4F47E84449FF07ED3517B43A31

#19 Příspěvek od **Rudy** » 03 úno 2014 18:21

Teď je to v pořádku. Nastala nějaká změna?

SkankxD · #20 Příspěvek od **SkankxD** » 04 úno 2014 11:18

Už je vše v pořádku prozatím. Děkuji za vaší pomoc

#21 Příspěvek od **Rudy** » 04 úno 2014 17:01

Nemáte zač!

VIRY.CZ

Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt