Prosím o kontrolu logu

Zpráva

Klabos · #1 Příspěvek od **Klabos** » 11 srp 2014 17:11

Zdravím. Mám menší problém se spuštěním nouzového režimu.. nenaběhne ani v jednom z módů.. při restartu klasicky mačkám F8 a dám spustit nouzový režim, začne se načítat a oběví se obrazovka pro přihlášení a v ten okamžik se pc sám restartuje a naběhne normálně. Zkoušel jsem i v nastavení vypnout vynucený restart a nepomohlo to a ani žádnou modrou smrt to nehlásí, tak zasílám log.

ComboFix 14-07-08.01 - Kuba 09.07.2014 15:09:11.1.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2975.1635 [GMT 2:00]
Spuštěný z: c:\users\Kuba\Desktop\ComboFix.exe
AV: ESET Smart Security 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Tasker.lnk
c:\users\Kuba\Documents\~WRD0000.tmp
c:\users\Kuba\Documents\~WRD0001.tmp
c:\windows\Downloaded Program Files\IDropPTB.dll
c:\windows\SysWow64\tmp718.tmp
c:\windows\SysWow64\tmp729.tmp
D:\install.exe
.
c:\windows\explorer.exe . . . je infikován!!
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-09 do 2014-07-09 )))))))))))))))))))))))))))))))
.
.
2014-07-09 08:16 . 2014-07-09 08:16 9310 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2014-07-05 20:30 . 2014-07-05 20:30 -------- d-s---w- c:\windows\SysWow64\Microsoft
2014-07-05 19:18 . 2014-07-05 19:18 -------- d-----w- c:\users\Kuba\AppData\Local\ESET
2014-07-05 07:34 . 2014-07-09 10:23 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-05 07:33 . 2014-07-05 07:33 -------- d-----w- c:\programdata\Malwarebytes
2014-07-05 07:33 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-07-05 07:33 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-07-05 07:33 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-07-04 02:32 . 2014-06-05 10:54 10779000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{104FE974-D995-433C-9A8B-F2C61278D60E}\mpengine.dll
2014-07-02 16:15 . 2014-07-02 16:15 30424 ----a-w- c:\windows\system32\drivers\ggsomc.sys
2014-07-02 16:15 . 2014-07-02 16:15 16088 ----a-w- c:\windows\system32\drivers\ggflt.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-09 00:54 . 2014-05-12 18:21 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 00:54 . 2014-05-12 18:21 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-03 11:38 . 2013-04-04 14:27 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-07-03 11:38 . 2013-04-04 14:27 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-05-29 23:07 . 2014-06-03 08:39 1291232 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-05-29 23:07 . 2013-11-15 10:24 1122312 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-05-29 23:07 . 2014-06-03 08:39 1715176 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-05-29 23:07 . 2013-11-15 10:24 1279480 ----a-w- c:\windows\system32\nvspcap64.dll
2014-05-20 02:44 . 2014-05-26 19:40 9735256 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-05-20 02:44 . 2014-05-26 19:40 9697640 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-05-20 02:44 . 2014-05-26 19:40 895776 ----a-w- c:\windows\system32\NvIFR64.dll
2014-05-20 02:44 . 2014-05-26 19:40 892704 ----a-w- c:\windows\system32\NvFBC64.dll
2014-05-20 02:44 . 2014-05-26 19:40 867784 ----a-w- c:\windows\SysWow64\NvIFR.dll
2014-05-20 02:44 . 2014-05-26 19:40 861128 ----a-w- c:\windows\SysWow64\NvFBC.dll
2014-05-20 02:44 . 2014-05-26 19:40 492376 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2014-05-20 02:44 . 2014-05-26 19:40 416712 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2014-05-20 02:44 . 2014-05-26 19:40 382240 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2014-05-20 02:44 . 2014-05-26 19:40 354016 ----a-w- c:\windows\system32\nvoglshim64.dll
2014-05-20 02:44 . 2014-05-26 19:40 335704 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2014-05-20 02:44 . 2014-05-26 19:40 32544 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2014-05-20 02:44 . 2014-05-26 19:40 3141976 ----a-w- c:\windows\system32\nvcuvid.dll
2014-05-20 02:44 . 2014-05-26 19:40 31387936 ----a-w- c:\windows\system32\nvoglv64.dll
2014-05-20 02:44 . 2014-05-26 19:40 305600 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2014-05-20 02:44 . 2014-05-26 19:40 2953672 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2014-05-20 02:44 . 2014-05-26 19:40 2785568 ----a-w- c:\windows\system32\nvcuvenc.dll
2014-05-20 02:44 . 2014-05-26 19:40 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2014-05-20 02:44 . 2014-05-26 19:40 2412376 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2014-05-20 02:44 . 2014-05-26 19:40 24025376 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2014-05-20 02:44 . 2014-05-26 19:40 1889112 ----a-w- c:\windows\system32\nvdispco6433788.dll
2014-05-20 02:44 . 2014-05-26 19:40 17561544 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2014-05-20 02:44 . 2014-05-26 19:40 16003912 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-05-20 02:44 . 2014-05-26 19:40 1541576 ----a-w- c:\windows\system32\nvdispgenco6433788.dll
2014-05-20 02:44 . 2014-05-26 19:40 12688328 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2014-05-20 02:44 . 2014-05-26 19:40 11644928 ----a-w- c:\windows\system32\nvcuda.dll
2014-05-20 02:44 . 2014-05-26 19:40 11599072 ----a-w- c:\windows\system32\nvopencl.dll
2014-05-20 02:44 . 2014-03-16 10:22 18531568 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-05-20 02:44 . 2013-03-31 14:46 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-05-20 02:44 . 2013-03-31 14:46 17480432 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-05-20 02:44 . 2013-03-31 14:46 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-05-20 02:44 . 2013-02-22 20:20 837056 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2014-05-20 02:44 . 2012-11-01 13:17 952952 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-05-20 02:44 . 2012-11-01 13:17 3109248 ----a-w- c:\windows\system32\nvapi64.dll
2014-05-20 02:44 . 2012-11-01 13:17 166568 ----a-w- c:\windows\system32\nvinitx.dll
2014-05-20 02:44 . 2012-11-01 13:17 146480 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-05-20 01:25 . 2012-11-01 13:17 6769096 ----a-w- c:\windows\system32\nvcpl.dll
2014-05-20 01:25 . 2012-11-01 13:17 3514144 ----a-w- c:\windows\system32\nvsvc64.dll
2014-05-20 01:25 . 2012-11-01 13:17 927520 ----a-w- c:\windows\system32\nvvsvc.exe
2014-05-20 01:25 . 2012-11-01 13:17 76064 ----a-w- c:\windows\system32\nv3dappshextr.dll
2014-05-20 01:25 . 2012-11-01 13:17 62808 ----a-w- c:\windows\system32\nvshext.dll
2014-05-20 01:25 . 2012-11-01 13:17 610592 ----a-w- c:\windows\SysWow64\oemdspif.dll
2014-05-20 01:25 . 2012-11-01 13:17 387528 ----a-w- c:\windows\system32\nvmctray.dll
2014-05-20 01:25 . 2012-11-01 13:17 2560968 ----a-w- c:\windows\system32\nvsvcr.dll
2014-05-20 01:25 . 2012-11-01 13:17 1078616 ----a-w- c:\windows\system32\nv3dappshext.dll
2014-05-14 23:49 . 2012-11-01 13:17 3774821 ----a-w- c:\windows\system32\nvcoproc.bin
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[-] 2009-07-14 . E573BD9AB55C8E333C202B9E255F972E . 1008640 . . [6.1.7600.16385] .. c:\windows\system32\user32.dll
.
[-] 2012-11-01 . 2C9CC9F492CA596B1B9FC1AE5E916356 . 833024 . . [6.1.7600.16385] .. c:\windows\SysWOW64\user32.dll
[7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
.
[-] 2013-09-18 . AF7225890A8869509C12667B4BF50F7F . 2868224 . . [6.1.7600.16385] .. c:\windows\explorer.exe
[-] 2013-09-18 . AF7225890A8869509C12667B4BF50F7F . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[7] 2011-02-26 . E38899074D4951D31B4040E994DD7C8D . 2870784 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[7] 2011-02-26 . 0862495E0C825893DB75EF44FAEA8E93 . 2870272 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[7] 2011-02-26 . 3B69712041F3D63605529BD66DC00C48 . 2871808 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[7] 2011-02-25 . 332FEAB1435662FC6C672E25BEB37BE3 . 2871808 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[7] 2009-10-31 . B8EC4BD49CE8F6FC457721BFC210B67F . 2870272 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[7] 2009-10-31 . 9AAAEC8DAC27AA17B053E6352AD233AE . 2870272 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[7] 2009-08-03 . 700073016DAC1C3D2E7E2CE4223334B6 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[7] 2009-08-03 . F170B4A061C9E026437B193B4D571799 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="d:\programy-instal\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2014-05-23 466656]
"uTorrent"="c:\users\Kuba\AppData\Roaming\uTorrent\uTorrent.exe" [2014-04-21 1266520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2011-12-05 291096]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GamePark klient 2.lnk - d:\programy-instal\GamePark2\gpcl.exe [2012-12-25 442880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\Bluetooth Software\BtwProximityCP.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys;c:\windows\SYSNATIVE\DRIVERS\btwdpan.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;d:\programy-instal\SolidWorks\SolidWorks\swScheduler\DTSCoordinatorService.exe;d:\programy-instal\SolidWorks\SolidWorks\swScheduler\DTSCoordinatorService.exe [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 ggflt;SOMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 ggsomc;SOMC USB Flash Driver;c:\windows\system32\DRIVERS\ggsomc.sys;c:\windows\SYSNATIVE\DRIVERS\ggsomc.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 ekrn;ESET Service;d:\programy-instal\ESET\x86\ekrn.exe;d:\programy-instal\ESET\x86\ekrn.exe [x]
S2 MBAMService;MBAMService;d:\programy-instal\Malwarebytes Anti-Malware\mbamservice.exe;d:\programy-instal\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 mitsijm2011;Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2011;c:\program files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 rtsuvc;Lenovo EasyCamera;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-11 21:47 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-07-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-12 00:54]
.
2014-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-18 08:47]
.
2014-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-18 08:47]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-05-14 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-05-14 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-05-14 440088]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-11-01 8076848]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-11-01 6199344]
"BCSSync"="d:\programy-instal\Office\Office14\BCSSync.exe" [2010-03-13 112512]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-27 12343400]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-05-29 1279480]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-05-29 2352072]
"egui"="d:\programy-instal\ESET\egui.exe" [2014-02-24 5581888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.search.ask.com/?p2=%5EB7N%5EYYYYYY% ... 6spr%253Da
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\Office\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - d:\progra~1\Office\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.10.3.1 192.168.1.1
FF - ProfilePath - c:\users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\yalw9qvp.default\
FF - prefs.js: browser.startup.homepage - www.thecrims.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{D8278076-BC68-4484-9233-6E7F1628B56C} - (no file)
WebBrowser-{434D452D-5637-006A-76A7-7A786E7484D7} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
ShellIconOverlayIdentifiers-{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynLenovoGestureMgr - c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe
HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
AddRemove-1ClickDownload - c:\program files (x86)\FTDownloader.com\uninst.exe
AddRemove-bi_uninstaller - c:\users\Kuba\Local Settings\Application Data\Bundled software uninstaller\biclient.exe
AddRemove-DefaultTab - c:\windows\system32\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\uninstalldt.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-07-09 15:15:55
ComboFix-quarantined-files.txt 2014-07-09 13:15
.
Před spuštěním: Volných bajtů: 56 085 483 520
Po spuštění: Volných bajtů: 57 817 837 568
.
- - End Of File - - 5F9F4EE0F39E05288D6D64B690A09AFC
A36C5E4F47E84449FF07ED3517B43A31

#2 Příspěvek od **vyosek** » 11 srp 2014 17:14

Zdravim

To jste jiz koupil licenci na W7 Profi nebo je to zase cinknuta verze jako ta predchozi W7 Ultimate?? Nebo jste jen zmenil sluvko Ultimate za Profesional??

Ten ComboFix Vam poradil kdo??

#3 Příspěvek od **vyosek** » 11 srp 2014 17:21

Tak jsem si ten log prostudoval znovu a detailneji porovnal s minulym - je uuuplne stejny, POUZE jste zmenil sluvku Ultimate za Profesional - to si z nas hodlate delat srandu nebo vylozene p*del a myslite si, ze na to neprijdeme????

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu