AD VIR

Zpráva

rosmegoo · #1 Příspěvek od **rosmegoo** » 24 lis 2015 16:57

ComboFix 15-11-23.01 - Kaloča 24.11.2015 16:35:23.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3071.1416 [GMT 1:00]
Spuštěný z: c:\users\KaloŔa\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files\3964cf05-419e-489b-9c0b-fc2b48c1f12e\19172324-ecf5-4cf0-a809-7e2fac782594.dll
c:\program files\ATI\5d3fae70-f9ce-4f6b-9956-32e234030c12.dll
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-10-24 do 2015-11-24 )))))))))))))))))))))))))))))))
.
.
2015-11-24 13:14 . 2015-10-29 09:46 8991856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{12316ED7-C1D0-40F3-93EA-B45A246BB5C4}\mpengine.dll
2015-11-19 13:25 . 2015-11-19 13:25 69120 ----a-w- c:\windows\system32\nlsbres.dll
2015-11-19 13:25 . 2015-11-19 13:25 6144 ----a-w- c:\windows\system32\kbdgeoqw.dll
2015-11-19 13:25 . 2015-11-19 13:25 6144 ----a-w- c:\windows\system32\KBDAZEL.DLL
2015-11-18 13:28 . 2015-11-24 06:26 -------- d-----w- c:\users\Kaloča\AppData\Roaming\7 Sticky Notes
2015-11-18 13:27 . 2015-11-18 13:27 -------- d-----w- c:\program files\7 Sticky Notes
2015-11-18 13:27 . 2012-10-13 21:20 805376 ----a-w- c:\windows\system32\EditCtlsU.ocx
2015-11-18 13:27 . 2011-08-13 20:06 1031168 ----a-w- c:\windows\system32\ExLVwU.ocx
2015-11-18 13:27 . 2011-05-20 23:02 604672 ----a-w- c:\windows\system32\ExTVwU.ocx
2015-11-18 13:27 . 2009-06-07 08:27 1071088 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2015-11-18 13:27 . 2008-01-19 10:34 554008 ----a-w- c:\windows\system32\dao360.dll
2015-11-18 13:27 . 2005-04-15 14:58 1351392 ----a-w- c:\windows\system32\comctl32.ocx
2015-11-18 13:27 . 2004-03-09 13:45 212240 ----a-w- c:\windows\system32\richtx32.ocx
2015-11-18 13:27 . 2004-03-08 23:00 662288 ----a-w- c:\windows\system32\MSCOMCT2.OCX
2015-11-18 13:27 . 2000-05-22 11:58 140488 ----a-w- c:\windows\system32\comdlg32.ocx
2015-11-18 13:27 . 1998-06-24 00:00 198456 ----a-w- c:\windows\system32\MCI32.OCX
2015-11-15 12:42 . 2015-11-23 21:23 281768 ----a-w- c:\windows\system32\PnkBstrB.xtr
2015-11-12 06:04 . 2015-11-03 17:46 2386944 ----a-w- c:\windows\system32\win32k.sys
2015-11-11 06:30 . 2015-10-29 17:50 5120 ----a-w- c:\windows\system32\shimeng.dll
2015-11-11 06:29 . 2015-09-23 13:09 371920 ----a-w- c:\windows\system32\drivers\cng.sys
2015-11-10 17:29 . 2015-11-21 17:50 -------- d-----w- c:\users\Kaloča\AppData\Roaming\HandBrake
2015-11-10 17:29 . 2015-11-10 17:29 -------- d-----w- c:\program files\Handbrake
2015-11-09 20:30 . 2015-11-09 20:30 -------- d-----w- c:\users\Kaloča\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2015-11-09 20:30 . 2015-11-09 20:30 -------- d-----w- c:\users\Kaloča\AppData\Roaming\Wondershare Video Converter Ultimate
2015-11-09 20:29 . 2015-11-09 20:29 -------- d-----w- c:\users\Kaloča\AppData\Local\Wondershare
2015-11-09 20:29 . 2015-11-09 20:29 -------- d-----w- c:\program files\Common Files\Wondershare
2015-11-09 20:29 . 2015-11-09 20:32 -------- d-----w- c:\programdata\Wondershare Video Converter Ultimate
2015-11-09 20:29 . 2015-11-10 17:23 -------- d-----w- c:\program files\Wondershare
2015-11-09 20:29 . 2015-11-10 17:23 -------- d-----w- c:\programdata\Wondershare
2015-11-07 20:26 . 2015-11-08 23:00 -------- d-----w- c:\users\Kaloča\AppData\Roaming\dclogs
2015-11-07 10:59 . 2015-11-07 10:59 93696 ----a-w- c:\windows\system32\wudriver.dll
2015-11-07 10:59 . 2015-11-07 10:59 73728 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-11-07 10:59 . 2015-11-07 10:59 566784 ----a-w- c:\windows\system32\wuapi.dll
2015-11-07 10:59 . 2015-11-07 10:59 35840 ----a-w- c:\windows\system32\wups2.dll
2015-11-07 10:59 . 2015-11-07 10:59 35328 ----a-w- c:\windows\system32\wuapp.exe
2015-11-07 10:59 . 2015-11-07 10:59 30208 ----a-w- c:\windows\system32\wups.dll
2015-11-07 10:59 . 2015-11-07 10:59 2955776 ----a-w- c:\windows\system32\wucltux.dll
2015-11-07 10:59 . 2015-11-07 10:59 2061824 ----a-w- c:\windows\system32\wuaueng.dll
2015-11-07 10:59 . 2015-11-07 10:59 174080 ----a-w- c:\windows\system32\wuwebv.dll
2015-11-07 10:59 . 2015-11-07 10:59 136192 ----a-w- c:\windows\system32\wuauclt.exe
2015-11-07 10:59 . 2015-11-07 10:59 11776 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-11-05 22:06 . 2015-11-05 22:06 87136 ----a-w- c:\windows\system32\RtNicProp32.dll
2015-11-05 22:06 . 2015-11-05 22:06 730352 ----a-w- c:\windows\system32\drivers\Rt86win7.sys
2015-11-04 12:40 . 2015-11-04 12:40 -------- d-----w- c:\users\Kaloča\AppData\Local\Diagnostics
2015-11-03 06:15 . 2014-12-11 17:47 74240 ----a-w- c:\windows\system32\TSWbPrxy.exe
2015-11-03 06:15 . 2015-07-16 19:12 856064 ----a-w- c:\windows\system32\rdvidcrl.dll
2015-11-03 06:15 . 2015-07-16 19:12 53248 ----a-w- c:\windows\system32\tsgqec.dll
2015-11-03 06:15 . 2015-07-16 19:12 6131200 ----a-w- c:\windows\system32\mstscax.dll
2015-11-03 06:15 . 2015-07-16 15:14 355840 ----a-w- c:\windows\system32\wksprt.exe
2015-11-02 06:12 . 2015-06-09 19:35 2745856 ----a-w- c:\windows\system32\rdpcorets.dll
2015-11-02 06:12 . 2015-06-09 19:35 13824 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2015-11-02 06:12 . 2015-06-09 15:17 221184 ----a-w- c:\windows\system32\rdpudd.dll
2015-10-31 11:58 . 2015-11-04 12:54 -------- d-----w- c:\users\Kaloča\AppData\Local\LogMeIn Hamachi
2015-10-31 11:58 . 2015-10-31 11:58 -------- d-----w- c:\users\Kaloča\AppData\Local\LogMeIn
2015-10-31 11:58 . 2015-10-31 11:58 -------- d-----w- c:\programdata\LogMeIn
2015-10-31 02:11 . 2015-10-31 02:11 -------- d-----w- c:\users\Kaloča\AppData\Roaming\Project Reality
2015-10-31 01:54 . 2015-10-31 01:54 -------- d-----w- c:\users\Kaloča\AppData\Local\Project Reality
2015-10-31 01:50 . 2015-05-23 09:00 912744 ----a-w- c:\windows\system32\pbsvc.exe
2015-10-31 01:49 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2015-10-30 20:00 . 2015-10-30 20:00 -------- d-----w- c:\program files\Sony
2015-10-30 15:05 . 2012-08-23 14:44 14848 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2015-10-30 15:05 . 2012-08-23 11:12 192000 ----a-w- c:\windows\system32\rdpendp_winip.dll
2015-10-30 15:05 . 2013-10-01 23:45 32256 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2015-10-30 15:05 . 2013-10-02 00:32 12800 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-10-30 15:05 . 2013-10-02 00:42 49152 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2015-10-30 15:05 . 2013-10-02 00:30 14336 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-10-30 15:05 . 2013-10-02 00:14 50176 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2015-10-30 15:05 . 2013-10-02 00:14 17920 ----a-w- c:\windows\system32\wksprtPS.dll
2015-10-30 15:05 . 2013-10-01 22:34 1068544 ----a-w- c:\windows\system32\mstsc.exe
2015-10-27 21:02 . 2015-10-27 21:02 -------- d-----w- c:\program files\Common Files\Java
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-11-23 21:23 . 2015-09-16 14:07 139832 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2015-11-23 21:23 . 2015-09-16 14:06 281768 ----a-w- c:\windows\system32\PnkBstrB.exe
2015-11-22 14:57 . 2015-09-16 14:06 281768 ----a-w- c:\windows\system32\PnkBstrB.ex0
2015-11-18 06:26 . 2015-09-03 13:47 780488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-11-18 06:26 . 2015-09-03 13:47 142536 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-11-06 19:47 . 2015-09-01 15:59 435464 ----a-w- c:\windows\system32\drivers\aswsp.sys
2015-11-06 19:47 . 2015-09-01 15:59 794952 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2015-11-05 22:06 . 2015-09-01 19:56 111168 ----a-w- c:\windows\system32\RTNUninst32.dll
2015-10-31 01:51 . 2015-09-16 14:07 138576 ----a-w- c:\users\Kaloča\AppData\Roaming\PnkBstrK.sys
2015-10-31 01:51 . 2015-09-16 14:07 138576 ----a-w- c:\users\Kaloča\AppData\Roaming\PnkBstrK.sys
2015-10-31 01:50 . 2015-09-16 14:06 76152 ----a-w- c:\windows\system32\PnkBstrA.exe
2015-10-29 17:49 . 2015-11-11 06:30 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
2015-10-29 17:49 . 2015-11-11 06:30 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-10-29 17:49 . 2015-11-11 06:30 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-10-29 17:49 . 2015-11-11 06:30 211968 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2015-10-29 17:39 . 2015-11-11 06:30 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-10-27 21:01 . 2015-09-06 19:43 95840 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2015-10-22 05:18 . 2015-10-22 05:18 76952 ----a-w- c:\windows\system32\drivers\AmUStor.sys
2015-10-22 05:18 . 2015-10-22 05:18 19096 ----a-w- c:\windows\system32\AmUStor.dll
2015-10-22 05:18 . 2015-10-22 05:18 1077248 ----a-w- c:\windows\system32\AmRdrIco.icl
2015-10-22 05:12 . 2015-10-22 05:12 38784 ----a-w- c:\windows\system32\drivers\usbcamcl.sys
2015-10-20 00:45 . 2015-11-11 06:30 251392 ----a-w- c:\windows\system32\schannel.dll
2015-10-13 00:29 . 2015-10-13 00:29 875720 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-10-01 17:50 . 2015-10-14 06:56 50176 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-10-01 17:50 . 2015-10-14 06:56 50688 ----a-w- c:\windows\system32\appidapi.dll
2015-10-01 17:50 . 2015-10-14 06:56 28160 ----a-w- c:\windows\system32\appidsvc.dll
2015-10-01 17:50 . 2015-10-14 06:56 96768 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-10-01 17:50 . 2015-10-14 06:56 16896 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2015-10-01 16:53 . 2015-10-14 06:56 50176 ----a-w- c:\windows\system32\drivers\appid.sys
2015-09-30 17:57 . 2015-09-01 15:59 115640 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-09-30 17:57 . 2015-09-01 15:59 49776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-09-30 17:57 . 2015-09-01 15:59 208664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-09-30 17:57 . 2015-09-01 15:59 81728 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-09-30 17:57 . 2015-09-01 15:59 76000 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-09-30 17:57 . 2015-09-01 15:59 24016 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-09-30 17:57 . 2015-10-01 18:54 313472 ----a-w- c:\windows\system32\aswBoot.exe
2015-09-30 17:57 . 2015-09-30 17:57 43112 ----a-w- c:\windows\avastSS.scr
2015-09-30 17:57 . 2015-09-01 15:59 107984 ----a-w- c:\windows\system32\drivers\ngvss.sys
2015-09-18 21:20 . 2015-09-18 21:20 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2015-09-18 21:20 . 2015-09-18 21:20 15872 ----a-w- c:\windows\system32\icaapi.dll
2015-09-18 21:18 . 2015-09-18 21:18 901264 ----a-w- c:\windows\system32\ucrtbase.dll
2015-09-18 21:18 . 2015-09-18 21:18 66400 ----a-w- c:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-09-18 21:18 . 2015-09-18 21:18 14176 ----a-w- c:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-09-18 21:18 . 2015-09-18 21:18 12640 ----a-w- c:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-09-18 21:18 . 2015-09-18 21:18 22368 ----a-w- c:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-09-18 21:18 . 2015-09-18 21:18 19808 ----a-w- c:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-09-18 21:18 . 2015-09-18 21:18 17760 ----a-w- c:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-09-18 21:18 . 2015-09-18 21:18 17760 ----a-w- c:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-09-18 21:18 . 2015-09-18 21:18 16224 ----a-w- c:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-09-18 21:18 . 2015-09-18 21:18 15712 ----a-w- c:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-09-18 21:18 . 2015-09-18 21:18 14176 ----a-w- c:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-09-18 21:18 . 2015-09-18 21:18 13664 ----a-w- c:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-09-18 21:18 . 2015-09-18 21:18 12640 ----a-w- c:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-09-18 21:18 . 2015-09-18 21:18 12640 ----a-w- c:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-09-18 21:18 . 2015-09-18 21:18 12128 ----a-w- c:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-09-18 21:18 . 2015-09-18 21:18 12128 ----a-w- c:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-09-18 21:18 . 2015-09-18 21:18 12128 ----a-w- c:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-09-18 21:18 . 2015-09-18 21:18 12128 ----a-w- c:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-09-18 21:18 . 2015-09-18 21:18 12128 ----a-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-09-18 21:18 . 2015-09-18 21:18 11616 ----a-w- c:\windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-09-18 21:18 . 2015-09-18 21:18 11616 ----a-w- c:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-09-18 21:18 . 2015-09-18 21:18 11616 ----a-w- c:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-09-18 21:18 . 2015-09-18 21:18 11616 ----a-w- c:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-09-18 21:18 . 2015-09-18 21:18 11616 ----a-w- c:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-09-18 17:47 . 2015-10-15 01:16 23384 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-09-18 17:44 . 2015-10-15 01:16 587776 ----a-w- c:\windows\system32\invagent.dll
2015-09-18 17:44 . 2015-10-15 01:16 615936 ----a-w- c:\windows\system32\generaltel.dll
2015-09-18 17:44 . 2015-10-15 01:16 423936 ----a-w- c:\windows\system32\devinv.dll
2015-09-18 17:44 . 2015-10-15 01:16 1120768 ----a-w- c:\windows\system32\appraiser.dll
2015-09-18 17:44 . 2015-10-15 01:16 62976 ----a-w- c:\windows\system32\acmigration.dll
2015-09-18 17:35 . 2015-10-15 01:16 999936 ----a-w- c:\windows\system32\aeinv.dll
2015-09-11 13:31 . 2015-09-11 13:31 25016 ----a-w- c:\windows\system32\drivers\dtlitescsibus.sys
2015-09-04 11:15 . 2015-09-04 11:15 2048 ----a-w- c:\windows\system32\msxml6r.dll
2015-09-04 11:15 . 2015-09-04 11:15 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-09-04 11:15 . 2015-09-04 11:15 1391104 ----a-w- c:\windows\system32\msxml6.dll
2015-09-04 11:15 . 2015-09-04 11:15 1241088 ----a-w- c:\windows\system32\msxml3.dll
2015-09-04 11:14 . 2015-09-04 11:14 67584 ----a-w- c:\windows\system32\dwmapi.dll
2015-09-04 11:14 . 2015-09-04 11:14 1372160 ----a-w- c:\windows\system32\dwmcore.dll
2015-09-04 11:13 . 2015-09-04 11:13 47104 ----a-w- c:\windows\system32\appinfo.dll
2015-09-04 11:13 . 2015-09-04 11:13 1805824 ----a-w- c:\windows\system32\authui.dll
2015-09-04 11:13 . 2015-09-04 11:13 105408 ----a-w- c:\windows\system32\consent.exe
2015-09-04 11:11 . 2015-09-04 11:11 937984 ----a-w- c:\windows\system32\diagtrack.dll
2015-09-04 11:11 . 2015-09-04 11:11 41984 ----a-w- c:\windows\system32\UtcResources.dll
2015-09-04 11:11 . 2015-09-04 11:11 641536 ----a-w- c:\windows\system32\advapi32.dll
2015-09-04 11:11 . 2015-09-04 11:11 635392 ----a-w- c:\windows\system32\tdh.dll
2015-09-04 11:09 . 2015-09-04 11:09 2048 ----a-w- c:\windows\system32\tzres.dll
2015-09-02 11:30 . 2015-09-02 11:30 194048 ----a-w- c:\windows\system32\elshyph.dll
2015-09-02 11:30 . 2015-09-02 11:30 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2015-09-02 11:30 . 2015-09-02 11:30 645120 ----a-w- c:\windows\system32\jsIntl.dll
2015-09-02 11:30 . 2015-09-02 11:30 182272 ----a-w- c:\windows\system32\msls31.dll
2015-09-02 11:30 . 2015-09-02 11:30 62464 ----a-w- c:\windows\system32\tdc.ocx
2015-09-02 11:30 . 2015-09-02 11:30 24576 ----a-w- c:\windows\system32\licmgr10.dll
2015-09-02 11:30 . 2015-09-02 11:30 151552 ----a-w- c:\windows\system32\iexpress.exe
2015-09-02 11:30 . 2015-09-02 11:30 139264 ----a-w- c:\windows\system32\wextract.exe
2015-09-02 11:30 . 2015-09-02 11:30 74240 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2015-09-02 11:30 . 2015-09-02 11:30 36352 ----a-w- c:\windows\system32\imgutil.dll
2015-09-02 11:30 . 2015-09-02 11:30 13312 ----a-w- c:\windows\system32\mshta.exe
2015-09-02 11:30 . 2015-09-02 11:30 111616 ----a-w- c:\windows\system32\IEAdvpack.dll
2015-09-02 11:30 . 2015-09-02 11:30 86016 ----a-w- c:\windows\system32\iesysprep.dll
2015-09-02 11:30 . 2015-09-02 11:30 48640 ----a-w- c:\windows\system32\mshtmler.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-09-30 17:57 696120 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 8"="c:\program files\IObit\Advanced SystemCare 8\ASCTray.exe" [2015-04-08 2429728]
"DAEMON Tools Lite Automount"="c:\program files\DAEMON Tools Lite\DTAgent.exe" [2015-06-18 3576664]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2015-09-17 57864728]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-11-06 6133520]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-08-27 2634872]
"ShadowPlay"="c:\windows\system32\nvspcap.dll" [2015-08-27 1423120]
"ATIModeChange"="Ati2mdxx.exe" [2010-02-10 26112]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2015-10-06 596528]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2015-11-05 14688512]
"Wondershare Helper Compact.exe"="c:\program files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2015-04-28 2086240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
R2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [2015-07-29 2909472]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2015-07-09 327296]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-10-30 102912]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 usbcamcl;Driver for usbcamcl Device;c:\windows\system32\DRIVERS\usbcamcl.sys [2015-10-22 38784]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 ngvss;ngvss; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2015-11-06 794952]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2015-11-06 435464]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2015-09-01 23840]
S2 AdvancedSystemCareService8;Advanced SystemCare Service 8;c:\program files\IObit\Advanced SystemCare 8\ASCService.exe [2015-08-05 821024]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2015-09-30 24016]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2015-09-30 76000]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2015-09-30 115640]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-08-27 921208]
S2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-08-27 1872504]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-08-27 4305016]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService.exe [2015-11-05 266496]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-08-17 409776]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-09-30 220752]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2015-10-22 76952]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-09-30 3219136]
S3 cpuz137;cpuz137;c:\users\KALOA~1\AppData\Local\Temp\cpuz137\cpuz137_x32.sys [x]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1034584]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys [2015-09-11 25016]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-08-27 18552]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2015-08-11 44840]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2015-11-05 730352]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2015-09-01 25768]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc REG_MULTI_SZ DiagTrack
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-11-11 07:02 997704 ----a-w- c:\program files\Google\Chrome\Application\46.0.2490.86\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-11-24 c:\windows\Tasks\641bfb50-07ae-4738-8781-db23fe98a7a4-1-7.job
- c:\program files\CinemaP-1.9cV15.09\641bfb50-07ae-4738-8781-db23fe98a7a4-1-7.exe [2015-09-15 17:30]
.
2015-11-24 c:\windows\Tasks\641bfb50-07ae-4738-8781-db23fe98a7a4-11.job
- c:\program files\CinemaP-1.9cV15.09\641bfb50-07ae-4738-8781-db23fe98a7a4-11.exe [2015-09-15 17:30]
.
2015-11-24 c:\windows\Tasks\641bfb50-07ae-4738-8781-db23fe98a7a4-3.job
- c:\program files\CinemaP-1.9cV15.09\641bfb50-07ae-4738-8781-db23fe98a7a4-3.exe [2015-09-15 17:30]
.
2015-11-24 c:\windows\Tasks\641bfb50-07ae-4738-8781-db23fe98a7a4-5.job
- c:\program files\CinemaP-1.9cV15.09\641bfb50-07ae-4738-8781-db23fe98a7a4-5.exe [2015-09-15 17:31]
.
2015-09-15 c:\windows\Tasks\641bfb50-07ae-4738-8781-db23fe98a7a4-5_user.job
- c:\program files\CinemaP-1.9cV15.09\641bfb50-07ae-4738-8781-db23fe98a7a4-5.exe [2015-09-15 17:31]
.
2015-11-24 c:\windows\Tasks\641bfb50-07ae-4738-8781-db23fe98a7a4-7.job
- c:\program files\CinemaP-1.9cV15.09\641bfb50-07ae-4738-8781-db23fe98a7a4-7.exe [2015-09-15 17:30]
.
2015-11-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-03 06:26]
.
2015-11-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-09-01 15:47]
.
2015-11-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-09-01 15:47]
.
.
------- Doplňkový sken -------
.
TCP: Interfaces\{33B7F41F-1D4A-4E49-BB32-6D85E493E282}: NameServer = 172.23.76.1,172.23.76.254
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_ActiveSetup-installed components - c:\program files\Crossbrowse\Crossbrowse\Application\39.6.2171.95\Installer\chrmstp.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_19_0_0_245_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_19_0_0_245_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\GenArts\Sapphire OFX\Install-{4E41A485-04D4-CF7C-6CE3-27F7BEAE7048}\Data*]
@DACL=
"CTE_32 Name"="467458:{C3B8A1BC-8B18-94D5-AD04-2B3354994626}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\GenArts\Sapphire OFX\Install-{7F91A45B-6B5F-C2EA-301C-C31FD25A9C54}\Data*]
@DACL=
"Templates"="-6:{5FD13A4A-FC54-8A9D-247A-7153B0B91418}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\GenArts\Sapphire OFX\Install-{EC3F6705-85EF-4FB1-4E30-80781324E273}\Data*]
@DACL=
"DefaultSettings"="99:{C6DDA450-F687-55DF-CA23-1A5083308C5D}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectInput\Compatibility\CLIENT2._EXE35FEFABD00088200*]
@DACL=
"MaxDeviceNameLen"="2e7·8b\\0000?Ü?661f "
"NoPollSucceed"="{2462130B-8B7E-5F74-7EA6-BA0F41DC29C6}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\{8AC25C6A-D4B3-FF2F-2A61-C75CA1DB6116}\Install*Loc\VxDs]
@DACL=
"CTE_32 Name"="2457334:{301564B2-67A6-1A66-9C4E-A1FE91DE9752}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\{974B9511-91D5-AEE4-5E77-0AF54DD3BA55}\Install*Loc\VxDs]
@DACL=
"Templates"="2457277:{E1E6CBBC-E7CA-AB6C-D7EB-63563C5B204D}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Install*Loc\xga2-{A92F5E5B-B4F1-654F-E4CD-CC449BFB134C}\Version 1.1]
@DACL=
"dat"="806585365:{750DA440-3B6A-CED6-38E9-181A9AB0356B}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\z*\{{05FF8CB8-4942-FCF6-301D-6930181DE865}}]
@DACL=
"DefaultSettings"="2457355:{37C8840C-72FD-B1F6-4FC1-23A6EF5B6255}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\z*\{{62148CCA-49D6-61B1-542F-6B093502D815}}]
@DACL=
"WinXP"="2048:{83CB76E3-95AF-3149-EB35-9E15F6375F54}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\z*\{{6BB58B63-B471-DBB2-FF15-E5C1604D6F66}}]
@DACL=
"Templates"="4356:{F779BA6E-CD26-8029-A255-1A7CE3781BE4}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\{CDC3AC67-6002-F68B-CA03-2F4165A2203C}*\Install*Loc\xgafp-v6\dat]
@DACL=
"default"="516233924:{A14303D2-EDD1-22B1-012B-892BB8DF5786}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Install VBX*\Current*Version\Install*Loc\xga2-{A92F5E5B-B4F1-654F-E4CD-CC449BFB134C}\Version 3.x]
@DACL=
"dat"="1767914624:{83775E6A-5BEF-6D2D-FE1A-A5636EF5D989}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smase._dll*]
@DACL=
"AplicationGoo"="2eË?941c63ax1¨e4570"
"ChkAppHelp"="{2F9EEFD8-8340-9C9A-33B9-D168C56A26C3}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WinXGA*\Providers*\{D9EBEC66-68A6-092F-CBD1-713C347AA5E0}\Current*Set\xgafp-v6\ver]
@DACL=
"KnownSvcs"="923716667:{587022E4-6B27-F85D-E09D-04EFC710DEC0}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\XBMga*\UUIDs\{4095D633-B840-BCDF-9C91-BBAC89CB046F}\xgafp-v6\Install*Loc]
@DACL=
"{19620715-0001-1211-574574-30001}"="234524143:{E3FE8203-5FB4-9397-06BD-4A9A36192C5E}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\xGenArts\Sapphire OFX\DLL ver*\{A6D90D08-68DD-2B46-E2AC-5782669B2696}]
@DACL=
"CTE_32 Name"="9:{19C42D30-D844-8A07-12A4-E783E7D228F7}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\xGenArts\Sapphire OFX\DLL ver*\{C0984C48-3A57-C216-0D35-7D09B0A0D97E}]
@DACL=
"Templates"="-339:{7E0C5D36-BFDD-4B84-F80D-AAF2A0F840A6}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Realtek\Audio\HDA\RtHDVBg.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\IObit\Advanced SystemCare 8\Monitor.exe
c:\program files\Google\Update\1.3.28.15\GoogleCrashHandler.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\GWX\GWX.exe
c:\windows\system32\sppsvc.exe
c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\conhost.exe
c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
c:\windows\system32\conhost.exe
c:\windows\system32\conhost.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2015-11-24 16:47:43 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-11-24 15:47
.
Před spuštěním: Volných bajtů: 380 032 679 936
Po spuštění: Volných bajtů: 390 901 563 392
.
- - End Of File - - 8CC9420813183B3B3083206D28E0FC58
A36C5E4F47E84449FF07ED3517B43A31

Prosím pomoc

#2 Příspěvek od **Rudy** » 24 lis 2015 18:25

Zdravím!
Proč spouštíte ComboFix, utilitu určenou pouze profesionálům? Hodláte si nabořit systém? Spouštění CF bez předchozí kontroly některou nemazající utilitou je vysoce riskantní. Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

VIRY.CZ

AD VIR

AD VIR

Re: AD VIR