VIRY.CZ

A jeje, zas problemy ComboFixu (diakritika v nazvu uctu)

Dejte CF primo na c:\

Primo na c:\ vytvorte skript a pretahnete jej nad CF

tak teraz to bezalo skoro hodinu. Po automatickom restarte neslo nic pustit a vypisovalo chybu o ktorej ste pisali. Po dalsom restarte uz ide.
Prikladam log. Prosim Vas to mam tak velmi zavireny PC, ked sa to takto zdlhavo riesi? Ci je to komplikovany virus?

ComboFix 12-11-21.01 - Peťo . 11. 2012 0:45.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.3978.2071 [GMT 1:00]
Running from: C:\ComboFix.exe
Command switches used :: C:\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\HPCeeScheduleForPeťo.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69\GEARDIFx.exe
c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\DIFxAPI.dll
c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\DifXInst64.exe
c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\DIFxInstallLog.txt
c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\GEARAspi.dll
c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\GEARAspi64.dll
c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\GEARAspiWDM.inf
c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\gearaspiwdmx64.cat
c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\x64\GEARAspiWDM.sys
c:\windows\SysWow64\%APPDATA%
c:\windows\SysWow64\%APPDATA%\Microsoft\Windows\IETldCache\index.dat
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_bhktiihe
-------\Service_ctumucle
-------\Service_dgsaomgc
-------\Service_ftpizkoo
-------\Service_hoplqdxl
-------\Service_lophmaes
-------\Service_osjxtzsd
.
.
((((((((((((((((((((((((( Files Created from 2012-10-23 to 2012-11-23 )))))))))))))))))))))))))))))))
.
.
2012-11-23 00:31 . 2012-11-23 00:31 76232 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{894EE672-9466-4925-8BCC-960E059B940E}\offreg.dll
2012-11-23 00:28 . 2012-11-23 00:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-22 11:34 . 2012-11-19 00:01 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{894EE672-9466-4925-8BCC-960E059B940E}\mpengine.dll
2012-11-21 21:58 . 2012-11-19 00:01 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-11-21 14:18 . 2012-11-21 14:18 -------- d-----w- c:\programdata\Malwarebytes
2012-11-21 12:41 . 2012-08-07 15:18 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-11-21 12:41 . 2012-08-07 15:18 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{06AE05C8-9640-4CD1-923C-F60B6B95575E}\gapaengine.dll
2012-11-20 22:35 . 2012-11-20 22:36 -------- d-----w- C:\rsit
2012-11-20 22:35 . 2012-11-20 22:36 -------- d-----w- c:\program files\trend micro
2012-11-20 22:24 . 2012-11-21 15:02 -------- d-----w- c:\program files (x86)\Connectify
2012-11-20 22:23 . 2012-11-20 22:28 -------- d-----w- c:\programdata\Connectify
2012-11-20 15:02 . 2012-11-20 15:02 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-11-20 14:00 . 2012-11-20 14:00 31344 ----a-w- c:\windows\system32\drivers\cnnctfy2.sys
2012-11-20 13:54 . 2012-11-20 17:13 -------- d-----w- c:\program files (x86)\Virtual Router
2012-11-19 12:37 . 2012-11-19 12:37 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-11-18 14:58 . 2012-11-18 14:58 -------- d-----w- c:\programdata\PDFC
2012-11-16 13:26 . 2012-11-16 13:26 -------- d-----w- c:\program files (x86)\totalcmd
2012-11-15 18:15 . 2012-11-19 12:39 -------- d-----w- c:\program files (x86)\Microsoft Works
2012-11-15 18:10 . 2012-11-15 18:10 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2012-11-15 18:08 . 2012-11-20 15:31 -------- d-----w- c:\programdata\Microsoft Help
2012-11-15 14:33 . 2012-11-15 14:33 -------- dc----w- c:\windows\system32\DRVSTORE
2012-11-15 14:33 . 2012-08-21 12:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-11-15 14:33 . 2012-11-15 14:33 -------- d-----w- c:\program files\iPod
2012-11-15 14:33 . 2012-11-15 14:33 -------- d-----w- c:\program files\iTunes
2012-11-15 14:33 . 2012-11-15 14:33 -------- d-----w- c:\programdata\Apple Computer
2012-11-15 14:31 . 2012-11-15 14:31 -------- d-----w- c:\program files (x86)\Apple Software Update
2012-11-15 14:30 . 2012-11-15 14:30 -------- d-----w- c:\program files\Common Files\Apple
2012-11-15 14:30 . 2012-11-15 14:30 -------- d-----w- c:\program files\Bonjour
2012-11-15 14:30 . 2012-11-15 14:30 -------- d-----w- c:\program files (x86)\Bonjour
2012-11-15 14:30 . 2012-11-15 14:33 -------- d-----w- c:\program files (x86)\Common Files\Apple
2012-11-15 14:30 . 2012-11-15 14:31 -------- d-----w- c:\programdata\Apple
2012-11-15 02:14 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-15 02:14 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-15 02:14 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-15 02:14 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-15 02:01 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-15 02:01 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-15 02:01 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-15 02:01 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-15 02:01 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-15 02:01 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-15 02:01 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-14 23:07 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-11-14 23:07 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-11-14 23:07 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-11-14 23:07 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-11-14 23:05 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-11-14 23:05 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2012-11-07 19:31 . 2012-11-07 19:31 -------- d-----w- c:\program files (x86)\TeamViewer
2012-11-04 21:18 . 2012-11-04 21:18 -------- d-----r- C:\MSOCache
2012-11-03 13:16 . 2012-11-03 13:16 -------- d-----w- c:\windows\Sun
2012-11-03 13:13 . 2012-11-03 13:13 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-11-03 13:13 . 2012-11-03 13:12 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-11-03 13:13 . 2012-11-03 13:12 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-11-03 13:13 . 2012-11-03 13:13 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-03 13:12 . 2012-11-03 13:12 -------- d-----w- c:\program files (x86)\Java
2012-11-03 12:32 . 2012-11-03 12:31 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-03 12:32 . 2012-11-03 12:31 289768 ----a-w- c:\windows\system32\javaws.exe
2012-11-03 12:32 . 2012-11-03 12:31 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-11-03 12:32 . 2012-11-03 12:31 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-11-03 12:32 . 2012-11-03 12:31 189416 ----a-w- c:\windows\system32\javaw.exe
2012-11-03 12:32 . 2012-11-03 12:31 188904 ----a-w- c:\windows\system32\java.exe
2012-11-03 12:31 . 2012-11-03 12:31 -------- d-----w- c:\program files\Java
2012-11-01 16:03 . 2012-11-01 16:09 -------- d-----w- c:\program files (x86)\Git
2012-11-01 00:09 . 2012-11-21 21:25 -------- d-----w- c:\users\Pe
2012-11-01 00:09 . 2012-11-01 00:09 -------- d-----w- c:\programdata\Ubisoft
2012-10-31 15:35 . 2012-10-31 15:35 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-10-31 15:35 . 2012-10-31 15:35 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-10-31 15:34 . 2012-10-31 15:34 -------- d-----w- c:\program files (x86)\Ubisoft
2012-10-31 12:04 . 2012-10-31 12:04 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-10-31 00:41 . 2012-10-31 00:41 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2012-10-30 20:19 . 2012-10-30 20:19 -------- d-----w- c:\windows\SysWow64\Wat
2012-10-30 20:19 . 2012-10-30 20:19 -------- d-----w- c:\windows\system32\Wat
2012-10-30 20:07 . 2012-11-15 02:02 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-10-30 20:01 . 2012-10-30 20:01 -------- d-----w- c:\program files (x86)\Webteh
2012-10-30 19:44 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-10-30 19:32 . 2012-10-30 19:32 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-10-30 19:32 . 2012-10-30 19:32 -------- d-----r- c:\program files (x86)\Skype
2012-10-30 19:23 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-10-30 19:23 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-10-30 19:23 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-10-30 19:23 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-10-30 19:23 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-10-30 17:15 . 2012-10-30 17:25 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2012-10-30 17:15 . 2012-10-30 17:15 -------- d-----w- c:\program files\Adobe
2012-10-30 17:14 . 2012-10-30 17:15 -------- d-----w- c:\program files\Common Files\Adobe
2012-10-30 17:13 . 2012-10-30 17:13 -------- d-----w- c:\program files (x86)\Adobe Media Player
2012-10-30 17:12 . 2012-10-30 17:12 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2012-10-30 17:05 . 2012-11-01 23:46 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-10-30 16:42 . 2012-10-30 16:42 -------- d-----w- c:\programdata\ACD Systems
2012-10-30 16:42 . 2012-10-30 16:42 -------- d-----w- c:\program files\Common Files\ACD Systems
2012-10-30 16:42 . 2012-10-30 16:42 -------- d-----w- c:\program files\ACD Systems
2012-10-30 16:25 . 2012-10-30 19:53 -------- d-----w- c:\program files (x86)\Google
2012-10-30 15:56 . 2012-10-30 15:56 -------- d-----w- c:\program files\CCleaner
2012-10-30 15:39 . 2012-10-30 15:39 -------- d-----w- c:\program files (x86)\GlobalSCAPE
2012-10-30 15:37 . 2001-09-05 04:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-10-30 15:37 . 2001-09-05 04:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2012-10-30 15:37 . 2001-09-05 04:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-10-30 15:37 . 2001-09-05 04:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2012-10-30 15:37 . 2001-09-05 02:24 610436 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2012-10-30 15:26 . 2012-10-30 17:02 -------- d-----w- c:\program files (x86)\Common Files\Steam
2012-10-30 13:44 . 2012-10-30 21:06 -------- d-----w- c:\programdata\VirtualizedApplications
2012-10-30 13:02 . 2007-07-19 17:14 5073256 ----a-w- c:\windows\system32\d3dx9_35.dll
2012-10-30 12:41 . 2012-10-30 12:41 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-10-30 12:38 . 2012-10-30 12:38 -------- d-----w- c:\programdata\DAEMON Tools Pro
2012-10-30 12:34 . 2012-10-30 12:42 -------- d-----w- c:\programdata\DAEMON Tools Lite
2012-10-30 11:33 . 2012-11-15 18:10 -------- d-----w- c:\program files\Microsoft Office
2012-10-30 11:33 . 2012-10-30 19:38 -------- d-----w- c:\program files (x86)\Microsoft Application Virtualization Client
2012-10-30 11:33 . 2012-10-30 11:33 -------- d-----w- c:\windows\PCHEALTH
2012-10-30 02:16 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-10-30 02:14 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-10-30 02:13 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-10-30 02:11 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
2012-10-29 22:44 . 2012-10-29 22:44 -------- d-----w- c:\programdata\createpart
2012-10-29 22:44 . 2012-10-29 22:44 -------- d-----w- c:\programdata\launcher
2012-10-29 22:44 . 2012-10-29 22:44 -------- d-----w- c:\programdata\explauncher
2012-10-29 22:44 . 2012-10-29 22:44 -------- d-----w- c:\program files (x86)\Paragon Software
2012-10-29 21:47 . 2012-08-20 14:48 19032 ------w- c:\windows\system32\pwdrvio.sys
2012-10-29 21:47 . 2012-08-20 14:48 2966720 ----a-w- c:\windows\system32\pwNative.exe
2012-10-29 21:47 . 2012-08-20 14:48 12384 ------w- c:\windows\system32\pwdspio.sys
2012-10-29 21:47 . 2012-10-29 21:47 -------- d-----w- c:\program files (x86)\MiniTool Partition Wizard Home Edition 7.6.1
2012-10-29 21:40 . 2012-10-29 21:40 -------- d-----w- c:\windows\system32\Macromed
2012-10-29 21:16 . 2012-11-21 23:30 -------- d-----w- c:\program files (x86)\Opera
2012-10-29 20:59 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-10-29 20:59 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-21 10:27 . 2009-07-13 23:19 328704 ----a-w- c:\windows\system32\services.exe
2012-11-20 19:10 . 2012-04-17 05:34 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-20 19:10 . 2012-04-17 05:34 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-30 21:03 . 2012-08-30 21:03 228768 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-30 21:03 . 2012-08-30 21:03 128456 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 94208 ----a-w- c:\users\Peťo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 94208 ----a-w- c:\users\Peťo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 94208 ----a-w- c:\users\Peťo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Connectify"="c:\program files (x86)\Connectify\Connectify.exe" [2012-11-09 4013928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-03-01 56088]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2012-03-14 319360]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-27 291608]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-03-30 636032]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2012-03-15 184704]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2012-03-22 12310616]
"Google Desktop Search"="c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" [2012-10-30 30192]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
.
c:\users\Peťo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Peťo\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-10-18 26643352]
Gmail Notifier Plus.exe [2010-3-22 2088448]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2012-01-31 21:19 75648 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 skxhhchz;skxhhchz;c:\windows\system32\drivers\skxhhchz.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Connectify;Connectify;c:\program files (x86)\Connectify\ConnectifyService.exe [2012-11-09 65536]
R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2012-03-14 152992]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-10 86072]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [2012-02-14 240408]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys [2012-01-31 64312]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe [2012-01-31 477056]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2012-10-30 30192]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-03-15 1420160]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2012-08-20 19032]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2012-08-20 12384]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-30 1255736]
R4 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2012-03-09 117552]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys [2012-03-20 32896]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
S0 MfeEpeOpal;MfeEpeOpal; [x]
S0 MfeEpePc;MfeEpePc; [x]
S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys [2012-11-20 31344]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-10-30 283200]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-03-29 235520]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2012-01-19 106144]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [2012-02-14 193816]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-17 682040]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2012-03-22 372824]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-03-14 365440]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2012-03-16 33560]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-03-01 13592]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-03-07 629984]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-03-28 128280]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-28 165144]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2012-03-21 1327104]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-10-23 2848168]
S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2012-02-03 498352]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-28 363800]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2012-03-20 2694224]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-01-19 158880]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2012-02-03 42816]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2012-01-19 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2012-01-19 339616]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2012-01-19 110752]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2012-01-19 30368]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2012-01-19 167584]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2012-01-19 68256]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2012-01-19 280992]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2012-01-19 550560]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-05 331264]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2012-03-26 14748416]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2012-02-27 173656]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-11-24 648808]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-15 c:\windows\Tasks\HPCeeScheduleForPeťo.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 97792 ----a-w- c:\users\Peťo\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 97792 ----a-w- c:\users\Peťo\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 97792 ----a-w- c:\users\Peťo\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-10-18 21:52 97792 ----a-w- c:\users\Peťo\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-01-19 1016992]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2012-01-19 800416]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-26 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-26 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-26 439064]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2012-03-14 15232]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-03-05 1425408]
.
------- Supplementary Scan -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mDefault_Page_URL = hxxp://www.bing.com?pc=CMNTDF
mStart Page = hxxp://www.bing.com?pc=CMNTDF
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 8.8.8.8 8.8.4.4
FF - ProfilePath - c:\users\Peťo\AppData\Roaming\Mozilla\Firefox\Profiles\aaeejf04.default\
FF - ExtSQL: 2012-10-30 21:50; {3c9761ad-a43d-4447-b924-f5d83cb48063}; g:\programs\Zend Studio 9.0.1\toolbars\firefox
FF - ExtSQL: 2012-10-31 13:41; firebug@software.joehewitt.com; c:\users\PeĂ…ÂĄo\AppData\Roaming\Mozilla\Firefox\Profiles\aaeejf04.default\extensions\firebug@software.joehewitt.com.xpi
FF - ExtSQL: 2012-10-31 13:42; uss-button@uploadscreenshot.com; c:\users\PeĂ…ÂĄo\AppData\Roaming\Mozilla\Firefox\Profiles\aaeejf04.default\extensions\uss-button@uploadscreenshot.com.xpi
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Connectify\ConnectifyD.exe
.
**************************************************************************
.
Completion time: 2012-11-23 01:43:39 - machine was rebooted
ComboFix-quarantined-files.txt 2012-11-23 00:43
ComboFix2.txt 2012-11-22 22:58
ComboFix3.txt 2012-11-21 21:25
.
Pre-Run: 100 267 560 960 bytes free
Post-Run: 100 026 331 136 bytes free
.
- - End Of File - - 272D82DCCF9D1480AFD1AD478B103CA3

Mate\mel jste to velmi velmi zavirovano

Nyni se mi zda OK, jak se chova PC

Dakujem za info a pomoc

Zda sa, ze ide vsetko bez problemov. Netreba uz ziadny log?

Tak jeste uklidime

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Dakujem za info.

Zmenil som ComboFix.exe ktory je na c:\ na Uninstall.exe a po spusteni bezal vkuse dokolecka a stopnut sa mi ho podarilo len cez spravcu uloh. Neodinstaloval sa a stale mam na cecku vela roznych zloziek. Neviete prosim kde je chyba? Dalej som v navode zatial radsej nepokracoval.

Pokracujte dale temi kroky co jsem psal

Tak vsetky dalsie kroky uz prebehli v poriadku. Jedine ako som pisal ten Combofix premenovany sa neodinstaloval.
Pridavam screenshot, ze ako to teraz vyzera na Cecku u mna. Staci mi teraz uz len normalne odstranit tie 2 Uninstall subory?

Ano, jen je smazte, neco tam neprobehlo korektne ale ostatni utility by to mely docistit

ok zmazal som ich. Zda sa, ze vsetko ide ok. Dakujem za Vasu pomoc

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu