Re: Problem se zamrzanim PC
Napsal: 25 led 2014 13:57
hotovo. novy log z combofixu
ComboFix 14-01-23.02 - Stoky1 25.01.2014 13:41:40.6.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4095.2116 [GMT 1:00]
Spuštěný z: c:\users\Stoky1\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Stoky1\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-25 do 2014-01-25 )))))))))))))))))))))))))))))))
.
.
2014-01-25 12:47 . 2014-01-25 12:47 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2014-01-25 12:47 . 2014-01-25 12:47 -------- d-----w- c:\users\Stoky\AppData\Local\temp
2014-01-25 10:00 . 2014-01-25 11:21 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{25C660F1-8764-4807-B265-C2355C5886EC}\offreg.dll
2014-01-25 09:59 . 2014-01-25 09:59 -------- d-----w- c:\program files (x86)\VS Revo Group
2014-01-24 21:16 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{25C660F1-8764-4807-B265-C2355C5886EC}\mpengine.dll
2014-01-18 11:52 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-18 11:52 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-18 11:52 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-18 11:52 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-18 11:52 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-18 11:52 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-18 11:52 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-18 11:51 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-01-18 11:51 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
2014-01-10 19:07 . 2014-01-10 19:07 -------- d-----w- c:\users\Máma\AppData\Local\Apple
2014-01-10 18:58 . 2014-01-10 18:58 -------- d-----w- c:\users\Máma\AppData\Roaming\AVAST Software
2014-01-05 22:00 . 2014-01-05 22:00 -------- d-----w- c:\users\Stoky1\AppData\Roaming\AVAST Software
2014-01-05 22:00 . 2014-01-05 22:00 79672 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-01-05 22:00 . 2014-01-05 21:59 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-01-05 22:00 . 2014-01-05 21:59 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-01-05 22:00 . 2014-01-05 21:59 1034464 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-01-05 22:00 . 2014-01-05 21:59 422216 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-01-05 22:00 . 2014-01-05 21:59 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-01-05 22:00 . 2014-01-05 21:59 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-01-05 21:59 . 2014-01-05 21:59 334136 ----a-w- c:\windows\system32\aswBoot.exe
2014-01-05 21:59 . 2014-01-05 21:59 43152 ----a-w- c:\windows\avastSS.scr
2014-01-05 21:57 . 2014-01-05 21:57 -------- d-----w- c:\program files\AVAST Software
2014-01-05 21:49 . 2014-01-05 21:49 -------- d-----w- c:\users\Stoky1\AppData\Local\ElevatedDiagnostics
2014-01-05 21:44 . 2014-01-05 21:44 -------- d-s---w- c:\windows\SysWow64\Microsoft
2014-01-05 20:50 . 2014-01-05 20:52 -------- d-----w- C:\AdwCleaner
2014-01-05 20:09 . 2014-01-05 20:09 -------- d-----w- c:\program files (x86)\Argente Software
2014-01-05 19:59 . 2014-01-05 19:59 -------- d-----w- c:\programdata\Iomatic
2014-01-05 17:49 . 2014-01-24 21:15 -------- d-----w- c:\program files (x86)\ARO 2012
2014-01-05 15:05 . 2014-01-05 15:05 -------- d-----w- c:\users\Máma\AppData\Roaming\Apple Computer
2014-01-05 12:49 . 2014-01-05 12:49 -------- d-----w- c:\users\Stoky1\AppData\Local\Apple Computer
2014-01-05 12:49 . 2014-01-05 12:52 -------- d-----w- c:\users\Stoky1\AppData\Roaming\Apple Computer
2014-01-05 12:49 . 2012-08-21 12:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2014-01-05 12:47 . 2014-01-05 12:47 -------- d-----w- c:\program files\iPod
2014-01-05 12:47 . 2014-01-05 12:48 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-05 12:47 . 2014-01-05 12:48 -------- d-----w- c:\program files\iTunes
2014-01-05 12:47 . 2014-01-05 12:48 -------- d-----w- c:\program files (x86)\iTunes
2014-01-05 12:47 . 2014-01-05 12:47 -------- d-----w- c:\programdata\Apple Computer
2014-01-05 12:45 . 2014-01-05 12:45 -------- d-----w- c:\users\Stoky1\AppData\Local\Apple
2014-01-05 12:45 . 2014-01-05 12:45 -------- d-----w- c:\program files (x86)\Apple Software Update
2014-01-05 12:44 . 2014-01-05 12:44 -------- d-----w- c:\program files\Common Files\Apple
2014-01-05 12:43 . 2014-01-05 12:43 -------- d-----w- c:\program files\Bonjour
2014-01-05 12:43 . 2014-01-05 12:43 -------- d-----w- c:\program files (x86)\Bonjour
2014-01-05 12:43 . 2014-01-05 12:47 -------- d-----w- c:\program files (x86)\Common Files\Apple
2014-01-05 12:43 . 2014-01-05 12:44 -------- d-----w- c:\programdata\Apple
2014-01-05 12:22 . 2014-01-05 12:22 -------- d-----w- c:\program files (x86)\AMD AVT
2014-01-05 12:21 . 2014-01-05 12:21 -------- d-----w- c:\program files\AMD
2014-01-05 12:20 . 2014-01-05 12:20 -------- d-----w- c:\programdata\ATI
2014-01-05 11:57 . 2014-01-05 11:58 -------- d-----w- c:\programdata\Package Cache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-18 17:21 . 2011-07-09 08:47 86054176 ----a-w- c:\windows\system32\MRT.exe
2013-12-18 05:13 . 2011-07-09 08:28 270496 ------w- c:\windows\system32\MpSigStub.exe
2013-12-11 22:56 . 2012-04-03 10:15 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 22:56 . 2011-07-09 08:48 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-06 22:07 . 2013-12-06 22:07 78432 ----a-w- c:\windows\system32\atimpc64.dll
2013-12-06 22:07 . 2013-12-06 22:07 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2013-12-06 22:07 . 2013-12-06 22:07 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2013-12-06 22:07 . 2013-12-06 22:07 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2013-12-06 22:04 . 2013-12-06 22:04 143304 ----a-w- c:\windows\system32\atiuxp64.dll
2013-12-06 22:03 . 2013-12-06 22:03 126336 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2013-12-06 22:03 . 2013-12-06 22:03 115512 ----a-w- c:\windows\system32\atiu9p64.dll
2013-12-06 22:02 . 2013-12-06 22:02 98496 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2013-12-06 22:01 . 2013-12-06 22:01 1318552 ----a-w- c:\windows\system32\aticfx64.dll
2013-12-06 22:01 . 2013-12-06 22:01 1100216 ----a-w- c:\windows\SysWow64\aticfx32.dll
2013-12-06 22:00 . 2013-12-06 22:00 9753752 ----a-w- c:\windows\system32\atidxx64.dll
2013-12-06 21:59 . 2013-12-06 21:59 8406024 ----a-w- c:\windows\SysWow64\atidxx32.dll
2013-12-06 21:59 . 2013-12-06 21:59 8287008 ----a-w- c:\windows\SysWow64\atiumdva.dll
2013-12-06 21:58 . 2013-12-06 21:58 6630232 ----a-w- c:\windows\SysWow64\atiumdag.dll
2013-12-06 21:57 . 2013-12-06 21:57 8927704 ----a-w- c:\windows\system32\atiumd6a.dll
2013-12-06 21:56 . 2013-12-06 21:56 7751920 ----a-w- c:\windows\system32\atiumd64.dll
2013-12-06 21:52 . 2013-12-06 21:52 13207552 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2013-12-06 21:38 . 2013-12-06 21:38 230912 ----a-w- c:\windows\system32\clinfo.exe
2013-12-06 21:38 . 2013-12-06 21:38 1187342 ----a-w- c:\windows\system32\amdocl_as64.exe
2013-12-06 21:38 . 2013-12-06 21:38 1061902 ----a-w- c:\windows\system32\amdocl_ld64.exe
2013-12-06 21:38 . 2013-12-06 21:38 995342 ----a-w- c:\windows\SysWow64\amdocl_as32.exe
2013-12-06 21:38 . 2013-12-06 21:38 798734 ----a-w- c:\windows\SysWow64\amdocl_ld32.exe
2013-12-06 21:38 . 2013-12-06 21:38 99840 ----a-w- c:\windows\system32\OpenVideo64.dll
2013-12-06 21:38 . 2013-12-06 21:38 83968 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2013-12-06 21:38 . 2013-12-06 21:38 86528 ----a-w- c:\windows\system32\OVDecode64.dll
2013-12-06 21:38 . 2013-12-06 21:38 73728 ----a-w- c:\windows\SysWow64\OVDecode.dll
2013-12-06 21:37 . 2013-12-06 21:37 29382144 ----a-w- c:\windows\system32\amdocl64.dll
2013-12-06 21:35 . 2013-12-06 21:35 24860160 ----a-w- c:\windows\SysWow64\amdocl.dll
2013-12-06 21:33 . 2013-12-06 21:33 63488 ----a-w- c:\windows\system32\OpenCL.dll
2013-12-06 21:33 . 2013-12-06 21:33 57344 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-12-06 21:26 . 2013-12-06 21:26 129536 ----a-w- c:\windows\system32\coinst_13.251.dll
2013-12-06 21:16 . 2013-12-06 21:16 26352128 ----a-w- c:\windows\system32\atio6axx.dll
2013-12-06 21:13 . 2013-12-06 21:13 368640 ----a-w- c:\windows\system32\atiapfxx.exe
2013-12-06 21:12 . 2013-12-06 21:12 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2013-12-06 21:12 . 2013-12-06 21:12 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2013-12-06 21:12 . 2013-12-06 21:12 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2013-12-06 21:12 . 2013-12-06 21:12 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2013-12-06 21:12 . 2013-12-06 21:12 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
2013-12-06 21:09 . 2013-12-06 21:09 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2013-12-06 20:58 . 2013-12-06 20:58 22157824 ----a-w- c:\windows\SysWow64\atioglxx.dll
2013-12-06 20:53 . 2013-12-06 20:53 442368 ----a-w- c:\windows\system32\atidemgy.dll
2013-12-06 20:53 . 2013-12-06 20:53 31232 ----a-w- c:\windows\system32\atimuixx.dll
2013-12-06 20:53 . 2013-12-06 20:53 588288 ----a-w- c:\windows\system32\atieclxx.exe
2013-12-06 20:52 . 2013-12-06 20:52 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2013-12-06 20:50 . 2013-12-06 20:50 190976 ----a-w- c:\windows\system32\atitmm64.dll
2013-12-06 20:22 . 2013-12-06 20:22 1144320 ----a-w- c:\windows\system32\atiadlxx.dll
2013-12-06 20:22 . 2013-12-06 20:22 825344 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2013-12-06 20:22 . 2013-12-06 20:22 74752 ----a-w- c:\windows\system32\atig6pxx.dll
2013-12-06 20:22 . 2013-12-06 20:22 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2013-12-06 20:22 . 2013-12-06 20:22 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2013-12-06 20:22 . 2013-12-06 20:22 100352 ----a-w- c:\windows\system32\atig6txx.dll
2013-12-06 20:21 . 2013-12-06 20:21 96768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2013-12-06 20:21 . 2013-12-06 20:21 626176 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2013-12-06 20:18 . 2013-12-06 20:18 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2013-12-06 15:49 . 2013-12-06 15:49 51200 ----a-w- c:\windows\system32\kdbsdk64.dll
2013-12-06 15:44 . 2013-12-06 15:44 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
2013-11-27 23:59 . 2013-11-27 23:59 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-27 23:59 . 2013-11-27 23:59 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-27 23:59 . 2013-11-27 23:59 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-27 23:59 . 2013-11-27 23:59 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-27 23:59 . 2013-11-27 23:59 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-27 23:59 . 2013-11-27 23:59 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-27 23:59 . 2013-11-27 23:59 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-27 23:59 . 2013-11-27 23:59 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-27 23:59 . 2013-11-27 23:59 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-27 23:59 . 2013-11-27 23:59 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-27 23:59 . 2013-11-27 23:59 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-27 23:59 . 2013-11-27 23:59 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-27 23:59 . 2013-11-27 23:59 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-27 23:59 . 2013-11-27 23:59 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-27 23:59 . 2013-11-27 23:59 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-27 23:59 . 2013-11-27 23:59 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-27 23:59 . 2013-11-27 23:59 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-27 23:59 . 2013-11-27 23:59 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-27 23:59 . 2013-11-27 23:59 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-27 23:59 . 2013-11-27 23:59 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-27 23:59 . 2013-11-27 23:59 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-27 23:59 . 2013-11-27 23:59 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-27 23:59 . 2013-11-27 23:59 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-27 23:59 . 2013-11-27 23:59 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-27 23:59 . 2013-11-27 23:59 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-27 23:59 . 2013-11-27 23:59 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-27 23:59 . 2013-11-27 23:59 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-27 23:59 . 2013-11-27 23:59 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-27 23:59 . 2013-11-27 23:59 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-27 23:59 . 2013-11-27 23:59 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-27 23:59 . 2013-11-27 23:59 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-27 23:59 . 2013-11-27 23:59 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-27 23:59 . 2013-11-27 23:59 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-27 23:59 . 2013-11-27 23:59 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-27 23:59 . 2013-11-27 23:59 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-27 23:59 . 2013-11-27 23:59 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-27 23:59 . 2013-11-27 23:59 413696 ----a-w- c:\windows\system32\html.iec
2013-11-27 23:59 . 2013-11-27 23:59 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-27 23:59 . 2013-11-27 23:59 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-27 23:59 . 2013-11-27 23:59 30208 ----a-w- c:\windows\system32\licmgr10.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2013-11-16 639352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-12-06 766208]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-05 3764024]
.
c:\users\Stoky1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ICQ7M.lnk - c:\program files (x86)\ICQ7M\ICQ.exe [2013-3-10 127040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 IconUSB;IconUSB;c:\windows\system32\DRIVERS\IconUSB_x64.sys;c:\windows\SYSNATIVE\DRIVERS\IconUSB_x64.sys [x]
R3 IconUSBks;IconUSBks;c:\windows\system32\DRIVERS\IconUSBks_x64.sys;c:\windows\SYSNATIVE\DRIVERS\IconUSBks_x64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI TECHNOLOGIES\ATI.ACE\FUEL\amd64\AODDriver2.sys;c:\program files\ATI TECHNOLOGIES\ATI.ACE\FUEL\amd64\AODDriver2.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 IconUSBsvc;IconUSB Control;c:\program files\IconGlobal\IconUSB_Driver\IconUSBsvc.exe;c:\program files\IconGlobal\IconUSB_Driver\IconUSBsvc.exe [x]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys;c:\windows\SYSNATIVE\DRIVERS\stflt.sys [x]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [x]
S3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-13 08:54 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 22:56]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-05 21:59 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2012-09-07 2777296]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2013-04-03 3684488]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
.
**************************************************************************
.
Celkový čas: 2014-01-25 13:56:22 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-01-25 12:56
ComboFix2.txt 2014-01-25 12:13
ComboFix3.txt 2014-01-25 11:26
.
Před spuštěním: 5 991 104 512
Po spuštění: 5 927 256 064
.
- - End Of File - - 515F4EA08D7BEF80B082EAB9F77E1066
A36C5E4F47E84449FF07ED3517B43A31
ComboFix 14-01-23.02 - Stoky1 25.01.2014 13:41:40.6.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4095.2116 [GMT 1:00]
Spuštěný z: c:\users\Stoky1\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Stoky1\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-25 do 2014-01-25 )))))))))))))))))))))))))))))))
.
.
2014-01-25 12:47 . 2014-01-25 12:47 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2014-01-25 12:47 . 2014-01-25 12:47 -------- d-----w- c:\users\Stoky\AppData\Local\temp
2014-01-25 10:00 . 2014-01-25 11:21 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{25C660F1-8764-4807-B265-C2355C5886EC}\offreg.dll
2014-01-25 09:59 . 2014-01-25 09:59 -------- d-----w- c:\program files (x86)\VS Revo Group
2014-01-24 21:16 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{25C660F1-8764-4807-B265-C2355C5886EC}\mpengine.dll
2014-01-18 11:52 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-18 11:52 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-18 11:52 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-18 11:52 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-18 11:52 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-18 11:52 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-18 11:52 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-18 11:51 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-01-18 11:51 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
2014-01-10 19:07 . 2014-01-10 19:07 -------- d-----w- c:\users\Máma\AppData\Local\Apple
2014-01-10 18:58 . 2014-01-10 18:58 -------- d-----w- c:\users\Máma\AppData\Roaming\AVAST Software
2014-01-05 22:00 . 2014-01-05 22:00 -------- d-----w- c:\users\Stoky1\AppData\Roaming\AVAST Software
2014-01-05 22:00 . 2014-01-05 22:00 79672 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-01-05 22:00 . 2014-01-05 21:59 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-01-05 22:00 . 2014-01-05 21:59 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-01-05 22:00 . 2014-01-05 21:59 1034464 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-01-05 22:00 . 2014-01-05 21:59 422216 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-01-05 22:00 . 2014-01-05 21:59 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-01-05 22:00 . 2014-01-05 21:59 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-01-05 21:59 . 2014-01-05 21:59 334136 ----a-w- c:\windows\system32\aswBoot.exe
2014-01-05 21:59 . 2014-01-05 21:59 43152 ----a-w- c:\windows\avastSS.scr
2014-01-05 21:57 . 2014-01-05 21:57 -------- d-----w- c:\program files\AVAST Software
2014-01-05 21:49 . 2014-01-05 21:49 -------- d-----w- c:\users\Stoky1\AppData\Local\ElevatedDiagnostics
2014-01-05 21:44 . 2014-01-05 21:44 -------- d-s---w- c:\windows\SysWow64\Microsoft
2014-01-05 20:50 . 2014-01-05 20:52 -------- d-----w- C:\AdwCleaner
2014-01-05 20:09 . 2014-01-05 20:09 -------- d-----w- c:\program files (x86)\Argente Software
2014-01-05 19:59 . 2014-01-05 19:59 -------- d-----w- c:\programdata\Iomatic
2014-01-05 17:49 . 2014-01-24 21:15 -------- d-----w- c:\program files (x86)\ARO 2012
2014-01-05 15:05 . 2014-01-05 15:05 -------- d-----w- c:\users\Máma\AppData\Roaming\Apple Computer
2014-01-05 12:49 . 2014-01-05 12:49 -------- d-----w- c:\users\Stoky1\AppData\Local\Apple Computer
2014-01-05 12:49 . 2014-01-05 12:52 -------- d-----w- c:\users\Stoky1\AppData\Roaming\Apple Computer
2014-01-05 12:49 . 2012-08-21 12:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2014-01-05 12:47 . 2014-01-05 12:47 -------- d-----w- c:\program files\iPod
2014-01-05 12:47 . 2014-01-05 12:48 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-05 12:47 . 2014-01-05 12:48 -------- d-----w- c:\program files\iTunes
2014-01-05 12:47 . 2014-01-05 12:48 -------- d-----w- c:\program files (x86)\iTunes
2014-01-05 12:47 . 2014-01-05 12:47 -------- d-----w- c:\programdata\Apple Computer
2014-01-05 12:45 . 2014-01-05 12:45 -------- d-----w- c:\users\Stoky1\AppData\Local\Apple
2014-01-05 12:45 . 2014-01-05 12:45 -------- d-----w- c:\program files (x86)\Apple Software Update
2014-01-05 12:44 . 2014-01-05 12:44 -------- d-----w- c:\program files\Common Files\Apple
2014-01-05 12:43 . 2014-01-05 12:43 -------- d-----w- c:\program files\Bonjour
2014-01-05 12:43 . 2014-01-05 12:43 -------- d-----w- c:\program files (x86)\Bonjour
2014-01-05 12:43 . 2014-01-05 12:47 -------- d-----w- c:\program files (x86)\Common Files\Apple
2014-01-05 12:43 . 2014-01-05 12:44 -------- d-----w- c:\programdata\Apple
2014-01-05 12:22 . 2014-01-05 12:22 -------- d-----w- c:\program files (x86)\AMD AVT
2014-01-05 12:21 . 2014-01-05 12:21 -------- d-----w- c:\program files\AMD
2014-01-05 12:20 . 2014-01-05 12:20 -------- d-----w- c:\programdata\ATI
2014-01-05 11:57 . 2014-01-05 11:58 -------- d-----w- c:\programdata\Package Cache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-18 17:21 . 2011-07-09 08:47 86054176 ----a-w- c:\windows\system32\MRT.exe
2013-12-18 05:13 . 2011-07-09 08:28 270496 ------w- c:\windows\system32\MpSigStub.exe
2013-12-11 22:56 . 2012-04-03 10:15 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 22:56 . 2011-07-09 08:48 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-06 22:07 . 2013-12-06 22:07 78432 ----a-w- c:\windows\system32\atimpc64.dll
2013-12-06 22:07 . 2013-12-06 22:07 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2013-12-06 22:07 . 2013-12-06 22:07 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2013-12-06 22:07 . 2013-12-06 22:07 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2013-12-06 22:04 . 2013-12-06 22:04 143304 ----a-w- c:\windows\system32\atiuxp64.dll
2013-12-06 22:03 . 2013-12-06 22:03 126336 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2013-12-06 22:03 . 2013-12-06 22:03 115512 ----a-w- c:\windows\system32\atiu9p64.dll
2013-12-06 22:02 . 2013-12-06 22:02 98496 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2013-12-06 22:01 . 2013-12-06 22:01 1318552 ----a-w- c:\windows\system32\aticfx64.dll
2013-12-06 22:01 . 2013-12-06 22:01 1100216 ----a-w- c:\windows\SysWow64\aticfx32.dll
2013-12-06 22:00 . 2013-12-06 22:00 9753752 ----a-w- c:\windows\system32\atidxx64.dll
2013-12-06 21:59 . 2013-12-06 21:59 8406024 ----a-w- c:\windows\SysWow64\atidxx32.dll
2013-12-06 21:59 . 2013-12-06 21:59 8287008 ----a-w- c:\windows\SysWow64\atiumdva.dll
2013-12-06 21:58 . 2013-12-06 21:58 6630232 ----a-w- c:\windows\SysWow64\atiumdag.dll
2013-12-06 21:57 . 2013-12-06 21:57 8927704 ----a-w- c:\windows\system32\atiumd6a.dll
2013-12-06 21:56 . 2013-12-06 21:56 7751920 ----a-w- c:\windows\system32\atiumd64.dll
2013-12-06 21:52 . 2013-12-06 21:52 13207552 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2013-12-06 21:38 . 2013-12-06 21:38 230912 ----a-w- c:\windows\system32\clinfo.exe
2013-12-06 21:38 . 2013-12-06 21:38 1187342 ----a-w- c:\windows\system32\amdocl_as64.exe
2013-12-06 21:38 . 2013-12-06 21:38 1061902 ----a-w- c:\windows\system32\amdocl_ld64.exe
2013-12-06 21:38 . 2013-12-06 21:38 995342 ----a-w- c:\windows\SysWow64\amdocl_as32.exe
2013-12-06 21:38 . 2013-12-06 21:38 798734 ----a-w- c:\windows\SysWow64\amdocl_ld32.exe
2013-12-06 21:38 . 2013-12-06 21:38 99840 ----a-w- c:\windows\system32\OpenVideo64.dll
2013-12-06 21:38 . 2013-12-06 21:38 83968 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2013-12-06 21:38 . 2013-12-06 21:38 86528 ----a-w- c:\windows\system32\OVDecode64.dll
2013-12-06 21:38 . 2013-12-06 21:38 73728 ----a-w- c:\windows\SysWow64\OVDecode.dll
2013-12-06 21:37 . 2013-12-06 21:37 29382144 ----a-w- c:\windows\system32\amdocl64.dll
2013-12-06 21:35 . 2013-12-06 21:35 24860160 ----a-w- c:\windows\SysWow64\amdocl.dll
2013-12-06 21:33 . 2013-12-06 21:33 63488 ----a-w- c:\windows\system32\OpenCL.dll
2013-12-06 21:33 . 2013-12-06 21:33 57344 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-12-06 21:26 . 2013-12-06 21:26 129536 ----a-w- c:\windows\system32\coinst_13.251.dll
2013-12-06 21:16 . 2013-12-06 21:16 26352128 ----a-w- c:\windows\system32\atio6axx.dll
2013-12-06 21:13 . 2013-12-06 21:13 368640 ----a-w- c:\windows\system32\atiapfxx.exe
2013-12-06 21:12 . 2013-12-06 21:12 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2013-12-06 21:12 . 2013-12-06 21:12 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2013-12-06 21:12 . 2013-12-06 21:12 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2013-12-06 21:12 . 2013-12-06 21:12 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2013-12-06 21:12 . 2013-12-06 21:12 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
2013-12-06 21:09 . 2013-12-06 21:09 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2013-12-06 20:58 . 2013-12-06 20:58 22157824 ----a-w- c:\windows\SysWow64\atioglxx.dll
2013-12-06 20:53 . 2013-12-06 20:53 442368 ----a-w- c:\windows\system32\atidemgy.dll
2013-12-06 20:53 . 2013-12-06 20:53 31232 ----a-w- c:\windows\system32\atimuixx.dll
2013-12-06 20:53 . 2013-12-06 20:53 588288 ----a-w- c:\windows\system32\atieclxx.exe
2013-12-06 20:52 . 2013-12-06 20:52 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2013-12-06 20:50 . 2013-12-06 20:50 190976 ----a-w- c:\windows\system32\atitmm64.dll
2013-12-06 20:22 . 2013-12-06 20:22 1144320 ----a-w- c:\windows\system32\atiadlxx.dll
2013-12-06 20:22 . 2013-12-06 20:22 825344 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2013-12-06 20:22 . 2013-12-06 20:22 74752 ----a-w- c:\windows\system32\atig6pxx.dll
2013-12-06 20:22 . 2013-12-06 20:22 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2013-12-06 20:22 . 2013-12-06 20:22 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2013-12-06 20:22 . 2013-12-06 20:22 100352 ----a-w- c:\windows\system32\atig6txx.dll
2013-12-06 20:21 . 2013-12-06 20:21 96768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2013-12-06 20:21 . 2013-12-06 20:21 626176 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2013-12-06 20:18 . 2013-12-06 20:18 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2013-12-06 15:49 . 2013-12-06 15:49 51200 ----a-w- c:\windows\system32\kdbsdk64.dll
2013-12-06 15:44 . 2013-12-06 15:44 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
2013-11-27 23:59 . 2013-11-27 23:59 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-27 23:59 . 2013-11-27 23:59 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-27 23:59 . 2013-11-27 23:59 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-27 23:59 . 2013-11-27 23:59 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-27 23:59 . 2013-11-27 23:59 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-27 23:59 . 2013-11-27 23:59 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-27 23:59 . 2013-11-27 23:59 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-27 23:59 . 2013-11-27 23:59 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-27 23:59 . 2013-11-27 23:59 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-27 23:59 . 2013-11-27 23:59 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-27 23:59 . 2013-11-27 23:59 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-27 23:59 . 2013-11-27 23:59 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-27 23:59 . 2013-11-27 23:59 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-27 23:59 . 2013-11-27 23:59 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-27 23:59 . 2013-11-27 23:59 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-27 23:59 . 2013-11-27 23:59 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-27 23:59 . 2013-11-27 23:59 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-27 23:59 . 2013-11-27 23:59 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-27 23:59 . 2013-11-27 23:59 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-27 23:59 . 2013-11-27 23:59 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-27 23:59 . 2013-11-27 23:59 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-27 23:59 . 2013-11-27 23:59 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-27 23:59 . 2013-11-27 23:59 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-27 23:59 . 2013-11-27 23:59 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-27 23:59 . 2013-11-27 23:59 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-27 23:59 . 2013-11-27 23:59 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-27 23:59 . 2013-11-27 23:59 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-27 23:59 . 2013-11-27 23:59 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-27 23:59 . 2013-11-27 23:59 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-27 23:59 . 2013-11-27 23:59 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-27 23:59 . 2013-11-27 23:59 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-27 23:59 . 2013-11-27 23:59 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-27 23:59 . 2013-11-27 23:59 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-27 23:59 . 2013-11-27 23:59 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-27 23:59 . 2013-11-27 23:59 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-27 23:59 . 2013-11-27 23:59 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-27 23:59 . 2013-11-27 23:59 413696 ----a-w- c:\windows\system32\html.iec
2013-11-27 23:59 . 2013-11-27 23:59 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-27 23:59 . 2013-11-27 23:59 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-27 23:59 . 2013-11-27 23:59 30208 ----a-w- c:\windows\system32\licmgr10.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2013-11-16 639352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-12-06 766208]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-05 3764024]
.
c:\users\Stoky1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ICQ7M.lnk - c:\program files (x86)\ICQ7M\ICQ.exe [2013-3-10 127040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 IconUSB;IconUSB;c:\windows\system32\DRIVERS\IconUSB_x64.sys;c:\windows\SYSNATIVE\DRIVERS\IconUSB_x64.sys [x]
R3 IconUSBks;IconUSBks;c:\windows\system32\DRIVERS\IconUSBks_x64.sys;c:\windows\SYSNATIVE\DRIVERS\IconUSBks_x64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI TECHNOLOGIES\ATI.ACE\FUEL\amd64\AODDriver2.sys;c:\program files\ATI TECHNOLOGIES\ATI.ACE\FUEL\amd64\AODDriver2.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 IconUSBsvc;IconUSB Control;c:\program files\IconGlobal\IconUSB_Driver\IconUSBsvc.exe;c:\program files\IconGlobal\IconUSB_Driver\IconUSBsvc.exe [x]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys;c:\windows\SYSNATIVE\DRIVERS\stflt.sys [x]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [x]
S3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-13 08:54 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 22:56]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-05 21:59 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2012-09-07 2777296]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2013-04-03 3684488]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
.
**************************************************************************
.
Celkový čas: 2014-01-25 13:56:22 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-01-25 12:56
ComboFix2.txt 2014-01-25 12:13
ComboFix3.txt 2014-01-25 11:26
.
Před spuštěním: 5 991 104 512
Po spuštění: 5 927 256 064
.
- - End Of File - - 515F4EA08D7BEF80B082EAB9F77E1066
A36C5E4F47E84449FF07ED3517B43A31
pred vasim zasahem pocitac zamrzal cca po deseti az patnacti minutach. ted na nem pracuji jiz od zasahu combofixem bez problemu. takze bych rekl, ze zmena je znacna