Vysoka odezva,odesilani dat neznamo kam neznamo cim

[kuker]

Dobry den mam problem kdyz jsem pripojenej do site mam vysokou odezvu,ktera se projevuje spusobem pravidelnych intervalu(od 6ms do 450ms)kazde 3 vteriny.Zkusil jsem uz hodne,alespon z meho uhlu jakoby mirne pokrocileho uzivatele,kontrola lokalnich disku a systemoveho proverovani cez norton,dale jsem zkusil modem booster8,novirus thanks malware remover free a posledne taky navod na snizeni latence ve win7.Bohuzel nic mi nepomohlo,pokazdy kdyz spustim treba ten novirus nebo kontrolu systemu mi najde v podstate skoro to same,i kdyz jsem to v predesle kontrole a scanu odstranil.Jinak recenu musim mit v pocitaci neco co tyhle tracky a tracked cookies generuje a zatim se mi nepodarilo odstranit nebo zamezit znovu vytvareni tyhle spiny a muj problem pretrvava.
Zminenej "novirus thanks malware remover free" mi vytvoril logy:

NoVirusThanks Malware Remover Free 3.1.0.0
DB version: 594 (28.04.2011)
Report created on 20.8.2013 at 20:40:35
Windows 7 Home Premium 6.1 64-bit
ECKOVICA-PC - eckovica

Scan type: Full Scan
Time elapsed: 00:13:01
Objects scanned: 18685
Threats detected: 6

Files Infected:


Folders Infected:


Registry Values Infected:


Registry Keys Infected:


System Hijacks Found:


IE Hijacks Found:


Hosts File Hijack Found:


Traces Found:

c:\users\eckovica\appdata\local\temp\bitool.dll -> No action taken
c:\users\eckovica\appdata\local\temp\nspe1ad.tmp -> No action taken
c:\windows\temp\cof19d6.tmp -> No action taken
c:\windows\temp\udd1afa.tmp -> No action taken
c:\windows\temp\udda562.tmp -> No action taken
c:\windows\temp\uddfb9c.tmp -> No action taken

End.

Zaznam o odstraneni:

NoVirusThanks Malware Remover Free 3.1.0.0
DB version: 594 (28.04.2011)
Report created on 20.8.2013 at 20:45:26
Windows 7 Home Premium 6.1 64-bit
ECKOVICA-PC - eckovica

Scan type: Full Scan
Time elapsed: 00:13:01
Objects scanned: 18685
Threats detected: 6

Files Infected:


Folders Infected:


Registry Values Infected:


Registry Keys Infected:


System Hijacks Found:


IE Hijacks Found:


Hosts File Hijack Found:


Traces Found:

c:\users\eckovica\appdata\local\temp\bitool.dll -> Deleted
c:\users\eckovica\appdata\local\temp\nspe1ad.tmp -> Deleted
c:\windows\temp\cof19d6.tmp -> Deleted
c:\windows\temp\udd1afa.tmp -> Deleted
c:\windows\temp\udda562.tmp -> Deleted
c:\windows\temp\uddfb9c.tmp -> Deleted

End.


Dalsi scan:

NoVirusThanks Malware Remover Free 3.1.0.0
DB version: 594 (28.04.2011)
Report created on 20.8.2013 at 23:58:22
Windows 7 Home Premium 6.1 64-bit
ECKOVICA-PC - eckovica

Scan type: Quick Scan
Time elapsed: 00:23:23
Objects scanned: 89583
Threats detected: 2

Files Infected:


Folders Infected:


Registry Values Infected:


Registry Keys Infected:


System Hijacks Found:


IE Hijacks Found:


Hosts File Hijack Found:


Traces Found:

c:\users\eckovica\appdata\local\temp\hsprtz7p.exe.part -> No action taken
c:\users\eckovica\appdata\local\temp\_iu14d2n.tmp -> No action taken

End.

Dalsi zaznam o oprave:

NoVirusThanks Malware Remover Free 3.1.0.0
DB version: 594 (28.04.2011)
Report created on 20.8.2013 at 23:59:16
Windows 7 Home Premium 6.1 64-bit
ECKOVICA-PC - eckovica

Scan type: Quick Scan
Time elapsed: 00:23:23
Objects scanned: 89583
Threats detected: 2

Files Infected:


Folders Infected:


Registry Values Infected:


Registry Keys Infected:


System Hijacks Found:


IE Hijacks Found:


Hosts File Hijack Found:


Traces Found:

c:\users\eckovica\appdata\local\temp\hsprtz7p.exe.part -> Deleted
c:\users\eckovica\appdata\local\temp\_iu14d2n.tmp -> Deleted

End.

[Rudy]

Zdravím!
Dejte log RSIT: http://forum.viry.cz/viewtopic.php?f=24&t=130784 .

[kuker]

Jak jsem zminoval v prvnim prispevku zkusil jsem ten modem booster 8,kterej mi podle vytvorenych grafu zvysil rychlost a stabilitu zhruba o 70 procent,pravda je bohuzel takova ze v podstate mam sit dale vytizenou uploadem a odezva se vubec nesnizila.
A v posledni rade jsem zkusil tenhle navod na snizeni latence ve win7 : http://translate.googleusercontent.com/ ... OIkQdN4ZmA

Nic z toho vcetne scanu,antivirovy kontroly a dalsich mych vystrelku nepomohlo,problem je stejny a dal pretrvava.Snazne vas prosim lamu se s tim od soboty od rana,dnes je streda a v podstate jsem s tim nepohnul.Vopred vam dekuji za precteni a rychlou pomoc nez mi klekne sitovka nebo cely pocitac.

[kuker]

Logfile of random's system information tool 1.09 (written by random/random)
Run by eckovica at 2013-08-21 09:54:59
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 75 GB (75%) free of 100 GB
Total RAM: 4094 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:55:05, on 21.8.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Windows\DAODx.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe
C:\Program Files\trend micro\eckovica.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://google.inklineglobal.com/google_mb.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://google.inklineglobal.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.inklineglobal.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.inklineglobal.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.inklineglobal.com/google_mb.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://google.inklineglobal.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\IPSBHO.DLL
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\coIEPlg.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\coIEPlg.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 6131 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\diMaster.dll" /prefetch:1
atieclxx
"taskhost.exe"
taskeng.exe {07270F94-5055-435D-9C35-2E3D69CA86D0}
"C:\Windows\system32\Dwm.exe"
C:\Windows\DAODx.exe
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe" /c /a /s UserSession
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\wuauclt.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\eckovica\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\eckovica\AppData\Roaming\Mozilla\Firefox\Profiles\xj30w73j.default

prefs.js - "browser.startup.homepage" - "http://google.inklineglobal.com/google_mb.html"
prefs.js - "keyword.URL" - "http://www.google.com/cse?cx=partner-pu ... =Search&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=1.1.11]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\coIEPlg.dll [2011-09-22 378736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\IPSBHO.DLL [2013-08-19 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\coIEPlg.dll [2011-09-22 378736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"NoVirusThanks Malware Remover Free Startup"= []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-28 642728]
"NUSB3MON"=C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2009-11-20 106496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-08-21 09:54:59 ----D---- C:\rsit
2013-08-21 09:54:59 ----D---- C:\Program Files\trend micro
2013-08-20 20:24:50 ----D---- C:\Program Files (x86)\NoVirusThanks
2013-08-20 20:00:55 ----D---- C:\Program Files (x86)\TeamViewer
2013-08-20 13:46:21 ----D---- C:\Windows\SYSWOW64\Wat
2013-08-20 13:46:21 ----D---- C:\Windows\system32\Wat
2013-08-20 13:31:11 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-08-20 13:31:11 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-08-20 13:31:11 ----A---- C:\Windows\system32\cdd.dll
2013-08-20 11:25:59 ----A---- C:\Windows\system32\browserchoice.exe
2013-08-20 11:23:39 ----D---- C:\Windows\system32\MRT
2013-08-20 11:23:37 ----A---- C:\Windows\system32\MRT.exe
2013-08-20 11:05:56 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-08-20 11:05:56 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-08-20 11:05:56 ----A---- C:\Windows\system32\fontsub.dll
2013-08-20 11:05:56 ----A---- C:\Windows\system32\atmlib.dll
2013-08-20 11:05:56 ----A---- C:\Windows\system32\atmfd.dll
2013-08-20 11:05:55 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-08-20 10:55:45 ----A---- C:\Windows\SYSWOW64\wmi.dll
2013-08-20 10:55:45 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-08-20 10:55:45 ----A---- C:\Windows\system32\wmi.dll
2013-08-20 10:55:45 ----A---- C:\Windows\system32\imagehlp.dll
2013-08-20 10:55:45 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2013-08-20 10:41:44 ----A---- C:\Windows\system32\ieframe.dll
2013-08-20 10:41:43 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-08-20 10:41:43 ----A---- C:\Windows\system32\urlmon.dll
2013-08-20 10:41:42 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-08-20 10:41:42 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-08-20 10:41:42 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-08-20 10:41:42 ----A---- C:\Windows\system32\wininet.dll
2013-08-20 10:41:42 ----A---- C:\Windows\system32\msfeeds.dll
2013-08-20 10:41:42 ----A---- C:\Windows\system32\iertutil.dll
2013-08-20 10:41:41 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-08-20 10:41:41 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-08-20 10:41:41 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-08-20 10:41:41 ----A---- C:\Windows\system32\jsproxy.dll
2013-08-20 10:41:41 ----A---- C:\Windows\system32\ieui.dll
2013-08-20 10:40:52 ----A---- C:\Windows\system32\shell32.dll
2013-08-20 10:40:50 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-08-20 10:40:50 ----A---- C:\Windows\system32\authui.dll
2013-08-20 10:40:49 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-08-20 10:40:49 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-08-20 10:40:49 ----A---- C:\Windows\system32\shdocvw.dll
2013-08-20 10:40:49 ----A---- C:\Windows\system32\consent.exe
2013-08-20 10:40:49 ----A---- C:\Windows\system32\appinfo.dll
2013-08-20 10:39:57 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-08-20 10:39:57 ----A---- C:\Windows\system32\schannel.dll
2013-08-20 10:39:57 ----A---- C:\Windows\system32\lsasrv.dll
2013-08-20 10:39:57 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-08-20 10:39:57 ----A---- C:\Windows\system32\drivers\cng.sys
2013-08-20 10:39:56 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-08-20 10:39:56 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-08-20 10:39:56 ----A---- C:\Windows\system32\sspisrv.dll
2013-08-20 10:39:56 ----A---- C:\Windows\system32\sspicli.dll
2013-08-20 10:39:56 ----A---- C:\Windows\system32\secur32.dll
2013-08-20 10:39:56 ----A---- C:\Windows\system32\lsass.exe
2013-08-20 10:39:56 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-08-20 10:39:54 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-08-20 10:39:54 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-08-20 10:39:54 ----A---- C:\Windows\system32\wow64win.dll
2013-08-20 10:39:54 ----A---- C:\Windows\system32\winsrv.dll
2013-08-20 10:39:54 ----A---- C:\Windows\system32\KernelBase.dll
2013-08-20 10:39:54 ----A---- C:\Windows\system32\kernel32.dll
2013-08-20 10:39:54 ----A---- C:\Windows\system32\conhost.exe
2013-08-20 10:39:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-20 10:39:53 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-20 10:39:53 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-08-20 10:39:53 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-08-20 10:39:53 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-08-20 10:39:53 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-08-20 10:39:53 ----A---- C:\Windows\system32\ntvdm64.dll
2013-08-20 10:39:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-20 10:39:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-08-20 10:39:52 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-20 10:39:52 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-20 10:39:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-08-20 10:39:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-20 10:39:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-20 10:39:51 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-20 10:39:51 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-20 10:39:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-20 10:39:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-08-20 10:39:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-08-20 10:39:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-20 10:39:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-20 10:39:50 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-20 10:39:50 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-20 10:39:50 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-20 10:39:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-08-20 10:39:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-08-20 10:39:49 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-20 10:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-20 10:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-20 10:39:49 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-20 10:39:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-20 10:39:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-08-20 10:39:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-08-20 10:39:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-08-20 10:39:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-08-20 10:39:48 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-20 10:39:48 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-20 10:39:48 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-20 10:39:48 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-20 10:39:48 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-20 10:39:48 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-20 10:39:48 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-20 10:39:48 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-20 10:39:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-08-20 10:39:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-20 10:39:47 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-20 10:39:47 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-20 10:39:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-08-20 10:39:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-20 10:39:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-08-20 10:39:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-20 10:39:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-08-20 10:39:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-08-20 10:39:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-08-20 10:39:46 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-20 10:39:46 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-08-20 10:39:46 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-20 10:39:46 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-20 10:39:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-08-20 10:39:45 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-20 10:39:45 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-20 10:39:45 ----A---- C:\Windows\SYSWOW64\user.exe
2013-08-20 10:39:45 ----A---- C:\Windows\system32\wow64cpu.dll
2013-08-20 10:39:45 ----A---- C:\Windows\system32\wow64.dll
2013-08-20 10:39:42 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-08-20 10:39:41 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-08-20 10:39:22 ----A---- C:\Windows\system32\msxml6.dll
2013-08-20 10:39:21 ----A---- C:\Windows\system32\msxml3.dll
2013-08-20 10:39:20 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-08-20 10:39:20 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-08-20 10:39:19 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2013-08-20 10:39:19 ----A---- C:\Windows\system32\msxml3r.dll
2013-08-20 10:39:16 ----A---- C:\Windows\system32\drivers\srvnet.sys
2013-08-20 10:39:16 ----A---- C:\Windows\system32\drivers\srv2.sys
2013-08-20 10:39:16 ----A---- C:\Windows\system32\drivers\srv.sys
2013-08-20 10:39:10 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2013-08-20 10:39:10 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2013-08-20 10:39:10 ----A---- C:\Windows\system32\dnsrslvr.dll
2013-08-20 10:39:10 ----A---- C:\Windows\system32\dnscacheugc.exe
2013-08-20 10:39:10 ----A---- C:\Windows\system32\dnsapi.dll
2013-08-20 10:39:06 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-08-20 10:39:06 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-08-20 10:39:06 ----A---- C:\Windows\system32\wintrust.dll
2013-08-20 10:39:06 ----A---- C:\Windows\system32\cryptsvc.dll
2013-08-20 10:39:06 ----A---- C:\Windows\system32\crypt32.dll
2013-08-20 10:39:05 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-08-20 10:39:05 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-08-20 10:39:05 ----A---- C:\Windows\system32\cryptnet.dll
2013-08-20 10:38:43 ----A---- C:\Windows\system32\winresume.exe
2013-08-20 10:38:43 ----A---- C:\Windows\system32\winload.exe
2013-08-20 10:38:43 ----A---- C:\Windows\system32\kdusb.dll
2013-08-20 10:38:43 ----A---- C:\Windows\system32\kdcom.dll
2013-08-20 10:38:43 ----A---- C:\Windows\system32\kd1394.dll
2013-08-20 10:38:36 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-08-20 10:38:36 ----A---- C:\Windows\system32\rpcrt4.dll
2013-08-20 10:38:35 ----A---- C:\Windows\system32\mshtml.dll
2013-08-20 10:38:34 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-08-20 10:38:32 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2013-08-20 10:38:32 ----A---- C:\Windows\system32\dpnet.dll
2013-08-20 10:38:31 ----A---- C:\Windows\system32\psisdecd.dll
2013-08-20 10:38:30 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2013-08-20 10:38:28 ----A---- C:\Windows\SYSWOW64\webio.dll
2013-08-20 10:38:28 ----A---- C:\Windows\system32\webio.dll
2013-08-20 10:38:26 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2013-08-20 10:38:26 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2013-08-20 10:38:26 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2013-08-20 10:38:20 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2013-08-20 10:38:20 ----A---- C:\Windows\system32\sbe.dll
2013-08-20 10:38:20 ----A---- C:\Windows\system32\CPFilters.dll
2013-08-20 10:38:19 ----A---- C:\Windows\SYSWOW64\sbe.dll
2013-08-20 10:38:16 ----A---- C:\Windows\system32\drivers\afd.sys
2013-08-20 10:38:15 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-08-20 10:38:15 ----A---- C:\Windows\system32\win32spl.dll
2013-08-20 10:38:13 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-08-20 10:38:13 ----A---- C:\Windows\system32\qedit.dll
2013-08-20 10:38:03 ----A---- C:\Windows\SYSWOW64\synceng.dll
2013-08-20 10:38:03 ----A---- C:\Windows\system32\synceng.dll
2013-08-20 10:38:01 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-08-20 10:37:55 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-08-20 10:37:55 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-08-20 10:37:55 ----A---- C:\Windows\system32\tsgqec.dll
2013-08-20 10:37:55 ----A---- C:\Windows\system32\mstscax.dll
2013-08-20 10:37:55 ----A---- C:\Windows\system32\aaclient.dll
2013-08-20 10:37:54 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-08-20 10:37:43 ----A---- C:\Windows\system32\drivers\partmgr.sys
2013-08-20 10:37:41 ----A---- C:\Windows\SYSWOW64\quartz.dll
2013-08-20 10:37:41 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2013-08-20 10:37:41 ----A---- C:\Windows\system32\quartz.dll
2013-08-20 10:37:40 ----A---- C:\Windows\system32\qdvd.dll
2013-08-20 10:37:39 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-08-20 10:37:39 ----A---- C:\Windows\system32\vbscript.dll
2013-08-20 10:37:39 ----A---- C:\Windows\system32\jscript.dll
2013-08-20 10:37:38 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-08-20 10:37:37 ----A---- C:\Windows\system32\mfc42u.dll
2013-08-20 10:37:37 ----A---- C:\Windows\system32\mfc42.dll
2013-08-20 10:37:36 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2013-08-20 10:37:36 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2013-08-20 10:37:17 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-08-20 10:37:17 ----A---- C:\Windows\system32\tzres.dll
2013-08-20 10:37:10 ----A---- C:\Windows\system32\rdrmemptylst.exe
2013-08-20 10:37:10 ----A---- C:\Windows\system32\rdpwsx.dll
2013-08-20 10:37:10 ----A---- C:\Windows\system32\rdpcorekmts.dll
2013-08-20 10:36:29 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2013-08-20 10:36:29 ----A---- C:\Windows\system32\kerberos.dll
2013-08-20 10:36:04 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2013-08-20 10:36:04 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2013-08-20 10:36:04 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2013-08-20 10:36:04 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2013-08-20 10:36:04 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2013-08-20 10:36:04 ----A---- C:\Windows\system32\odbctrac.dll
2013-08-20 10:36:04 ----A---- C:\Windows\system32\odbccu32.dll
2013-08-20 10:36:04 ----A---- C:\Windows\system32\odbccr32.dll
2013-08-20 10:36:04 ----A---- C:\Windows\system32\odbccp32.dll
2013-08-20 10:35:57 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-08-20 10:35:57 ----A---- C:\Windows\system32\ncrypt.dll
2013-08-20 10:35:43 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2013-08-20 10:35:43 ----A---- C:\Windows\system32\poqexec.exe
2013-08-20 10:35:40 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-08-20 10:35:37 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2013-08-20 10:35:37 ----A---- C:\Windows\system32\rdpcore.dll
2013-08-20 10:35:36 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2013-08-20 10:35:32 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2013-08-20 10:35:30 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-08-20 10:34:00 ----A---- C:\Windows\SYSWOW64\certutil.exe
2013-08-20 10:34:00 ----A---- C:\Windows\system32\certutil.exe
2013-08-20 10:33:58 ----A---- C:\Windows\SYSWOW64\certenc.dll
2013-08-20 10:33:58 ----A---- C:\Windows\system32\certenc.dll
2013-08-20 10:32:06 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2013-08-20 10:32:06 ----A---- C:\Windows\system32\inetcomm.dll
2013-08-20 10:32:03 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2013-08-20 10:32:02 ----A---- C:\Windows\system32\cdosys.dll
2013-08-20 10:31:50 ----A---- C:\Windows\system32\win32k.sys
2013-08-20 10:31:49 ----A---- C:\Windows\system32\FXSCOVER.exe
2013-08-20 10:31:44 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2013-08-20 10:31:44 ----A---- C:\Windows\system32\msvcrt.dll
2013-08-20 10:31:39 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2013-08-20 10:31:39 ----A---- C:\Windows\SYSWOW64\devobj.dll
2013-08-20 10:31:39 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2013-08-20 10:31:39 ----A---- C:\Windows\system32\umpnpmgr.dll
2013-08-20 10:31:38 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2013-08-20 10:31:32 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2013-08-20 10:31:32 ----A---- C:\Windows\SYSWOW64\browcli.dll
2013-08-20 10:31:32 ----A---- C:\Windows\system32\netapi32.dll
2013-08-20 10:31:32 ----A---- C:\Windows\system32\browser.dll
2013-08-20 10:31:32 ----A---- C:\Windows\system32\browcli.dll
2013-08-20 10:31:25 ----A---- C:\Windows\system32\taskhost.exe
2013-08-20 10:24:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-08-20 10:24:09 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-08-20 10:24:09 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-08-20 10:24:09 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-08-20 10:24:09 ----A---- C:\Windows\system32\smss.exe
2013-08-20 10:24:09 ----A---- C:\Windows\system32\csrsrv.dll
2013-08-20 10:23:36 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-08-20 10:23:36 ----A---- C:\Windows\system32\DWrite.dll
2013-08-20 10:23:35 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-08-20 10:23:35 ----A---- C:\Windows\system32\ntdll.dll
2013-08-20 10:23:13 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-08-20 10:23:13 ----A---- C:\Windows\system32\drivers\netio.sys
2013-08-20 10:23:13 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-08-20 10:23:12 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2013-08-20 10:23:12 ----A---- C:\Windows\system32\EncDec.dll
2013-08-20 10:23:09 ----A---- C:\Windows\system32\localspl.dll
2013-08-20 10:23:08 ----A---- C:\Windows\system32\drivers\bowser.sys
2013-08-20 10:23:07 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2013-08-20 10:23:07 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2013-08-20 10:23:07 ----A---- C:\Windows\system32\oleaut32.dll
2013-08-20 10:23:07 ----A---- C:\Windows\system32\oleacc.dll
2013-08-20 10:23:05 ----A---- C:\Windows\SYSWOW64\packager.dll
2013-08-20 10:23:05 ----A---- C:\Windows\system32\packager.dll
2013-08-20 10:09:28 ----A---- C:\Windows\system32\wups2.dll
2013-08-20 10:09:28 ----A---- C:\Windows\system32\wucltux.dll
2013-08-20 10:09:28 ----A---- C:\Windows\system32\wuaueng.dll
2013-08-20 10:09:28 ----A---- C:\Windows\system32\wuauclt.exe
2013-08-20 10:09:22 ----A---- C:\Windows\system32\wups.dll
2013-08-20 10:09:22 ----A---- C:\Windows\system32\wudriver.dll
2013-08-20 10:09:22 ----A---- C:\Windows\system32\wuapi.dll
2013-08-20 10:09:14 ----A---- C:\Windows\system32\wuwebv.dll
2013-08-20 10:09:14 ----A---- C:\Windows\system32\wuapp.exe
2013-08-20 08:34:57 ----D---- C:\ProgramData\Symantec
2013-08-19 22:51:08 ----D---- C:\Users\eckovica\AppData\Roaming\Macromedia
2013-08-19 22:51:08 ----D---- C:\Users\eckovica\AppData\Roaming\Adobe
2013-08-19 22:50:47 ----D---- C:\Windows\SYSWOW64\Macromed
2013-08-19 22:50:47 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-08-19 22:50:46 ----D---- C:\Windows\system32\Macromed
2013-08-19 22:35:02 ----D---- C:\Windows\Panther
2013-08-19 22:34:52 ----RASH---- C:\BOOTSECT.BAK
2013-08-19 22:34:50 ----SHD---- C:\Boot
2013-08-19 22:32:52 ----D---- C:\Users\eckovica\AppData\Roaming\Mozilla
2013-08-19 22:32:48 ----D---- C:\ProgramData\Mozilla
2013-08-19 22:32:48 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-19 22:32:46 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-08-19 22:27:31 ----A---- C:\Windows\SYSWOW64\unrar.dll
2013-08-19 22:27:31 ----A---- C:\Windows\avisplitter.ini
2013-08-19 22:27:30 ----A---- C:\Windows\SYSWOW64\yv12vfw.dll
2013-08-19 22:27:30 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2013-08-19 22:27:30 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2013-08-19 22:27:29 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2013-08-19 22:27:28 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2013-08-19 22:24:16 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2013-08-19 22:24:12 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2013-08-19 22:14:16 ----D---- C:\Users\eckovica\AppData\Roaming\DAEMON Tools Lite
2013-08-19 22:14:16 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-08-19 22:12:56 ----D---- C:\Program Files (x86)\7-Zip
2013-08-19 22:12:07 ----D---- C:\Users\eckovica\AppData\Roaming\vlc
2013-08-19 22:11:48 ----D---- C:\Program Files (x86)\VideoLAN
2013-08-19 22:05:29 ----D---- C:\Program Files (x86)\NEC Electronics
2013-08-19 22:04:34 ----D---- C:\Program Files\DIFX
2013-08-19 22:04:29 ----DC---- C:\Windows\system32\DRVSTORE
2013-08-19 22:04:29 ----A---- C:\Windows\system32\drivers\usbfilter.sys
2013-08-19 22:04:28 ----D---- C:\Program Files (x86)\AMD
2013-08-19 22:04:18 ----A---- C:\Windows\system32\drivers\AtiPcie.sys
2013-08-19 22:02:34 ----D---- C:\Users\eckovica\AppData\Roaming\ATI
2013-08-19 22:02:34 ----D---- C:\ProgramData\ATI
2013-08-19 22:00:52 ----D---- C:\Program Files (x86)\AMD AVT
2013-08-19 22:00:50 ----D---- C:\Program Files (x86)\AMD APP
2013-08-19 22:00:46 ----D---- C:\Program Files\Common Files\ATI Technologies
2013-08-19 22:00:13 ----D---- C:\ProgramData\AMD
2013-08-19 21:59:37 ----D---- C:\Program Files (x86)\ATI Technologies
2013-08-19 21:57:33 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-08-19 21:56:25 ----D---- C:\Program Files\ATI Technologies
2013-08-19 21:56:24 ----D---- C:\Program Files\ATI
2013-08-19 21:55:50 ----D---- C:\AMD
2013-08-19 21:48:02 ----RA---- C:\Windows\system32\drivers\SymIMV.sys
2013-08-19 21:48:00 ----D---- C:\Program Files\Symantec
2013-08-19 21:48:00 ----D---- C:\Program Files\Common Files\Symantec Shared
2013-08-19 21:48:00 ----A---- C:\Windows\system32\drivers\SYMEVENT64x86.SYS
2013-08-19 21:47:42 ----D---- C:\Windows\system32\drivers\NISx64
2013-08-19 21:47:41 ----D---- C:\Program Files (x86)\Norton Internet Security
2013-08-19 21:47:40 ----D---- C:\ProgramData\Norton
2013-08-19 21:46:51 ----SHD---- C:\Windows\Installer
2013-08-19 21:46:29 ----D---- C:\ProgramData\NortonInstaller
2013-08-19 21:46:29 ----D---- C:\Program Files (x86)\NortonInstaller
2013-08-19 21:44:40 ----A---- C:\Windows\system32\RTNUninst64.dll
2013-08-19 21:44:40 ----A---- C:\Windows\system32\RtNicProp64.dll
2013-08-19 21:44:40 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2013-08-19 21:44:18 ----D---- C:\Program Files (x86)\Realtek
2013-08-19 21:44:17 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-08-19 21:43:37 ----A---- C:\Windows\Language_trs.ini
2013-08-19 21:43:32 ----A---- C:\Windows\Ascd_tmp.ini
2013-08-19 21:42:34 ----D---- C:\Users\eckovica\AppData\Roaming\Identities
2013-08-19 21:42:21 ----SD---- C:\Users\eckovica\AppData\Roaming\Microsoft
2013-08-19 21:42:21 ----D---- C:\Users\eckovica\AppData\Roaming\Media Center Programs
2013-08-19 21:42:15 ----SHD---- C:\Recovery
2013-08-19 21:42:15 ----SHD---- C:\ProgramData\Šablony
2013-08-19 21:42:15 ----SHD---- C:\ProgramData\Plocha
2013-08-19 21:42:15 ----SHD---- C:\ProgramData\Oblíbené položky
2013-08-19 21:42:15 ----SHD---- C:\ProgramData\Nabídka Start
2013-08-19 21:42:15 ----SHD---- C:\ProgramData\Dokumenty
2013-08-19 21:42:15 ----SHD---- C:\ProgramData\Data aplikací
2013-08-19 21:38:31 ----D---- C:\Windows\SoftwareDistribution
2013-08-19 21:36:23 ----D---- C:\Windows\Prefetch
2013-08-19 21:35:49 ----ASH---- C:\pagefile.sys
2013-08-19 21:35:48 ----SHD---- C:\System Volume Information
2013-08-19 21:35:48 ----ASH---- C:\hiberfil.sys

======List of files/folders modified in the last 1 month======

2013-08-21 09:55:00 ----D---- C:\Windows\Temp
2013-08-21 09:54:59 ----RD---- C:\Program Files
2013-08-21 09:29:59 ----D---- C:\Windows\system32\config
2013-08-21 09:22:06 ----D---- C:\Windows\System32
2013-08-21 09:22:06 ----D---- C:\Windows\inf
2013-08-21 09:22:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-08-20 23:31:15 ----RD---- C:\Program Files (x86)
2013-08-20 23:31:15 ----HD---- C:\ProgramData
2013-08-20 22:34:21 ----D---- C:\Windows\system32\NDF
2013-08-20 22:29:55 ----SD---- C:\ProgramData\Microsoft
2013-08-20 21:57:06 ----D---- C:\Windows\system32\Tasks
2013-08-20 21:47:28 ----D---- C:\Windows\winsxs
2013-08-20 20:45:24 ----D---- C:\Windows\system32\catroot2
2013-08-20 20:14:32 ----D---- C:\Windows\Logs
2013-08-20 20:01:01 ----RSD---- C:\Windows\Fonts
2013-08-20 16:46:07 ----D---- C:\Program Files (x86)\Common Files
2013-08-20 16:18:48 ----D---- C:\Windows
2013-08-20 16:11:31 ----D---- C:\Windows\SysWOW64
2013-08-20 15:34:35 ----D---- C:\Windows\rescache
2013-08-20 13:44:21 ----D---- C:\Windows\system32\catroot
2013-08-20 13:31:58 ----D---- C:\Windows\system32\drivers
2013-08-20 13:21:02 ----D---- C:\Windows\Microsoft.NET
2013-08-20 13:20:48 ----RSD---- C:\Windows\assembly
2013-08-20 13:10:51 ----D---- C:\Windows\system32\DriverStore
2013-08-20 13:08:04 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-08-20 13:08:04 ----D---- C:\Windows\system32\cs-CZ
2013-08-20 13:08:04 ----D---- C:\Program Files\Common Files\System
2013-08-20 13:08:03 ----D---- C:\Windows\SYSWOW64\migration
2013-08-20 13:08:03 ----D---- C:\Windows\system32\migration
2013-08-20 13:08:03 ----D---- C:\Program Files\Windows Defender
2013-08-20 13:08:03 ----D---- C:\Program Files\Internet Explorer
2013-08-20 13:08:03 ----D---- C:\Program Files (x86)\Windows Defender
2013-08-20 13:08:03 ----D---- C:\Program Files (x86)\Internet Explorer
2013-08-20 13:08:01 ----D---- C:\Windows\AppPatch
2013-08-20 13:08:00 ----D---- C:\Windows\system32\Boot
2013-08-20 13:08:00 ----D---- C:\Program Files\Windows Journal
2013-08-20 11:23:39 ----D---- C:\Windows\debug
2013-08-20 10:12:39 ----D---- C:\Program Files\Windows Media Player
2013-08-20 10:12:39 ----D---- C:\Program Files\DVD Maker
2013-08-20 10:12:38 ----D---- C:\Windows\system32\wbem
2013-08-20 10:12:38 ----D---- C:\Windows\PolicyDefinitions
2013-08-20 07:51:31 ----D---- C:\Windows\system32\wdi
2013-08-19 22:50:48 ----D---- C:\Windows\Tasks
2013-08-19 22:00:46 ----D---- C:\Program Files\Common Files
2013-08-19 21:59:36 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-08-19 21:57:34 ----D---- C:\Windows\SYSWOW64\en-US
2013-08-19 21:57:34 ----D---- C:\Windows\system32\en-US
2013-08-19 21:50:22 ----D---- C:\Windows\system32\CodeIntegrity
2013-08-19 21:44:09 ----D---- C:\Windows\system32\restore
2013-08-19 21:43:32 ----D---- C:\Windows\SYSWOW64\drivers
2013-08-19 21:42:31 ----SHD---- C:\$Recycle.Bin
2013-08-19 21:42:21 ----RD---- C:\Users
2013-08-19 21:42:15 ----D---- C:\Program Files\Windows NT
2013-08-19 21:39:23 ----D---- C:\Windows\system32\sysprep

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2012-12-26 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1008030.006\SYMEFA64.SYS [2013-08-19 402992]
R1 BHDrvx64;Symantec Heuristics Driver; C:\Windows\System32\Drivers\NISx64\1008030.006\BHDrvx64.sys [2010-01-20 334384]
R1 ccHP;Symantec Hash Provider; C:\Windows\System32\Drivers\NISx64\1008030.006\ccHPx64.sys [2013-08-20 561800]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-08-19 254528]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2013-08-16 484952]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20130820.001\IDSvia64.sys [2013-08-14 520280]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1008030.006\SRTSPX64.SYS [2013-08-19 32304]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2013-08-19 31280]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\Windows\System32\Drivers\NISx64\1008030.006\SYMTDI.SYS [2011-09-22 279160]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-09-28 10697216]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-09-28 460288]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-08-16 139864]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20130820.025\ENG64.SYS [2013-08-19 126040]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20130820.025\EX64.SYS [2013-08-19 2098776]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2009-11-20 75776]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2009-11-20 177152]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-02-01 325152]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NISx64\1008030.006\SRTSP64.SYS [2013-08-19 476720]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2013-08-19 172592]
R3 SYMFW;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NISx64\1008030.006\SYMFW.SYS [2011-09-22 120952]
R3 SYMNDISV;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NISx64\1008030.006\SYMNDISV.SYS [2011-09-22 56952]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-09-28 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-09-28 361984]
R2 Norton Internet Security;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe [2011-09-22 117648]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-08-07 4308320]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-14 117656]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-07-27 563624]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-20 1255736]

-----------------EOF-----------------

[kuker]

Dnes jsem bohuzel v praci ale zhruba kazdych 15.20 minut odbehnu zkontrolovat tohle forum a naslouchat vasim radam.Jenom mne nesmi videt sef,drzte mi palce a dekuju za okamzity zajem a reseni meho problemu.

[Rudy]

Ještě porosím o log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

[kuker]

V konfiguraci to vase upozorneni nedokazu najit neboli prepnout do install modu,ale v zakladnim menu vidim ochrana pred spywarem zapnuto.Cize tuhle sluzbu staci vypnout a muzu pokracovat combofixem?

[Rudy]

Ano, vypněte a pokračujte.

[kuker]

ComboFix 13-08-20.01 - eckovica 21.08.2013 10:25:26.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4094.3054 [GMT 2:00]
Spuštěný z: c:\users\eckovica\Downloads\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
D:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-07-21 do 2013-08-21 )))))))))))))))))))))))))))))))
.
.
2013-08-21 08:28 . 2013-08-21 08:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-21 07:54 . 2013-08-21 07:55 -------- d-----w- C:\rsit
2013-08-21 07:54 . 2013-08-21 07:55 -------- d-----w- c:\program files\trend micro
2013-08-20 18:24 . 2013-08-20 18:24 -------- d-----w- c:\program files (x86)\NoVirusThanks
2013-08-20 18:00 . 2013-08-20 18:00 -------- d-----w- c:\program files (x86)\TeamViewer
2013-08-20 14:46 . 2013-08-20 14:46 -------- d-----w- c:\program files (x86)\Common Files\Steam
2013-08-20 11:46 . 2013-08-20 11:46 -------- d-----w- c:\windows\SysWow64\Wat
2013-08-20 11:46 . 2013-08-20 11:46 -------- d-----w- c:\windows\system32\Wat
2013-08-20 11:31 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-08-20 11:31 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-08-20 11:31 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll
2013-08-20 09:25 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2013-08-20 09:23 . 2013-08-20 09:24 -------- d-----w- c:\windows\system32\MRT
2013-08-20 09:05 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-08-20 09:05 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-08-20 09:05 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-08-20 09:05 . 2010-09-30 10:41 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-08-20 09:05 . 2010-09-30 06:47 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-08-20 09:05 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-08-20 08:55 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-08-20 08:55 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-08-20 08:55 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-08-20 08:55 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-08-20 08:55 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-08-20 08:40 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-08-20 08:40 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll
2013-08-20 08:40 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
2013-08-20 08:40 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-08-20 08:40 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-08-20 08:40 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-08-20 08:38 . 2011-02-05 17:06 566208 ----a-w- c:\windows\system32\winresume.efi
2013-08-20 08:37 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2013-08-20 08:36 . 2012-08-11 00:56 715776 ----a-w- c:\windows\system32\kerberos.dll
2013-08-20 08:36 . 2012-08-10 23:56 542208 ----a-w- c:\windows\SysWow64\kerberos.dll
2013-08-20 08:36 . 2011-06-15 10:02 212992 ----a-w- c:\windows\system32\odbctrac.dll
2013-08-20 08:36 . 2011-06-15 10:02 163840 ----a-w- c:\windows\system32\odbccp32.dll
2013-08-20 08:36 . 2011-06-15 10:02 106496 ----a-w- c:\windows\system32\odbccu32.dll
2013-08-20 08:36 . 2011-06-15 10:02 106496 ----a-w- c:\windows\system32\odbccr32.dll
2013-08-20 08:36 . 2011-06-15 09:59 126976 ----a-w- c:\program files\Common Files\System\Ole DB\msdaosp.dll
2013-08-20 08:36 . 2011-06-15 08:55 86016 ----a-w- c:\windows\SysWow64\odbccu32.dll
2013-08-20 08:36 . 2011-06-15 08:55 81920 ----a-w- c:\windows\SysWow64\odbccr32.dll
2013-08-20 08:36 . 2011-06-15 08:55 319488 ----a-w- c:\windows\SysWow64\odbcjt32.dll
2013-08-20 08:36 . 2011-06-15 08:55 163840 ----a-w- c:\windows\SysWow64\odbctrac.dll
2013-08-20 08:36 . 2011-06-15 08:55 122880 ----a-w- c:\windows\SysWow64\odbccp32.dll
2013-08-20 08:36 . 2011-06-15 08:54 94208 ----a-w- c:\program files (x86)\Common Files\System\Ole DB\msdaosp.dll
2013-08-20 08:34 . 2013-05-13 03:43 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-08-20 08:34 . 2013-05-13 03:08 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-08-20 08:33 . 2013-05-13 05:50 52224 ----a-w- c:\windows\system32\certenc.dll
2013-08-20 08:33 . 2013-05-13 03:08 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-08-20 08:31 . 2013-06-05 03:34 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-08-20 08:24 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-20 08:24 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-08-20 08:24 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-20 08:24 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-20 08:24 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-08-20 08:24 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-08-20 08:09 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-08-20 08:09 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-08-20 08:09 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-08-20 08:09 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-08-20 08:09 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2013-08-20 08:09 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2013-08-20 08:09 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2013-08-20 08:09 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-08-20 08:09 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2013-08-20 06:34 . 2013-08-20 06:34 -------- d-----w- c:\programdata\Symantec
2013-08-19 21:32 . 2013-08-19 21:32 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2013-08-19 20:50 . 2013-08-19 20:50 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-19 20:50 . 2013-08-19 20:50 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-19 20:50 . 2013-08-19 20:50 -------- d-----w- c:\windows\SysWow64\Macromed
2013-08-19 20:50 . 2013-08-19 20:50 -------- d-----w- c:\windows\system32\Macromed
2013-08-19 20:35 . 2013-08-19 19:42 -------- d-----w- c:\windows\Panther
2013-08-19 20:34 . 2013-08-19 20:34 -------- d-----w- C:\Boot
2013-08-19 20:32 . 2013-08-19 20:32 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-08-19 20:27 . 2011-03-02 10:43 175616 ----a-w- c:\windows\SysWow64\unrar.dll
2013-08-19 20:27 . 2011-07-16 14:17 151552 ----a-w- c:\windows\SysWow64\ac3acm.acm
2013-08-19 20:27 . 2011-06-24 14:44 243200 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2013-08-19 20:27 . 2011-06-24 14:28 650752 ----a-w- c:\windows\SysWow64\xvidcore.dll
2013-08-19 20:27 . 2010-11-03 18:08 237568 ----a-w- c:\windows\SysWow64\yv12vfw.dll
2013-08-19 20:27 . 2006-10-18 18:05 232448 ----a-w- c:\windows\SysWow64\mp3fhg.acm
2013-08-19 20:27 . 2011-07-22 08:00 74752 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2013-08-19 20:27 . 2013-08-19 20:27 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
2013-08-19 20:24 . 2013-08-19 20:24 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-08-19 20:24 . 2013-08-19 20:24 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2013-08-19 20:14 . 2013-08-19 20:14 -------- d-----w- c:\programdata\DAEMON Tools Lite
2013-08-19 20:12 . 2013-08-19 20:12 -------- d-----w- c:\program files (x86)\7-Zip
2013-08-19 20:11 . 2013-08-19 20:11 -------- d-----w- c:\program files (x86)\VideoLAN
2013-08-19 20:05 . 2013-08-19 20:05 -------- d-----w- c:\program files (x86)\NEC Electronics
2013-08-19 20:04 . 2013-08-19 20:04 -------- d-----w- c:\program files\DIFX
2013-08-19 20:04 . 2013-08-19 20:04 -------- dc----w- c:\windows\system32\DRVSTORE
2013-08-19 20:04 . 2009-12-22 00:26 38456 ----a-w- c:\windows\system32\drivers\usbfilter.sys
2013-08-19 20:04 . 2013-08-19 20:04 -------- d-----w- c:\program files (x86)\AMD
2013-08-19 20:04 . 2012-12-26 02:44 16440 ----a-w- c:\windows\system32\drivers\AtiPcie.sys
2013-08-19 20:02 . 2013-08-19 20:02 -------- d-----w- c:\programdata\ATI
2013-08-19 20:01 . 2013-08-19 20:01 0 ----a-w- c:\windows\ativpsrm.bin
2013-08-19 20:00 . 2013-08-19 20:00 -------- d-----w- c:\program files (x86)\AMD AVT
2013-08-19 20:00 . 2013-08-19 20:00 -------- d-----w- c:\program files (x86)\AMD APP
2013-08-19 20:00 . 2013-08-19 20:00 -------- d-----w- c:\program files\Common Files\ATI Technologies
2013-08-19 20:00 . 2013-08-19 20:00 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2013-08-19 20:00 . 2013-08-19 20:00 -------- d-----w- c:\programdata\AMD
2013-08-19 19:59 . 2013-08-19 19:59 -------- d-----w- c:\program files (x86)\ATI Technologies
2013-08-19 19:57 . 2013-08-19 19:57 -------- d-----w- c:\program files (x86)\Microsoft.NET
2013-08-19 19:56 . 2013-08-19 20:00 -------- d-----w- c:\program files\ATI Technologies
2013-08-19 19:56 . 2013-08-19 19:56 -------- d-----w- c:\program files\ATI
2013-08-19 19:55 . 2013-08-19 19:55 -------- d-----w- C:\AMD
2013-08-19 19:48 . 2013-08-19 19:47 31280 ----a-r- c:\windows\system32\drivers\SymIMV.sys
2013-08-19 19:48 . 2013-08-19 19:48 172592 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-08-19 19:48 . 2013-08-19 19:48 -------- d-----w- c:\program files\Symantec
2013-08-19 19:48 . 2013-08-19 19:48 -------- d-----w- c:\program files\Common Files\Symantec Shared
2013-08-19 19:47 . 2013-08-20 11:32 -------- d-----w- c:\windows\system32\drivers\NISx64
2013-08-19 19:47 . 2013-08-19 19:47 -------- d-----w- c:\program files (x86)\Norton Internet Security
2013-08-19 19:47 . 2013-08-19 19:48 -------- d-----w- c:\programdata\Norton
2013-08-19 19:46 . 2013-08-20 19:47 -------- d-sh--w- c:\windows\Installer
2013-08-19 19:46 . 2013-08-19 19:46 -------- d-----w- c:\program files (x86)\NortonInstaller
2013-08-19 19:44 . 2010-02-01 13:20 325152 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2013-08-19 19:44 . 2010-01-05 16:39 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2013-08-19 19:44 . 2009-12-03 09:27 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
2013-08-19 19:44 . 2013-08-19 19:44 -------- d-----w- c:\program files (x86)\Realtek
2013-08-19 19:44 . 2013-08-19 20:05 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 642728]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-11-20 106496]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1008030.006\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1008030.006\SYMEFA64.SYS [x]
S1 BHDrvx64;Symantec Heuristics Driver;c:\windows\System32\Drivers\NISx64\1008030.006\BHDrvx64.sys;c:\windows\SYSNATIVE\Drivers\NISx64\1008030.006\BHDrvx64.sys [x]
S1 ccHP;Symantec Hash Provider;c:\windows\System32\Drivers\NISx64\1008030.006\ccHPx64.sys;c:\windows\SYSNATIVE\Drivers\NISx64\1008030.006\ccHPx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20130820.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20130820.001\IDSvia64.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 Norton Internet Security;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\Drivers\NISx64\1008030.006\SYMNDISV.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1008030.006\SYMNDISV.SYS [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - EraserUtilDrv11220
.
.
--------- X64 Entries -----------
.
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.inklineglobal.com/google_mb.html
uDefault_Search_URL = hxxp://google.inklineglobal.com
uSearchURL,(Default) = hxxp://www.google.com/cse?cx=partner-pub-66970 ... earch&q=%s
mSearchAssistant = hxxp://google.inklineglobal.com
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\eckovica\AppData\Roaming\Mozilla\Firefox\Profiles\xj30w73j.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/cse?cx=partner-pub-66970 ... =Search&q=
FF - prefs.js: browser.search.selectedEngine - SearchMyWeb
FF - prefs.js: browser.startup.homepage - hxxp://google.inklineglobal.com/google_mb.html
FF - prefs.js: keyword.URL - hxxp://www.google.com/cse?cx=partner-pub-66970 ... =Search&q=
FF - ExtSQL: 2013-08-19 22:35; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\eckovica\AppData\Roaming\Mozilla\Firefox\Profiles\xj30w73j.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-08-19 22:38; {5C655500-E712-41e7-9349-CE462F844B19}; c:\users\eckovica\AppData\Roaming\Mozilla\Firefox\Profiles\xj30w73j.default\extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi
FF - ExtSQL: 2013-08-20 13:11; {7BA52691-1876-45ce-9EE6-54BCB3B04BBC}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF - user.js: browser.search.defaultenginename - SearchMyWeb
FF - user.js: browser.search.defaulturl - hxxp://www.google.com/cse?cx=partner-pub-66970 ... =Search&q=
FF - user.js: keyword.URL - hxxp://www.google.com/cse?cx=partner-pub-66970 ... =Search&q=
FF - user.js: browser.search.selectedEngine - SearchMyWeb
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-NoVirusThanks Malware Remover Free Startup - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Norton Internet Security]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files (x86)\Norton Internet Security\Engine\16.8.3.6\diMaster.dll\" /prefetch:1"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-08-21 10:29:52
ComboFix-quarantined-files.txt 2013-08-21 08:29
.
Před spuštěním: Volných bajtů: 78 071 631 872
Po spuštění: Volných bajtů: 78 068 129 792
.
- - End Of File - - 51CD501A38E73B5C36DA84A1D4268726
A36C5E4F47E84449FF07ED3517B43A31

[Rudy]

Ještě dočistíme. Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Firefox::
FF - ProfilePath - c:\users\eckovica\AppData\Roaming\Mozilla\Firefox\Profiles\xj30w73j.default\
FF - prefs.js: browser.search.selectedEngine - SearchMyWeb
FF - user.js: browser.search.defaultenginename - SearchMyWeb
FF - user.js: browser.search.selectedEngine - SearchMyWeb

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[kuker]

Zde prikladam nynejsi log z CF.

ComboFix 13-08-20.01 - eckovica 21.08.2013 16:46:51.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4094.2893 [GMT 2:00]
Spuštěný z: c:\users\eckovica\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\eckovica\Desktop\CFScript.txt
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-07-21 do 2013-08-21 )))))))))))))))))))))))))))))))
.
.
2013-08-21 07:54 . 2013-08-21 07:55 -------- d-----w- C:\rsit
2013-08-21 07:54 . 2013-08-21 07:55 -------- d-----w- c:\program files\trend micro
2013-08-20 18:24 . 2013-08-20 18:24 -------- d-----w- c:\program files (x86)\NoVirusThanks
2013-08-20 18:00 . 2013-08-20 18:00 -------- d-----w- c:\program files (x86)\TeamViewer
2013-08-20 14:46 . 2013-08-20 14:46 -------- d-----w- c:\program files (x86)\Common Files\Steam
2013-08-20 11:46 . 2013-08-20 11:46 -------- d-----w- c:\windows\SysWow64\Wat
2013-08-20 11:46 . 2013-08-20 11:46 -------- d-----w- c:\windows\system32\Wat
2013-08-20 11:31 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-08-20 11:31 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-08-20 11:31 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll
2013-08-20 09:25 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2013-08-20 09:23 . 2013-08-20 09:24 -------- d-----w- c:\windows\system32\MRT
2013-08-20 09:05 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-08-20 09:05 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-08-20 09:05 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-08-20 09:05 . 2010-09-30 10:41 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-08-20 09:05 . 2010-09-30 06:47 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-08-20 09:05 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-08-20 08:55 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-08-20 08:55 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-08-20 08:55 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-08-20 08:55 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-08-20 08:55 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-08-20 08:40 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-08-20 08:40 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll
2013-08-20 08:40 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
2013-08-20 08:40 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-08-20 08:40 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-08-20 08:40 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-08-20 08:38 . 2011-02-05 17:06 566208 ----a-w- c:\windows\system32\winresume.efi
2013-08-20 08:37 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2013-08-20 08:36 . 2012-08-11 00:56 715776 ----a-w- c:\windows\system32\kerberos.dll
2013-08-20 08:36 . 2012-08-10 23:56 542208 ----a-w- c:\windows\SysWow64\kerberos.dll
2013-08-20 08:36 . 2011-06-15 10:02 212992 ----a-w- c:\windows\system32\odbctrac.dll
2013-08-20 08:36 . 2011-06-15 10:02 163840 ----a-w- c:\windows\system32\odbccp32.dll
2013-08-20 08:36 . 2011-06-15 10:02 106496 ----a-w- c:\windows\system32\odbccu32.dll
2013-08-20 08:36 . 2011-06-15 10:02 106496 ----a-w- c:\windows\system32\odbccr32.dll
2013-08-20 08:36 . 2011-06-15 09:59 126976 ----a-w- c:\program files\Common Files\System\Ole DB\msdaosp.dll
2013-08-20 08:36 . 2011-06-15 08:55 86016 ----a-w- c:\windows\SysWow64\odbccu32.dll
2013-08-20 08:36 . 2011-06-15 08:55 81920 ----a-w- c:\windows\SysWow64\odbccr32.dll
2013-08-20 08:36 . 2011-06-15 08:55 319488 ----a-w- c:\windows\SysWow64\odbcjt32.dll
2013-08-20 08:36 . 2011-06-15 08:55 163840 ----a-w- c:\windows\SysWow64\odbctrac.dll
2013-08-20 08:36 . 2011-06-15 08:55 122880 ----a-w- c:\windows\SysWow64\odbccp32.dll
2013-08-20 08:36 . 2011-06-15 08:54 94208 ----a-w- c:\program files (x86)\Common Files\System\Ole DB\msdaosp.dll
2013-08-20 08:34 . 2013-05-13 03:43 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-08-20 08:34 . 2013-05-13 03:08 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-08-20 08:33 . 2013-05-13 05:50 52224 ----a-w- c:\windows\system32\certenc.dll
2013-08-20 08:33 . 2013-05-13 03:08 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-08-20 08:31 . 2013-06-05 03:34 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-08-20 08:24 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-20 08:24 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-08-20 08:24 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-20 08:24 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-20 08:24 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-08-20 08:24 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-08-20 08:09 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-08-20 08:09 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-08-20 08:09 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-08-20 08:09 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-08-20 08:09 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2013-08-20 08:09 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2013-08-20 08:09 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2013-08-20 08:09 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-08-20 08:09 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2013-08-20 06:34 . 2013-08-20 06:34 -------- d-----w- c:\programdata\Symantec
2013-08-19 21:32 . 2013-08-19 21:32 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2013-08-19 20:50 . 2013-08-19 20:50 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-19 20:50 . 2013-08-19 20:50 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-19 20:50 . 2013-08-19 20:50 -------- d-----w- c:\windows\SysWow64\Macromed
2013-08-19 20:50 . 2013-08-19 20:50 -------- d-----w- c:\windows\system32\Macromed
2013-08-19 20:35 . 2013-08-19 19:42 -------- d-----w- c:\windows\Panther
2013-08-19 20:34 . 2013-08-19 20:34 -------- d-----w- C:\Boot
2013-08-19 20:32 . 2013-08-19 20:32 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-08-19 20:27 . 2011-03-02 10:43 175616 ----a-w- c:\windows\SysWow64\unrar.dll
2013-08-19 20:27 . 2011-07-16 14:17 151552 ----a-w- c:\windows\SysWow64\ac3acm.acm
2013-08-19 20:27 . 2011-06-24 14:44 243200 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2013-08-19 20:27 . 2011-06-24 14:28 650752 ----a-w- c:\windows\SysWow64\xvidcore.dll
2013-08-19 20:27 . 2010-11-03 18:08 237568 ----a-w- c:\windows\SysWow64\yv12vfw.dll
2013-08-19 20:27 . 2006-10-18 18:05 232448 ----a-w- c:\windows\SysWow64\mp3fhg.acm
2013-08-19 20:27 . 2011-07-22 08:00 74752 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2013-08-19 20:27 . 2013-08-19 20:27 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
2013-08-19 20:24 . 2013-08-19 20:24 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-08-19 20:24 . 2013-08-19 20:24 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2013-08-19 20:14 . 2013-08-19 20:14 -------- d-----w- c:\programdata\DAEMON Tools Lite
2013-08-19 20:12 . 2013-08-19 20:12 -------- d-----w- c:\program files (x86)\7-Zip
2013-08-19 20:11 . 2013-08-19 20:11 -------- d-----w- c:\program files (x86)\VideoLAN
2013-08-19 20:05 . 2013-08-19 20:05 -------- d-----w- c:\program files (x86)\NEC Electronics
2013-08-19 20:04 . 2013-08-19 20:04 -------- d-----w- c:\program files\DIFX
2013-08-19 20:04 . 2013-08-19 20:04 -------- dc----w- c:\windows\system32\DRVSTORE
2013-08-19 20:04 . 2009-12-22 00:26 38456 ----a-w- c:\windows\system32\drivers\usbfilter.sys
2013-08-19 20:04 . 2013-08-19 20:04 -------- d-----w- c:\program files (x86)\AMD
2013-08-19 20:04 . 2012-12-26 02:44 16440 ----a-w- c:\windows\system32\drivers\AtiPcie.sys
2013-08-19 20:02 . 2013-08-19 20:02 -------- d-----w- c:\programdata\ATI
2013-08-19 20:01 . 2013-08-19 20:01 0 ----a-w- c:\windows\ativpsrm.bin
2013-08-19 20:00 . 2013-08-19 20:00 -------- d-----w- c:\program files (x86)\AMD AVT
2013-08-19 20:00 . 2013-08-19 20:00 -------- d-----w- c:\program files (x86)\AMD APP
2013-08-19 20:00 . 2013-08-19 20:00 -------- d-----w- c:\program files\Common Files\ATI Technologies
2013-08-19 20:00 . 2013-08-19 20:00 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2013-08-19 20:00 . 2013-08-19 20:00 -------- d-----w- c:\programdata\AMD
2013-08-19 19:59 . 2013-08-19 19:59 -------- d-----w- c:\program files (x86)\ATI Technologies
2013-08-19 19:57 . 2013-08-19 19:57 -------- d-----w- c:\program files (x86)\Microsoft.NET
2013-08-19 19:56 . 2013-08-19 20:00 -------- d-----w- c:\program files\ATI Technologies
2013-08-19 19:56 . 2013-08-19 19:56 -------- d-----w- c:\program files\ATI
2013-08-19 19:55 . 2013-08-19 19:55 -------- d-----w- C:\AMD
2013-08-19 19:48 . 2013-08-19 19:47 31280 ----a-r- c:\windows\system32\drivers\SymIMV.sys
2013-08-19 19:48 . 2013-08-19 19:48 172592 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-08-19 19:48 . 2013-08-19 19:48 -------- d-----w- c:\program files\Symantec
2013-08-19 19:48 . 2013-08-19 19:48 -------- d-----w- c:\program files\Common Files\Symantec Shared
2013-08-19 19:47 . 2013-08-20 11:32 -------- d-----w- c:\windows\system32\drivers\NISx64
2013-08-19 19:47 . 2013-08-19 19:47 -------- d-----w- c:\program files (x86)\Norton Internet Security
2013-08-19 19:47 . 2013-08-19 19:48 -------- d-----w- c:\programdata\Norton
2013-08-19 19:46 . 2013-08-20 19:47 -------- d-sh--w- c:\windows\Installer
2013-08-19 19:46 . 2013-08-19 19:46 -------- d-----w- c:\program files (x86)\NortonInstaller
2013-08-19 19:44 . 2010-02-01 13:20 325152 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2013-08-19 19:44 . 2010-01-05 16:39 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2013-08-19 19:44 . 2009-12-03 09:27 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
2013-08-19 19:44 . 2013-08-19 19:44 -------- d-----w- c:\program files (x86)\Realtek
2013-08-19 19:44 . 2013-08-19 20:05 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 642728]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-11-20 106496]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1008030.006\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1008030.006\SYMEFA64.SYS [x]
S1 BHDrvx64;Symantec Heuristics Driver;c:\windows\System32\Drivers\NISx64\1008030.006\BHDrvx64.sys;c:\windows\SYSNATIVE\Drivers\NISx64\1008030.006\BHDrvx64.sys [x]
S1 ccHP;Symantec Hash Provider;c:\windows\System32\Drivers\NISx64\1008030.006\ccHPx64.sys;c:\windows\SYSNATIVE\Drivers\NISx64\1008030.006\ccHPx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20130820.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20130820.001\IDSvia64.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 Norton Internet Security;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\Drivers\NISx64\1008030.006\SYMNDISV.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1008030.006\SYMNDISV.SYS [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.inklineglobal.com/google_mb.html
uDefault_Search_URL = hxxp://google.inklineglobal.com
uSearchURL,(Default) = hxxp://www.google.com/cse?cx=partner-pub-66970 ... earch&q=%s
mSearchAssistant = hxxp://google.inklineglobal.com
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\eckovica\AppData\Roaming\Mozilla\Firefox\Profiles\xj30w73j.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/cse?cx=partner-pub-66970 ... =Search&q=
FF - prefs.js: browser.startup.homepage - hxxp://google.inklineglobal.com/google_mb.html
FF - prefs.js: keyword.URL - hxxp://www.google.com/cse?cx=partner-pub-66970 ... =Search&q=
FF - ExtSQL: 2013-08-19 22:35; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\eckovica\AppData\Roaming\Mozilla\Firefox\Profiles\xj30w73j.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-08-19 22:38; {5C655500-E712-41e7-9349-CE462F844B19}; c:\users\eckovica\AppData\Roaming\Mozilla\Firefox\Profiles\xj30w73j.default\extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi
FF - ExtSQL: 2013-08-20 13:11; {7BA52691-1876-45ce-9EE6-54BCB3B04BBC}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF - user.js: browser.search.defaulturl - hxxp://www.google.com/cse?cx=partner-pub-66970 ... =Search&q=
FF - user.js: keyword.URL - hxxp://www.google.com/cse?cx=partner-pub-66970 ... =Search&q=
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Norton Internet Security]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files (x86)\Norton Internet Security\Engine\16.8.3.6\diMaster.dll\" /prefetch:1"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\DAODx.exe
.
**************************************************************************
.
Celkový čas: 2013-08-21 16:52:02 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-08-21 14:52
ComboFix2.txt 2013-08-21 14:41
ComboFix3.txt 2013-08-21 08:29
.
Před spuštěním: Volných bajtů: 77 284 114 432
Po spuštění: Volných bajtů: 77 204 647 936
.
- - End Of File - - 553E28BC69752787E94BCBAF6C276510
A36C5E4F47E84449FF07ED3517B43A31

[kuker]

Prozatim zadna zmena,problem porad trva.Muzu vas poprosit jestli by ste mi mohl strucne vysvetlit v cem je problem?
Vim s jistotou ze vse zacalo v sobotu rano kdy jsem omylem spustil ie(nespustil jsem ho od instalace os-pouzivam firefox),hned pote mi eset oznamil ze byla zachycena hrozba s nazvem aware nebo adware,antivir ji okamzite presunul do karanteny a pote odstranil.Hned nato zacali problemy s odesilanim dat a vysokou odezvou,pote jsem volal providerovi at zkontroluje cinnost me linky a ten mi sdelil ze neustale vytezuji svuj upload,coz mi potvrdili i grafy.Jinak receno mi sdelili ze pokud nevyuzivam zadnou sluzbu vyuzivajici site musim mit v pocitaci vir,nebo dalsiho pripojenyho uzivatele.
Doufam ze nam to trosku pomuze urychlit,treba oblast scanu,oprav nebo tak podobne.

[Rudy]

Log jej již v pořádku. Jste připojen jak? Přes Wifi? Pokud ano, je zabezpečná?

[kuker]

Ne pevny internet adsl..kabelem

[Rudy]

OK. Otevřte síť. připojení>vlastnosti a zkontrolujte jaký je poměr odesílaných a přijatých dat. Přijatých by mělo být cca o 1/3 více, než odeslaných.